From cb919827049f576b9ec211c3984c792b454e62fa Mon Sep 17 00:00:00 2001 From: pulumi-bot Date: Wed, 2 Oct 2024 04:41:56 +0000 Subject: [PATCH] Regenerating based on aws-cloudformation-user-guide @ 19dc52cd3f2007d6d268b65b739ffb5ebf8c1e76 --- .docs.version | 2 +- .../aws-auditmanager-assessment.json | 12 +- aws-cloudformation-schema/aws-ec2-ipam.json | 3 +- .../aws-ec2-ipampool.json | 3 +- .../aws-ec2-ipamresourcediscovery.json | 3 +- ...-ec2-ipamresourcediscoveryassociation.json | 3 +- .../aws-ec2-ipamscope.json | 3 +- .../aws-glue-usageprofile.json | 149 +++ .../aws-memorydb-parametergroup.json | 9 +- .../aws-memorydb-subnetgroup.json | 9 +- .../aws-quicksight-analysis.json | 25 + .../aws-quicksight-dashboard.json | 25 + .../aws-quicksight-folder.json | 150 +++ .../aws-quicksight-template.json | 25 + ...secretsmanager-secrettargetattachment.json | 23 +- ...ws-ssmquicksetup-configurationmanager.json | 2 +- meta/.botocore.version | 2 +- .../deprecated-types.txt | 1 + .../pulumi-gen-aws-native/supported-types.txt | 4 + .../pulumi-resource-aws-native/metadata.json | 643 ++++++++++++- .../pulumi-resource-aws-native/schema.json | 894 +++++++++++++++++- reports/missedAutonaming.json | 19 +- 22 files changed, 1988 insertions(+), 21 deletions(-) create mode 100644 aws-cloudformation-schema/aws-glue-usageprofile.json create mode 100644 aws-cloudformation-schema/aws-quicksight-folder.json diff --git a/.docs.version b/.docs.version index 302c94a770..79d613a253 100644 --- a/.docs.version +++ b/.docs.version @@ -1 +1 @@ -949b60c87c4ebff58788956c4b93879d08ef3f9a +260270bed830b209ef922c35dd130a19bbd4f1f4 diff --git a/aws-cloudformation-schema/aws-auditmanager-assessment.json b/aws-cloudformation-schema/aws-auditmanager-assessment.json index 9e9101ce4e..176e997a39 100644 --- a/aws-cloudformation-schema/aws-auditmanager-assessment.json +++ b/aws-cloudformation-schema/aws-auditmanager-assessment.json @@ -301,6 +301,14 @@ "$ref" : "#/definitions/AssessmentDescription" } }, + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : false, + "cloudFormationSystemTags" : false, + "tagProperty" : "/properties/Tags", + "permissions" : [ "auditmanager:TagResource", "auditmanager:ListTagsForResource", "auditmanager:UntagResource" ] + }, "required" : [ ], "additionalProperties" : false, "readOnlyProperties" : [ "/properties/AssessmentId", "/properties/Arn", "/properties/CreationTime" ], @@ -318,10 +326,10 @@ "permissions" : [ "auditmanager:UpdateAssessment", "auditmanager:UpdateAssessmentStatus", "auditmanager:BatchCreateDelegationByAssessment", "auditmanager:BatchDeleteDelegationByAssessment" ] }, "delete" : { - "permissions" : [ "auditmanager:DeleteAssessment" ] + "permissions" : [ "auditmanager:DeleteAssessment", "auditmanager:UntagResource" ] }, "list" : { - "permissions" : [ "auditmanager:ListAssessments" ] + "permissions" : [ "auditmanager:ListAssessments", "auditmanager:ListTagsForResource" ] } } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-ipam.json b/aws-cloudformation-schema/aws-ec2-ipam.json index ea0e175da3..67ec989c93 100644 --- a/aws-cloudformation-schema/aws-ec2-ipam.json +++ b/aws-cloudformation-schema/aws-ec2-ipam.json @@ -127,6 +127,7 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:DeleteTags", "ec2:CreateTags" ] } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-ipampool.json b/aws-cloudformation-schema/aws-ec2-ipampool.json index 6094e30a97..90d67f81a8 100644 --- a/aws-cloudformation-schema/aws-ec2-ipampool.json +++ b/aws-cloudformation-schema/aws-ec2-ipampool.json @@ -204,6 +204,7 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:DeleteTags", "ec2:CreateTags" ] } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-ipamresourcediscovery.json b/aws-cloudformation-schema/aws-ec2-ipamresourcediscovery.json index 126fa08da7..768feb5c9d 100644 --- a/aws-cloudformation-schema/aws-ec2-ipamresourcediscovery.json +++ b/aws-cloudformation-schema/aws-ec2-ipamresourcediscovery.json @@ -110,6 +110,7 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:DeleteTags", "ec2:CreateTags" ] } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-ipamresourcediscoveryassociation.json b/aws-cloudformation-schema/aws-ec2-ipamresourcediscoveryassociation.json index 34c275afa5..3bdebe4ebf 100644 --- a/aws-cloudformation-schema/aws-ec2-ipamresourcediscoveryassociation.json +++ b/aws-cloudformation-schema/aws-ec2-ipamresourcediscoveryassociation.json @@ -102,6 +102,7 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:DeleteTags", "ec2:CreateTags" ] } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-ipamscope.json b/aws-cloudformation-schema/aws-ec2-ipamscope.json index 3d0fe8ecd3..305865f601 100644 --- a/aws-cloudformation-schema/aws-ec2-ipamscope.json +++ b/aws-cloudformation-schema/aws-ec2-ipamscope.json @@ -94,6 +94,7 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:DeleteTags", "ec2:CreateTags" ] } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-glue-usageprofile.json b/aws-cloudformation-schema/aws-glue-usageprofile.json new file mode 100644 index 0000000000..edacd97069 --- /dev/null +++ b/aws-cloudformation-schema/aws-glue-usageprofile.json @@ -0,0 +1,149 @@ +{ + "typeName" : "AWS::Glue::UsageProfile", + "description" : "This creates a Resource of UsageProfile type.", + "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-glue", + "definitions" : { + "Tag" : { + "type" : "object", + "properties" : { + "Key" : { + "description" : "A key to identify the tag.", + "type" : "string", + "minLength" : 1, + "maxLength" : 128 + }, + "Value" : { + "description" : "Corresponding tag value for the key.", + "type" : "string", + "minLength" : 0, + "maxLength" : 256 + } + }, + "required" : [ "Key", "Value" ], + "additionalProperties" : false + }, + "ProfileConfiguration" : { + "properties" : { + "JobConfiguration" : { + "patternProperties" : { + "^.+$" : { + "$ref" : "#/definitions/ConfigurationObject" + } + }, + "additionalProperties" : false + }, + "SessionConfiguration" : { + "patternProperties" : { + "^.+$" : { + "$ref" : "#/definitions/ConfigurationObject" + } + }, + "additionalProperties" : false + } + }, + "anyOf" : [ { + "required" : [ "JobConfiguration" ] + }, { + "required" : [ "SessionConfiguration" ] + } ], + "additionalProperties" : false + }, + "ConfigurationObject" : { + "properties" : { + "DefaultValue" : { + "type" : "string" + }, + "AllowedValues" : { + "type" : "array", + "items" : { + "type" : "string" + }, + "insertionOrder" : false + }, + "MinValue" : { + "type" : "string" + }, + "MaxValue" : { + "type" : "string" + } + }, + "anyOf" : [ { + "required" : [ "DefaultValue" ] + }, { + "oneOf" : [ { + "required" : [ "AllowedValues" ] + }, { + "required" : [ "MinValue", "MaxValue" ] + } ] + } ], + "additionalProperties" : false + } + }, + "properties" : { + "Name" : { + "description" : "The name of the UsageProfile.", + "type" : "string", + "maxLength" : 128, + "minLength" : 5 + }, + "Description" : { + "description" : "The description of the UsageProfile.", + "type" : "string", + "maxLength" : 512, + "minLength" : 1, + "pattern" : "[a-zA-Z0-9\\-\\:\\_]{1,64}" + }, + "Configuration" : { + "description" : "UsageProfile configuration for supported service ex: (Jobs, Sessions).", + "$ref" : "#/definitions/ProfileConfiguration", + "minItems" : 1 + }, + "Tags" : { + "description" : "The tags to be applied to this UsageProfiles.", + "type" : "array", + "minItems" : 0, + "maxItems" : 50, + "items" : { + "$ref" : "#/definitions/Tag" + }, + "uniqueItems" : true, + "insertionOrder" : false + }, + "CreatedOn" : { + "description" : "Creation time.", + "type" : "string", + "maxLength" : 128, + "minLength" : 1 + } + }, + "additionalProperties" : false, + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : true, + "tagProperty" : "/properties/Tags", + "permissions" : [ "glue:TagResource", "glue:UntagResource", "glue:GetTags" ] + }, + "required" : [ "Name" ], + "readOnlyProperties" : [ "/properties/CreatedOn" ], + "createOnlyProperties" : [ "/properties/Name" ], + "primaryIdentifier" : [ "/properties/Name" ], + "handlers" : { + "create" : { + "permissions" : [ "glue:CreateUsageProfile", "glue:GetUsageProfile", "glue:GetTags", "glue:TagResource" ] + }, + "read" : { + "permissions" : [ "glue:GetUsageProfile", "glue:GetTags" ] + }, + "update" : { + "permissions" : [ "glue:UpdateUsageProfile", "glue:GetUsageProfile", "glue:TagResource", "glue:UntagResource", "glue:GetTags" ] + }, + "delete" : { + "permissions" : [ "glue:DeleteUsageProfile", "glue:GetUsageProfile" ] + }, + "list" : { + "permissions" : [ "glue:ListUsageProfiles" ] + } + } +} \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-memorydb-parametergroup.json b/aws-cloudformation-schema/aws-memorydb-parametergroup.json index 633f918749..7ab66d62c9 100644 --- a/aws-cloudformation-schema/aws-memorydb-parametergroup.json +++ b/aws-cloudformation-schema/aws-memorydb-parametergroup.json @@ -2,7 +2,6 @@ "typeName" : "AWS::MemoryDB::ParameterGroup", "description" : "The AWS::MemoryDB::ParameterGroup resource creates an Amazon MemoryDB ParameterGroup.", "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb", - "taggable" : true, "definitions" : { "Tag" : { "description" : "A key-value pair to associate with a resource.", @@ -59,6 +58,14 @@ "type" : "string" } }, + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : true, + "tagProperty" : "/properties/Tags", + "permissions" : [ "memorydb:TagResource", "memorydb:ListTags", "memorydb:UntagResource" ] + }, "additionalProperties" : false, "required" : [ "ParameterGroupName", "Family" ], "readOnlyProperties" : [ "/properties/ARN" ], diff --git a/aws-cloudformation-schema/aws-memorydb-subnetgroup.json b/aws-cloudformation-schema/aws-memorydb-subnetgroup.json index 43f6d31e1f..5ff4a353aa 100644 --- a/aws-cloudformation-schema/aws-memorydb-subnetgroup.json +++ b/aws-cloudformation-schema/aws-memorydb-subnetgroup.json @@ -2,7 +2,6 @@ "typeName" : "AWS::MemoryDB::SubnetGroup", "description" : "The AWS::MemoryDB::SubnetGroup resource creates an Amazon MemoryDB Subnet Group.", "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb", - "taggable" : true, "definitions" : { "Tag" : { "description" : "A key-value pair to associate with a resource.", @@ -61,6 +60,14 @@ "type" : "string" } }, + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : true, + "tagProperty" : "/properties/Tags", + "permissions" : [ "memorydb:TagResource", "memorydb:ListTags", "memorydb:UntagResource" ] + }, "additionalProperties" : false, "required" : [ "SubnetGroupName", "SubnetIds" ], "primaryIdentifier" : [ "/properties/SubnetGroupName" ], diff --git a/aws-cloudformation-schema/aws-quicksight-analysis.json b/aws-cloudformation-schema/aws-quicksight-analysis.json index 1294e0526f..a524adcbd2 100644 --- a/aws-cloudformation-schema/aws-quicksight-analysis.json +++ b/aws-cloudformation-schema/aws-quicksight-analysis.json @@ -256,6 +256,10 @@ "type" : "string", "enum" : [ "CREATION_IN_PROGRESS", "CREATION_SUCCESSFUL", "CREATION_FAILED", "UPDATE_IN_PROGRESS", "UPDATE_SUCCESSFUL", "UPDATE_FAILED", "DELETED" ] }, + "CommitMode" : { + "type" : "string", + "enum" : [ "AUTO", "MANUAL" ] + }, "RadarChartFieldWells" : { "additionalProperties" : false, "type" : "object", @@ -1000,6 +1004,9 @@ "DisplayOptions" : { "$ref" : "#/definitions/DropDownControlDisplayOptions" }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/FilterSelectableValues" } @@ -1350,6 +1357,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -1461,6 +1471,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/ParameterSelectableValues" } @@ -2795,6 +2808,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -7215,6 +7231,9 @@ "properties" : { "DisplayOptions" : { "$ref" : "#/definitions/RelativeDateTimeControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, @@ -8043,6 +8062,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -8746,6 +8768,9 @@ }, "DisplayOptions" : { "$ref" : "#/definitions/DateTimePickerControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, diff --git a/aws-cloudformation-schema/aws-quicksight-dashboard.json b/aws-cloudformation-schema/aws-quicksight-dashboard.json index d50201eeae..621a17b4b2 100644 --- a/aws-cloudformation-schema/aws-quicksight-dashboard.json +++ b/aws-cloudformation-schema/aws-quicksight-dashboard.json @@ -242,6 +242,10 @@ "type" : "string", "enum" : [ "CREATION_IN_PROGRESS", "CREATION_SUCCESSFUL", "CREATION_FAILED", "UPDATE_IN_PROGRESS", "UPDATE_SUCCESSFUL", "UPDATE_FAILED", "DELETED" ] }, + "CommitMode" : { + "type" : "string", + "enum" : [ "AUTO", "MANUAL" ] + }, "RadarChartFieldWells" : { "additionalProperties" : false, "type" : "object", @@ -996,6 +1000,9 @@ "DisplayOptions" : { "$ref" : "#/definitions/DropDownControlDisplayOptions" }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/FilterSelectableValues" } @@ -1379,6 +1386,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -1490,6 +1500,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/ParameterSelectableValues" } @@ -2884,6 +2897,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -7486,6 +7502,9 @@ "properties" : { "DisplayOptions" : { "$ref" : "#/definitions/RelativeDateTimeControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, @@ -8324,6 +8343,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -9018,6 +9040,9 @@ }, "DisplayOptions" : { "$ref" : "#/definitions/DateTimePickerControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, diff --git a/aws-cloudformation-schema/aws-quicksight-folder.json b/aws-cloudformation-schema/aws-quicksight-folder.json new file mode 100644 index 0000000000..748398812a --- /dev/null +++ b/aws-cloudformation-schema/aws-quicksight-folder.json @@ -0,0 +1,150 @@ +{ + "typeName" : "AWS::QuickSight::Folder", + "description" : "Definition of the AWS::QuickSight::Folder Resource Type.", + "definitions" : { + "FolderType" : { + "type" : "string", + "enum" : [ "SHARED", "RESTRICTED" ] + }, + "ResourcePermission" : { + "type" : "object", + "description" : "

Permission for the resource.

", + "properties" : { + "Principal" : { + "type" : "string", + "maxLength" : 256, + "minLength" : 1, + "description" : "

The Amazon Resource Name (ARN) of the principal. This can be one of the\n following:

\n ", + "pattern" : "^arn:.*" + }, + "Actions" : { + "type" : "array", + "items" : { + "type" : "string" + }, + "maxItems" : 20, + "minItems" : 1, + "description" : "

The IAM action to grant or revoke permissions on.

", + "insertionOrder" : false + } + }, + "required" : [ "Actions", "Principal" ], + "additionalProperties" : false + }, + "SharingModel" : { + "type" : "string", + "enum" : [ "ACCOUNT", "NAMESPACE" ] + }, + "Tag" : { + "type" : "object", + "description" : "

The key or keys of the key-value pairs for the resource tag or tags assigned to the\n resource.

", + "properties" : { + "Key" : { + "type" : "string", + "maxLength" : 128, + "minLength" : 1, + "description" : "

Tag key.

" + }, + "Value" : { + "type" : "string", + "maxLength" : 256, + "minLength" : 1, + "description" : "

Tag value.

" + } + }, + "required" : [ "Key", "Value" ], + "additionalProperties" : false + } + }, + "properties" : { + "Arn" : { + "type" : "string", + "description" : "

The Amazon Resource Name (ARN) for the folder.

", + "pattern" : "^arn:.*" + }, + "AwsAccountId" : { + "type" : "string", + "maxLength" : 12, + "minLength" : 12, + "pattern" : "^[0-9]{12}$" + }, + "CreatedTime" : { + "type" : "string", + "description" : "

The time that the folder was created.

", + "format" : "date-time" + }, + "FolderId" : { + "type" : "string", + "maxLength" : 2048, + "minLength" : 1, + "pattern" : "^[\\w\\-]+$" + }, + "FolderType" : { + "$ref" : "#/definitions/FolderType" + }, + "LastUpdatedTime" : { + "type" : "string", + "description" : "

The time that the folder was last updated.

", + "format" : "date-time" + }, + "Name" : { + "type" : "string", + "maxLength" : 200, + "minLength" : 1 + }, + "ParentFolderArn" : { + "type" : "string" + }, + "Permissions" : { + "type" : "array", + "items" : { + "$ref" : "#/definitions/ResourcePermission" + }, + "maxItems" : 64, + "minItems" : 1, + "insertionOrder" : false + }, + "SharingModel" : { + "$ref" : "#/definitions/SharingModel" + }, + "Tags" : { + "type" : "array", + "items" : { + "$ref" : "#/definitions/Tag" + }, + "maxItems" : 200, + "minItems" : 1, + "insertionOrder" : false + } + }, + "readOnlyProperties" : [ "/properties/Arn", "/properties/CreatedTime", "/properties/LastUpdatedTime" ], + "writeOnlyProperties" : [ "/properties/ParentFolderArn" ], + "createOnlyProperties" : [ "/properties/ParentFolderArn", "/properties/SharingModel", "/properties/FolderType", "/properties/FolderId", "/properties/AwsAccountId" ], + "primaryIdentifier" : [ "/properties/AwsAccountId", "/properties/FolderId" ], + "handlers" : { + "read" : { + "permissions" : [ "quicksight:DescribeFolder", "quicksight:DescribeFolderPermissions", "quicksight:ListTagsForResource" ] + }, + "create" : { + "permissions" : [ "quicksight:CreateFolder", "quicksight:DescribeFolder", "quicksight:UpdateFolderPermissions", "quicksight:DescribeFolderPermissions", "quicksight:TagResource", "quicksight:ListTagsForResource" ] + }, + "update" : { + "permissions" : [ "quicksight:DescribeFolder", "quicksight:UpdateFolder", "quicksight:DescribeFolderPermissions", "quicksight:UpdateFolderPermissions", "quicksight:ListTagsForResource", "quicksight:TagResource", "quicksight:UntagResource" ] + }, + "delete" : { + "permissions" : [ "quicksight:DeleteFolder" ] + }, + "list" : { + "permissions" : [ "quicksight:ListFolders" ] + } + }, + "additionalProperties" : false, + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : false, + "tagProperty" : "/properties/Tags", + "permissions" : [ "quicksight:TagResource", "quicksight:UntagResource", "quicksight:ListTagsForResource" ] + } +} \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-quicksight-template.json b/aws-cloudformation-schema/aws-quicksight-template.json index 1cd2888bc7..6a8dd84722 100644 --- a/aws-cloudformation-schema/aws-quicksight-template.json +++ b/aws-cloudformation-schema/aws-quicksight-template.json @@ -232,6 +232,10 @@ "type" : "string", "enum" : [ "CREATION_IN_PROGRESS", "CREATION_SUCCESSFUL", "CREATION_FAILED", "UPDATE_IN_PROGRESS", "UPDATE_SUCCESSFUL", "UPDATE_FAILED", "DELETED" ] }, + "CommitMode" : { + "type" : "string", + "enum" : [ "AUTO", "MANUAL" ] + }, "RadarChartFieldWells" : { "additionalProperties" : false, "type" : "object", @@ -912,6 +916,9 @@ "DisplayOptions" : { "$ref" : "#/definitions/DropDownControlDisplayOptions" }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/FilterSelectableValues" } @@ -1221,6 +1228,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -1332,6 +1342,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SelectableValues" : { "$ref" : "#/definitions/ParameterSelectableValues" } @@ -2730,6 +2743,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -7244,6 +7260,9 @@ "properties" : { "DisplayOptions" : { "$ref" : "#/definitions/RelativeDateTimeControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, @@ -8100,6 +8119,9 @@ "type" : "string", "maxLength" : 2048 }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" + }, "SourceFilterId" : { "minLength" : 1, "pattern" : "^[\\w\\-]+$", @@ -8808,6 +8830,9 @@ }, "DisplayOptions" : { "$ref" : "#/definitions/DateTimePickerControlDisplayOptions" + }, + "CommitMode" : { + "$ref" : "#/definitions/CommitMode" } } }, diff --git a/aws-cloudformation-schema/aws-secretsmanager-secrettargetattachment.json b/aws-cloudformation-schema/aws-secretsmanager-secrettargetattachment.json index 865d715f33..3780ccc700 100644 --- a/aws-cloudformation-schema/aws-secretsmanager-secrettargetattachment.json +++ b/aws-cloudformation-schema/aws-secretsmanager-secrettargetattachment.json @@ -1,5 +1,6 @@ { "typeName" : "AWS::SecretsManager::SecretTargetAttachment", + "$schema" : "https://raw.githubusercontent.com/aws-cloudformation/cloudformation-resource-schema/blob/master/src/main/resources/schema/provider.definition.schema.v1.json", "description" : "Resource Type definition for AWS::SecretsManager::SecretTargetAttachment", "additionalProperties" : false, "properties" : { @@ -17,6 +18,26 @@ } }, "required" : [ "TargetType", "TargetId", "SecretId" ], + "tagging" : { + "taggable" : false + }, "primaryIdentifier" : [ "/properties/Id" ], - "readOnlyProperties" : [ "/properties/Id" ] + "readOnlyProperties" : [ "/properties/Id" ], + "handlers" : { + "read" : { + "permissions" : [ "secretsmanager:GetSecretValue" ] + }, + "list" : { + "permissions" : [ "secretsmanager:GetSecretValue", "secretsmanager:ListSecrets" ] + }, + "create" : { + "permissions" : [ "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "rds:DescribeDBInstances", "redshift:DescribeClusters", "rds:DescribeDBClusters", "docdb-elastic:GetCluster", "redshift-serverless:ListWorkgroups", "redshift-serverless:GetNamespace" ] + }, + "delete" : { + "permissions" : [ "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue" ] + }, + "update" : { + "permissions" : [ "secretsmanager:GetSecretValue", "secretsmanager:PutSecretValue", "rds:DescribeDBInstances", "redshift:DescribeClusters", "rds:DescribeDBClusters", "docdb-elastic:GetCluster", "redshift-serverless:ListWorkgroups", "redshift-serverless:GetNamespace" ] + } + } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ssmquicksetup-configurationmanager.json b/aws-cloudformation-schema/aws-ssmquicksetup-configurationmanager.json index 9447f0c578..0fca20efc0 100644 --- a/aws-cloudformation-schema/aws-ssmquicksetup-configurationmanager.json +++ b/aws-cloudformation-schema/aws-ssmquicksetup-configurationmanager.json @@ -96,7 +96,7 @@ "type" : "string", "maxLength" : 256, "minLength" : 1, - "pattern" : "^[A-Za-z0-9+=@_\\/-:]+$" + "pattern" : "^[A-Za-z0-9+=@_\\/:-]+$" } }, "additionalProperties" : false diff --git a/meta/.botocore.version b/meta/.botocore.version index a0c87a7f8a..5fa2066e87 100644 --- a/meta/.botocore.version +++ b/meta/.botocore.version @@ -1 +1 @@ -1.35.29 +1.35.31 diff --git a/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt b/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt index 1fa8ceae82..b6911774f0 100644 --- a/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt +++ b/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt @@ -3,6 +3,7 @@ AWS::Cognito::UserPoolDomain AWS::Cognito::UserPoolIdentityProvider AWS::GameCast::Application AWS::GameCast::StreamGroup +AWS::Glue::Crawler AWS::SNS::TopicPolicy AWS::SSMGuiConnect::Preferences AWSQS::EKS::Cluster diff --git a/provider/cmd/pulumi-gen-aws-native/supported-types.txt b/provider/cmd/pulumi-gen-aws-native/supported-types.txt index 28443dad09..3b647a042d 100644 --- a/provider/cmd/pulumi-gen-aws-native/supported-types.txt +++ b/provider/cmd/pulumi-gen-aws-native/supported-types.txt @@ -481,11 +481,13 @@ AWS::GlobalAccelerator::EndpointGroup AWS::GlobalAccelerator::Listener AWS::Glue::Crawler AWS::Glue::Database +AWS::Glue::Job AWS::Glue::Registry AWS::Glue::Schema AWS::Glue::SchemaVersion AWS::Glue::SchemaVersionMetadata AWS::Glue::Trigger +AWS::Glue::UsageProfile AWS::Grafana::Workspace AWS::GreengrassV2::ComponentVersion AWS::GreengrassV2::Deployment @@ -801,6 +803,7 @@ AWS::QuickSight::Analysis AWS::QuickSight::Dashboard AWS::QuickSight::DataSet AWS::QuickSight::DataSource +AWS::QuickSight::Folder AWS::QuickSight::RefreshSchedule AWS::QuickSight::Template AWS::QuickSight::Theme @@ -965,6 +968,7 @@ AWS::Scheduler::Schedule AWS::Scheduler::ScheduleGroup AWS::SecretsManager::ResourcePolicy AWS::SecretsManager::Secret +AWS::SecretsManager::SecretTargetAttachment AWS::SecurityHub::AutomationRule AWS::SecurityHub::ConfigurationPolicy AWS::SecurityHub::DelegatedAdmin diff --git a/provider/cmd/pulumi-resource-aws-native/metadata.json b/provider/cmd/pulumi-resource-aws-native/metadata.json index 25f9597660..f30dc51f52 100644 --- a/provider/cmd/pulumi-resource-aws-native/metadata.json +++ b/provider/cmd/pulumi-resource-aws-native/metadata.json @@ -44687,6 +44687,209 @@ "databaseName" ] }, + "aws-native:glue:Job": { + "cf": "AWS::Glue::Job", + "inputs": { + "allocatedCapacity": { + "type": "number", + "description": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job." + }, + "command": { + "$ref": "#/types/aws-native:glue:JobCommand", + "description": "The code that executes a job." + }, + "connections": { + "$ref": "#/types/aws-native:glue:JobConnectionsList", + "description": "The connections used for this job." + }, + "defaultArguments": { + "$ref": "pulumi.json#/Any", + "description": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the job." + }, + "executionClass": { + "type": "string", + "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs." + }, + "executionProperty": { + "$ref": "#/types/aws-native:glue:JobExecutionProperty", + "description": "The maximum number of concurrent runs that are allowed for this job." + }, + "glueVersion": { + "type": "string", + "description": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available." + }, + "jobMode": { + "type": "string", + "description": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value." + }, + "logUri": { + "type": "string", + "description": "This field is reserved for future use." + }, + "maintenanceWindow": { + "type": "string", + "description": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT." + }, + "maxCapacity": { + "type": "number", + "description": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation." + }, + "maxRetries": { + "type": "number", + "description": "The maximum number of times to retry this job after a JobRun fails." + }, + "name": { + "type": "string", + "description": "The name you assign to this job definition." + }, + "nonOverridableArguments": { + "$ref": "pulumi.json#/Any", + "description": "Non-overridable arguments for this job, specified as name-value pairs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:JobNotificationProperty", + "description": "Specifies configuration properties of a notification." + }, + "numberOfWorkers": { + "type": "integer", + "description": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` ." + }, + "role": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the `SecurityConfiguration` structure to be used with this job." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this job.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "timeout": { + "type": "integer", + "description": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours)." + }, + "workerType": { + "type": "string", + "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler." + } + }, + "outputs": { + "allocatedCapacity": { + "type": "number", + "description": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job." + }, + "awsId": { + "type": "string", + "description": "The ID of this job run." + }, + "command": { + "$ref": "#/types/aws-native:glue:JobCommand", + "description": "The code that executes a job." + }, + "connections": { + "$ref": "#/types/aws-native:glue:JobConnectionsList", + "description": "The connections used for this job." + }, + "defaultArguments": { + "$ref": "pulumi.json#/Any", + "description": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the job." + }, + "executionClass": { + "type": "string", + "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs." + }, + "executionProperty": { + "$ref": "#/types/aws-native:glue:JobExecutionProperty", + "description": "The maximum number of concurrent runs that are allowed for this job." + }, + "glueVersion": { + "type": "string", + "description": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available." + }, + "jobMode": { + "type": "string", + "description": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value." + }, + "logUri": { + "type": "string", + "description": "This field is reserved for future use." + }, + "maintenanceWindow": { + "type": "string", + "description": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT." + }, + "maxCapacity": { + "type": "number", + "description": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation." + }, + "maxRetries": { + "type": "number", + "description": "The maximum number of times to retry this job after a JobRun fails." + }, + "name": { + "type": "string", + "description": "The name you assign to this job definition.", + "replaceOnChanges": true + }, + "nonOverridableArguments": { + "$ref": "pulumi.json#/Any", + "description": "Non-overridable arguments for this job, specified as name-value pairs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:JobNotificationProperty", + "description": "Specifies configuration properties of a notification." + }, + "numberOfWorkers": { + "type": "integer", + "description": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` ." + }, + "role": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the `SecurityConfiguration` structure to be used with this job." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this job.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "timeout": { + "type": "integer", + "description": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours)." + }, + "workerType": { + "type": "string", + "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "command", + "role" + ], + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "untyped" + }, "aws-native:glue:Registry": { "cf": "AWS::Glue::Registry", "inputs": { @@ -45043,6 +45246,66 @@ "tagsProperty": "tags", "tagsStyle": "untyped" }, + "aws-native:glue:UsageProfile": { + "cf": "AWS::Glue::UsageProfile", + "inputs": { + "configuration": { + "$ref": "#/types/aws-native:glue:UsageProfileProfileConfiguration", + "description": "UsageProfile configuration for supported service ex: (Jobs, Sessions)." + }, + "description": { + "type": "string", + "description": "The description of the UsageProfile." + }, + "name": { + "type": "string", + "description": "The name of the UsageProfile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be applied to this UsageProfiles." + } + }, + "outputs": { + "configuration": { + "$ref": "#/types/aws-native:glue:UsageProfileProfileConfiguration", + "description": "UsageProfile configuration for supported service ex: (Jobs, Sessions)." + }, + "createdOn": { + "type": "string", + "description": "Creation time." + }, + "description": { + "type": "string", + "description": "The description of the UsageProfile." + }, + "name": { + "type": "string", + "description": "The name of the UsageProfile.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be applied to this UsageProfiles." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 5, + "maxLength": 128 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, "aws-native:grafana:Workspace": { "cf": "AWS::Grafana::Workspace", "inputs": { @@ -73817,6 +74080,107 @@ "tagsProperty": "tags", "tagsStyle": "keyValueArray" }, + "aws-native:quicksight:Folder": { + "cf": "AWS::QuickSight::Folder", + "inputs": { + "awsAccountId": { + "type": "string" + }, + "folderId": { + "type": "string" + }, + "folderType": { + "$ref": "#/types/aws-native:quicksight:FolderType" + }, + "name": { + "type": "string" + }, + "parentFolderArn": { + "type": "string" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:FolderResourcePermission" + } + }, + "sharingModel": { + "$ref": "#/types/aws-native:quicksight:FolderSharingModel" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the folder.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was created.\u003c/p\u003e" + }, + "folderId": { + "type": "string", + "replaceOnChanges": true + }, + "folderType": { + "$ref": "#/types/aws-native:quicksight:FolderType", + "replaceOnChanges": true + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string" + }, + "parentFolderArn": { + "type": "string", + "replaceOnChanges": true + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:FolderResourcePermission" + } + }, + "sharingModel": { + "$ref": "#/types/aws-native:quicksight:FolderSharingModel", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 200 + }, + "createOnly": [ + "awsAccountId", + "folderId", + "folderType", + "parentFolderArn", + "sharingModel" + ], + "writeOnly": [ + "parentFolderArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, "aws-native:quicksight:RefreshSchedule": { "cf": "AWS::QuickSight::RefreshSchedule", "inputs": { @@ -83934,7 +84298,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } }, "outputs": { @@ -83992,7 +84356,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } }, "required": [ @@ -86143,6 +86507,48 @@ "tagsProperty": "tags", "tagsStyle": "keyValueArray" }, + "aws-native:secretsmanager:SecretTargetAttachment": { + "cf": "AWS::SecretsManager::SecretTargetAttachment", + "inputs": { + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + }, + "required": [ + "secretId", + "targetId", + "targetType" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, "aws-native:securityhub:AutomationRule": { "cf": "AWS::SecurityHub::AutomationRule", "inputs": { @@ -133294,6 +133700,57 @@ } } }, + "aws-native:glue:JobCommand": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` ." + }, + "pythonVersion": { + "type": "string", + "description": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated." + }, + "runtime": { + "type": "string", + "description": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide." + }, + "scriptLocation": { + "type": "string", + "description": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required)." + } + } + }, + "aws-native:glue:JobConnectionsList": { + "type": "object", + "properties": { + "connections": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of connections used by the job." + } + } + }, + "aws-native:glue:JobExecutionProperty": { + "type": "object", + "properties": { + "maxConcurrentRuns": { + "type": "number", + "description": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit." + } + } + }, + "aws-native:glue:JobNotificationProperty": { + "type": "object", + "properties": { + "notifyDelayAfter": { + "type": "integer", + "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification." + } + } + }, "aws-native:glue:RegistryTag": { "type": "object", "properties": { @@ -133461,6 +133918,56 @@ } } }, + "aws-native:glue:UsageProfileConfigurationObject": { + "type": "object", + "properties": { + "allowedValues": { + "type": "array", + "items": { + "type": "string" + } + }, + "defaultValue": { + "type": "string" + }, + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + } + } + }, + "aws-native:glue:UsageProfileProfileConfiguration": { + "type": "object", + "properties": { + "jobConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:glue:UsageProfileConfigurationObject" + } + }, + "sessionConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:glue:UsageProfileConfigurationObject" + } + } + } + }, + "aws-native:glue:UsageProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, "aws-native:grafana:WorkspaceAccountAccessType": { "type": "string" }, @@ -160839,6 +161346,9 @@ } } }, + "aws-native:quicksight:AnalysisCommitMode": { + "type": "string" + }, "aws-native:quicksight:AnalysisComparisonConfiguration": { "type": "object", "properties": { @@ -161815,6 +162325,9 @@ "aws-native:quicksight:AnalysisDefaultDateTimePickerControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -161874,6 +162387,9 @@ "aws-native:quicksight:AnalysisDefaultFilterDropDownControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of a control." @@ -161965,6 +162481,9 @@ "aws-native:quicksight:AnalysisDefaultRelativeDateTimeControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -162632,6 +163151,9 @@ "aws-native:quicksight:AnalysisFilterDateTimePickerControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -162661,6 +163183,9 @@ "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -162810,6 +163335,9 @@ "aws-native:quicksight:AnalysisFilterRelativeDateTimeControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -165544,6 +166072,9 @@ "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of a control." @@ -170795,6 +171326,9 @@ } } }, + "aws-native:quicksight:DashboardCommitMode": { + "type": "string" + }, "aws-native:quicksight:DashboardComparisonConfiguration": { "type": "object", "properties": { @@ -171798,6 +172332,9 @@ "aws-native:quicksight:DashboardDefaultDateTimePickerControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -171857,6 +172394,9 @@ "aws-native:quicksight:DashboardDefaultFilterDropDownControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of a control." @@ -171948,6 +172488,9 @@ "aws-native:quicksight:DashboardDefaultRelativeDateTimeControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -172576,6 +173119,9 @@ "aws-native:quicksight:DashboardFilterDateTimePickerControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -172605,6 +173151,9 @@ "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -172754,6 +173303,9 @@ "aws-native:quicksight:DashboardFilterRelativeDateTimeControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -175500,6 +176052,9 @@ "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of a control." @@ -181172,6 +181727,41 @@ } } }, + "aws-native:quicksight:FolderResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:FolderSharingModel": { + "type": "string" + }, + "aws-native:quicksight:FolderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:FolderType": { + "type": "string" + }, "aws-native:quicksight:RefreshScheduleMap": { "type": "object", "properties": { @@ -182506,6 +183096,9 @@ } } }, + "aws-native:quicksight:TemplateCommitMode": { + "type": "string" + }, "aws-native:quicksight:TemplateComparisonConfiguration": { "type": "object", "properties": { @@ -183469,6 +184062,9 @@ "aws-native:quicksight:TemplateDefaultDateTimePickerControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -183528,6 +184124,9 @@ "aws-native:quicksight:TemplateDefaultFilterDropDownControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of a control." @@ -183619,6 +184218,9 @@ "aws-native:quicksight:TemplateDefaultRelativeDateTimeControlOptions": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -184220,6 +184822,9 @@ "aws-native:quicksight:TemplateFilterDateTimePickerControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -184249,6 +184854,9 @@ "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -184398,6 +185006,9 @@ "aws-native:quicksight:TemplateFilterRelativeDateTimeControl": { "type": "object", "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -187116,6 +187727,9 @@ "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of a control." @@ -214592,6 +215206,12 @@ "databaseName" ] }, + "aws-native:glue:getJob": { + "cf": "AWS::Glue::Job", + "ids": [ + "id" + ] + }, "aws-native:glue:getRegistry": { "cf": "AWS::Glue::Registry", "ids": [ @@ -214616,6 +215236,12 @@ "name" ] }, + "aws-native:glue:getUsageProfile": { + "cf": "AWS::Glue::UsageProfile", + "ids": [ + "name" + ] + }, "aws-native:grafana:getWorkspace": { "cf": "AWS::Grafana::Workspace", "ids": [ @@ -216506,6 +217132,13 @@ "dataSourceId" ] }, + "aws-native:quicksight:getFolder": { + "cf": "AWS::QuickSight::Folder", + "ids": [ + "awsAccountId", + "folderId" + ] + }, "aws-native:quicksight:getTemplate": { "cf": "AWS::QuickSight::Template", "ids": [ @@ -217243,6 +217876,12 @@ "id" ] }, + "aws-native:secretsmanager:getSecretTargetAttachment": { + "cf": "AWS::SecretsManager::SecretTargetAttachment", + "ids": [ + "id" + ] + }, "aws-native:securityhub:getAutomationRule": { "cf": "AWS::SecurityHub::AutomationRule", "ids": [ diff --git a/provider/cmd/pulumi-resource-aws-native/schema.json b/provider/cmd/pulumi-resource-aws-native/schema.json index a1515c6b06..eb897a6908 100644 --- a/provider/cmd/pulumi-resource-aws-native/schema.json +++ b/provider/cmd/pulumi-resource-aws-native/schema.json @@ -54431,6 +54431,57 @@ }, "type": "object" }, + "aws-native:glue:JobCommand": { + "properties": { + "name": { + "type": "string", + "description": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` ." + }, + "pythonVersion": { + "type": "string", + "description": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated." + }, + "runtime": { + "type": "string", + "description": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide." + }, + "scriptLocation": { + "type": "string", + "description": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required)." + } + }, + "type": "object" + }, + "aws-native:glue:JobConnectionsList": { + "properties": { + "connections": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of connections used by the job." + } + }, + "type": "object" + }, + "aws-native:glue:JobExecutionProperty": { + "properties": { + "maxConcurrentRuns": { + "type": "number", + "description": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit." + } + }, + "type": "object" + }, + "aws-native:glue:JobNotificationProperty": { + "properties": { + "notifyDelayAfter": { + "type": "integer", + "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification." + } + }, + "type": "object" + }, "aws-native:glue:RegistryTag": { "properties": { "key": { @@ -54667,6 +54718,60 @@ }, "type": "object" }, + "aws-native:glue:UsageProfileConfigurationObject": { + "properties": { + "allowedValues": { + "type": "array", + "items": { + "type": "string" + } + }, + "defaultValue": { + "type": "string" + }, + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + } + }, + "type": "object" + }, + "aws-native:glue:UsageProfileProfileConfiguration": { + "properties": { + "jobConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:glue:UsageProfileConfigurationObject" + } + }, + "sessionConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:glue:UsageProfileConfigurationObject" + } + } + }, + "type": "object" + }, + "aws-native:glue:UsageProfileTag": { + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, "aws-native:grafana:WorkspaceAccountAccessType": { "description": "These enums represent valid account access types. Specifically these enums determine whether the workspace can access AWS resources in the AWS account only, or whether it can also access resources in other accounts in the same organization. If the value CURRENT_ACCOUNT is used, a workspace role ARN must be provided. If the value is ORGANIZATION, a list of organizational units must be provided.", "type": "string", @@ -94329,6 +94434,19 @@ "visualId" ] }, + "aws-native:quicksight:AnalysisCommitMode": { + "type": "string", + "enum": [ + { + "name": "Auto", + "value": "AUTO" + }, + { + "name": "Manual", + "value": "MANUAL" + } + ] + }, "aws-native:quicksight:AnalysisComparisonConfiguration": { "properties": { "comparisonFormat": { @@ -95607,6 +95725,9 @@ }, "aws-native:quicksight:AnalysisDefaultDateTimePickerControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -95670,6 +95791,9 @@ }, "aws-native:quicksight:AnalysisDefaultFilterDropDownControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of a control." @@ -95767,6 +95891,9 @@ }, "aws-native:quicksight:AnalysisDefaultRelativeDateTimeControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -96533,6 +96660,9 @@ }, "aws-native:quicksight:AnalysisFilterDateTimePickerControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -96567,6 +96697,9 @@ "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -96749,6 +96882,9 @@ }, "aws-native:quicksight:AnalysisFilterRelativeDateTimeControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -100175,6 +100311,9 @@ "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", "description": "The display options of a control." @@ -106700,6 +106839,19 @@ "visualId" ] }, + "aws-native:quicksight:DashboardCommitMode": { + "type": "string", + "enum": [ + { + "name": "Auto", + "value": "AUTO" + }, + { + "name": "Manual", + "value": "MANUAL" + } + ] + }, "aws-native:quicksight:DashboardComparisonConfiguration": { "properties": { "comparisonFormat": { @@ -108008,6 +108160,9 @@ }, "aws-native:quicksight:DashboardDefaultDateTimePickerControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -108071,6 +108226,9 @@ }, "aws-native:quicksight:DashboardDefaultFilterDropDownControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of a control." @@ -108168,6 +108326,9 @@ }, "aws-native:quicksight:DashboardDefaultRelativeDateTimeControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -108892,6 +109053,9 @@ }, "aws-native:quicksight:DashboardFilterDateTimePickerControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -108926,6 +109090,9 @@ "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -109108,6 +109275,9 @@ }, "aws-native:quicksight:DashboardFilterRelativeDateTimeControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -112546,6 +112716,9 @@ "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:DashboardCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", "description": "The display options of a control." @@ -120064,6 +120237,71 @@ "vpcConnectionArn" ] }, + "aws-native:quicksight:FolderResourcePermission": { + "description": "\u003cp\u003ePermission for the resource.\u003c/p\u003e", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + }, + "type": "object", + "required": [ + "actions", + "principal" + ] + }, + "aws-native:quicksight:FolderSharingModel": { + "type": "string", + "enum": [ + { + "name": "Account", + "value": "ACCOUNT" + }, + { + "name": "Namespace", + "value": "NAMESPACE" + } + ] + }, + "aws-native:quicksight:FolderTag": { + "description": "\u003cp\u003eThe key or keys of the key-value pairs for the resource tag or tags assigned to the\n resource.\u003c/p\u003e", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "aws-native:quicksight:FolderType": { + "type": "string", + "enum": [ + { + "name": "Shared", + "value": "SHARED" + }, + { + "name": "Restricted", + "value": "RESTRICTED" + } + ] + }, "aws-native:quicksight:RefreshScheduleMap": { "properties": { "refreshType": { @@ -121704,6 +121942,19 @@ "visualId" ] }, + "aws-native:quicksight:TemplateCommitMode": { + "type": "string", + "enum": [ + { + "name": "Auto", + "value": "AUTO" + }, + { + "name": "Manual", + "value": "MANUAL" + } + ] + }, "aws-native:quicksight:TemplateComparisonConfiguration": { "properties": { "comparisonFormat": { @@ -122957,6 +123208,9 @@ }, "aws-native:quicksight:TemplateDefaultDateTimePickerControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -123020,6 +123274,9 @@ }, "aws-native:quicksight:TemplateDefaultFilterDropDownControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of a control." @@ -123117,6 +123374,9 @@ }, "aws-native:quicksight:TemplateDefaultRelativeDateTimeControlOptions": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -123787,6 +124047,9 @@ }, "aws-native:quicksight:TemplateFilterDateTimePickerControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", "description": "The display options of a control." @@ -123821,6 +124084,9 @@ "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of the `FilterDropDownControl` ." @@ -124003,6 +124269,9 @@ }, "aws-native:quicksight:TemplateFilterRelativeDateTimeControl": { "properties": { + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", "description": "The display options of a control." @@ -127408,6 +127677,9 @@ "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." }, + "commitMode": { + "$ref": "#/types/aws-native:quicksight:TemplateCommitMode" + }, "displayOptions": { "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", "description": "The display options of a control." @@ -207739,6 +208011,204 @@ "databaseInput" ] }, + "aws-native:glue:Job": { + "description": "Resource Type definition for AWS::Glue::Job", + "properties": { + "allocatedCapacity": { + "type": "number", + "description": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job." + }, + "awsId": { + "type": "string", + "description": "The ID of this job run." + }, + "command": { + "$ref": "#/types/aws-native:glue:JobCommand", + "description": "The code that executes a job." + }, + "connections": { + "$ref": "#/types/aws-native:glue:JobConnectionsList", + "description": "The connections used for this job." + }, + "defaultArguments": { + "$ref": "pulumi.json#/Any", + "description": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the job." + }, + "executionClass": { + "type": "string", + "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs." + }, + "executionProperty": { + "$ref": "#/types/aws-native:glue:JobExecutionProperty", + "description": "The maximum number of concurrent runs that are allowed for this job." + }, + "glueVersion": { + "type": "string", + "description": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available." + }, + "jobMode": { + "type": "string", + "description": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value." + }, + "logUri": { + "type": "string", + "description": "This field is reserved for future use." + }, + "maintenanceWindow": { + "type": "string", + "description": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT." + }, + "maxCapacity": { + "type": "number", + "description": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation." + }, + "maxRetries": { + "type": "number", + "description": "The maximum number of times to retry this job after a JobRun fails." + }, + "name": { + "type": "string", + "description": "The name you assign to this job definition.", + "replaceOnChanges": true + }, + "nonOverridableArguments": { + "$ref": "pulumi.json#/Any", + "description": "Non-overridable arguments for this job, specified as name-value pairs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:JobNotificationProperty", + "description": "Specifies configuration properties of a notification." + }, + "numberOfWorkers": { + "type": "integer", + "description": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` ." + }, + "role": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the `SecurityConfiguration` structure to be used with this job." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this job.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "timeout": { + "type": "integer", + "description": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours)." + }, + "workerType": { + "type": "string", + "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler." + } + }, + "type": "object", + "required": [ + "awsId", + "command", + "role" + ], + "inputProperties": { + "allocatedCapacity": { + "type": "number", + "description": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job." + }, + "command": { + "$ref": "#/types/aws-native:glue:JobCommand", + "description": "The code that executes a job." + }, + "connections": { + "$ref": "#/types/aws-native:glue:JobConnectionsList", + "description": "The connections used for this job." + }, + "defaultArguments": { + "$ref": "pulumi.json#/Any", + "description": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the job." + }, + "executionClass": { + "type": "string", + "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs." + }, + "executionProperty": { + "$ref": "#/types/aws-native:glue:JobExecutionProperty", + "description": "The maximum number of concurrent runs that are allowed for this job." + }, + "glueVersion": { + "type": "string", + "description": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available." + }, + "jobMode": { + "type": "string", + "description": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value." + }, + "logUri": { + "type": "string", + "description": "This field is reserved for future use." + }, + "maintenanceWindow": { + "type": "string", + "description": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT." + }, + "maxCapacity": { + "type": "number", + "description": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation." + }, + "maxRetries": { + "type": "number", + "description": "The maximum number of times to retry this job after a JobRun fails." + }, + "name": { + "type": "string", + "description": "The name you assign to this job definition." + }, + "nonOverridableArguments": { + "$ref": "pulumi.json#/Any", + "description": "Non-overridable arguments for this job, specified as name-value pairs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:JobNotificationProperty", + "description": "Specifies configuration properties of a notification." + }, + "numberOfWorkers": { + "type": "integer", + "description": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` ." + }, + "role": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the `SecurityConfiguration` structure to be used with this job." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this job.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "timeout": { + "type": "integer", + "description": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours)." + }, + "workerType": { + "type": "string", + "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler." + } + }, + "requiredInputs": [ + "command", + "role" + ] + }, "aws-native:glue:Registry": { "description": "This resource creates a Registry for authoring schemas as part of Glue Schema Registry.", "properties": { @@ -208078,6 +208548,61 @@ "type" ] }, + "aws-native:glue:UsageProfile": { + "description": "This creates a Resource of UsageProfile type.", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:glue:UsageProfileProfileConfiguration", + "description": "UsageProfile configuration for supported service ex: (Jobs, Sessions)." + }, + "createdOn": { + "type": "string", + "description": "Creation time." + }, + "description": { + "type": "string", + "description": "The description of the UsageProfile." + }, + "name": { + "type": "string", + "description": "The name of the UsageProfile.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be applied to this UsageProfiles." + } + }, + "type": "object", + "required": [ + "createdOn", + "name" + ], + "inputProperties": { + "configuration": { + "$ref": "#/types/aws-native:glue:UsageProfileProfileConfiguration", + "description": "UsageProfile configuration for supported service ex: (Jobs, Sessions)." + }, + "description": { + "type": "string", + "description": "The description of the UsageProfile." + }, + "name": { + "type": "string", + "description": "The name of the UsageProfile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be applied to this UsageProfiles." + } + } + }, "aws-native:grafana:Workspace": { "description": "Definition of AWS::Grafana::Workspace Resource Type", "properties": { @@ -209694,7 +210219,7 @@ } }, "aws-native:iam:Role": { - "description": "Creates a new role for your AWS-account.\n For more information about roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *IAM User Guide*. For information about quotas for role names and the number of roles you can create, see [IAM and quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the *IAM User Guide*.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamRole = new AwsNative.Iam.Role(\"iamRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n [\"action\"] = \"sts:AssumeRole\",\n },\n },\n },\n RoleName = \"ScriptIAMRole\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"ScriptResourceIAMPolicy\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n },\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n },\n },\n },\n });\n\n var scriptResource = new AwsNative.GameLift.Script(\"scriptResource\", new()\n {\n Name = \"MyRealtimeScript\",\n Version = \"v1.0\",\n StorageLocation = new AwsNative.GameLift.Inputs.ScriptS3LocationArgs\n {\n Bucket = \"MyBucketName\",\n Key = \"MyScriptFiles.zip\",\n RoleArn = iamRole.Arn,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiamRole, err := iam.NewRole(ctx, \"iamRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tRoleName: pulumi.String(\"ScriptIAMRole\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"ScriptResourceIAMPolicy\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectVersion\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectMetadata\",\n\t\t\t\t\t\t\t\t\t\"s3:*Object*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gamelift.NewScript(ctx, \"scriptResource\", \u0026gamelift.ScriptArgs{\n\t\t\tName: pulumi.String(\"MyRealtimeScript\"),\n\t\t\tVersion: pulumi.String(\"v1.0\"),\n\t\t\tStorageLocation: \u0026gamelift.ScriptS3LocationArgs{\n\t\t\t\tBucket: pulumi.String(\"MyBucketName\"),\n\t\t\t\tKey: pulumi.String(\"MyScriptFiles.zip\"),\n\t\t\t\tRoleArn: iamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst iamRole = new aws_native.iam.Role(\"iamRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n action: \"sts:AssumeRole\",\n }],\n },\n roleName: \"ScriptIAMRole\",\n policies: [{\n policyName: \"ScriptResourceIAMPolicy\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n resource: [\"*\"],\n }],\n },\n }],\n});\nconst scriptResource = new aws_native.gamelift.Script(\"scriptResource\", {\n name: \"MyRealtimeScript\",\n version: \"v1.0\",\n storageLocation: {\n bucket: \"MyBucketName\",\n key: \"MyScriptFiles.zip\",\n roleArn: iamRole.arn,\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\niam_role = aws_native.iam.Role(\"iamRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n \"action\": \"sts:AssumeRole\",\n }],\n },\n role_name=\"ScriptIAMRole\",\n policies=[{\n \"policy_name\": \"ScriptResourceIAMPolicy\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n \"resource\": [\"*\"],\n }],\n },\n }])\nscript_resource = aws_native.gamelift.Script(\"scriptResource\",\n name=\"MyRealtimeScript\",\n version=\"v1.0\",\n storage_location={\n \"bucket\": \"MyBucketName\",\n \"key\": \"MyScriptFiles.zip\",\n \"role_arn\": iam_role.arn,\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamRole = new AwsNative.Iam.Role(\"iamRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n [\"action\"] = \"sts:AssumeRole\",\n },\n },\n },\n RoleName = \"ScriptIAMRole\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"ScriptResourceIAMPolicy\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n },\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n },\n },\n },\n });\n\n var scriptResource = new AwsNative.GameLift.Script(\"scriptResource\", new()\n {\n Name = \"MyRealtimeScript\",\n Version = \"v1.0\",\n StorageLocation = new AwsNative.GameLift.Inputs.ScriptS3LocationArgs\n {\n Bucket = \"MyBucketName\",\n Key = \"MyScriptFiles.zip\",\n RoleArn = iamRole.Arn,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiamRole, err := iam.NewRole(ctx, \"iamRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tRoleName: pulumi.String(\"ScriptIAMRole\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"ScriptResourceIAMPolicy\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectVersion\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectMetadata\",\n\t\t\t\t\t\t\t\t\t\"s3:*Object*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gamelift.NewScript(ctx, \"scriptResource\", \u0026gamelift.ScriptArgs{\n\t\t\tName: pulumi.String(\"MyRealtimeScript\"),\n\t\t\tVersion: pulumi.String(\"v1.0\"),\n\t\t\tStorageLocation: \u0026gamelift.ScriptS3LocationArgs{\n\t\t\t\tBucket: pulumi.String(\"MyBucketName\"),\n\t\t\t\tKey: pulumi.String(\"MyScriptFiles.zip\"),\n\t\t\t\tRoleArn: iamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst iamRole = new aws_native.iam.Role(\"iamRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n action: \"sts:AssumeRole\",\n }],\n },\n roleName: \"ScriptIAMRole\",\n policies: [{\n policyName: \"ScriptResourceIAMPolicy\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n resource: [\"*\"],\n }],\n },\n }],\n});\nconst scriptResource = new aws_native.gamelift.Script(\"scriptResource\", {\n name: \"MyRealtimeScript\",\n version: \"v1.0\",\n storageLocation: {\n bucket: \"MyBucketName\",\n key: \"MyScriptFiles.zip\",\n roleArn: iamRole.arn,\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\niam_role = aws_native.iam.Role(\"iamRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n \"action\": \"sts:AssumeRole\",\n }],\n },\n role_name=\"ScriptIAMRole\",\n policies=[{\n \"policy_name\": \"ScriptResourceIAMPolicy\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n \"resource\": [\"*\"],\n }],\n },\n }])\nscript_resource = aws_native.gamelift.Script(\"scriptResource\",\n name=\"MyRealtimeScript\",\n version=\"v1.0\",\n storage_location={\n \"bucket\": \"MyBucketName\",\n \"key\": \"MyScriptFiles.zip\",\n \"role_arn\": iam_role.arn,\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var amazonGrafanaWorkspaceIAMRole = new AwsNative.Iam.Role(\"amazonGrafanaWorkspaceIAMRole\", new()\n {\n ManagedPolicyArns = new[]\n {\n \"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\",\n },\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"grafana.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n });\n\n var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace(\"amazonGrafanaWorkspace\", new()\n {\n AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,\n Name = \"AmazonGrafanaWorkspace\",\n Description = \"Amazon Grafana Workspace\",\n AuthenticationProviders = new[]\n {\n AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,\n },\n PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,\n GrafanaVersion = \"9.4\",\n RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,\n SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs\n {\n IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs\n {\n Xml = \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs\n {\n Name = \"displayName\",\n Login = \"login\",\n Email = \"email\",\n Groups = \"group\",\n Role = \"role\",\n Org = \"org\",\n },\n RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs\n {\n Editor = new[]\n {\n \"editor1\",\n },\n Admin = new[]\n {\n \"admin1\",\n },\n },\n AllowedOrganizations = new[]\n {\n \"org1\",\n },\n LoginValidityDuration = 60,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"workspaceEndpoint\"] = amazonGrafanaWorkspace.Endpoint,\n [\"workspaceStatus\"] = amazonGrafanaWorkspace.Status,\n [\"workspaceId\"] = amazonGrafanaWorkspace.Id,\n [\"grafanaVersion\"] = amazonGrafanaWorkspace.GrafanaVersion,\n };\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tamazonGrafanaWorkspaceIAMRole, err := iam.NewRole(ctx, \"amazonGrafanaWorkspaceIAMRole\", \u0026iam.RoleArgs{\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"),\n\t\t\t},\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"grafana.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamazonGrafanaWorkspace, err := grafana.NewWorkspace(ctx, \"amazonGrafanaWorkspace\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: grafana.WorkspaceAccountAccessTypeCurrentAccount,\n\t\t\tName: pulumi.String(\"AmazonGrafanaWorkspace\"),\n\t\t\tDescription: pulumi.String(\"Amazon Grafana Workspace\"),\n\t\t\tAuthenticationProviders: grafana.WorkspaceAuthenticationProviderTypesArray{\n\t\t\t\tgrafana.WorkspaceAuthenticationProviderTypesSaml,\n\t\t\t},\n\t\t\tPermissionType: grafana.WorkspacePermissionTypeCustomerManaged,\n\t\t\tGrafanaVersion: pulumi.String(\"9.4\"),\n\t\t\tRoleArn: amazonGrafanaWorkspaceIAMRole.Arn,\n\t\t\tSamlConfiguration: \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\t\tIdpMetadata: \u0026grafana.WorkspaceIdpMetadataArgs{\n\t\t\t\t\tXml: pulumi.String(\"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\"),\n\t\t\t\t},\n\t\t\t\tAssertionAttributes: \u0026grafana.WorkspaceAssertionAttributesArgs{\n\t\t\t\t\tName: pulumi.String(\"displayName\"),\n\t\t\t\t\tLogin: pulumi.String(\"login\"),\n\t\t\t\t\tEmail: pulumi.String(\"email\"),\n\t\t\t\t\tGroups: pulumi.String(\"group\"),\n\t\t\t\t\tRole: pulumi.String(\"role\"),\n\t\t\t\t\tOrg: pulumi.String(\"org\"),\n\t\t\t\t},\n\t\t\t\tRoleValues: \u0026grafana.WorkspaceRoleValuesArgs{\n\t\t\t\t\tEditor: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"editor1\"),\n\t\t\t\t\t},\n\t\t\t\t\tAdmin: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"admin1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAllowedOrganizations: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"org1\"),\n\t\t\t\t},\n\t\t\t\tLoginValidityDuration: pulumi.Float64(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"workspaceEndpoint\", amazonGrafanaWorkspace.Endpoint)\n\t\tctx.Export(\"workspaceStatus\", amazonGrafanaWorkspace.Status.ApplyT(func(x *string) grafana.WorkspaceStatus { return grafana.WorkspaceStatus(*x) }).(grafana.WorkspaceStatusOutput))\n\t\tctx.Export(\"workspaceId\", amazonGrafanaWorkspace.ID())\n\t\tctx.Export(\"grafanaVersion\", amazonGrafanaWorkspace.GrafanaVersion)\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\", {\n managedPolicyArns: [\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"grafana.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n});\nconst amazonGrafanaWorkspace = new aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\", {\n accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,\n name: \"AmazonGrafanaWorkspace\",\n description: \"Amazon Grafana Workspace\",\n authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],\n permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,\n grafanaVersion: \"9.4\",\n roleArn: amazonGrafanaWorkspaceIAMRole.arn,\n samlConfiguration: {\n idpMetadata: {\n xml: \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n assertionAttributes: {\n name: \"displayName\",\n login: \"login\",\n email: \"email\",\n groups: \"group\",\n role: \"role\",\n org: \"org\",\n },\n roleValues: {\n editor: [\"editor1\"],\n admin: [\"admin1\"],\n },\n allowedOrganizations: [\"org1\"],\n loginValidityDuration: 60,\n },\n});\nexport const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;\nexport const workspaceStatus = amazonGrafanaWorkspace.status;\nexport const workspaceId = amazonGrafanaWorkspace.id;\nexport const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\namazon_grafana_workspace_iam_role = aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\",\n managed_policy_arns=[\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"grafana.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n })\namazon_grafana_workspace = aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\",\n account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,\n name=\"AmazonGrafanaWorkspace\",\n description=\"Amazon Grafana Workspace\",\n authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],\n permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,\n grafana_version=\"9.4\",\n role_arn=amazon_grafana_workspace_iam_role.arn,\n saml_configuration={\n \"idp_metadata\": {\n \"xml\": \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n \"assertion_attributes\": {\n \"name\": \"displayName\",\n \"login\": \"login\",\n \"email\": \"email\",\n \"groups\": \"group\",\n \"role\": \"role\",\n \"org\": \"org\",\n },\n \"role_values\": {\n \"editor\": [\"editor1\"],\n \"admin\": [\"admin1\"],\n },\n \"allowed_organizations\": [\"org1\"],\n \"login_validity_duration\": 60,\n })\npulumi.export(\"workspaceEndpoint\", amazon_grafana_workspace.endpoint)\npulumi.export(\"workspaceStatus\", amazon_grafana_workspace.status)\npulumi.export(\"workspaceId\", amazon_grafana_workspace.id)\npulumi.export(\"grafanaVersion\", amazon_grafana_workspace.grafana_version)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var amazonGrafanaWorkspaceIAMRole = new AwsNative.Iam.Role(\"amazonGrafanaWorkspaceIAMRole\", new()\n {\n ManagedPolicyArns = new[]\n {\n \"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\",\n },\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"grafana.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n });\n\n var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace(\"amazonGrafanaWorkspace\", new()\n {\n AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,\n Name = \"AmazonGrafanaWorkspace\",\n Description = \"Amazon Grafana Workspace\",\n AuthenticationProviders = new[]\n {\n AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,\n },\n PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,\n GrafanaVersion = \"9.4\",\n RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,\n SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs\n {\n IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs\n {\n Xml = \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs\n {\n Name = \"displayName\",\n Login = \"login\",\n Email = \"email\",\n Groups = \"group\",\n Role = \"role\",\n Org = \"org\",\n },\n RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs\n {\n Editor = new[]\n {\n \"editor1\",\n },\n Admin = new[]\n {\n \"admin1\",\n },\n },\n AllowedOrganizations = new[]\n {\n \"org1\",\n },\n LoginValidityDuration = 60,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"workspaceEndpoint\"] = amazonGrafanaWorkspace.Endpoint,\n [\"workspaceStatus\"] = amazonGrafanaWorkspace.Status,\n [\"workspaceId\"] = amazonGrafanaWorkspace.Id,\n [\"grafanaVersion\"] = amazonGrafanaWorkspace.GrafanaVersion,\n };\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tamazonGrafanaWorkspaceIAMRole, err := iam.NewRole(ctx, \"amazonGrafanaWorkspaceIAMRole\", \u0026iam.RoleArgs{\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"),\n\t\t\t},\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"grafana.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamazonGrafanaWorkspace, err := grafana.NewWorkspace(ctx, \"amazonGrafanaWorkspace\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: grafana.WorkspaceAccountAccessTypeCurrentAccount,\n\t\t\tName: pulumi.String(\"AmazonGrafanaWorkspace\"),\n\t\t\tDescription: pulumi.String(\"Amazon Grafana Workspace\"),\n\t\t\tAuthenticationProviders: grafana.WorkspaceAuthenticationProviderTypesArray{\n\t\t\t\tgrafana.WorkspaceAuthenticationProviderTypesSaml,\n\t\t\t},\n\t\t\tPermissionType: grafana.WorkspacePermissionTypeCustomerManaged,\n\t\t\tGrafanaVersion: pulumi.String(\"9.4\"),\n\t\t\tRoleArn: amazonGrafanaWorkspaceIAMRole.Arn,\n\t\t\tSamlConfiguration: \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\t\tIdpMetadata: \u0026grafana.WorkspaceIdpMetadataArgs{\n\t\t\t\t\tXml: pulumi.String(\"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\"),\n\t\t\t\t},\n\t\t\t\tAssertionAttributes: \u0026grafana.WorkspaceAssertionAttributesArgs{\n\t\t\t\t\tName: pulumi.String(\"displayName\"),\n\t\t\t\t\tLogin: pulumi.String(\"login\"),\n\t\t\t\t\tEmail: pulumi.String(\"email\"),\n\t\t\t\t\tGroups: pulumi.String(\"group\"),\n\t\t\t\t\tRole: pulumi.String(\"role\"),\n\t\t\t\t\tOrg: pulumi.String(\"org\"),\n\t\t\t\t},\n\t\t\t\tRoleValues: \u0026grafana.WorkspaceRoleValuesArgs{\n\t\t\t\t\tEditor: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"editor1\"),\n\t\t\t\t\t},\n\t\t\t\t\tAdmin: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"admin1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAllowedOrganizations: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"org1\"),\n\t\t\t\t},\n\t\t\t\tLoginValidityDuration: pulumi.Float64(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"workspaceEndpoint\", amazonGrafanaWorkspace.Endpoint)\n\t\tctx.Export(\"workspaceStatus\", amazonGrafanaWorkspace.Status.ApplyT(func(x *string) grafana.WorkspaceStatus { return grafana.WorkspaceStatus(*x) }).(grafana.WorkspaceStatusOutput))\n\t\tctx.Export(\"workspaceId\", amazonGrafanaWorkspace.ID())\n\t\tctx.Export(\"grafanaVersion\", amazonGrafanaWorkspace.GrafanaVersion)\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\", {\n managedPolicyArns: [\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"grafana.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n});\nconst amazonGrafanaWorkspace = new aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\", {\n accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,\n name: \"AmazonGrafanaWorkspace\",\n description: \"Amazon Grafana Workspace\",\n authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],\n permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,\n grafanaVersion: \"9.4\",\n roleArn: amazonGrafanaWorkspaceIAMRole.arn,\n samlConfiguration: {\n idpMetadata: {\n xml: \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n assertionAttributes: {\n name: \"displayName\",\n login: \"login\",\n email: \"email\",\n groups: \"group\",\n role: \"role\",\n org: \"org\",\n },\n roleValues: {\n editor: [\"editor1\"],\n admin: [\"admin1\"],\n },\n allowedOrganizations: [\"org1\"],\n loginValidityDuration: 60,\n },\n});\nexport const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;\nexport const workspaceStatus = amazonGrafanaWorkspace.status;\nexport const workspaceId = amazonGrafanaWorkspace.id;\nexport const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\namazon_grafana_workspace_iam_role = aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\",\n managed_policy_arns=[\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"grafana.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n })\namazon_grafana_workspace = aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\",\n account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,\n name=\"AmazonGrafanaWorkspace\",\n description=\"Amazon Grafana Workspace\",\n authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],\n permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,\n grafana_version=\"9.4\",\n role_arn=amazon_grafana_workspace_iam_role.arn,\n saml_configuration={\n \"idp_metadata\": {\n \"xml\": \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n \"assertion_attributes\": {\n \"name\": \"displayName\",\n \"login\": \"login\",\n \"email\": \"email\",\n \"groups\": \"group\",\n \"role\": \"role\",\n \"org\": \"org\",\n },\n \"role_values\": {\n \"editor\": [\"editor1\"],\n \"admin\": [\"admin1\"],\n },\n \"allowed_organizations\": [\"org1\"],\n \"login_validity_duration\": 60,\n })\npulumi.export(\"workspaceEndpoint\", amazon_grafana_workspace.endpoint)\npulumi.export(\"workspaceStatus\", amazon_grafana_workspace.status)\npulumi.export(\"workspaceId\", amazon_grafana_workspace.id)\npulumi.export(\"grafanaVersion\", amazon_grafana_workspace.grafana_version)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rootRole = new AwsNative.Iam.Role(\"rootRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var rootInstanceProfile = new AwsNative.Iam.InstanceProfile(\"rootInstanceProfile\", new()\n {\n Path = \"/\",\n Roles = new[]\n {\n rootRole.Id,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trootRole, err := iam.NewRole(ctx, \"rootRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"rootInstanceProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tRoles: pulumi.StringArray{\n\t\t\t\trootRole.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst rootRole = new aws_native.iam.Role(\"rootRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"ec2.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst rootInstanceProfile = new aws_native.iam.InstanceProfile(\"rootInstanceProfile\", {\n path: \"/\",\n roles: [rootRole.id],\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nroot_role = aws_native.iam.Role(\"rootRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"ec2.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nroot_instance_profile = aws_native.iam.InstanceProfile(\"rootInstanceProfile\",\n path=\"/\",\n roles=[root_role.id])\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rootRole = new AwsNative.Iam.Role(\"rootRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var rootInstanceProfile = new AwsNative.Iam.InstanceProfile(\"rootInstanceProfile\", new()\n {\n Path = \"/\",\n Roles = new[]\n {\n rootRole.Id,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trootRole, err := iam.NewRole(ctx, \"rootRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"rootInstanceProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tRoles: pulumi.StringArray{\n\t\t\t\trootRole.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst rootRole = new aws_native.iam.Role(\"rootRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"ec2.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst rootInstanceProfile = new aws_native.iam.InstanceProfile(\"rootInstanceProfile\", {\n path: \"/\",\n roles: [rootRole.id],\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nroot_role = aws_native.iam.Role(\"rootRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"ec2.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nroot_instance_profile = aws_native.iam.InstanceProfile(\"rootInstanceProfile\",\n path=\"/\",\n roles=[root_role.id])\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var automationExecutionRole = new AwsNative.Iam.Role(\"automationExecutionRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ssm.amazonaws.com\",\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n ManagedPolicyArns = new[]\n {\n \"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\",\n },\n });\n\n var automationAssociation = new AwsNative.Ssm.Association(\"automationAssociation\", new()\n {\n Name = \"AWS-StopEC2Instance\",\n Parameters = \n {\n { \"automationAssumeRole\", new[]\n {\n \"AutomationExecutionRole.Arn\",\n } },\n },\n Targets = new[]\n {\n new AwsNative.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"ParameterValues\",\n Values = new[]\n {\n \"i-1234567890abcdef0\",\n },\n },\n },\n AutomationTargetParameterName = \"InstanceId\",\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"automationExecutionRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": \"ssm.amazonaws.com\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewAssociation(ctx, \"automationAssociation\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.String(\"AWS-StopEC2Instance\"),\n\t\t\tParameters: pulumi.StringArrayMap{\n\t\t\t\t\"automationAssumeRole\": pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"AutomationExecutionRole.Arn\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"ParameterValues\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"i-1234567890abcdef0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAutomationTargetParameterName: pulumi.String(\"InstanceId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst automationExecutionRole = new aws_native.iam.Role(\"automationExecutionRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: \"ssm.amazonaws.com\",\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n managedPolicyArns: [\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"],\n});\nconst automationAssociation = new aws_native.ssm.Association(\"automationAssociation\", {\n name: \"AWS-StopEC2Instance\",\n parameters: {\n automationAssumeRole: [\"AutomationExecutionRole.Arn\"],\n },\n targets: [{\n key: \"ParameterValues\",\n values: [\"i-1234567890abcdef0\"],\n }],\n automationTargetParameterName: \"InstanceId\",\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nautomation_execution_role = aws_native.iam.Role(\"automationExecutionRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"ssm.amazonaws.com\",\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n managed_policy_arns=[\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"])\nautomation_association = aws_native.ssm.Association(\"automationAssociation\",\n name=\"AWS-StopEC2Instance\",\n parameters={\n \"automationAssumeRole\": [\"AutomationExecutionRole.Arn\"],\n },\n targets=[{\n \"key\": \"ParameterValues\",\n \"values\": [\"i-1234567890abcdef0\"],\n }],\n automation_target_parameter_name=\"InstanceId\")\n\n```\n\n{{% /example %}}\n{{% /examples %}}\n", + "description": "Creates a new role for your AWS-account.\n For more information about roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *IAM User Guide*. For information about quotas for role names and the number of roles you can create, see [IAM and quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the *IAM User Guide*.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamRole = new AwsNative.Iam.Role(\"iamRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n [\"action\"] = \"sts:AssumeRole\",\n },\n },\n },\n RoleName = \"ScriptIAMRole\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"ScriptResourceIAMPolicy\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n },\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n },\n },\n },\n });\n\n var scriptResource = new AwsNative.GameLift.Script(\"scriptResource\", new()\n {\n Name = \"MyRealtimeScript\",\n Version = \"v1.0\",\n StorageLocation = new AwsNative.GameLift.Inputs.ScriptS3LocationArgs\n {\n Bucket = \"MyBucketName\",\n Key = \"MyScriptFiles.zip\",\n RoleArn = iamRole.Arn,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiamRole, err := iam.NewRole(ctx, \"iamRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tRoleName: pulumi.String(\"ScriptIAMRole\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"ScriptResourceIAMPolicy\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectVersion\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectMetadata\",\n\t\t\t\t\t\t\t\t\t\"s3:*Object*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gamelift.NewScript(ctx, \"scriptResource\", \u0026gamelift.ScriptArgs{\n\t\t\tName: pulumi.String(\"MyRealtimeScript\"),\n\t\t\tVersion: pulumi.String(\"v1.0\"),\n\t\t\tStorageLocation: \u0026gamelift.ScriptS3LocationArgs{\n\t\t\t\tBucket: pulumi.String(\"MyBucketName\"),\n\t\t\t\tKey: pulumi.String(\"MyScriptFiles.zip\"),\n\t\t\t\tRoleArn: iamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst iamRole = new aws_native.iam.Role(\"iamRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n action: \"sts:AssumeRole\",\n }],\n },\n roleName: \"ScriptIAMRole\",\n policies: [{\n policyName: \"ScriptResourceIAMPolicy\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n resource: [\"*\"],\n }],\n },\n }],\n});\nconst scriptResource = new aws_native.gamelift.Script(\"scriptResource\", {\n name: \"MyRealtimeScript\",\n version: \"v1.0\",\n storageLocation: {\n bucket: \"MyBucketName\",\n key: \"MyScriptFiles.zip\",\n roleArn: iamRole.arn,\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\niam_role = aws_native.iam.Role(\"iamRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n \"action\": \"sts:AssumeRole\",\n }],\n },\n role_name=\"ScriptIAMRole\",\n policies=[{\n \"policy_name\": \"ScriptResourceIAMPolicy\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n \"resource\": [\"*\"],\n }],\n },\n }])\nscript_resource = aws_native.gamelift.Script(\"scriptResource\",\n name=\"MyRealtimeScript\",\n version=\"v1.0\",\n storage_location={\n \"bucket\": \"MyBucketName\",\n \"key\": \"MyScriptFiles.zip\",\n \"role_arn\": iam_role.arn,\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamRole = new AwsNative.Iam.Role(\"iamRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n [\"action\"] = \"sts:AssumeRole\",\n },\n },\n },\n RoleName = \"ScriptIAMRole\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"ScriptResourceIAMPolicy\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n },\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n },\n },\n },\n });\n\n var scriptResource = new AwsNative.GameLift.Script(\"scriptResource\", new()\n {\n Name = \"MyRealtimeScript\",\n Version = \"v1.0\",\n StorageLocation = new AwsNative.GameLift.Inputs.ScriptS3LocationArgs\n {\n Bucket = \"MyBucketName\",\n Key = \"MyScriptFiles.zip\",\n RoleArn = iamRole.Arn,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiamRole, err := iam.NewRole(ctx, \"iamRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tRoleName: pulumi.String(\"ScriptIAMRole\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"ScriptResourceIAMPolicy\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectVersion\",\n\t\t\t\t\t\t\t\t\t\"s3:GetObjectMetadata\",\n\t\t\t\t\t\t\t\t\t\"s3:*Object*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gamelift.NewScript(ctx, \"scriptResource\", \u0026gamelift.ScriptArgs{\n\t\t\tName: pulumi.String(\"MyRealtimeScript\"),\n\t\t\tVersion: pulumi.String(\"v1.0\"),\n\t\t\tStorageLocation: \u0026gamelift.ScriptS3LocationArgs{\n\t\t\t\tBucket: pulumi.String(\"MyBucketName\"),\n\t\t\t\tKey: pulumi.String(\"MyScriptFiles.zip\"),\n\t\t\t\tRoleArn: iamRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst iamRole = new aws_native.iam.Role(\"iamRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n action: \"sts:AssumeRole\",\n }],\n },\n roleName: \"ScriptIAMRole\",\n policies: [{\n policyName: \"ScriptResourceIAMPolicy\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n resource: [\"*\"],\n }],\n },\n }],\n});\nconst scriptResource = new aws_native.gamelift.Script(\"scriptResource\", {\n name: \"MyRealtimeScript\",\n version: \"v1.0\",\n storageLocation: {\n bucket: \"MyBucketName\",\n key: \"MyScriptFiles.zip\",\n roleArn: iamRole.arn,\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\niam_role = aws_native.iam.Role(\"iamRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\n \"cloudformation.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n },\n \"action\": \"sts:AssumeRole\",\n }],\n },\n role_name=\"ScriptIAMRole\",\n policies=[{\n \"policy_name\": \"ScriptResourceIAMPolicy\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"s3:GetObject\",\n \"s3:GetObjectVersion\",\n \"s3:GetObjectMetadata\",\n \"s3:*Object*\",\n ],\n \"resource\": [\"*\"],\n }],\n },\n }])\nscript_resource = aws_native.gamelift.Script(\"scriptResource\",\n name=\"MyRealtimeScript\",\n version=\"v1.0\",\n storage_location={\n \"bucket\": \"MyBucketName\",\n \"key\": \"MyScriptFiles.zip\",\n \"role_arn\": iam_role.arn,\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myJobRole = new AwsNative.Iam.Role(\"myJobRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"glue.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var myJob = new AwsNative.Glue.Job(\"myJob\", new()\n {\n Command = new AwsNative.Glue.Inputs.JobCommandArgs\n {\n Name = \"glueetl\",\n ScriptLocation = \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n DefaultArguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n ExecutionProperty = new AwsNative.Glue.Inputs.JobExecutionPropertyArgs\n {\n MaxConcurrentRuns = 2,\n },\n MaxRetries = 0,\n Name = \"cf-job1\",\n Role = myJobRole.Id,\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyJobRole, err := iam.NewRole(ctx, \"myJobRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"glue.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewJob(ctx, \"myJob\", \u0026glue.JobArgs{\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"glueetl\"),\n\t\t\t\tScriptLocation: pulumi.String(\"s3://\u003cyour-S3-script-uri\u003e\"),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t}),\n\t\t\tExecutionProperty: \u0026glue.JobExecutionPropertyArgs{\n\t\t\t\tMaxConcurrentRuns: pulumi.Float64(2),\n\t\t\t},\n\t\t\tMaxRetries: pulumi.Float64(0),\n\t\t\tName: pulumi.String(\"cf-job1\"),\n\t\t\tRole: myJobRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myJobRole = new aws_native.iam.Role(\"myJobRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"glue.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst myJob = new aws_native.glue.Job(\"myJob\", {\n command: {\n name: \"glueetl\",\n scriptLocation: \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n defaultArguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n executionProperty: {\n maxConcurrentRuns: 2,\n },\n maxRetries: 0,\n name: \"cf-job1\",\n role: myJobRole.id,\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_job_role = aws_native.iam.Role(\"myJobRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"glue.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nmy_job = aws_native.glue.Job(\"myJob\",\n command={\n \"name\": \"glueetl\",\n \"script_location\": \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n default_arguments={\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n execution_property={\n \"max_concurrent_runs\": 2,\n },\n max_retries=0,\n name=\"cf-job1\",\n role=my_job_role.id)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myJobRole = new AwsNative.Iam.Role(\"myJobRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"glue.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var myJob = new AwsNative.Glue.Job(\"myJob\", new()\n {\n Command = new AwsNative.Glue.Inputs.JobCommandArgs\n {\n Name = \"glueetl\",\n ScriptLocation = \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n DefaultArguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n ExecutionProperty = new AwsNative.Glue.Inputs.JobExecutionPropertyArgs\n {\n MaxConcurrentRuns = 2,\n },\n MaxRetries = 0,\n Name = \"cf-job1\",\n Role = myJobRole.Id,\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyJobRole, err := iam.NewRole(ctx, \"myJobRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"glue.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewJob(ctx, \"myJob\", \u0026glue.JobArgs{\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"glueetl\"),\n\t\t\t\tScriptLocation: pulumi.String(\"s3://\u003cyour-S3-script-uri\u003e\"),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t}),\n\t\t\tExecutionProperty: \u0026glue.JobExecutionPropertyArgs{\n\t\t\t\tMaxConcurrentRuns: pulumi.Float64(2),\n\t\t\t},\n\t\t\tMaxRetries: pulumi.Float64(0),\n\t\t\tName: pulumi.String(\"cf-job1\"),\n\t\t\tRole: myJobRole.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myJobRole = new aws_native.iam.Role(\"myJobRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"glue.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst myJob = new aws_native.glue.Job(\"myJob\", {\n command: {\n name: \"glueetl\",\n scriptLocation: \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n defaultArguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n executionProperty: {\n maxConcurrentRuns: 2,\n },\n maxRetries: 0,\n name: \"cf-job1\",\n role: myJobRole.id,\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_job_role = aws_native.iam.Role(\"myJobRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"glue.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nmy_job = aws_native.glue.Job(\"myJob\",\n command={\n \"name\": \"glueetl\",\n \"script_location\": \"s3://\u003cyour-S3-script-uri\u003e\",\n },\n default_arguments={\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n execution_property={\n \"max_concurrent_runs\": 2,\n },\n max_retries=0,\n name=\"cf-job1\",\n role=my_job_role.id)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myJobTriggerRole = new AwsNative.Iam.Role(\"myJobTriggerRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"glue.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var myJob = new AwsNative.Glue.Job(\"myJob\", new()\n {\n Name = \"MyJobTriggerJob\",\n LogUri = \"wikiData\",\n Role = myJobTriggerRole.Id,\n Command = new AwsNative.Glue.Inputs.JobCommandArgs\n {\n Name = \"glueetl\",\n ScriptLocation = \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n DefaultArguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n MaxRetries = 0,\n });\n\n var myJobTrigger = new AwsNative.Glue.Trigger(\"myJobTrigger\", new()\n {\n Name = \"MyJobTrigger\",\n Type = \"CONDITIONAL\",\n Description = \"Description for a conditional job trigger\",\n Actions = new[]\n {\n new AwsNative.Glue.Inputs.TriggerActionArgs\n {\n JobName = myJob.Id,\n Arguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n },\n },\n Predicate = new AwsNative.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new AwsNative.Glue.Inputs.TriggerConditionArgs\n {\n LogicalOperator = \"EQUALS\",\n JobName = myJob.Id,\n State = \"SUCCEEDED\",\n },\n },\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyJobTriggerRole, err := iam.NewRole(ctx, \"myJobTriggerRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"glue.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyJob, err := glue.NewJob(ctx, \"myJob\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"MyJobTriggerJob\"),\n\t\t\tLogUri: pulumi.String(\"wikiData\"),\n\t\t\tRole: myJobTriggerRole.ID(),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"glueetl\"),\n\t\t\t\tScriptLocation: pulumi.String(\"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\"),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t}),\n\t\t\tMaxRetries: pulumi.Float64(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"myJobTrigger\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"MyJobTrigger\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tDescription: pulumi.String(\"Description for a conditional job trigger\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: myJob.ID(),\n\t\t\t\t\tArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerConditionArray{\n\t\t\t\t\t\u0026glue.TriggerConditionArgs{\n\t\t\t\t\t\tLogicalOperator: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tJobName: myJob.ID(),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myJobTriggerRole = new aws_native.iam.Role(\"myJobTriggerRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"glue.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst myJob = new aws_native.glue.Job(\"myJob\", {\n name: \"MyJobTriggerJob\",\n logUri: \"wikiData\",\n role: myJobTriggerRole.id,\n command: {\n name: \"glueetl\",\n scriptLocation: \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n defaultArguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n maxRetries: 0,\n});\nconst myJobTrigger = new aws_native.glue.Trigger(\"myJobTrigger\", {\n name: \"MyJobTrigger\",\n type: \"CONDITIONAL\",\n description: \"Description for a conditional job trigger\",\n actions: [{\n jobName: myJob.id,\n arguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n }],\n predicate: {\n conditions: [{\n logicalOperator: \"EQUALS\",\n jobName: myJob.id,\n state: \"SUCCEEDED\",\n }],\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_job_trigger_role = aws_native.iam.Role(\"myJobTriggerRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"glue.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nmy_job = aws_native.glue.Job(\"myJob\",\n name=\"MyJobTriggerJob\",\n log_uri=\"wikiData\",\n role=my_job_trigger_role.id,\n command={\n \"name\": \"glueetl\",\n \"script_location\": \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n default_arguments={\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n max_retries=0)\nmy_job_trigger = aws_native.glue.Trigger(\"myJobTrigger\",\n name=\"MyJobTrigger\",\n type=\"CONDITIONAL\",\n description=\"Description for a conditional job trigger\",\n actions=[{\n \"job_name\": my_job.id,\n \"arguments\": {\n \"__job_bookmark_option\": \"job-bookmark-enable\",\n },\n }],\n predicate={\n \"conditions\": [{\n \"logical_operator\": \"EQUALS\",\n \"job_name\": my_job.id,\n \"state\": \"SUCCEEDED\",\n }],\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myJobTriggerRole = new AwsNative.Iam.Role(\"myJobTriggerRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"glue.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var myJob = new AwsNative.Glue.Job(\"myJob\", new()\n {\n Name = \"MyJobTriggerJob\",\n LogUri = \"wikiData\",\n Role = myJobTriggerRole.Id,\n Command = new AwsNative.Glue.Inputs.JobCommandArgs\n {\n Name = \"glueetl\",\n ScriptLocation = \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n DefaultArguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n MaxRetries = 0,\n });\n\n var myJobTrigger = new AwsNative.Glue.Trigger(\"myJobTrigger\", new()\n {\n Name = \"MyJobTrigger\",\n Type = \"CONDITIONAL\",\n Description = \"Description for a conditional job trigger\",\n Actions = new[]\n {\n new AwsNative.Glue.Inputs.TriggerActionArgs\n {\n JobName = myJob.Id,\n Arguments = new Dictionary\u003cstring, object?\u003e\n {\n [\"--job-bookmark-option\"] = \"job-bookmark-enable\",\n },\n },\n },\n Predicate = new AwsNative.Glue.Inputs.TriggerPredicateArgs\n {\n Conditions = new[]\n {\n new AwsNative.Glue.Inputs.TriggerConditionArgs\n {\n LogicalOperator = \"EQUALS\",\n JobName = myJob.Id,\n State = \"SUCCEEDED\",\n },\n },\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/glue\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyJobTriggerRole, err := iam.NewRole(ctx, \"myJobTriggerRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"glue.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyJob, err := glue.NewJob(ctx, \"myJob\", \u0026glue.JobArgs{\n\t\t\tName: pulumi.String(\"MyJobTriggerJob\"),\n\t\t\tLogUri: pulumi.String(\"wikiData\"),\n\t\t\tRole: myJobTriggerRole.ID(),\n\t\t\tCommand: \u0026glue.JobCommandArgs{\n\t\t\t\tName: pulumi.String(\"glueetl\"),\n\t\t\t\tScriptLocation: pulumi.String(\"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\"),\n\t\t\t},\n\t\t\tDefaultArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t}),\n\t\t\tMaxRetries: pulumi.Float64(0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewTrigger(ctx, \"myJobTrigger\", \u0026glue.TriggerArgs{\n\t\t\tName: pulumi.String(\"MyJobTrigger\"),\n\t\t\tType: pulumi.String(\"CONDITIONAL\"),\n\t\t\tDescription: pulumi.String(\"Description for a conditional job trigger\"),\n\t\t\tActions: glue.TriggerActionArray{\n\t\t\t\t\u0026glue.TriggerActionArgs{\n\t\t\t\t\tJobName: myJob.ID(),\n\t\t\t\t\tArguments: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"--job-bookmark-option\": \"job-bookmark-enable\",\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPredicate: \u0026glue.TriggerPredicateArgs{\n\t\t\t\tConditions: glue.TriggerConditionArray{\n\t\t\t\t\t\u0026glue.TriggerConditionArgs{\n\t\t\t\t\t\tLogicalOperator: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tJobName: myJob.ID(),\n\t\t\t\t\t\tState: pulumi.String(\"SUCCEEDED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myJobTriggerRole = new aws_native.iam.Role(\"myJobTriggerRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"glue.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst myJob = new aws_native.glue.Job(\"myJob\", {\n name: \"MyJobTriggerJob\",\n logUri: \"wikiData\",\n role: myJobTriggerRole.id,\n command: {\n name: \"glueetl\",\n scriptLocation: \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n defaultArguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n maxRetries: 0,\n});\nconst myJobTrigger = new aws_native.glue.Trigger(\"myJobTrigger\", {\n name: \"MyJobTrigger\",\n type: \"CONDITIONAL\",\n description: \"Description for a conditional job trigger\",\n actions: [{\n jobName: myJob.id,\n arguments: {\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n }],\n predicate: {\n conditions: [{\n logicalOperator: \"EQUALS\",\n jobName: myJob.id,\n state: \"SUCCEEDED\",\n }],\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_job_trigger_role = aws_native.iam.Role(\"myJobTriggerRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"glue.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nmy_job = aws_native.glue.Job(\"myJob\",\n name=\"MyJobTriggerJob\",\n log_uri=\"wikiData\",\n role=my_job_trigger_role.id,\n command={\n \"name\": \"glueetl\",\n \"script_location\": \"s3://testdata-bucket/s3-target/create-delete-job-xtf-ETL-s3-json-to-csv.py\",\n },\n default_arguments={\n \"--job-bookmark-option\": \"job-bookmark-enable\",\n },\n max_retries=0)\nmy_job_trigger = aws_native.glue.Trigger(\"myJobTrigger\",\n name=\"MyJobTrigger\",\n type=\"CONDITIONAL\",\n description=\"Description for a conditional job trigger\",\n actions=[{\n \"job_name\": my_job.id,\n \"arguments\": {\n \"__job_bookmark_option\": \"job-bookmark-enable\",\n },\n }],\n predicate={\n \"conditions\": [{\n \"logical_operator\": \"EQUALS\",\n \"job_name\": my_job.id,\n \"state\": \"SUCCEEDED\",\n }],\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var amazonGrafanaWorkspaceIAMRole = new AwsNative.Iam.Role(\"amazonGrafanaWorkspaceIAMRole\", new()\n {\n ManagedPolicyArns = new[]\n {\n \"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\",\n },\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"grafana.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n });\n\n var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace(\"amazonGrafanaWorkspace\", new()\n {\n AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,\n Name = \"AmazonGrafanaWorkspace\",\n Description = \"Amazon Grafana Workspace\",\n AuthenticationProviders = new[]\n {\n AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,\n },\n PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,\n GrafanaVersion = \"9.4\",\n RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,\n SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs\n {\n IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs\n {\n Xml = \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs\n {\n Name = \"displayName\",\n Login = \"login\",\n Email = \"email\",\n Groups = \"group\",\n Role = \"role\",\n Org = \"org\",\n },\n RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs\n {\n Editor = new[]\n {\n \"editor1\",\n },\n Admin = new[]\n {\n \"admin1\",\n },\n },\n AllowedOrganizations = new[]\n {\n \"org1\",\n },\n LoginValidityDuration = 60,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"workspaceEndpoint\"] = amazonGrafanaWorkspace.Endpoint,\n [\"workspaceStatus\"] = amazonGrafanaWorkspace.Status,\n [\"workspaceId\"] = amazonGrafanaWorkspace.Id,\n [\"grafanaVersion\"] = amazonGrafanaWorkspace.GrafanaVersion,\n };\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tamazonGrafanaWorkspaceIAMRole, err := iam.NewRole(ctx, \"amazonGrafanaWorkspaceIAMRole\", \u0026iam.RoleArgs{\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"),\n\t\t\t},\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"grafana.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamazonGrafanaWorkspace, err := grafana.NewWorkspace(ctx, \"amazonGrafanaWorkspace\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: grafana.WorkspaceAccountAccessTypeCurrentAccount,\n\t\t\tName: pulumi.String(\"AmazonGrafanaWorkspace\"),\n\t\t\tDescription: pulumi.String(\"Amazon Grafana Workspace\"),\n\t\t\tAuthenticationProviders: grafana.WorkspaceAuthenticationProviderTypesArray{\n\t\t\t\tgrafana.WorkspaceAuthenticationProviderTypesSaml,\n\t\t\t},\n\t\t\tPermissionType: grafana.WorkspacePermissionTypeCustomerManaged,\n\t\t\tGrafanaVersion: pulumi.String(\"9.4\"),\n\t\t\tRoleArn: amazonGrafanaWorkspaceIAMRole.Arn,\n\t\t\tSamlConfiguration: \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\t\tIdpMetadata: \u0026grafana.WorkspaceIdpMetadataArgs{\n\t\t\t\t\tXml: pulumi.String(\"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\"),\n\t\t\t\t},\n\t\t\t\tAssertionAttributes: \u0026grafana.WorkspaceAssertionAttributesArgs{\n\t\t\t\t\tName: pulumi.String(\"displayName\"),\n\t\t\t\t\tLogin: pulumi.String(\"login\"),\n\t\t\t\t\tEmail: pulumi.String(\"email\"),\n\t\t\t\t\tGroups: pulumi.String(\"group\"),\n\t\t\t\t\tRole: pulumi.String(\"role\"),\n\t\t\t\t\tOrg: pulumi.String(\"org\"),\n\t\t\t\t},\n\t\t\t\tRoleValues: \u0026grafana.WorkspaceRoleValuesArgs{\n\t\t\t\t\tEditor: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"editor1\"),\n\t\t\t\t\t},\n\t\t\t\t\tAdmin: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"admin1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAllowedOrganizations: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"org1\"),\n\t\t\t\t},\n\t\t\t\tLoginValidityDuration: pulumi.Float64(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"workspaceEndpoint\", amazonGrafanaWorkspace.Endpoint)\n\t\tctx.Export(\"workspaceStatus\", amazonGrafanaWorkspace.Status.ApplyT(func(x *string) grafana.WorkspaceStatus { return grafana.WorkspaceStatus(*x) }).(grafana.WorkspaceStatusOutput))\n\t\tctx.Export(\"workspaceId\", amazonGrafanaWorkspace.ID())\n\t\tctx.Export(\"grafanaVersion\", amazonGrafanaWorkspace.GrafanaVersion)\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\", {\n managedPolicyArns: [\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"grafana.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n});\nconst amazonGrafanaWorkspace = new aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\", {\n accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,\n name: \"AmazonGrafanaWorkspace\",\n description: \"Amazon Grafana Workspace\",\n authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],\n permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,\n grafanaVersion: \"9.4\",\n roleArn: amazonGrafanaWorkspaceIAMRole.arn,\n samlConfiguration: {\n idpMetadata: {\n xml: \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n assertionAttributes: {\n name: \"displayName\",\n login: \"login\",\n email: \"email\",\n groups: \"group\",\n role: \"role\",\n org: \"org\",\n },\n roleValues: {\n editor: [\"editor1\"],\n admin: [\"admin1\"],\n },\n allowedOrganizations: [\"org1\"],\n loginValidityDuration: 60,\n },\n});\nexport const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;\nexport const workspaceStatus = amazonGrafanaWorkspace.status;\nexport const workspaceId = amazonGrafanaWorkspace.id;\nexport const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\namazon_grafana_workspace_iam_role = aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\",\n managed_policy_arns=[\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"grafana.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n })\namazon_grafana_workspace = aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\",\n account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,\n name=\"AmazonGrafanaWorkspace\",\n description=\"Amazon Grafana Workspace\",\n authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],\n permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,\n grafana_version=\"9.4\",\n role_arn=amazon_grafana_workspace_iam_role.arn,\n saml_configuration={\n \"idp_metadata\": {\n \"xml\": \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n \"assertion_attributes\": {\n \"name\": \"displayName\",\n \"login\": \"login\",\n \"email\": \"email\",\n \"groups\": \"group\",\n \"role\": \"role\",\n \"org\": \"org\",\n },\n \"role_values\": {\n \"editor\": [\"editor1\"],\n \"admin\": [\"admin1\"],\n },\n \"allowed_organizations\": [\"org1\"],\n \"login_validity_duration\": 60,\n })\npulumi.export(\"workspaceEndpoint\", amazon_grafana_workspace.endpoint)\npulumi.export(\"workspaceStatus\", amazon_grafana_workspace.status)\npulumi.export(\"workspaceId\", amazon_grafana_workspace.id)\npulumi.export(\"grafanaVersion\", amazon_grafana_workspace.grafana_version)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var amazonGrafanaWorkspaceIAMRole = new AwsNative.Iam.Role(\"amazonGrafanaWorkspaceIAMRole\", new()\n {\n ManagedPolicyArns = new[]\n {\n \"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\",\n },\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"grafana.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n });\n\n var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace(\"amazonGrafanaWorkspace\", new()\n {\n AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,\n Name = \"AmazonGrafanaWorkspace\",\n Description = \"Amazon Grafana Workspace\",\n AuthenticationProviders = new[]\n {\n AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,\n },\n PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,\n GrafanaVersion = \"9.4\",\n RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,\n SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs\n {\n IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs\n {\n Xml = \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs\n {\n Name = \"displayName\",\n Login = \"login\",\n Email = \"email\",\n Groups = \"group\",\n Role = \"role\",\n Org = \"org\",\n },\n RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs\n {\n Editor = new[]\n {\n \"editor1\",\n },\n Admin = new[]\n {\n \"admin1\",\n },\n },\n AllowedOrganizations = new[]\n {\n \"org1\",\n },\n LoginValidityDuration = 60,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"workspaceEndpoint\"] = amazonGrafanaWorkspace.Endpoint,\n [\"workspaceStatus\"] = amazonGrafanaWorkspace.Status,\n [\"workspaceId\"] = amazonGrafanaWorkspace.Id,\n [\"grafanaVersion\"] = amazonGrafanaWorkspace.GrafanaVersion,\n };\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tamazonGrafanaWorkspaceIAMRole, err := iam.NewRole(ctx, \"amazonGrafanaWorkspaceIAMRole\", \u0026iam.RoleArgs{\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"),\n\t\t\t},\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"grafana.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tamazonGrafanaWorkspace, err := grafana.NewWorkspace(ctx, \"amazonGrafanaWorkspace\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: grafana.WorkspaceAccountAccessTypeCurrentAccount,\n\t\t\tName: pulumi.String(\"AmazonGrafanaWorkspace\"),\n\t\t\tDescription: pulumi.String(\"Amazon Grafana Workspace\"),\n\t\t\tAuthenticationProviders: grafana.WorkspaceAuthenticationProviderTypesArray{\n\t\t\t\tgrafana.WorkspaceAuthenticationProviderTypesSaml,\n\t\t\t},\n\t\t\tPermissionType: grafana.WorkspacePermissionTypeCustomerManaged,\n\t\t\tGrafanaVersion: pulumi.String(\"9.4\"),\n\t\t\tRoleArn: amazonGrafanaWorkspaceIAMRole.Arn,\n\t\t\tSamlConfiguration: \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\t\tIdpMetadata: \u0026grafana.WorkspaceIdpMetadataArgs{\n\t\t\t\t\tXml: pulumi.String(\"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\"),\n\t\t\t\t},\n\t\t\t\tAssertionAttributes: \u0026grafana.WorkspaceAssertionAttributesArgs{\n\t\t\t\t\tName: pulumi.String(\"displayName\"),\n\t\t\t\t\tLogin: pulumi.String(\"login\"),\n\t\t\t\t\tEmail: pulumi.String(\"email\"),\n\t\t\t\t\tGroups: pulumi.String(\"group\"),\n\t\t\t\t\tRole: pulumi.String(\"role\"),\n\t\t\t\t\tOrg: pulumi.String(\"org\"),\n\t\t\t\t},\n\t\t\t\tRoleValues: \u0026grafana.WorkspaceRoleValuesArgs{\n\t\t\t\t\tEditor: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"editor1\"),\n\t\t\t\t\t},\n\t\t\t\t\tAdmin: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"admin1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAllowedOrganizations: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"org1\"),\n\t\t\t\t},\n\t\t\t\tLoginValidityDuration: pulumi.Float64(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"workspaceEndpoint\", amazonGrafanaWorkspace.Endpoint)\n\t\tctx.Export(\"workspaceStatus\", amazonGrafanaWorkspace.Status.ApplyT(func(x *string) grafana.WorkspaceStatus { return grafana.WorkspaceStatus(*x) }).(grafana.WorkspaceStatusOutput))\n\t\tctx.Export(\"workspaceId\", amazonGrafanaWorkspace.ID())\n\t\tctx.Export(\"grafanaVersion\", amazonGrafanaWorkspace.GrafanaVersion)\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\", {\n managedPolicyArns: [\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"grafana.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n});\nconst amazonGrafanaWorkspace = new aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\", {\n accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,\n name: \"AmazonGrafanaWorkspace\",\n description: \"Amazon Grafana Workspace\",\n authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],\n permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,\n grafanaVersion: \"9.4\",\n roleArn: amazonGrafanaWorkspaceIAMRole.arn,\n samlConfiguration: {\n idpMetadata: {\n xml: \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n assertionAttributes: {\n name: \"displayName\",\n login: \"login\",\n email: \"email\",\n groups: \"group\",\n role: \"role\",\n org: \"org\",\n },\n roleValues: {\n editor: [\"editor1\"],\n admin: [\"admin1\"],\n },\n allowedOrganizations: [\"org1\"],\n loginValidityDuration: 60,\n },\n});\nexport const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;\nexport const workspaceStatus = amazonGrafanaWorkspace.status;\nexport const workspaceId = amazonGrafanaWorkspace.id;\nexport const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\namazon_grafana_workspace_iam_role = aws_native.iam.Role(\"amazonGrafanaWorkspaceIAMRole\",\n managed_policy_arns=[\"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess\"],\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"grafana.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n })\namazon_grafana_workspace = aws_native.grafana.Workspace(\"amazonGrafanaWorkspace\",\n account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,\n name=\"AmazonGrafanaWorkspace\",\n description=\"Amazon Grafana Workspace\",\n authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],\n permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,\n grafana_version=\"9.4\",\n role_arn=amazon_grafana_workspace_iam_role.arn,\n saml_configuration={\n \"idp_metadata\": {\n \"xml\": \"\u003cmd:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'\u003eDATA\u003c/md:EntityDescriptor\u003e\",\n },\n \"assertion_attributes\": {\n \"name\": \"displayName\",\n \"login\": \"login\",\n \"email\": \"email\",\n \"groups\": \"group\",\n \"role\": \"role\",\n \"org\": \"org\",\n },\n \"role_values\": {\n \"editor\": [\"editor1\"],\n \"admin\": [\"admin1\"],\n },\n \"allowed_organizations\": [\"org1\"],\n \"login_validity_duration\": 60,\n })\npulumi.export(\"workspaceEndpoint\", amazon_grafana_workspace.endpoint)\npulumi.export(\"workspaceStatus\", amazon_grafana_workspace.status)\npulumi.export(\"workspaceId\", amazon_grafana_workspace.id)\npulumi.export(\"grafanaVersion\", amazon_grafana_workspace.grafana_version)\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rootRole = new AwsNative.Iam.Role(\"rootRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var rootInstanceProfile = new AwsNative.Iam.InstanceProfile(\"rootInstanceProfile\", new()\n {\n Path = \"/\",\n Roles = new[]\n {\n rootRole.Id,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trootRole, err := iam.NewRole(ctx, \"rootRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"rootInstanceProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tRoles: pulumi.StringArray{\n\t\t\t\trootRole.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst rootRole = new aws_native.iam.Role(\"rootRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"ec2.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst rootInstanceProfile = new aws_native.iam.InstanceProfile(\"rootInstanceProfile\", {\n path: \"/\",\n roles: [rootRole.id],\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nroot_role = aws_native.iam.Role(\"rootRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"ec2.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nroot_instance_profile = aws_native.iam.InstanceProfile(\"rootInstanceProfile\",\n path=\"/\",\n roles=[root_role.id])\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rootRole = new AwsNative.Iam.Role(\"rootRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n Policies = new[]\n {\n new AwsNative.Iam.Inputs.RolePolicyArgs\n {\n PolicyName = \"root\",\n PolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"*\",\n [\"resource\"] = \"*\",\n },\n },\n },\n },\n },\n });\n\n var rootInstanceProfile = new AwsNative.Iam.InstanceProfile(\"rootInstanceProfile\", new()\n {\n Path = \"/\",\n Roles = new[]\n {\n rootRole.Id,\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trootRole, err := iam.NewRole(ctx, \"rootRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tPolicies: iam.RolePolicyTypeArray{\n\t\t\t\t\u0026iam.RolePolicyTypeArgs{\n\t\t\t\t\tPolicyName: pulumi.String(\"root\"),\n\t\t\t\t\tPolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewInstanceProfile(ctx, \"rootInstanceProfile\", \u0026iam.InstanceProfileArgs{\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tRoles: pulumi.StringArray{\n\t\t\t\trootRole.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst rootRole = new aws_native.iam.Role(\"rootRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: [\"ec2.amazonaws.com\"],\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n policies: [{\n policyName: \"root\",\n policyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"*\",\n resource: \"*\",\n }],\n },\n }],\n});\nconst rootInstanceProfile = new aws_native.iam.InstanceProfile(\"rootInstanceProfile\", {\n path: \"/\",\n roles: [rootRole.id],\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nroot_role = aws_native.iam.Role(\"rootRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": [\"ec2.amazonaws.com\"],\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n policies=[{\n \"policy_name\": \"root\",\n \"policy_document\": {\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"*\",\n \"resource\": \"*\",\n }],\n },\n }])\nroot_instance_profile = aws_native.iam.InstanceProfile(\"rootInstanceProfile\",\n path=\"/\",\n roles=[root_role.id])\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var automationExecutionRole = new AwsNative.Iam.Role(\"automationExecutionRole\", new()\n {\n AssumeRolePolicyDocument = new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ssm.amazonaws.com\",\n },\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n },\n Path = \"/\",\n ManagedPolicyArns = new[]\n {\n \"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\",\n },\n });\n\n var automationAssociation = new AwsNative.Ssm.Association(\"automationAssociation\", new()\n {\n Name = \"AWS-StopEC2Instance\",\n Parameters = \n {\n { \"automationAssumeRole\", new[]\n {\n \"AutomationExecutionRole.Arn\",\n } },\n },\n Targets = new[]\n {\n new AwsNative.Ssm.Inputs.AssociationTargetArgs\n {\n Key = \"ParameterValues\",\n Values = new[]\n {\n \"i-1234567890abcdef0\",\n },\n },\n },\n AutomationTargetParameterName = \"InstanceId\",\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"automationExecutionRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicyDocument: pulumi.Any(map[string]interface{}{\n\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\"service\": \"ssm.amazonaws.com\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewAssociation(ctx, \"automationAssociation\", \u0026ssm.AssociationArgs{\n\t\t\tName: pulumi.String(\"AWS-StopEC2Instance\"),\n\t\t\tParameters: pulumi.StringArrayMap{\n\t\t\t\t\"automationAssumeRole\": pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"AutomationExecutionRole.Arn\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTargets: ssm.AssociationTargetArray{\n\t\t\t\t\u0026ssm.AssociationTargetArgs{\n\t\t\t\t\tKey: pulumi.String(\"ParameterValues\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"i-1234567890abcdef0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tAutomationTargetParameterName: pulumi.String(\"InstanceId\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst automationExecutionRole = new aws_native.iam.Role(\"automationExecutionRole\", {\n assumeRolePolicyDocument: {\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: \"ssm.amazonaws.com\",\n },\n action: [\"sts:AssumeRole\"],\n }],\n },\n path: \"/\",\n managedPolicyArns: [\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"],\n});\nconst automationAssociation = new aws_native.ssm.Association(\"automationAssociation\", {\n name: \"AWS-StopEC2Instance\",\n parameters: {\n automationAssumeRole: [\"AutomationExecutionRole.Arn\"],\n },\n targets: [{\n key: \"ParameterValues\",\n values: [\"i-1234567890abcdef0\"],\n }],\n automationTargetParameterName: \"InstanceId\",\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nautomation_execution_role = aws_native.iam.Role(\"automationExecutionRole\",\n assume_role_policy_document={\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"ssm.amazonaws.com\",\n },\n \"action\": [\"sts:AssumeRole\"],\n }],\n },\n path=\"/\",\n managed_policy_arns=[\"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess\"])\nautomation_association = aws_native.ssm.Association(\"automationAssociation\",\n name=\"AWS-StopEC2Instance\",\n parameters={\n \"automationAssumeRole\": [\"AutomationExecutionRole.Arn\"],\n },\n targets=[{\n \"key\": \"ParameterValues\",\n \"values\": [\"i-1234567890abcdef0\"],\n }],\n automation_target_parameter_name=\"InstanceId\")\n\n```\n\n{{% /example %}}\n{{% /examples %}}\n", "properties": { "arn": { "type": "string", @@ -235979,6 +236504,96 @@ "type" ] }, + "aws-native:quicksight:Folder": { + "description": "Definition of the AWS::QuickSight::Folder Resource Type.", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the folder.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was created.\u003c/p\u003e" + }, + "folderId": { + "type": "string", + "replaceOnChanges": true + }, + "folderType": { + "$ref": "#/types/aws-native:quicksight:FolderType", + "replaceOnChanges": true + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string" + }, + "parentFolderArn": { + "type": "string", + "replaceOnChanges": true + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:FolderResourcePermission" + } + }, + "sharingModel": { + "$ref": "#/types/aws-native:quicksight:FolderSharingModel", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "type": "object", + "required": [ + "arn", + "createdTime", + "lastUpdatedTime" + ], + "inputProperties": { + "awsAccountId": { + "type": "string" + }, + "folderId": { + "type": "string" + }, + "folderType": { + "$ref": "#/types/aws-native:quicksight:FolderType" + }, + "name": { + "type": "string" + }, + "parentFolderArn": { + "type": "string" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:FolderResourcePermission" + } + }, + "sharingModel": { + "$ref": "#/types/aws-native:quicksight:FolderSharingModel" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + } + }, "aws-native:quicksight:RefreshSchedule": { "description": "Definition of the AWS::QuickSight::RefreshSchedule Resource Type.", "properties": { @@ -245609,7 +246224,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } }, "type": "object", @@ -245661,7 +246276,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } }, "requiredInputs": [ @@ -247603,7 +248218,7 @@ ] }, "aws-native:secretsmanager:Secret": { - "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n For RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html).\n For RS admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html).\n To retrieve a secret in a CFNshort template, use a *dynamic reference*. For more information, see [Retrieve a secret in an resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html).\n For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).\n For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html).", + "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n For RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html).\n For RS admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html).\n To retrieve a secret in a CFNshort template, use a *dynamic reference*. For more information, see [Retrieve a secret in an resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html).\n For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).\n For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myRedshiftSecret = new AwsNative.SecretsManager.Secret(\"myRedshiftSecret\", new()\n {\n Description = \"This is a Secrets Manager secret for a Redshift cluster\",\n GenerateSecretString = new AwsNative.SecretsManager.Inputs.SecretGenerateSecretStringArgs\n {\n SecretStringTemplate = \"{\\\"username\\\": \\\"admin\\\"}\",\n GenerateStringKey = \"password\",\n PasswordLength = 16,\n ExcludeCharacters = \"\\\"'@/\\\\\",\n },\n });\n\n var myRedshiftCluster = new AwsNative.Redshift.Cluster(\"myRedshiftCluster\", new()\n {\n DbName = \"myjsondb\",\n MasterUsername = myRedshiftSecret.Id.Apply(id =\u003e $\"{{{{resolve:secretsmanager:{id}::username}}}}\"),\n MasterUserPassword = myRedshiftSecret.Id.Apply(id =\u003e $\"{{{{resolve:secretsmanager:{id}::password}}}}\"),\n NodeType = \"ds2.xlarge\",\n ClusterType = \"single-node\",\n });\n\n var secretRedshiftAttachment = new AwsNative.SecretsManager.SecretTargetAttachment(\"secretRedshiftAttachment\", new()\n {\n SecretId = myRedshiftSecret.Id,\n TargetId = myRedshiftCluster.Id,\n TargetType = \"AWS::Redshift::Cluster\",\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyRedshiftSecret, err := secretsmanager.NewSecret(ctx, \"myRedshiftSecret\", \u0026secretsmanager.SecretArgs{\n\t\t\tDescription: pulumi.String(\"This is a Secrets Manager secret for a Redshift cluster\"),\n\t\t\tGenerateSecretString: \u0026secretsmanager.SecretGenerateSecretStringArgs{\n\t\t\t\tSecretStringTemplate: pulumi.String(\"{\\\"username\\\": \\\"admin\\\"}\"),\n\t\t\t\tGenerateStringKey: pulumi.String(\"password\"),\n\t\t\t\tPasswordLength: pulumi.Int(16),\n\t\t\t\tExcludeCharacters: pulumi.String(\"\\\"'@/\\\\\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyRedshiftCluster, err := redshift.NewCluster(ctx, \"myRedshiftCluster\", \u0026redshift.ClusterArgs{\n\t\t\tDbName: pulumi.String(\"myjsondb\"),\n\t\t\tMasterUsername: myRedshiftSecret.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"{{resolve:secretsmanager:%v::username}}\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tMasterUserPassword: myRedshiftSecret.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"{{resolve:secretsmanager:%v::password}}\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tNodeType: pulumi.String(\"ds2.xlarge\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretsmanager.NewSecretTargetAttachment(ctx, \"secretRedshiftAttachment\", \u0026secretsmanager.SecretTargetAttachmentArgs{\n\t\t\tSecretId: myRedshiftSecret.ID(),\n\t\t\tTargetId: myRedshiftCluster.ID(),\n\t\t\tTargetType: pulumi.String(\"AWS::Redshift::Cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myRedshiftSecret = new aws_native.secretsmanager.Secret(\"myRedshiftSecret\", {\n description: \"This is a Secrets Manager secret for a Redshift cluster\",\n generateSecretString: {\n secretStringTemplate: \"{\\\"username\\\": \\\"admin\\\"}\",\n generateStringKey: \"password\",\n passwordLength: 16,\n excludeCharacters: \"\\\"'@/\\\\\",\n },\n});\nconst myRedshiftCluster = new aws_native.redshift.Cluster(\"myRedshiftCluster\", {\n dbName: \"myjsondb\",\n masterUsername: pulumi.interpolate`{{resolve:secretsmanager:${myRedshiftSecret.id}::username}}`,\n masterUserPassword: pulumi.interpolate`{{resolve:secretsmanager:${myRedshiftSecret.id}::password}}`,\n nodeType: \"ds2.xlarge\",\n clusterType: \"single-node\",\n});\nconst secretRedshiftAttachment = new aws_native.secretsmanager.SecretTargetAttachment(\"secretRedshiftAttachment\", {\n secretId: myRedshiftSecret.id,\n targetId: myRedshiftCluster.id,\n targetType: \"AWS::Redshift::Cluster\",\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_redshift_secret = aws_native.secretsmanager.Secret(\"myRedshiftSecret\",\n description=\"This is a Secrets Manager secret for a Redshift cluster\",\n generate_secret_string={\n \"secret_string_template\": \"{\\\"username\\\": \\\"admin\\\"}\",\n \"generate_string_key\": \"password\",\n \"password_length\": 16,\n \"exclude_characters\": \"\\\"'@/\\\\\",\n })\nmy_redshift_cluster = aws_native.redshift.Cluster(\"myRedshiftCluster\",\n db_name=\"myjsondb\",\n master_username=my_redshift_secret.id.apply(lambda id: f\"{{{{resolve:secretsmanager:{id}::username}}}}\"),\n master_user_password=my_redshift_secret.id.apply(lambda id: f\"{{{{resolve:secretsmanager:{id}::password}}}}\"),\n node_type=\"ds2.xlarge\",\n cluster_type=\"single-node\")\nsecret_redshift_attachment = aws_native.secretsmanager.SecretTargetAttachment(\"secretRedshiftAttachment\",\n secret_id=my_redshift_secret.id,\n target_id=my_redshift_cluster.id,\n target_type=\"AWS::Redshift::Cluster\")\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myRedshiftSecret = new AwsNative.SecretsManager.Secret(\"myRedshiftSecret\", new()\n {\n Description = \"This is a Secrets Manager secret for a Redshift cluster\",\n GenerateSecretString = new AwsNative.SecretsManager.Inputs.SecretGenerateSecretStringArgs\n {\n SecretStringTemplate = \"{\\\"username\\\": \\\"admin\\\"}\",\n GenerateStringKey = \"password\",\n PasswordLength = 16,\n ExcludeCharacters = \"\\\"'@/\\\\\",\n },\n });\n\n var myRedshiftCluster = new AwsNative.Redshift.Cluster(\"myRedshiftCluster\", new()\n {\n DbName = \"myjsondb\",\n MasterUsername = myRedshiftSecret.Id.Apply(id =\u003e $\"{{{{resolve:secretsmanager:{id}::username}}}}\"),\n MasterUserPassword = myRedshiftSecret.Id.Apply(id =\u003e $\"{{{{resolve:secretsmanager:{id}::password}}}}\"),\n NodeType = \"ds2.xlarge\",\n ClusterType = \"single-node\",\n });\n\n var secretRedshiftAttachment = new AwsNative.SecretsManager.SecretTargetAttachment(\"secretRedshiftAttachment\", new()\n {\n SecretId = myRedshiftSecret.Id,\n TargetId = myRedshiftCluster.Id,\n TargetType = \"AWS::Redshift::Cluster\",\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyRedshiftSecret, err := secretsmanager.NewSecret(ctx, \"myRedshiftSecret\", \u0026secretsmanager.SecretArgs{\n\t\t\tDescription: pulumi.String(\"This is a Secrets Manager secret for a Redshift cluster\"),\n\t\t\tGenerateSecretString: \u0026secretsmanager.SecretGenerateSecretStringArgs{\n\t\t\t\tSecretStringTemplate: pulumi.String(\"{\\\"username\\\": \\\"admin\\\"}\"),\n\t\t\t\tGenerateStringKey: pulumi.String(\"password\"),\n\t\t\t\tPasswordLength: pulumi.Int(16),\n\t\t\t\tExcludeCharacters: pulumi.String(\"\\\"'@/\\\\\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyRedshiftCluster, err := redshift.NewCluster(ctx, \"myRedshiftCluster\", \u0026redshift.ClusterArgs{\n\t\t\tDbName: pulumi.String(\"myjsondb\"),\n\t\t\tMasterUsername: myRedshiftSecret.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"{{resolve:secretsmanager:%v::username}}\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tMasterUserPassword: myRedshiftSecret.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"{{resolve:secretsmanager:%v::password}}\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tNodeType: pulumi.String(\"ds2.xlarge\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = secretsmanager.NewSecretTargetAttachment(ctx, \"secretRedshiftAttachment\", \u0026secretsmanager.SecretTargetAttachmentArgs{\n\t\t\tSecretId: myRedshiftSecret.ID(),\n\t\t\tTargetId: myRedshiftCluster.ID(),\n\t\t\tTargetType: pulumi.String(\"AWS::Redshift::Cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst myRedshiftSecret = new aws_native.secretsmanager.Secret(\"myRedshiftSecret\", {\n description: \"This is a Secrets Manager secret for a Redshift cluster\",\n generateSecretString: {\n secretStringTemplate: \"{\\\"username\\\": \\\"admin\\\"}\",\n generateStringKey: \"password\",\n passwordLength: 16,\n excludeCharacters: \"\\\"'@/\\\\\",\n },\n});\nconst myRedshiftCluster = new aws_native.redshift.Cluster(\"myRedshiftCluster\", {\n dbName: \"myjsondb\",\n masterUsername: pulumi.interpolate`{{resolve:secretsmanager:${myRedshiftSecret.id}::username}}`,\n masterUserPassword: pulumi.interpolate`{{resolve:secretsmanager:${myRedshiftSecret.id}::password}}`,\n nodeType: \"ds2.xlarge\",\n clusterType: \"single-node\",\n});\nconst secretRedshiftAttachment = new aws_native.secretsmanager.SecretTargetAttachment(\"secretRedshiftAttachment\", {\n secretId: myRedshiftSecret.id,\n targetId: myRedshiftCluster.id,\n targetType: \"AWS::Redshift::Cluster\",\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nmy_redshift_secret = aws_native.secretsmanager.Secret(\"myRedshiftSecret\",\n description=\"This is a Secrets Manager secret for a Redshift cluster\",\n generate_secret_string={\n \"secret_string_template\": \"{\\\"username\\\": \\\"admin\\\"}\",\n \"generate_string_key\": \"password\",\n \"password_length\": 16,\n \"exclude_characters\": \"\\\"'@/\\\\\",\n })\nmy_redshift_cluster = aws_native.redshift.Cluster(\"myRedshiftCluster\",\n db_name=\"myjsondb\",\n master_username=my_redshift_secret.id.apply(lambda id: f\"{{{{resolve:secretsmanager:{id}::username}}}}\"),\n master_user_password=my_redshift_secret.id.apply(lambda id: f\"{{{{resolve:secretsmanager:{id}::password}}}}\"),\n node_type=\"ds2.xlarge\",\n cluster_type=\"single-node\")\nsecret_redshift_attachment = aws_native.secretsmanager.SecretTargetAttachment(\"secretRedshiftAttachment\",\n secret_id=my_redshift_secret.id,\n target_id=my_redshift_cluster.id,\n target_type=\"AWS::Redshift::Cluster\")\n\n```\n\n{{% /example %}}\n{{% /examples %}}\n", "properties": { "awsId": { "type": "string", @@ -247686,6 +248301,52 @@ } } }, + "aws-native:secretsmanager:SecretTargetAttachment": { + "description": "Resource Type definition for AWS::SecretsManager::SecretTargetAttachment", + "properties": { + "awsId": { + "type": "string" + }, + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + }, + "type": "object", + "required": [ + "awsId", + "secretId", + "targetId", + "targetType" + ], + "inputProperties": { + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + }, + "requiredInputs": [ + "secretId", + "targetId", + "targetType" + ] + }, "aws-native:securityhub:AutomationRule": { "description": "The ``AWS::SecurityHub::AutomationRule`` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule(\"ruleWithCriteriaActionsTags\", new()\n {\n RuleName = \"Example rule name\",\n RuleOrder = 5,\n Description = \"Example rule description.\",\n IsTerminal = false,\n RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,\n Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs\n {\n ProductName = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"GuardDuty\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"SecurityHub\",\n },\n },\n CompanyName = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"AWS\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"Private\",\n },\n },\n ProductArn = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n },\n AwsAccountId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"123456789012\",\n },\n },\n Id = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-finding-id\",\n },\n },\n GeneratorId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-generator-id\",\n },\n },\n Type = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"type-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"type-2\",\n },\n },\n Description = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"description1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"description2\",\n },\n },\n SourceUrl = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"https\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"ftp\",\n },\n },\n Title = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"title-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"title-2\",\n },\n },\n SeverityLabel = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"LOW\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"HIGH\",\n },\n },\n ResourceType = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"AwsEc2Instance\",\n },\n },\n ResourcePartition = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"aws\",\n },\n },\n ResourceId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"i-1234567890\",\n },\n },\n ResourceRegion = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"us-west\",\n },\n },\n ComplianceStatus = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"FAILED\",\n },\n },\n ComplianceSecurityControlId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"EC2.3\",\n },\n },\n ComplianceAssociatedStandardsId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n },\n VerificationState = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"BENIGN_POSITIVE\",\n },\n },\n RecordState = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"ACTIVE\",\n },\n },\n RelatedFindingsProductArn = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n },\n },\n RelatedFindingsId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-finding-id-2\",\n },\n },\n NoteText = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-note-text\",\n },\n },\n NoteUpdatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n NoteUpdatedBy = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"sechub\",\n },\n },\n WorkflowStatus = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"NEW\",\n },\n },\n FirstObservedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n LastObservedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n CreatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n UpdatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n Start = \"2023-04-25T17:05:54.832Z\",\n End = \"2023-05-25T17:05:54.832Z\",\n },\n },\n ResourceTags = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"security\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"operations\",\n },\n },\n UserDefinedFields = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,\n Key = \"key1\",\n Value = \"security\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,\n Key = \"key2\",\n Value = \"operations\",\n },\n },\n ResourceDetailsOther = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"area\",\n Value = \"na\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"sales\",\n },\n },\n Confidence = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs\n {\n Gte = 50,\n Lte = 95,\n },\n },\n Criticality = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs\n {\n Gte = 50,\n Lte = 95,\n },\n },\n },\n Actions = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs\n {\n Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,\n FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs\n {\n Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs\n {\n Product = 50,\n Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,\n Normalized = 60,\n },\n Types = new[]\n {\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n },\n Confidence = 98,\n Criticality = 95,\n UserDefinedFields = \n {\n { \"key1\", \"value1\" },\n { \"key2\", \"value2\" },\n },\n RelatedFindings = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs\n {\n ProductArn = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n Id = \"sample-finding-id-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs\n {\n ProductArn = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n Id = \"sample-finding-id-2\",\n },\n },\n Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs\n {\n Text = \"sample-note-text\",\n UpdatedBy = \"sechub\",\n },\n VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,\n Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs\n {\n Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,\n },\n },\n },\n },\n Tags = \n {\n { \"sampleTag\", \"sampleValue\" },\n { \"organizationUnit\", \"pnw\" },\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAutomationRule(ctx, \"ruleWithCriteriaActionsTags\", \u0026securityhub.AutomationRuleArgs{\n\t\t\tRuleName: pulumi.String(\"Example rule name\"),\n\t\t\tRuleOrder: pulumi.Int(5),\n\t\t\tDescription: pulumi.String(\"Example rule description.\"),\n\t\t\tIsTerminal: pulumi.Bool(false),\n\t\t\tRuleStatus: securityhub.AutomationRuleRuleStatusEnabled,\n\t\t\tCriteria: \u0026securityhub.AutomationRulesFindingFiltersArgs{\n\t\t\t\tProductName: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"GuardDuty\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"SecurityHub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCompanyName: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"AWS\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"Private\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tProductArn: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/aws\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAwsAccountId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"123456789012\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-finding-id\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tGeneratorId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-generator-id\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tType: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"type-1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"type-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDescription: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"description1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"description2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSourceUrl: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"https\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"ftp\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTitle: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"title-1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"title-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSeverityLabel: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"LOW\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"HIGH\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceType: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"AwsEc2Instance\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourcePartition: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"aws\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"i-1234567890\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceRegion: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"us-west\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceStatus: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"FAILED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"EC2.3\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVerificationState: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"BENIGN_POSITIVE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRecordState: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"ACTIVE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:eu-central-1::product/aws/securityhub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRelatedFindingsId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-finding-id-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteText: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-note-text\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"sechub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tWorkflowStatus: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"NEW\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tFirstObservedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLastObservedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCreatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUpdatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tStart: pulumi.String(\"2023-04-25T17:05:54.832Z\"),\n\t\t\t\t\t\tEnd: pulumi.String(\"2023-05-25T17:05:54.832Z\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceTags: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"security\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"operations\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUserDefinedFields: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"key1\"),\n\t\t\t\t\t\tValue: pulumi.String(\"security\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"key2\"),\n\t\t\t\t\t\tValue: pulumi.String(\"operations\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"area\"),\n\t\t\t\t\t\tValue: pulumi.String(\"na\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"sales\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tConfidence: securityhub.AutomationRuleNumberFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleNumberFilterArgs{\n\t\t\t\t\t\tGte: pulumi.Float64(50),\n\t\t\t\t\t\tLte: pulumi.Float64(95),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCriticality: securityhub.AutomationRuleNumberFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleNumberFilterArgs{\n\t\t\t\t\t\tGte: pulumi.Float64(50),\n\t\t\t\t\t\tLte: pulumi.Float64(95),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tActions: securityhub.AutomationRulesActionArray{\n\t\t\t\t\u0026securityhub.AutomationRulesActionArgs{\n\t\t\t\t\tType: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,\n\t\t\t\t\tFindingFieldsUpdate: \u0026securityhub.AutomationRulesFindingFieldsUpdateArgs{\n\t\t\t\t\t\tSeverity: \u0026securityhub.AutomationRuleSeverityUpdateArgs{\n\t\t\t\t\t\t\tProduct: pulumi.Float64(50),\n\t\t\t\t\t\t\tLabel: securityhub.AutomationRuleSeverityUpdateLabelMedium,\n\t\t\t\t\t\t\tNormalized: pulumi.Int(60),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\"),\n\t\t\t\t\t\t\tpulumi.String(\"Industry Compliance\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tConfidence: pulumi.Int(98),\n\t\t\t\t\t\tCriticality: pulumi.Int(95),\n\t\t\t\t\t\tUserDefinedFields: pulumi.StringMap{\n\t\t\t\t\t\t\t\"key1\": pulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\"key2\": pulumi.String(\"value2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRelatedFindings: securityhub.AutomationRuleRelatedFindingArray{\n\t\t\t\t\t\t\t\u0026securityhub.AutomationRuleRelatedFindingArgs{\n\t\t\t\t\t\t\t\tProductArn: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t\t\t\tId: pulumi.String(\"sample-finding-id-1\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026securityhub.AutomationRuleRelatedFindingArgs{\n\t\t\t\t\t\t\t\tProductArn: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t\t\t\tId: pulumi.String(\"sample-finding-id-2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNote: \u0026securityhub.AutomationRuleNoteUpdateArgs{\n\t\t\t\t\t\t\tText: pulumi.String(\"sample-note-text\"),\n\t\t\t\t\t\t\tUpdatedBy: pulumi.String(\"sechub\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,\n\t\t\t\t\t\tWorkflow: \u0026securityhub.AutomationRuleWorkflowUpdateArgs{\n\t\t\t\t\t\t\tStatus: securityhub.AutomationRuleWorkflowUpdateStatusNotified,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"sampleTag\": pulumi.String(\"sampleValue\"),\n\t\t\t\t\"organizationUnit\": pulumi.String(\"pnw\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule(\"ruleWithCriteriaActionsTags\", {\n ruleName: \"Example rule name\",\n ruleOrder: 5,\n description: \"Example rule description.\",\n isTerminal: false,\n ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,\n criteria: {\n productName: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"GuardDuty\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"SecurityHub\",\n },\n ],\n companyName: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"AWS\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"Private\",\n },\n ],\n productArn: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n ],\n awsAccountId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"123456789012\",\n }],\n id: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-finding-id\",\n }],\n generatorId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-generator-id\",\n }],\n type: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"type-1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"type-2\",\n },\n ],\n description: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"description1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"description2\",\n },\n ],\n sourceUrl: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"https\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"ftp\",\n },\n ],\n title: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"title-1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"title-2\",\n },\n ],\n severityLabel: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"LOW\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"HIGH\",\n },\n ],\n resourceType: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"AwsEc2Instance\",\n }],\n resourcePartition: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"aws\",\n }],\n resourceId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"i-1234567890\",\n }],\n resourceRegion: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"us-west\",\n }],\n complianceStatus: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"FAILED\",\n }],\n complianceSecurityControlId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"EC2.3\",\n }],\n complianceAssociatedStandardsId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }],\n verificationState: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"BENIGN_POSITIVE\",\n }],\n recordState: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"ACTIVE\",\n }],\n relatedFindingsProductArn: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n }],\n relatedFindingsId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-finding-id-2\",\n }],\n noteText: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-note-text\",\n }],\n noteUpdatedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n noteUpdatedBy: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"sechub\",\n }],\n workflowStatus: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"NEW\",\n }],\n firstObservedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n lastObservedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n createdAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n updatedAt: [{\n start: \"2023-04-25T17:05:54.832Z\",\n end: \"2023-05-25T17:05:54.832Z\",\n }],\n resourceTags: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"security\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"operations\",\n },\n ],\n userDefinedFields: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,\n key: \"key1\",\n value: \"security\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,\n key: \"key2\",\n value: \"operations\",\n },\n ],\n resourceDetailsOther: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"area\",\n value: \"na\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"sales\",\n },\n ],\n confidence: [{\n gte: 50,\n lte: 95,\n }],\n criticality: [{\n gte: 50,\n lte: 95,\n }],\n },\n actions: [{\n type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,\n findingFieldsUpdate: {\n severity: {\n product: 50,\n label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,\n normalized: 60,\n },\n types: [\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n ],\n confidence: 98,\n criticality: 95,\n userDefinedFields: {\n key1: \"value1\",\n key2: \"value2\",\n },\n relatedFindings: [\n {\n productArn: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n id: \"sample-finding-id-1\",\n },\n {\n productArn: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n id: \"sample-finding-id-2\",\n },\n ],\n note: {\n text: \"sample-note-text\",\n updatedBy: \"sechub\",\n },\n verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,\n workflow: {\n status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,\n },\n },\n }],\n tags: {\n sampleTag: \"sampleValue\",\n organizationUnit: \"pnw\",\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nrule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule(\"ruleWithCriteriaActionsTags\",\n rule_name=\"Example rule name\",\n rule_order=5,\n description=\"Example rule description.\",\n is_terminal=False,\n rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,\n criteria={\n \"product_name\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"GuardDuty\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"SecurityHub\",\n },\n ],\n \"company_name\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"AWS\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"Private\",\n },\n ],\n \"product_arn\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n ],\n \"aws_account_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"123456789012\",\n }],\n \"id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-finding-id\",\n }],\n \"generator_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-generator-id\",\n }],\n \"type\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"type-1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"type-2\",\n },\n ],\n \"description\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"description1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"description2\",\n },\n ],\n \"source_url\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"https\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"ftp\",\n },\n ],\n \"title\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"title-1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"title-2\",\n },\n ],\n \"severity_label\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"LOW\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"HIGH\",\n },\n ],\n \"resource_type\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"AwsEc2Instance\",\n }],\n \"resource_partition\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"aws\",\n }],\n \"resource_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"i-1234567890\",\n }],\n \"resource_region\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"us-west\",\n }],\n \"compliance_status\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"FAILED\",\n }],\n \"compliance_security_control_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"EC2.3\",\n }],\n \"compliance_associated_standards_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }],\n \"verification_state\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"BENIGN_POSITIVE\",\n }],\n \"record_state\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"ACTIVE\",\n }],\n \"related_findings_product_arn\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n }],\n \"related_findings_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-finding-id-2\",\n }],\n \"note_text\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-note-text\",\n }],\n \"note_updated_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"note_updated_by\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"sechub\",\n }],\n \"workflow_status\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"NEW\",\n }],\n \"first_observed_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"last_observed_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"created_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"updated_at\": [{\n \"start\": \"2023-04-25T17:05:54.832Z\",\n \"end\": \"2023-05-25T17:05:54.832Z\",\n }],\n \"resource_tags\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"security\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"operations\",\n },\n ],\n \"user_defined_fields\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,\n \"key\": \"key1\",\n \"value\": \"security\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,\n \"key\": \"key2\",\n \"value\": \"operations\",\n },\n ],\n \"resource_details_other\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"area\",\n \"value\": \"na\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"sales\",\n },\n ],\n \"confidence\": [{\n \"gte\": 50,\n \"lte\": 95,\n }],\n \"criticality\": [{\n \"gte\": 50,\n \"lte\": 95,\n }],\n },\n actions=[{\n \"type\": aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,\n \"finding_fields_update\": {\n \"severity\": {\n \"product\": 50,\n \"label\": aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,\n \"normalized\": 60,\n },\n \"types\": [\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n ],\n \"confidence\": 98,\n \"criticality\": 95,\n \"user_defined_fields\": {\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n },\n \"related_findings\": [\n {\n \"product_arn\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n \"id\": \"sample-finding-id-1\",\n },\n {\n \"product_arn\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n \"id\": \"sample-finding-id-2\",\n },\n ],\n \"note\": {\n \"text\": \"sample-note-text\",\n \"updated_by\": \"sechub\",\n },\n \"verification_state\": aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,\n \"workflow\": {\n \"status\": aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,\n },\n },\n }],\n tags={\n \"sampleTag\": \"sampleValue\",\n \"organizationUnit\": \"pnw\",\n })\n\n```\n\n{{% /example %}}\n{{% example %}}\n### Example\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing AwsNative = Pulumi.AwsNative;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule(\"ruleWithCriteriaActionsTags\", new()\n {\n RuleName = \"Example rule name\",\n RuleOrder = 5,\n Description = \"Example rule description.\",\n IsTerminal = false,\n RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,\n Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs\n {\n ProductName = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"GuardDuty\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"SecurityHub\",\n },\n },\n CompanyName = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"AWS\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"Private\",\n },\n },\n ProductArn = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n },\n AwsAccountId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"123456789012\",\n },\n },\n Id = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-finding-id\",\n },\n },\n GeneratorId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-generator-id\",\n },\n },\n Type = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"type-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"type-2\",\n },\n },\n Description = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"description1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"description2\",\n },\n },\n SourceUrl = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"https\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"ftp\",\n },\n },\n Title = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"title-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"title-2\",\n },\n },\n SeverityLabel = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"LOW\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"HIGH\",\n },\n },\n ResourceType = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"AwsEc2Instance\",\n },\n },\n ResourcePartition = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"aws\",\n },\n },\n ResourceId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"i-1234567890\",\n },\n },\n ResourceRegion = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"us-west\",\n },\n },\n ComplianceStatus = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"FAILED\",\n },\n },\n ComplianceSecurityControlId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"EC2.3\",\n },\n },\n ComplianceAssociatedStandardsId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n },\n VerificationState = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"BENIGN_POSITIVE\",\n },\n },\n RecordState = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"ACTIVE\",\n },\n },\n RelatedFindingsProductArn = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n },\n },\n RelatedFindingsId = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-finding-id-2\",\n },\n },\n NoteText = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"example-note-text\",\n },\n },\n NoteUpdatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n NoteUpdatedBy = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,\n Value = \"sechub\",\n },\n },\n WorkflowStatus = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,\n Value = \"NEW\",\n },\n },\n FirstObservedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n LastObservedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n CreatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs\n {\n Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,\n Value = 5,\n },\n },\n },\n UpdatedAt = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs\n {\n Start = \"2023-04-25T17:05:54.832Z\",\n End = \"2023-05-25T17:05:54.832Z\",\n },\n },\n ResourceTags = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"security\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"operations\",\n },\n },\n UserDefinedFields = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,\n Key = \"key1\",\n Value = \"security\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,\n Key = \"key2\",\n Value = \"operations\",\n },\n },\n ResourceDetailsOther = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"area\",\n Value = \"na\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs\n {\n Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,\n Key = \"department\",\n Value = \"sales\",\n },\n },\n Confidence = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs\n {\n Gte = 50,\n Lte = 95,\n },\n },\n Criticality = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs\n {\n Gte = 50,\n Lte = 95,\n },\n },\n },\n Actions = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs\n {\n Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,\n FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs\n {\n Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs\n {\n Product = 50,\n Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,\n Normalized = 60,\n },\n Types = new[]\n {\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n },\n Confidence = 98,\n Criticality = 95,\n UserDefinedFields = \n {\n { \"key1\", \"value1\" },\n { \"key2\", \"value2\" },\n },\n RelatedFindings = new[]\n {\n new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs\n {\n ProductArn = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n Id = \"sample-finding-id-1\",\n },\n new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs\n {\n ProductArn = \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n Id = \"sample-finding-id-2\",\n },\n },\n Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs\n {\n Text = \"sample-note-text\",\n UpdatedBy = \"sechub\",\n },\n VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,\n Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs\n {\n Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,\n },\n },\n },\n },\n Tags = \n {\n { \"sampleTag\", \"sampleValue\" },\n { \"organizationUnit\", \"pnw\" },\n },\n });\n\n});\n\n\n```\n\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAutomationRule(ctx, \"ruleWithCriteriaActionsTags\", \u0026securityhub.AutomationRuleArgs{\n\t\t\tRuleName: pulumi.String(\"Example rule name\"),\n\t\t\tRuleOrder: pulumi.Int(5),\n\t\t\tDescription: pulumi.String(\"Example rule description.\"),\n\t\t\tIsTerminal: pulumi.Bool(false),\n\t\t\tRuleStatus: securityhub.AutomationRuleRuleStatusEnabled,\n\t\t\tCriteria: \u0026securityhub.AutomationRulesFindingFiltersArgs{\n\t\t\t\tProductName: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"GuardDuty\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"SecurityHub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCompanyName: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"AWS\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"Private\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tProductArn: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/aws\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tAwsAccountId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"123456789012\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-finding-id\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tGeneratorId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-generator-id\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tType: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"type-1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"type-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDescription: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"description1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"description2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSourceUrl: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"https\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"ftp\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tTitle: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"title-1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"title-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSeverityLabel: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"LOW\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"HIGH\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceType: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"AwsEc2Instance\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourcePartition: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"aws\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"i-1234567890\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceRegion: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"us-west\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceStatus: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"FAILED\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"EC2.3\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tVerificationState: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"BENIGN_POSITIVE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRecordState: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"ACTIVE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"arn:aws:securityhub:eu-central-1::product/aws/securityhub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tRelatedFindingsId: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-finding-id-2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteText: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"example-note-text\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tNoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonPrefix,\n\t\t\t\t\t\tValue: pulumi.String(\"sechub\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tWorkflowStatus: securityhub.AutomationRuleStringFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleStringFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleStringFilterComparisonEquals,\n\t\t\t\t\t\tValue: pulumi.String(\"NEW\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tFirstObservedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tLastObservedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCreatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.AutomationRuleDateRangeArgs{\n\t\t\t\t\t\t\tUnit: securityhub.AutomationRuleDateRangeUnitDays,\n\t\t\t\t\t\t\tValue: pulumi.Float64(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUpdatedAt: securityhub.AutomationRuleDateFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleDateFilterArgs{\n\t\t\t\t\t\tStart: pulumi.String(\"2023-04-25T17:05:54.832Z\"),\n\t\t\t\t\t\tEnd: pulumi.String(\"2023-05-25T17:05:54.832Z\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceTags: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"security\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"operations\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tUserDefinedFields: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"key1\"),\n\t\t\t\t\t\tValue: pulumi.String(\"security\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"key2\"),\n\t\t\t\t\t\tValue: pulumi.String(\"operations\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"area\"),\n\t\t\t\t\t\tValue: pulumi.String(\"na\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.AutomationRuleMapFilterArgs{\n\t\t\t\t\t\tComparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,\n\t\t\t\t\t\tKey: pulumi.String(\"department\"),\n\t\t\t\t\t\tValue: pulumi.String(\"sales\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tConfidence: securityhub.AutomationRuleNumberFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleNumberFilterArgs{\n\t\t\t\t\t\tGte: pulumi.Float64(50),\n\t\t\t\t\t\tLte: pulumi.Float64(95),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCriticality: securityhub.AutomationRuleNumberFilterArray{\n\t\t\t\t\t\u0026securityhub.AutomationRuleNumberFilterArgs{\n\t\t\t\t\t\tGte: pulumi.Float64(50),\n\t\t\t\t\t\tLte: pulumi.Float64(95),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tActions: securityhub.AutomationRulesActionArray{\n\t\t\t\t\u0026securityhub.AutomationRulesActionArgs{\n\t\t\t\t\tType: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,\n\t\t\t\t\tFindingFieldsUpdate: \u0026securityhub.AutomationRulesFindingFieldsUpdateArgs{\n\t\t\t\t\t\tSeverity: \u0026securityhub.AutomationRuleSeverityUpdateArgs{\n\t\t\t\t\t\t\tProduct: pulumi.Float64(50),\n\t\t\t\t\t\t\tLabel: securityhub.AutomationRuleSeverityUpdateLabelMedium,\n\t\t\t\t\t\t\tNormalized: pulumi.Int(60),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTypes: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\"),\n\t\t\t\t\t\t\tpulumi.String(\"Industry Compliance\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tConfidence: pulumi.Int(98),\n\t\t\t\t\t\tCriticality: pulumi.Int(95),\n\t\t\t\t\t\tUserDefinedFields: pulumi.StringMap{\n\t\t\t\t\t\t\t\"key1\": pulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\"key2\": pulumi.String(\"value2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tRelatedFindings: securityhub.AutomationRuleRelatedFindingArray{\n\t\t\t\t\t\t\t\u0026securityhub.AutomationRuleRelatedFindingArgs{\n\t\t\t\t\t\t\t\tProductArn: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t\t\t\tId: pulumi.String(\"sample-finding-id-1\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026securityhub.AutomationRuleRelatedFindingArgs{\n\t\t\t\t\t\t\t\tProductArn: pulumi.String(\"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\"),\n\t\t\t\t\t\t\t\tId: pulumi.String(\"sample-finding-id-2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tNote: \u0026securityhub.AutomationRuleNoteUpdateArgs{\n\t\t\t\t\t\t\tText: pulumi.String(\"sample-note-text\"),\n\t\t\t\t\t\t\tUpdatedBy: pulumi.String(\"sechub\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tVerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,\n\t\t\t\t\t\tWorkflow: \u0026securityhub.AutomationRuleWorkflowUpdateArgs{\n\t\t\t\t\t\t\tStatus: securityhub.AutomationRuleWorkflowUpdateStatusNotified,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"sampleTag\": pulumi.String(\"sampleValue\"),\n\t\t\t\t\"organizationUnit\": pulumi.String(\"pnw\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws_native from \"@pulumi/aws-native\";\n\nconst ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule(\"ruleWithCriteriaActionsTags\", {\n ruleName: \"Example rule name\",\n ruleOrder: 5,\n description: \"Example rule description.\",\n isTerminal: false,\n ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,\n criteria: {\n productName: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"GuardDuty\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"SecurityHub\",\n },\n ],\n companyName: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"AWS\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"Private\",\n },\n ],\n productArn: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n ],\n awsAccountId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"123456789012\",\n }],\n id: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-finding-id\",\n }],\n generatorId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-generator-id\",\n }],\n type: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"type-1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"type-2\",\n },\n ],\n description: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"description1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"description2\",\n },\n ],\n sourceUrl: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"https\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"ftp\",\n },\n ],\n title: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"title-1\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"title-2\",\n },\n ],\n severityLabel: [\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"LOW\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"HIGH\",\n },\n ],\n resourceType: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"AwsEc2Instance\",\n }],\n resourcePartition: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"aws\",\n }],\n resourceId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"i-1234567890\",\n }],\n resourceRegion: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"us-west\",\n }],\n complianceStatus: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"FAILED\",\n }],\n complianceSecurityControlId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"EC2.3\",\n }],\n complianceAssociatedStandardsId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }],\n verificationState: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"BENIGN_POSITIVE\",\n }],\n recordState: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"ACTIVE\",\n }],\n relatedFindingsProductArn: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n }],\n relatedFindingsId: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-finding-id-2\",\n }],\n noteText: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"example-note-text\",\n }],\n noteUpdatedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n noteUpdatedBy: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,\n value: \"sechub\",\n }],\n workflowStatus: [{\n comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,\n value: \"NEW\",\n }],\n firstObservedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n lastObservedAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n createdAt: [{\n dateRange: {\n unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,\n value: 5,\n },\n }],\n updatedAt: [{\n start: \"2023-04-25T17:05:54.832Z\",\n end: \"2023-05-25T17:05:54.832Z\",\n }],\n resourceTags: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"security\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"operations\",\n },\n ],\n userDefinedFields: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,\n key: \"key1\",\n value: \"security\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,\n key: \"key2\",\n value: \"operations\",\n },\n ],\n resourceDetailsOther: [\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"area\",\n value: \"na\",\n },\n {\n comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,\n key: \"department\",\n value: \"sales\",\n },\n ],\n confidence: [{\n gte: 50,\n lte: 95,\n }],\n criticality: [{\n gte: 50,\n lte: 95,\n }],\n },\n actions: [{\n type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,\n findingFieldsUpdate: {\n severity: {\n product: 50,\n label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,\n normalized: 60,\n },\n types: [\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n ],\n confidence: 98,\n criticality: 95,\n userDefinedFields: {\n key1: \"value1\",\n key2: \"value2\",\n },\n relatedFindings: [\n {\n productArn: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n id: \"sample-finding-id-1\",\n },\n {\n productArn: \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n id: \"sample-finding-id-2\",\n },\n ],\n note: {\n text: \"sample-note-text\",\n updatedBy: \"sechub\",\n },\n verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,\n workflow: {\n status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,\n },\n },\n }],\n tags: {\n sampleTag: \"sampleValue\",\n organizationUnit: \"pnw\",\n },\n});\n\n```\n\n```python\nimport pulumi\nimport pulumi_aws_native as aws_native\n\nrule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule(\"ruleWithCriteriaActionsTags\",\n rule_name=\"Example rule name\",\n rule_order=5,\n description=\"Example rule description.\",\n is_terminal=False,\n rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,\n criteria={\n \"product_name\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"GuardDuty\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"SecurityHub\",\n },\n ],\n \"company_name\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"AWS\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"Private\",\n },\n ],\n \"product_arn\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"arn:aws:securityhub:us-west-2:123456789012:product/aws\",\n },\n ],\n \"aws_account_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"123456789012\",\n }],\n \"id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-finding-id\",\n }],\n \"generator_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-generator-id\",\n }],\n \"type\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"type-1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"type-2\",\n },\n ],\n \"description\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"description1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"description2\",\n },\n ],\n \"source_url\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"https\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"ftp\",\n },\n ],\n \"title\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"title-1\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"title-2\",\n },\n ],\n \"severity_label\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"LOW\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"HIGH\",\n },\n ],\n \"resource_type\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"AwsEc2Instance\",\n }],\n \"resource_partition\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"aws\",\n }],\n \"resource_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"i-1234567890\",\n }],\n \"resource_region\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"us-west\",\n }],\n \"compliance_status\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"FAILED\",\n }],\n \"compliance_security_control_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"EC2.3\",\n }],\n \"compliance_associated_standards_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }],\n \"verification_state\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"BENIGN_POSITIVE\",\n }],\n \"record_state\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"ACTIVE\",\n }],\n \"related_findings_product_arn\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"arn:aws:securityhub:eu-central-1::product/aws/securityhub\",\n }],\n \"related_findings_id\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-finding-id-2\",\n }],\n \"note_text\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"example-note-text\",\n }],\n \"note_updated_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"note_updated_by\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,\n \"value\": \"sechub\",\n }],\n \"workflow_status\": [{\n \"comparison\": aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,\n \"value\": \"NEW\",\n }],\n \"first_observed_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"last_observed_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"created_at\": [{\n \"date_range\": {\n \"unit\": aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,\n \"value\": 5,\n },\n }],\n \"updated_at\": [{\n \"start\": \"2023-04-25T17:05:54.832Z\",\n \"end\": \"2023-05-25T17:05:54.832Z\",\n }],\n \"resource_tags\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"security\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"operations\",\n },\n ],\n \"user_defined_fields\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,\n \"key\": \"key1\",\n \"value\": \"security\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,\n \"key\": \"key2\",\n \"value\": \"operations\",\n },\n ],\n \"resource_details_other\": [\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"area\",\n \"value\": \"na\",\n },\n {\n \"comparison\": aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,\n \"key\": \"department\",\n \"value\": \"sales\",\n },\n ],\n \"confidence\": [{\n \"gte\": 50,\n \"lte\": 95,\n }],\n \"criticality\": [{\n \"gte\": 50,\n \"lte\": 95,\n }],\n },\n actions=[{\n \"type\": aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,\n \"finding_fields_update\": {\n \"severity\": {\n \"product\": 50,\n \"label\": aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,\n \"normalized\": 60,\n },\n \"types\": [\n \"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices\",\n \"Industry Compliance\",\n ],\n \"confidence\": 98,\n \"criticality\": 95,\n \"user_defined_fields\": {\n \"key1\": \"value1\",\n \"key2\": \"value2\",\n },\n \"related_findings\": [\n {\n \"product_arn\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n \"id\": \"sample-finding-id-1\",\n },\n {\n \"product_arn\": \"arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default\",\n \"id\": \"sample-finding-id-2\",\n },\n ],\n \"note\": {\n \"text\": \"sample-note-text\",\n \"updated_by\": \"sechub\",\n },\n \"verification_state\": aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,\n \"workflow\": {\n \"status\": aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,\n },\n },\n }],\n tags={\n \"sampleTag\": \"sampleValue\",\n \"organizationUnit\": \"pnw\",\n })\n\n```\n\n{{% /example %}}\n{{% /examples %}}\n", "properties": { @@ -279795,6 +280456,112 @@ } } }, + "aws-native:glue:getJob": { + "description": "Resource Type definition for AWS::Glue::Job", + "inputs": { + "properties": { + "id": { + "type": "string", + "description": "The ID of this job run." + } + }, + "required": [ + "id" + ] + }, + "outputs": { + "properties": { + "allocatedCapacity": { + "type": "number", + "description": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job." + }, + "command": { + "$ref": "#/types/aws-native:glue:JobCommand", + "description": "The code that executes a job." + }, + "connections": { + "$ref": "#/types/aws-native:glue:JobConnectionsList", + "description": "The connections used for this job." + }, + "defaultArguments": { + "$ref": "pulumi.json#/Any", + "description": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the job." + }, + "executionClass": { + "type": "string", + "description": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs." + }, + "executionProperty": { + "$ref": "#/types/aws-native:glue:JobExecutionProperty", + "description": "The maximum number of concurrent runs that are allowed for this job." + }, + "glueVersion": { + "type": "string", + "description": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available." + }, + "id": { + "type": "string", + "description": "The ID of this job run." + }, + "jobMode": { + "type": "string", + "description": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value." + }, + "logUri": { + "type": "string", + "description": "This field is reserved for future use." + }, + "maintenanceWindow": { + "type": "string", + "description": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT." + }, + "maxCapacity": { + "type": "number", + "description": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation." + }, + "maxRetries": { + "type": "number", + "description": "The maximum number of times to retry this job after a JobRun fails." + }, + "nonOverridableArguments": { + "$ref": "pulumi.json#/Any", + "description": "Non-overridable arguments for this job, specified as name-value pairs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:JobNotificationProperty", + "description": "Specifies configuration properties of a notification." + }, + "numberOfWorkers": { + "type": "integer", + "description": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` ." + }, + "role": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the `SecurityConfiguration` structure to be used with this job." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this job.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Job` for more information about the expected schema for this property." + }, + "timeout": { + "type": "integer", + "description": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours)." + }, + "workerType": { + "type": "string", + "description": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler." + } + } + } + }, "aws-native:glue:getRegistry": { "description": "This resource creates a Registry for authoring schemas as part of Glue Schema Registry.", "inputs": { @@ -279940,6 +280707,43 @@ } } }, + "aws-native:glue:getUsageProfile": { + "description": "This creates a Resource of UsageProfile type.", + "inputs": { + "properties": { + "name": { + "type": "string", + "description": "The name of the UsageProfile." + } + }, + "required": [ + "name" + ] + }, + "outputs": { + "properties": { + "configuration": { + "$ref": "#/types/aws-native:glue:UsageProfileProfileConfiguration", + "description": "UsageProfile configuration for supported service ex: (Jobs, Sessions)." + }, + "createdOn": { + "type": "string", + "description": "Creation time." + }, + "description": { + "type": "string", + "description": "The description of the UsageProfile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be applied to this UsageProfiles." + } + } + } + }, "aws-native:grafana:getWorkspace": { "description": "Definition of AWS::Grafana::Workspace Resource Type", "inputs": { @@ -294827,6 +295631,54 @@ } } }, + "aws-native:quicksight:getFolder": { + "description": "Definition of the AWS::QuickSight::Folder Resource Type.", + "inputs": { + "properties": { + "awsAccountId": { + "type": "string" + }, + "folderId": { + "type": "string" + } + }, + "required": [ + "awsAccountId", + "folderId" + ] + }, + "outputs": { + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the folder.\u003c/p\u003e" + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was created.\u003c/p\u003e" + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the folder was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:FolderResourcePermission" + } + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + } + } + }, "aws-native:quicksight:getTemplate": { "description": "Definition of the AWS::QuickSight::Template Resource Type.", "inputs": { @@ -299658,7 +300510,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } } } @@ -300537,6 +301389,38 @@ } } }, + "aws-native:secretsmanager:getSecretTargetAttachment": { + "description": "Resource Type definition for AWS::SecretsManager::SecretTargetAttachment", + "inputs": { + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ] + }, + "outputs": { + "properties": { + "id": { + "type": "string" + }, + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + } + } + }, "aws-native:securityhub:getAutomationRule": { "description": "The ``AWS::SecurityHub::AutomationRule`` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*.", "inputs": { diff --git a/reports/missedAutonaming.json b/reports/missedAutonaming.json index 49a4ea0e0a..b3509837e7 100644 --- a/reports/missedAutonaming.json +++ b/reports/missedAutonaming.json @@ -11397,7 +11397,7 @@ }, "version": { "type": "integer", - "description": "The version of the image." + "description": "The version number." } } }, @@ -11423,6 +11423,23 @@ } } }, + "aws-native:secretsmanager:SecretTargetAttachment": { + "cfTypeName": "AWS::SecretsManager::SecretTargetAttachment", + "properties": { + "secretId": { + "type": "string", + "description": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition." + }, + "targetId": { + "type": "string", + "description": "The ID of the database or cluster." + }, + "targetType": { + "type": "string", + "description": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster" + } + } + }, "aws-native:securityhub:DelegatedAdmin": { "cfTypeName": "AWS::SecurityHub::DelegatedAdmin", "properties": {