diff --git a/docs/data-sources/amplify_app.md b/docs/data-sources/amplify_app.md
index 26b2607bb..6a848af2f 100644
--- a/docs/data-sources/amplify_app.md
+++ b/docs/data-sources/amplify_app.md
@@ -28,6 +28,7 @@ Data Source schema for AWS::Amplify::App
- `auto_branch_creation_config` (Attributes) (see [below for nested schema](#nestedatt--auto_branch_creation_config))
- `basic_auth_config` (Attributes) (see [below for nested schema](#nestedatt--basic_auth_config))
- `build_spec` (String)
+- `cache_config` (Attributes) (see [below for nested schema](#nestedatt--cache_config))
- `custom_headers` (String)
- `custom_rules` (Attributes List) (see [below for nested schema](#nestedatt--custom_rules))
- `default_domain` (String)
@@ -88,6 +89,14 @@ Read-Only:
- `username` (String)
+
+### Nested Schema for `cache_config`
+
+Read-Only:
+
+- `type` (String)
+
+
### Nested Schema for `custom_rules`
diff --git a/docs/data-sources/applicationsignals_service_level_objective.md b/docs/data-sources/applicationsignals_service_level_objective.md
index eeff81ec8..ab4589e25 100644
--- a/docs/data-sources/applicationsignals_service_level_objective.md
+++ b/docs/data-sources/applicationsignals_service_level_objective.md
@@ -24,9 +24,11 @@ Data Source schema for AWS::ApplicationSignals::ServiceLevelObjective
- `arn` (String) The ARN of this SLO.
- `created_time` (Number) Epoch time in seconds of the time that this SLO was created
- `description` (String) An optional description for this SLO. Default is 'No description'
+- `evaluation_type` (String) Displays whether this is a period-based SLO or a request-based SLO.
- `goal` (Attributes) A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold. (see [below for nested schema](#nestedatt--goal))
- `last_updated_time` (Number) Epoch time in seconds of the time that this SLO was most recently updated
- `name` (String) The name of this SLO.
+- `request_based_sli` (Attributes) This structure contains information about the performance metric that a request-based SLO monitors. (see [below for nested schema](#nestedatt--request_based_sli))
- `sli` (Attributes) This structure contains information about the performance metric that an SLO monitors. (see [below for nested schema](#nestedatt--sli))
- `tags` (Attributes Set) The list of tag keys and values associated with the resource you specified (see [below for nested schema](#nestedatt--tags))
@@ -71,6 +73,163 @@ Read-Only:
+
+### Nested Schema for `request_based_sli`
+
+Read-Only:
+
+- `comparison_operator` (String) The arithmetic operation used when comparing the specified metric to the threshold.
+- `metric_threshold` (Number) The value that the SLI metric is compared to.
+- `request_based_sli_metric` (Attributes) This structure contains the information about the metric that is used for a request-based SLO. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric))
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric`
+
+Read-Only:
+
+- `key_attributes` (Map of String) This is a string-to-string map that contains information about the type of object that this SLO is related to.
+- `metric_type` (String) If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used.
+- `monitored_request_count_metric` (Attributes) This structure defines the metric that is used as the "good request" or "bad request" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` is divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric))
+- `operation_name` (String) If the SLO monitors a specific operation of the service, this field displays that operation name.
+- `total_request_count_metric` (Attributes List) This structure defines the metric that is used as the "total requests" number for a request-based SLO. The number observed for this metric is divided by the number of "good requests" or "bad requests" that is observed for the metric defined in `MonitoredRequestCountMetric`. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric))
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric`
+
+Read-Only:
+
+- `bad_count_metric` (Attributes List) If you want to count "bad requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "bad requests" in this structure. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric))
+- `good_count_metric` (Attributes List) If you want to count "good requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "good requests" in this structure. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric))
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric`
+
+Read-Only:
+
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `id` (String) A short name used to tie this object to the results in the response.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat`
+
+Read-Only:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat.metric`
+
+Read-Only:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat.metric.dimensions`
+
+Read-Only:
+
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
+
+
+
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric`
+
+Read-Only:
+
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `id` (String) A short name used to tie this object to the results in the response.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat`
+
+Read-Only:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat.metric`
+
+Read-Only:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat.metric.dimensions`
+
+Read-Only:
+
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
+
+
+
+
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric`
+
+Read-Only:
+
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `id` (String) A short name used to tie this object to the results in the response.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat`
+
+Read-Only:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat.metric`
+
+Read-Only:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat.metric.dimensions`
+
+Read-Only:
+
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
+
+
+
+
+
+
### Nested Schema for `sli`
diff --git a/docs/data-sources/backup_restore_testing_plan.md b/docs/data-sources/backup_restore_testing_plan.md
index 041e48bf6..ddc632174 100644
--- a/docs/data-sources/backup_restore_testing_plan.md
+++ b/docs/data-sources/backup_restore_testing_plan.md
@@ -26,6 +26,7 @@ Data Source schema for AWS::Backup::RestoreTestingPlan
- `restore_testing_plan_name` (String)
- `schedule_expression` (String)
- `schedule_expression_timezone` (String)
+- `schedule_status` (String)
- `start_window_hours` (Number)
- `tags` (Attributes Set) (see [below for nested schema](#nestedatt--tags))
diff --git a/docs/data-sources/ecs_service.md b/docs/data-sources/ecs_service.md
index cbb8985cc..613005d3b 100644
--- a/docs/data-sources/ecs_service.md
+++ b/docs/data-sources/ecs_service.md
@@ -44,6 +44,7 @@ Data Source schema for AWS::ECS::Service
- `placement_strategies` (Attributes List) The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service. (see [below for nested schema](#nestedatt--placement_strategies))
- `platform_version` (String) The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the ``LATEST`` platform version is used. For more information, see [platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide*.
- `propagate_tags` (String) Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.
+ You must set this to a value other than ``NONE`` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide*.
The default is ``NONE``.
- `role` (String) The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the ``awsvpc`` network mode. If you specify the ``role`` parameter, you must also specify a load balancer object with the ``loadBalancers`` parameter.
If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the ``awsvpc`` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide*.
@@ -95,7 +96,9 @@ Read-Only:
- `deployment_circuit_breaker` (Attributes) The deployment circuit breaker can only be used for services using the rolling update (``ECS``) deployment type.
The *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide* (see [below for nested schema](#nestedatt--deployment_configuration--deployment_circuit_breaker))
- `maximum_percent` (Number) If a service is using the rolling update (``ECS``) deployment type, the ``maximumPercent`` parameter represents an upper limit on the number of your service's tasks that are allowed in the ``RUNNING`` or ``PENDING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the ``REPLICA`` service scheduler and has a ``desiredCount`` of four tasks and a ``maximumPercent`` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default ``maximumPercent`` value for a service using the ``REPLICA`` service scheduler is 200%.
- If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and tasks that use the EC2 launch type, the *maximum percent* value is set to the default value and is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state.
+ You can't specify a custom ``maximumPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type.
+ If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.
- `minimum_healthy_percent` (Number) If a service is using the rolling update (``ECS``) deployment type, the ``minimumHealthyPercent`` represents a lower limit on the number of your service's tasks that must remain in the ``RUNNING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a ``desiredCount`` of four tasks and a ``minimumHealthyPercent`` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.
For services that *do not* use a load balancer, the following should be noted:
+ A service is considered healthy if all essential containers within the tasks in the service pass their health checks.
@@ -106,7 +109,11 @@ Read-Only:
+ If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
+ If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
- If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value and is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.
+ The default value for a replica service for ``minimumHealthyPercent`` is 100%. The default ``minimumHealthyPercent`` value for a service using the ``DAEMON`` service schedule is 0% for the CLI, the AWS SDKs, and the APIs and 50% for the AWS Management Console.
+ The minimum number of healthy tasks during a deployment is the ``desiredCount`` multiplied by the ``minimumHealthyPercent``/100, rounded up to the nearest integer value.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state.
+ You can't specify a custom ``minimumHealthyPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.
### Nested Schema for `deployment_configuration.alarms`
@@ -168,9 +175,9 @@ Read-Only:
Read-Only:
- `assign_public_ip` (String) Whether the task's elastic network interface receives a public IP address. The default value is ``DISABLED``.
-- `security_groups` (List of String) The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``AwsVpcConfiguration``.
+- `security_groups` (List of String) The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``awsvpcConfiguration``.
All specified security groups must be from the same VPC.
-- `subnets` (List of String) The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``AwsVpcConfiguration``.
+- `subnets` (List of String) The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``awsvpcConfiguration``.
All specified subnets must be from the same VPC.
@@ -189,7 +196,7 @@ Read-Only:
Read-Only:
-- `field` (String) The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``CPU`` and ``MEMORY``. For the ``random`` placement strategy, this field is not used.
+- `field` (String) The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that's applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``cpu`` and ``memory``. For the ``random`` placement strategy, this field is not used.
- `type` (String) The type of placement strategy. The ``random`` placement strategy randomly places tasks on available candidates. The ``spread`` placement strategy spreads placement across available candidates evenly based on the ``field`` parameter. The ``binpack`` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the ``field`` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.
@@ -199,12 +206,12 @@ Read-Only:
Read-Only:
- `enabled` (Boolean) Specifies whether to use Service Connect with this service.
-- `log_configuration` (Attributes) The log configuration for the container. This parameter maps to ``LogConfig`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--log-driver`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/run/).
- By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
+- `log_configuration` (Attributes) The log configuration for the container. This parameter maps to ``LogConfig`` in the docker container create command and the ``--log-driver`` option to docker run.
+ By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.
Understand the following when specifying a log configuration for your containers.
+ Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.
For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.
- For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.
+ For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``,``syslog``, ``splunk``, and ``awsfirelens``.
+ This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
+ For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to. (see [below for nested schema](#nestedatt--service_connect_configuration--log_configuration))
@@ -220,9 +227,9 @@ Read-Only:
- `log_driver` (String) The log driver to use for the container.
For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.
- For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.
- For more information about using the ``awslogs`` log driver, see [Using the awslogs log driver](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.
- For more information about using the ``awsfirelens`` log driver, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``syslog``, ``splunk``, and ``awsfirelens``.
+ For more information about using the ``awslogs`` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For more information about using the ``awsfirelens`` log driver, see [Send Amazon ECS logs to an service or Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html).
If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.
- `options` (Map of String) The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `secret_options` (Attributes List) The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--service_connect_configuration--log_configuration--secret_options))
@@ -335,7 +342,7 @@ Read-Only:
- `encrypted` (Boolean) Indicates whether the volume should be encrypted. If no value is specified, encryption is turned on by default. This parameter maps 1:1 with the ``Encrypted`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.
- `filesystem_type` (String) The Linux filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the task will fail to start.
- The available filesystem types are? ``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default.
+ The available filesystem types are
``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default.
- `iops` (Number) The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type.
+ ``gp3``: 3,000 - 16,000 IOPS
@@ -371,7 +378,7 @@ Read-Only:
Read-Only:
-- `propagate_tags` (String) Determines whether to propagate the tags from the task definition to ?the Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in ?``ServiceVolumeConfiguration``. If no value is specified, the tags aren't ?propagated.
+- `propagate_tags` (String) Determines whether to propagate the tags from the task definition to
the Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in
``ServiceVolumeConfiguration``. If no value is specified, the tags aren't
propagated.
- `resource_type` (String) The type of volume resource.
- `tags` (Attributes List) The tags applied to this Amazon EBS volume. ``AmazonECSCreated`` and ``AmazonECSManaged`` are reserved tags that can't be used. (see [below for nested schema](#nestedatt--volume_configurations--managed_ebs_volume--tag_specifications--tags))
diff --git a/docs/data-sources/ecs_task_definition.md b/docs/data-sources/ecs_task_definition.md
index dfb11981c..7143c7a6b 100644
--- a/docs/data-sources/ecs_task_definition.md
+++ b/docs/data-sources/ecs_task_definition.md
@@ -99,8 +99,8 @@ Data Source schema for AWS::ECS::TaskDefinition
Read-Only:
-- `command` (List of String) The command that's passed to the container. This parameter maps to ``Cmd`` in the docker conainer create command and the ``COMMAND`` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.
-- `cpu` (Number) The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the docker conainer create commandand the ``--cpu-shares`` option to docker run.
+- `command` (List of String) The command that's passed to the container. This parameter maps to ``Cmd`` in the docker container create command and the ``COMMAND`` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.
+- `cpu` (Number) The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the docker container create commandand the ``--cpu-shares`` option to docker run.
This field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level ``cpu`` value.
You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024.
Linux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.
@@ -122,42 +122,42 @@ Read-Only:
+ Windows platform version ``1.0.0`` or later.
If the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html), the ``dependsOn`` parameter is not supported. For more information see [Issue #680](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/680) on the on the GitHub website. (see [below for nested schema](#nestedatt--container_definitions--depends_on))
-- `disable_networking` (Boolean) When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the docker conainer create command.
+- `disable_networking` (Boolean) When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the docker container create command.
This parameter is not supported for Windows containers.
-- `dns_search_domains` (List of String) A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the docker conainer create command and the ``--dns-search`` option to docker run.
+- `dns_search_domains` (List of String) A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the docker container create command and the ``--dns-search`` option to docker run.
This parameter is not supported for Windows containers.
-- `dns_servers` (List of String) A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the the docker conainer create command and the ``--dns`` option to docker run.
+- `dns_servers` (List of String) A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the docker container create command and the ``--dns`` option to docker run.
This parameter is not supported for Windows containers.
-- `docker_labels` (Map of String) A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the docker conainer create command and the ``--label`` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
+- `docker_labels` (Map of String) A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the docker container create command and the ``--label`` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `docker_security_options` (List of String) A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.
For Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.
For any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide*.
- This parameter maps to ``SecurityOpt`` in the docker conainer create command and the ``--security-opt`` option to docker run.
+ This parameter maps to ``SecurityOpt`` in the docker container create command and the ``--security-opt`` option to docker run.
The Amazon ECS container agent running on a container instance must register with the ``ECS_SELINUX_CAPABLE=true`` or ``ECS_APPARMOR_CAPABLE=true`` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.
Valid values: "no-new-privileges" | "apparmor:PROFILE" | "label:value" | "credentialspec:CredentialSpecFilePath"
- `entry_point` (List of String) Early versions of the Amazon ECS container agent don't properly handle ``entryPoint`` parameters. If you have problems using ``entryPoint``, update your container agent or enter your commands and arguments as ``command`` array items instead.
- The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in tthe docker conainer create command and the ``--entrypoint`` option to docker run.
-- `environment` (Attributes Set) The environment variables to pass to a container. This parameter maps to ``Env`` in the docker conainer create command and the ``--env`` option to docker run.
+ The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in tthe docker container create command and the ``--entrypoint`` option to docker run.
+- `environment` (Attributes Set) The environment variables to pass to a container. This parameter maps to ``Env`` in the docker container create command and the ``--env`` option to docker run.
We don't recommend that you use plaintext environment variables for sensitive information, such as credential data. (see [below for nested schema](#nestedatt--container_definitions--environment))
- `environment_files` (Attributes List) A list of files containing the environment variables to pass to a container. This parameter maps to the ``--env-file`` option to docker run.
You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file contains an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored.
If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--environment_files))
- `essential` (Boolean) If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the ``essential`` parameter of a container is marked as ``false``, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.
All tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide*.
-- `extra_hosts` (Attributes List) A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the docker conainer create command and the ``--add-host`` option to docker run.
+- `extra_hosts` (Attributes List) A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the docker container create command and the ``--add-host`` option to docker run.
This parameter isn't supported for Windows containers or tasks that use the ``awsvpc`` network mode. (see [below for nested schema](#nestedatt--container_definitions--extra_hosts))
- `firelens_configuration` (Attributes) The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--firelens_configuration))
-- `health_check` (Attributes) The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the docker conainer create command and the ``HEALTHCHECK`` parameter of docker run. (see [below for nested schema](#nestedatt--container_definitions--health_check))
-- `hostname` (String) The hostname to use for your container. This parameter maps to ``Hostname`` in thethe docker conainer create command and the ``--hostname`` option to docker run.
+- `health_check` (Attributes) The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the docker container create command and the ``HEALTHCHECK`` parameter of docker run. (see [below for nested schema](#nestedatt--container_definitions--health_check))
+- `hostname` (String) The hostname to use for your container. This parameter maps to ``Hostname`` in thethe docker container create command and the ``--hostname`` option to docker run.
The ``hostname`` parameter is not supported if you're using the ``awsvpc`` network mode.
-- `image` (String) The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the docker conainer create command and the ``IMAGE`` parameter of docker run.
+- `image` (String) The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the docker container create command and the ``IMAGE`` parameter of docker run.
+ When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.
+ Images in Amazon ECR repositories can be specified by either using the full ``registry/repository:tag`` or ``registry/repository@digest``. For example, ``012345678910.dkr.ecr..amazonaws.com/:latest`` or ``012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE``.
+ Images in official repositories on Docker Hub use a single name (for example, ``ubuntu`` or ``mongo``).
+ Images in other repositories on Docker Hub are qualified with an organization name (for example, ``amazon/amazon-ecs-agent``).
+ Images in other online repositories are qualified further by a domain name (for example, ``quay.io/assemblyline/ubuntu``).
-- `interactive` (Boolean) When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the docker conainer create command and the ``--interactive`` option to docker run.
-- `links` (Set of String) The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to ``Links`` in the docker conainer create command and the ``--link`` option to docker run.
+- `interactive` (Boolean) When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the docker container create command and the ``--interactive`` option to docker run.
+- `links` (Set of String) The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to ``Links`` in the docker container create command and the ``--link`` option to docker run.
This parameter is not supported for Windows containers.
Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.
- `linux_parameters` (Attributes) Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html).
@@ -172,28 +172,28 @@ Read-Only:
If using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level ``memory`` and ``memoryReservation`` value, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.
The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.
The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.
-- `memory_reservation` (Number) The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the the docker conainer create command and the ``--memory-reservation`` option to docker run.
+- `memory_reservation` (Number) The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the docker container create command and the ``--memory-reservation`` option to docker run.
If a task-level memory value is not specified, you must specify a non-zero integer for one or both of ``memory`` or ``memoryReservation`` in a container definition. If you specify both, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.
For example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a ``memoryReservation`` of 128 MiB, and a ``memory`` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.
The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.
The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.
- `mount_points` (Attributes List) The mount points for data volumes in your container.
- This parameter maps to ``Volumes`` in the the docker conainer create command and the ``--volume`` option to docker run.
+ This parameter maps to ``Volumes`` in the docker container create command and the ``--volume`` option to docker run.
Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. (see [below for nested schema](#nestedatt--container_definitions--mount_points))
-- `name` (String) The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in tthe docker conainer create command and the ``--name`` option to docker run.
+- `name` (String) The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in tthe docker container create command and the ``--name`` option to docker run.
- `port_mappings` (Attributes Set) The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.
For task definitions that use the ``awsvpc`` network mode, you should only specify the ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``.
Port mappings on Windows use the ``NetNAT`` gateway address rather than ``localhost``. There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.
This parameter maps to ``PortBindings`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--publish`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). If the network mode of a task definition is set to ``none``, then you can't specify port mappings. If the network mode of a task definition is set to ``host``, then host ports must either be undefined or they must match the container port in the port mapping.
After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the ``networkBindings`` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses. (see [below for nested schema](#nestedatt--container_definitions--port_mappings))
-- `privileged` (Boolean) When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the the docker conainer create command and the ``--privileged`` option to docker run
+- `privileged` (Boolean) When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the docker container create command and the ``--privileged`` option to docker run
This parameter is not supported for Windows containers or tasks run on FARGATElong.
-- `pseudo_terminal` (Boolean) When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in tthe docker conainer create command and the ``--tty`` option to docker run.
-- `readonly_root_filesystem` (Boolean) When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the docker conainer create command and the ``--read-only`` option to docker run.
+- `pseudo_terminal` (Boolean) When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in tthe docker container create command and the ``--tty`` option to docker run.
+- `readonly_root_filesystem` (Boolean) When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the docker container create command and the ``--read-only`` option to docker run.
This parameter is not supported for Windows containers.
- `repository_credentials` (Attributes) The private repository authentication credentials to use. (see [below for nested schema](#nestedatt--container_definitions--repository_credentials))
- `resource_requirements` (Attributes List) The type and amount of a resource to assign to a container. The only supported resource is a GPU. (see [below for nested schema](#nestedatt--container_definitions--resource_requirements))
-- `restart_policy` (Attributes) (see [below for nested schema](#nestedatt--container_definitions--restart_policy))
+- `restart_policy` (Attributes) The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--restart_policy))
- `secrets` (Attributes List) The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--secrets))
- `start_timeout` (Number) Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a ``COMPLETE``, ``SUCCESS``, or ``HEALTHY`` status. If a ``startTimeout`` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a ``STOPPED`` state.
When the ``ECS_CONTAINER_START_TIMEOUT`` container agent configuration variable is used, it's enforced independently from this start timeout value.
@@ -211,10 +211,10 @@ Read-Only:
The max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.
For tasks that use the EC2 launch type, if the ``stopTimeout`` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable ``ECS_CONTAINER_STOP_TIMEOUT`` is used. If neither the ``stopTimeout`` parameter or the ``ECS_CONTAINER_STOP_TIMEOUT`` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.
The valid values are 2-120 seconds.
-- `system_controls` (Attributes List) A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in tthe docker conainer create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. (see [below for nested schema](#nestedatt--container_definitions--system_controls))
+- `system_controls` (Attributes List) A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in tthe docker container create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. (see [below for nested schema](#nestedatt--container_definitions--system_controls))
- `ulimits` (Attributes List) A list of ``ulimits`` to set in the container. This parameter maps to ``Ulimits`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--ulimit`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
This parameter is not supported for Windows containers. (see [below for nested schema](#nestedatt--container_definitions--ulimits))
-- `user` (String) The user to use inside the container. This parameter maps to ``User`` in the docker conainer create command and the ``--user`` option to docker run.
+- `user` (String) The user to use inside the container. This parameter maps to ``User`` in the docker container create command and the ``--user`` option to docker run.
When running tasks using the ``host`` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security.
You can specify the ``user`` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.
+ ``user``
@@ -225,8 +225,8 @@ Read-Only:
+ ``uid:group``
This parameter is not supported for Windows containers.
-- `volumes_from` (Attributes Set) Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in tthe docker conainer create command and the ``--volumes-from`` option to docker run. (see [below for nested schema](#nestedatt--container_definitions--volumes_from))
-- `working_directory` (String) The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the docker conainer create command and the ``--workdir`` option to docker run.
+- `volumes_from` (Attributes Set) Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in tthe docker container create command and the ``--volumes-from`` option to docker run. (see [below for nested schema](#nestedatt--container_definitions--volumes_from))
+- `working_directory` (String) The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the docker container create command and the ``--workdir`` option to docker run.
### Nested Schema for `container_definitions.depends_on`
@@ -291,7 +291,7 @@ Read-Only:
``[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]``
You don't include the double quotes and brackets when you use the AWS Management Console.
``CMD-SHELL, curl -f http://localhost/ || exit 1``
- An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in tthe docker conainer create command
+ An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in tthe docker container create command
- `interval` (Number) The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds.
- `retries` (Number) The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3.
- `start_period` (Number) The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off.
@@ -306,7 +306,7 @@ Read-Only:
- `capabilities` (Attributes) The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.
For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later. (see [below for nested schema](#nestedatt--container_definitions--linux_parameters--capabilities))
-- `devices` (Attributes List) Any host devices to expose to the container. This parameter maps to ``Devices`` in tthe docker conainer create command and the ``--device`` option to docker run.
+- `devices` (Attributes List) Any host devices to expose to the container. This parameter maps to ``Devices`` in tthe docker container create command and the ``--device`` option to docker run.
If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported. (see [below for nested schema](#nestedatt--container_definitions--linux_parameters--devices))
- `init_process_enabled` (Boolean) Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `max_swap` (Number) The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the ``--memory-swap`` option to docker run where the value would be the sum of the container memory plus the ``maxSwap`` value.
@@ -326,10 +326,10 @@ Read-Only:
Read-Only:
-- `add` (List of String) The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker conainer create command and the ``--cap-add`` option to docker run.
+- `add` (List of String) The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker container create command and the ``--cap-add`` option to docker run.
Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability.
Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"``
-- `drop` (List of String) The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker conainer create command and the ``--cap-drop`` option to docker run.
+- `drop` (List of String) The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker container create command and the ``--cap-drop`` option to docker run.
Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"``
@@ -462,9 +462,9 @@ Read-Only:
Read-Only:
-- `enabled` (Boolean)
-- `ignored_exit_codes` (List of Number)
-- `restart_attempt_period` (Number)
+- `enabled` (Boolean) Specifies whether a restart policy is enabled for the container.
+- `ignored_exit_codes` (List of Number) A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.
+- `restart_attempt_period` (Number) A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every ``restartAttemptPeriod`` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum ``restartAttemptPeriod`` of 60 seconds and a maximum ``restartAttemptPeriod`` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.
@@ -607,9 +607,9 @@ Read-Only:
- `autoprovision` (Boolean) If this value is ``true``, the Docker volume is created if it doesn't already exist.
This field is only used if the ``scope`` is ``shared``.
-- `driver` (String) The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to ``Driver`` in the docker conainer create command and the ``xxdriver`` option to docker volume create.
+- `driver` (String) The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to ``Driver`` in the docker container create command and the ``xxdriver`` option to docker volume create.
- `driver_opts` (Map of String) A map of Docker driver-specific options passed through. This parameter maps to ``DriverOpts`` in the docker create-volume command and the ``xxopt`` option to docker volume create.
-- `labels` (Map of String) Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the docker conainer create command and the ``xxlabel`` option to docker volume create.
+- `labels` (Map of String) Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the docker container create command and the ``xxlabel`` option to docker volume create.
- `scope` (String) The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a ``task`` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as ``shared`` persist after the task stops.
@@ -649,8 +649,8 @@ Read-Only:
Read-Only:
-- `credentials_parameter` (String)
-- `domain` (String)
+- `credentials_parameter` (String) The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an ASMlong secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.
+- `domain` (String) A fully qualified domain name hosted by an [](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.
diff --git a/docs/data-sources/mediaconnect_flow.md b/docs/data-sources/mediaconnect_flow.md
index dd92f6214..1000e4924 100644
--- a/docs/data-sources/mediaconnect_flow.md
+++ b/docs/data-sources/mediaconnect_flow.md
@@ -30,6 +30,7 @@ Data Source schema for AWS::MediaConnect::Flow
- `name` (String) The name of the flow.
- `source` (Attributes) The source of the flow. (see [below for nested schema](#nestedatt--source))
- `source_failover_config` (Attributes) The source failover config of the flow. (see [below for nested schema](#nestedatt--source_failover_config))
+- `source_monitoring_config` (Attributes) The source monitoring config of the flow. (see [below for nested schema](#nestedatt--source_monitoring_config))
- `vpc_interfaces` (Attributes List) The VPC interfaces that you added to this flow. (see [below for nested schema](#nestedatt--vpc_interfaces))
@@ -187,6 +188,14 @@ Read-Only:
+
+### Nested Schema for `source_monitoring_config`
+
+Read-Only:
+
+- `thumbnail_state` (String) The state of thumbnail monitoring.
+
+
### Nested Schema for `vpc_interfaces`
diff --git a/docs/data-sources/medialive_channel_placement_group.md b/docs/data-sources/medialive_channel_placement_group.md
new file mode 100644
index 000000000..0ed692506
--- /dev/null
+++ b/docs/data-sources/medialive_channel_placement_group.md
@@ -0,0 +1,39 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_channel_placement_group Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::ChannelPlacementGroup
+---
+
+# awscc_medialive_channel_placement_group (Data Source)
+
+Data Source schema for AWS::MediaLive::ChannelPlacementGroup
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) The ARN of the channel placement group.
+- `channel_placement_group_id` (String) Unique internal identifier.
+- `channels` (List of String) List of channel IDs added to the channel placement group.
+- `cluster_id` (String) The ID of the cluster the node is on.
+- `name` (String) The name of the channel placement group.
+- `nodes` (List of String) List of nodes added to the channel placement group
+- `state` (String) The current state of the ChannelPlacementGroupState
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)
diff --git a/docs/data-sources/medialive_cloudwatch_alarm_template.md b/docs/data-sources/medialive_cloudwatch_alarm_template.md
new file mode 100644
index 000000000..490815d51
--- /dev/null
+++ b/docs/data-sources/medialive_cloudwatch_alarm_template.md
@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_template Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplate
+---
+
+# awscc_medialive_cloudwatch_alarm_template (Data Source)
+
+Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplate
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) A cloudwatch alarm template's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_id` (String) A cloudwatch alarm template's id. AWS provided templates have ids that start with `aws-`
+- `comparison_operator` (String) The comparison operator used to compare the specified statistic and the threshold.
+- `created_at` (String)
+- `datapoints_to_alarm` (Number) The number of datapoints within the evaluation period that must be breaching to trigger the alarm.
+- `description` (String) A resource's optional description.
+- `evaluation_periods` (Number) The number of periods over which data is compared to the specified threshold.
+- `group_id` (String) A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`
+- `group_identifier` (String) A cloudwatch alarm template group's identifier. Can be either be its id or current name.
+- `identifier` (String)
+- `metric_name` (String) The name of the metric associated with the alarm. Must be compatible with targetResourceType.
+- `modified_at` (String)
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `period` (Number) The period, in seconds, over which the specified statistic is applied.
+- `statistic` (String) The statistic to apply to the alarm's metric data.
+- `tags` (Map of String) Represents the tags associated with a resource.
+- `target_resource_type` (String) The resource type this template should dynamically generate cloudwatch metric alarms for.
+- `threshold` (Number) The threshold value to compare with the specified statistic.
+- `treat_missing_data` (String) Specifies how missing data points are treated when evaluating the alarm's condition.
diff --git a/docs/data-sources/medialive_cloudwatch_alarm_template_group.md b/docs/data-sources/medialive_cloudwatch_alarm_template_group.md
new file mode 100644
index 000000000..e5ab95ce9
--- /dev/null
+++ b/docs/data-sources/medialive_cloudwatch_alarm_template_group.md
@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_template_group Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplateGroup
+---
+
+# awscc_medialive_cloudwatch_alarm_template_group (Data Source)
+
+Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplateGroup
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) A cloudwatch alarm template group's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_group_id` (String) A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`
+- `created_at` (String)
+- `description` (String) A resource's optional description.
+- `identifier` (String)
+- `modified_at` (String)
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `tags` (Map of String) Represents the tags associated with a resource.
diff --git a/docs/data-sources/medialive_cloudwatch_alarm_template_groups.md b/docs/data-sources/medialive_cloudwatch_alarm_template_groups.md
new file mode 100644
index 000000000..eca7a7c25
--- /dev/null
+++ b/docs/data-sources/medialive_cloudwatch_alarm_template_groups.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_template_groups Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplateGroup
+---
+
+# awscc_medialive_cloudwatch_alarm_template_groups (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplateGroup
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_cloudwatch_alarm_templates.md b/docs/data-sources/medialive_cloudwatch_alarm_templates.md
new file mode 100644
index 000000000..7ccf3f50e
--- /dev/null
+++ b/docs/data-sources/medialive_cloudwatch_alarm_templates.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_templates Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplate
+---
+
+# awscc_medialive_cloudwatch_alarm_templates (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::CloudWatchAlarmTemplate
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_cluster.md b/docs/data-sources/medialive_cluster.md
new file mode 100644
index 000000000..89697726a
--- /dev/null
+++ b/docs/data-sources/medialive_cluster.md
@@ -0,0 +1,58 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cluster Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::Cluster
+---
+
+# awscc_medialive_cluster (Data Source)
+
+Data Source schema for AWS::MediaLive::Cluster
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) The ARN of the Cluster.
+- `channel_ids` (List of String) The MediaLive Channels that are currently running on Nodes in this Cluster.
+- `cluster_id` (String) The unique ID of the Cluster.
+- `cluster_type` (String) The hardware type for the cluster.
+- `instance_role_arn` (String) The IAM role your nodes will use.
+- `name` (String) The user-specified name of the Cluster to be created.
+- `network_settings` (Attributes) On premises settings which will have the interface network mappings and default Output logical interface (see [below for nested schema](#nestedatt--network_settings))
+- `state` (String) The current state of the Cluster.
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+
+### Nested Schema for `network_settings`
+
+Read-Only:
+
+- `default_route` (String) Default value if the customer does not define it in channel Output API
+- `interface_mappings` (Attributes List) Network mappings for the cluster (see [below for nested schema](#nestedatt--network_settings--interface_mappings))
+
+
+### Nested Schema for `network_settings.interface_mappings`
+
+Read-Only:
+
+- `logical_interface_name` (String) logical interface name, unique in the list
+- `network_id` (String) Network Id to be associated with the logical interface name, can be duplicated in list
+
+
+
+
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)
diff --git a/docs/data-sources/medialive_clusters.md b/docs/data-sources/medialive_clusters.md
new file mode 100644
index 000000000..2875c466b
--- /dev/null
+++ b/docs/data-sources/medialive_clusters.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_clusters Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::Cluster
+---
+
+# awscc_medialive_clusters (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::Cluster
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_event_bridge_rule_template.md b/docs/data-sources/medialive_event_bridge_rule_template.md
new file mode 100644
index 000000000..991143749
--- /dev/null
+++ b/docs/data-sources/medialive_event_bridge_rule_template.md
@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_template Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::EventBridgeRuleTemplate
+---
+
+# awscc_medialive_event_bridge_rule_template (Data Source)
+
+Data Source schema for AWS::MediaLive::EventBridgeRuleTemplate
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) An eventbridge rule template's ARN (Amazon Resource Name)
+- `created_at` (String) Placeholder documentation for __timestampIso8601
+- `description` (String) A resource's optional description.
+- `event_bridge_rule_template_id` (String) An eventbridge rule template's id. AWS provided templates have ids that start with `aws-`
+- `event_targets` (Attributes List) Placeholder documentation for __listOfEventBridgeRuleTemplateTarget (see [below for nested schema](#nestedatt--event_targets))
+- `event_type` (String) The type of event to match with the rule.
+- `group_id` (String) An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`
+- `group_identifier` (String) An eventbridge rule template group's identifier. Can be either be its id or current name.
+- `identifier` (String) Placeholder documentation for __string
+- `modified_at` (String) Placeholder documentation for __timestampIso8601
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+
+### Nested Schema for `event_targets`
+
+Read-Only:
+
+- `arn` (String) Target ARNs must be either an SNS topic or CloudWatch log group.
diff --git a/docs/data-sources/medialive_event_bridge_rule_template_group.md b/docs/data-sources/medialive_event_bridge_rule_template_group.md
new file mode 100644
index 000000000..391eed625
--- /dev/null
+++ b/docs/data-sources/medialive_event_bridge_rule_template_group.md
@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_template_group Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::EventBridgeRuleTemplateGroup
+---
+
+# awscc_medialive_event_bridge_rule_template_group (Data Source)
+
+Data Source schema for AWS::MediaLive::EventBridgeRuleTemplateGroup
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) An eventbridge rule template group's ARN (Amazon Resource Name)
+- `created_at` (String)
+- `description` (String) A resource's optional description.
+- `event_bridge_rule_template_group_id` (String) An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`
+- `identifier` (String)
+- `modified_at` (String)
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `tags` (Map of String) Represents the tags associated with a resource.
diff --git a/docs/data-sources/medialive_event_bridge_rule_template_groups.md b/docs/data-sources/medialive_event_bridge_rule_template_groups.md
new file mode 100644
index 000000000..d49300ea3
--- /dev/null
+++ b/docs/data-sources/medialive_event_bridge_rule_template_groups.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_template_groups Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::EventBridgeRuleTemplateGroup
+---
+
+# awscc_medialive_event_bridge_rule_template_groups (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::EventBridgeRuleTemplateGroup
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_event_bridge_rule_templates.md b/docs/data-sources/medialive_event_bridge_rule_templates.md
new file mode 100644
index 000000000..f6ae5e569
--- /dev/null
+++ b/docs/data-sources/medialive_event_bridge_rule_templates.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_templates Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::EventBridgeRuleTemplate
+---
+
+# awscc_medialive_event_bridge_rule_templates (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::EventBridgeRuleTemplate
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_network.md b/docs/data-sources/medialive_network.md
new file mode 100644
index 000000000..f33c7a548
--- /dev/null
+++ b/docs/data-sources/medialive_network.md
@@ -0,0 +1,56 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_network Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::Network
+---
+
+# awscc_medialive_network (Data Source)
+
+Data Source schema for AWS::MediaLive::Network
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) The ARN of the Network.
+- `associated_cluster_ids` (List of String)
+- `ip_pools` (Attributes List) The list of IP address cidr pools for the network (see [below for nested schema](#nestedatt--ip_pools))
+- `name` (String) The user-specified name of the Network to be created.
+- `network_id` (String) The unique ID of the Network.
+- `routes` (Attributes List) The routes for the network (see [below for nested schema](#nestedatt--routes))
+- `state` (String) The current state of the Network.
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+
+### Nested Schema for `ip_pools`
+
+Read-Only:
+
+- `cidr` (String) IP address cidr pool
+
+
+
+### Nested Schema for `routes`
+
+Read-Only:
+
+- `cidr` (String) Ip address cidr
+- `gateway` (String) IP address for the route packet paths
+
+
+
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)
diff --git a/docs/data-sources/medialive_networks.md b/docs/data-sources/medialive_networks.md
new file mode 100644
index 000000000..b6519aaea
--- /dev/null
+++ b/docs/data-sources/medialive_networks.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_networks Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::Network
+---
+
+# awscc_medialive_networks (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::Network
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_sdi_source.md b/docs/data-sources/medialive_sdi_source.md
new file mode 100644
index 000000000..861d6eb9f
--- /dev/null
+++ b/docs/data-sources/medialive_sdi_source.md
@@ -0,0 +1,39 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_sdi_source Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::SdiSource
+---
+
+# awscc_medialive_sdi_source (Data Source)
+
+Data Source schema for AWS::MediaLive::SdiSource
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) The unique arn of the SdiSource.
+- `inputs` (List of String) The list of inputs currently using this SDI source.
+- `mode` (String) The current state of the SdiSource.
+- `name` (String) The name of the SdiSource.
+- `sdi_source_id` (String) The unique identifier of the SdiSource.
+- `state` (String) The current state of the SdiSource.
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+- `type` (String) The interface mode of the SdiSource.
+
+
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)
diff --git a/docs/data-sources/medialive_sdi_sources.md b/docs/data-sources/medialive_sdi_sources.md
new file mode 100644
index 000000000..199d4f809
--- /dev/null
+++ b/docs/data-sources/medialive_sdi_sources.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_sdi_sources Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::SdiSource
+---
+
+# awscc_medialive_sdi_sources (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::SdiSource
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/medialive_signal_map.md b/docs/data-sources/medialive_signal_map.md
new file mode 100644
index 000000000..ef4a4993a
--- /dev/null
+++ b/docs/data-sources/medialive_signal_map.md
@@ -0,0 +1,119 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_signal_map Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::MediaLive::SignalMap
+---
+
+# awscc_medialive_signal_map (Data Source)
+
+Data Source schema for AWS::MediaLive::SignalMap
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) A signal map's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_group_identifiers` (List of String)
+- `cloudwatch_alarm_template_group_ids` (List of String)
+- `created_at` (String)
+- `description` (String) A resource's optional description.
+- `discovery_entry_point_arn` (String) A top-level supported AWS resource ARN to discovery a signal map from.
+- `error_message` (String) Error message associated with a failed creation or failed update attempt of a signal map.
+- `event_bridge_rule_template_group_identifiers` (List of String)
+- `event_bridge_rule_template_group_ids` (List of String)
+- `failed_media_resource_map` (Attributes Map) A map representing an incomplete AWS media workflow as a graph. (see [below for nested schema](#nestedatt--failed_media_resource_map))
+- `force_rediscovery` (Boolean) If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.
+- `identifier` (String)
+- `last_discovered_at` (String)
+- `last_successful_monitor_deployment` (Attributes) Represents the latest successful monitor deployment of a signal map. (see [below for nested schema](#nestedatt--last_successful_monitor_deployment))
+- `media_resource_map` (Attributes Map) A map representing an AWS media workflow as a graph. (see [below for nested schema](#nestedatt--media_resource_map))
+- `modified_at` (String)
+- `monitor_changes_pending_deployment` (Boolean) If true, there are pending monitor changes for this signal map that can be deployed.
+- `monitor_deployment` (Attributes) Represents the latest monitor deployment of a signal map. (see [below for nested schema](#nestedatt--monitor_deployment))
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `signal_map_id` (String) A signal map's id.
+- `status` (String) A signal map's current status which is dependent on its lifecycle actions or associated jobs.
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+
+### Nested Schema for `failed_media_resource_map`
+
+Read-Only:
+
+- `destinations` (Attributes List) (see [below for nested schema](#nestedatt--failed_media_resource_map--destinations))
+- `name` (String) The logical name of an AWS media resource.
+- `sources` (Attributes List) (see [below for nested schema](#nestedatt--failed_media_resource_map--sources))
+
+
+### Nested Schema for `failed_media_resource_map.destinations`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+### Nested Schema for `failed_media_resource_map.sources`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+
+### Nested Schema for `last_successful_monitor_deployment`
+
+Read-Only:
+
+- `details_uri` (String) URI associated with a signal map's monitor deployment.
+- `status` (String) A signal map's monitor deployment status.
+
+
+
+### Nested Schema for `media_resource_map`
+
+Read-Only:
+
+- `destinations` (Attributes List) (see [below for nested schema](#nestedatt--media_resource_map--destinations))
+- `name` (String) The logical name of an AWS media resource.
+- `sources` (Attributes List) (see [below for nested schema](#nestedatt--media_resource_map--sources))
+
+
+### Nested Schema for `media_resource_map.destinations`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+### Nested Schema for `media_resource_map.sources`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+
+### Nested Schema for `monitor_deployment`
+
+Read-Only:
+
+- `details_uri` (String) URI associated with a signal map's monitor deployment.
+- `error_message` (String) Error message associated with a failed monitor deployment of a signal map.
+- `status` (String) A signal map's monitor deployment status.
diff --git a/docs/data-sources/medialive_signal_maps.md b/docs/data-sources/medialive_signal_maps.md
new file mode 100644
index 000000000..332b572b1
--- /dev/null
+++ b/docs/data-sources/medialive_signal_maps.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_signal_maps Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::MediaLive::SignalMap
+---
+
+# awscc_medialive_signal_maps (Data Source)
+
+Plural Data Source schema for AWS::MediaLive::SignalMap
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/pcaconnectorscep_challenge.md b/docs/data-sources/pcaconnectorscep_challenge.md
new file mode 100644
index 000000000..48851ce5e
--- /dev/null
+++ b/docs/data-sources/pcaconnectorscep_challenge.md
@@ -0,0 +1,26 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_pcaconnectorscep_challenge Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::PCAConnectorSCEP::Challenge
+---
+
+# awscc_pcaconnectorscep_challenge (Data Source)
+
+Data Source schema for AWS::PCAConnectorSCEP::Challenge
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `challenge_arn` (String)
+- `connector_arn` (String)
+- `tags` (Map of String)
diff --git a/docs/data-sources/pcaconnectorscep_connector.md b/docs/data-sources/pcaconnectorscep_connector.md
new file mode 100644
index 000000000..55012510b
--- /dev/null
+++ b/docs/data-sources/pcaconnectorscep_connector.md
@@ -0,0 +1,56 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_pcaconnectorscep_connector Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::PCAConnectorSCEP::Connector
+---
+
+# awscc_pcaconnectorscep_connector (Data Source)
+
+Data Source schema for AWS::PCAConnectorSCEP::Connector
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `certificate_authority_arn` (String)
+- `connector_arn` (String)
+- `endpoint` (String)
+- `mobile_device_management` (Attributes) (see [below for nested schema](#nestedatt--mobile_device_management))
+- `open_id_configuration` (Attributes) (see [below for nested schema](#nestedatt--open_id_configuration))
+- `tags` (Map of String)
+- `type` (String)
+
+
+### Nested Schema for `mobile_device_management`
+
+Read-Only:
+
+- `intune` (Attributes) (see [below for nested schema](#nestedatt--mobile_device_management--intune))
+
+
+### Nested Schema for `mobile_device_management.intune`
+
+Read-Only:
+
+- `azure_application_id` (String)
+- `domain` (String)
+
+
+
+
+### Nested Schema for `open_id_configuration`
+
+Read-Only:
+
+- `audience` (String)
+- `issuer` (String)
+- `subject` (String)
diff --git a/docs/data-sources/pcaconnectorscep_connectors.md b/docs/data-sources/pcaconnectorscep_connectors.md
new file mode 100644
index 000000000..129a5b8f2
--- /dev/null
+++ b/docs/data-sources/pcaconnectorscep_connectors.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_pcaconnectorscep_connectors Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::PCAConnectorSCEP::Connector
+---
+
+# awscc_pcaconnectorscep_connectors (Data Source)
+
+Plural Data Source schema for AWS::PCAConnectorSCEP::Connector
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/pipes_pipe.md b/docs/data-sources/pipes_pipe.md
index f627fea4b..639fe2dd7 100644
--- a/docs/data-sources/pipes_pipe.md
+++ b/docs/data-sources/pipes_pipe.md
@@ -28,6 +28,7 @@ Data Source schema for AWS::Pipes::Pipe
- `desired_state` (String)
- `enrichment` (String)
- `enrichment_parameters` (Attributes) (see [below for nested schema](#nestedatt--enrichment_parameters))
+- `kms_key_identifier` (String)
- `last_modified_time` (String)
- `log_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configuration))
- `name` (String)
diff --git a/docs/data-sources/sagemaker_cluster.md b/docs/data-sources/sagemaker_cluster.md
new file mode 100644
index 000000000..60fcaa145
--- /dev/null
+++ b/docs/data-sources/sagemaker_cluster.md
@@ -0,0 +1,107 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_sagemaker_cluster Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::SageMaker::Cluster
+---
+
+# awscc_sagemaker_cluster (Data Source)
+
+Data Source schema for AWS::SageMaker::Cluster
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `cluster_arn` (String) The Amazon Resource Name (ARN) of the HyperPod Cluster.
+- `cluster_name` (String) The name of the HyperPod Cluster.
+- `cluster_status` (String) The status of the HyperPod Cluster.
+- `creation_time` (String) The time at which the HyperPod cluster was created.
+- `failure_message` (String) The failure message of the HyperPod Cluster.
+- `instance_groups` (Attributes List) The instance groups of the SageMaker HyperPod cluster. (see [below for nested schema](#nestedatt--instance_groups))
+- `node_recovery` (String) If node auto-recovery is set to true, faulty nodes will be replaced or rebooted when a failure is detected. If set to false, nodes will be labelled when a fault is detected.
+- `orchestrator` (Attributes) Specifies parameter(s) specific to the orchestrator, e.g. specify the EKS cluster. (see [below for nested schema](#nestedatt--orchestrator))
+- `tags` (Attributes Set) Custom tags for managing the SageMaker HyperPod cluster as an AWS resource. You can add tags to your cluster in the same way you add them in other AWS services that support tagging. (see [below for nested schema](#nestedatt--tags))
+- `vpc_config` (Attributes) Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. (see [below for nested schema](#nestedatt--vpc_config))
+
+
+### Nested Schema for `instance_groups`
+
+Read-Only:
+
+- `current_count` (Number) The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.
+- `execution_role` (String) The execution role for the instance group to assume.
+- `instance_count` (Number) The number of instances you specified to add to the instance group of a SageMaker HyperPod cluster.
+- `instance_group_name` (String) The name of the instance group of a SageMaker HyperPod cluster.
+- `instance_storage_configs` (Attributes List) The instance storage configuration for the instance group. (see [below for nested schema](#nestedatt--instance_groups--instance_storage_configs))
+- `instance_type` (String) The instance type of the instance group of a SageMaker HyperPod cluster.
+- `life_cycle_config` (Attributes) The lifecycle configuration for a SageMaker HyperPod cluster. (see [below for nested schema](#nestedatt--instance_groups--life_cycle_config))
+- `on_start_deep_health_checks` (List of String) Nodes will undergo advanced stress test to detect and replace faulty instances, based on the type of deep health check(s) passed in.
+- `threads_per_core` (Number) The number you specified to TreadsPerCore in CreateCluster for enabling or disabling multithreading. For instance types that support multithreading, you can specify 1 for disabling multithreading and 2 for enabling multithreading.
+
+
+### Nested Schema for `instance_groups.instance_storage_configs`
+
+Read-Only:
+
+- `ebs_volume_config` (Attributes) Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to /opt/sagemaker. (see [below for nested schema](#nestedatt--instance_groups--instance_storage_configs--ebs_volume_config))
+
+
+### Nested Schema for `instance_groups.instance_storage_configs.ebs_volume_config`
+
+Read-Only:
+
+- `volume_size_in_gb` (Number) The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to /opt/sagemaker.
+
+
+
+
+### Nested Schema for `instance_groups.life_cycle_config`
+
+Read-Only:
+
+- `on_create` (String) The file name of the entrypoint script of lifecycle scripts under SourceS3Uri. This entrypoint script runs during cluster creation.
+- `source_s3_uri` (String) An Amazon S3 bucket path where your lifecycle scripts are stored.
+
+
+
+
+### Nested Schema for `orchestrator`
+
+Read-Only:
+
+- `eks` (Attributes) Specifies parameter(s) related to EKS as orchestrator, e.g. the EKS cluster nodes will attach to, (see [below for nested schema](#nestedatt--orchestrator--eks))
+
+
+### Nested Schema for `orchestrator.eks`
+
+Read-Only:
+
+- `cluster_arn` (String) The ARN of the EKS cluster, such as arn:aws:eks:us-west-2:123456789012:cluster/my-eks-cluster
+
+
+
+
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String) The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+- `value` (String) The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+
+
+
+### Nested Schema for `vpc_config`
+
+Read-Only:
+
+- `security_group_ids` (List of String) The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field.
+- `subnets` (List of String) The ID of the subnets in the VPC to which you want to connect your training job or model.
diff --git a/docs/data-sources/sagemaker_clusters.md b/docs/data-sources/sagemaker_clusters.md
new file mode 100644
index 000000000..abf246a3a
--- /dev/null
+++ b/docs/data-sources/sagemaker_clusters.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_sagemaker_clusters Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::SageMaker::Cluster
+---
+
+# awscc_sagemaker_clusters (Data Source)
+
+Plural Data Source schema for AWS::SageMaker::Cluster
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/data-sources/sagemaker_domain.md b/docs/data-sources/sagemaker_domain.md
index e34f17dfc..4d9d13fcf 100644
--- a/docs/data-sources/sagemaker_domain.md
+++ b/docs/data-sources/sagemaker_domain.md
@@ -85,11 +85,31 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images for use for JupyterLab apps. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `default_space_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_space_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_space_settings.jupyter_lab_app_settings.code_repositories`
@@ -215,10 +235,30 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--app_lifecycle_management))
- `custom_images` (Attributes List) A list of custom images for use for CodeEditor apps. (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with CodeEditor apps.
+
+### Nested Schema for `default_user_settings.code_editor_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_user_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_user_settings.code_editor_app_settings.custom_images`
@@ -272,11 +312,31 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images for use for JupyterLab apps. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `default_user_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_user_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_user_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/data-sources/sagemaker_space.md b/docs/data-sources/sagemaker_space.md
index 29b867bf1..b480541a2 100644
--- a/docs/data-sources/sagemaker_space.md
+++ b/docs/data-sources/sagemaker_space.md
@@ -57,8 +57,25 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--app_lifecycle_management))
- `default_resource_spec` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--default_resource_spec))
+
+### Nested Schema for `space_settings.code_editor_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `space_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The space idle timeout value set in minutes
+
+
+
### Nested Schema for `space_settings.code_editor_app_settings.default_resource_spec`
@@ -92,9 +109,26 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--code_repositories))
- `default_resource_spec` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--default_resource_spec))
+
+### Nested Schema for `space_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `space_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The space idle timeout value set in minutes
+
+
+
### Nested Schema for `space_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/data-sources/sagemaker_user_profile.md b/docs/data-sources/sagemaker_user_profile.md
index 25440f1d9..d0c946458 100644
--- a/docs/data-sources/sagemaker_user_profile.md
+++ b/docs/data-sources/sagemaker_user_profile.md
@@ -63,10 +63,30 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--app_lifecycle_management))
- `custom_images` (Attributes List) A list of custom images for use for CodeEditor apps. (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with CodeEditor apps.
+
+### Nested Schema for `user_settings.code_editor_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `user_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `user_settings.code_editor_app_settings.custom_images`
@@ -120,11 +140,31 @@ Read-Only:
Read-Only:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images available for use for JupyterLab apps (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `user_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Read-Only:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `user_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Read-Only:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `user_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/data-sources/sns_subscription.md b/docs/data-sources/sns_subscription.md
new file mode 100644
index 000000000..487dfc69f
--- /dev/null
+++ b/docs/data-sources/sns_subscription.md
@@ -0,0 +1,35 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_sns_subscription Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Data Source schema for AWS::SNS::Subscription
+---
+
+# awscc_sns_subscription (Data Source)
+
+Data Source schema for AWS::SNS::Subscription
+
+
+
+
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) Arn of the subscription
+- `delivery_policy` (String) The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic.
+- `endpoint` (String) The subscription's endpoint. The endpoint value depends on the protocol that you specify.
+- `filter_policy` (String) The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages.
+- `filter_policy_scope` (String) This attribute lets you choose the filtering scope by using one of the following string value types: MessageAttributes (default) and MessageBody.
+- `protocol` (String) The subscription's protocol.
+- `raw_message_delivery` (Boolean) When set to true, enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints.
+- `redrive_policy` (String) When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors are held in the dead-letter queue for further analysis or reprocessing.
+- `region` (String) For cross-region subscriptions, the region in which the topic resides.If no region is specified, AWS CloudFormation uses the region of the caller as the default.
+- `replay_policy` (String) Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.
+- `subscription_role_arn` (String) This property applies only to Amazon Data Firehose delivery stream subscriptions.
+- `topic_arn` (String) The ARN of the topic to subscribe to.
diff --git a/docs/data-sources/sns_subscriptions.md b/docs/data-sources/sns_subscriptions.md
new file mode 100644
index 000000000..a29ad69d1
--- /dev/null
+++ b/docs/data-sources/sns_subscriptions.md
@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_sns_subscriptions Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Plural Data Source schema for AWS::SNS::Subscription
+---
+
+# awscc_sns_subscriptions (Data Source)
+
+Plural Data Source schema for AWS::SNS::Subscription
+
+
+
+
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.
diff --git a/docs/resources/amplify_app.md b/docs/resources/amplify_app.md
index 68916f65b..d6667afb1 100644
--- a/docs/resources/amplify_app.md
+++ b/docs/resources/amplify_app.md
@@ -176,6 +176,7 @@ resource "awscc_amplify_app" "example" {
- `auto_branch_creation_config` (Attributes) (see [below for nested schema](#nestedatt--auto_branch_creation_config))
- `basic_auth_config` (Attributes) (see [below for nested schema](#nestedatt--basic_auth_config))
- `build_spec` (String)
+- `cache_config` (Attributes) (see [below for nested schema](#nestedatt--cache_config))
- `custom_headers` (String)
- `custom_rules` (Attributes List) (see [below for nested schema](#nestedatt--custom_rules))
- `description` (String)
@@ -242,6 +243,14 @@ Optional:
- `username` (String)
+
+### Nested Schema for `cache_config`
+
+Optional:
+
+- `type` (String)
+
+
### Nested Schema for `custom_rules`
diff --git a/docs/resources/applicationsignals_service_level_objective.md b/docs/resources/applicationsignals_service_level_objective.md
index c0834151a..891753000 100644
--- a/docs/resources/applicationsignals_service_level_objective.md
+++ b/docs/resources/applicationsignals_service_level_objective.md
@@ -18,44 +18,97 @@ Resource Type definition for AWS::ApplicationSignals::ServiceLevelObjective
### Required
- `name` (String) The name of this SLO.
-- `sli` (Attributes) This structure contains information about the performance metric that an SLO monitors. (see [below for nested schema](#nestedatt--sli))
### Optional
- `description` (String) An optional description for this SLO. Default is 'No description'
- `goal` (Attributes) A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold. (see [below for nested schema](#nestedatt--goal))
+- `request_based_sli` (Attributes) This structure contains information about the performance metric that a request-based SLO monitors. (see [below for nested schema](#nestedatt--request_based_sli))
+- `sli` (Attributes) This structure contains information about the performance metric that an SLO monitors. (see [below for nested schema](#nestedatt--sli))
- `tags` (Attributes Set) The list of tag keys and values associated with the resource you specified (see [below for nested schema](#nestedatt--tags))
### Read-Only
- `arn` (String) The ARN of this SLO.
- `created_time` (Number) Epoch time in seconds of the time that this SLO was created
+- `evaluation_type` (String) Displays whether this is a period-based SLO or a request-based SLO.
- `id` (String) Uniquely identifies the resource.
- `last_updated_time` (Number) Epoch time in seconds of the time that this SLO was most recently updated
-
-### Nested Schema for `sli`
+
+### Nested Schema for `goal`
+
+Optional:
+
+- `attainment_goal` (Number) The threshold that determines if the goal is being met. An attainment goal is the ratio of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.
+If you omit this parameter, 99 is used to represent 99% as the attainment goal.
+- `interval` (Attributes) The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.
+If you omit this parameter, a rolling interval of 7 days is used. (see [below for nested schema](#nestedatt--goal--interval))
+- `warning_threshold` (Number) The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.
+
+
+### Nested Schema for `goal.interval`
+
+Optional:
+
+- `calendar_interval` (Attributes) If the interval for this service level objective is a calendar interval, this structure contains the interval specifications. (see [below for nested schema](#nestedatt--goal--interval--calendar_interval))
+- `rolling_interval` (Attributes) If the interval is a calendar interval, this structure contains the interval specifications. (see [below for nested schema](#nestedatt--goal--interval--rolling_interval))
+
+
+### Nested Schema for `goal.interval.calendar_interval`
+
+Required:
+
+- `duration` (Number) Specifies the duration of each calendar interval. For example, if `Duration` is 1 and `DurationUnit` is `MONTH`, each interval is one month, aligned with the calendar.
+- `duration_unit` (String) Specifies the calendar interval unit.
+- `start_time` (Number) Epoch time in seconds you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.
+As soon as one calendar interval ends, another automatically begins.
+
+
+
+### Nested Schema for `goal.interval.rolling_interval`
Required:
+- `duration` (Number) Specifies the duration of each calendar interval. For example, if `Duration` is 1 and `DurationUnit` is `MONTH`, each interval is one month, aligned with the calendar.
+- `duration_unit` (String) Specifies the calendar interval unit.
+
+
+
+
+
+### Nested Schema for `request_based_sli`
+
+Required:
+
+- `request_based_sli_metric` (Attributes) This structure contains the information about the metric that is used for a request-based SLO. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric))
+
+Optional:
+
- `comparison_operator` (String) The arithmetic operation used when comparing the specified metric to the threshold.
- `metric_threshold` (Number) The value that the SLI metric is compared to.
-- `sli_metric` (Attributes) A structure that contains information about the metric that the SLO monitors. (see [below for nested schema](#nestedatt--sli--sli_metric))
-
-### Nested Schema for `sli.sli_metric`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric`
Optional:
- `key_attributes` (Map of String) This is a string-to-string map that contains information about the type of object that this SLO is related to.
-- `metric_data_queries` (Attributes List) If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, this structure includes the information about that metric or expression. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries))
- `metric_type` (String) If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used.
+- `monitored_request_count_metric` (Attributes) This structure defines the metric that is used as the "good request" or "bad request" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` is divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric))
- `operation_name` (String) If the SLO monitors a specific operation of the service, this field displays that operation name.
-- `period_seconds` (Number) The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.
-- `statistic` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic
+- `total_request_count_metric` (Attributes List) This structure defines the metric that is used as the "total requests" number for a request-based SLO. The number observed for this metric is divided by the number of "good requests" or "bad requests" that is observed for the metric defined in `MonitoredRequestCountMetric`. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric))
-
-### Nested Schema for `sli.sli_metric.metric_data_queries`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric`
+
+Optional:
+
+- `bad_count_metric` (Attributes List) If you want to count "bad requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "bad requests" in this structure. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric))
+- `good_count_metric` (Attributes List) If you want to count "good requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "good requests" in this structure. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric))
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric`
Required:
@@ -65,15 +118,15 @@ Optional:
- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
- `expression` (String) The math expression to be performed on the returned data.
-- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat))
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat))
- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
-
-### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat`
Required:
-- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat--metric))
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat--metric))
- `period` (Number) The granularity, in seconds, to be used for the metric.
- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
@@ -81,17 +134,17 @@ Optional:
- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
-
-### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat.metric`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat.metric`
Optional:
-- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat--metric--dimensions))
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--bad_count_metric--metric_stat--metric--dimensions))
- `metric_name` (String) The name of the metric to use.
- `namespace` (String) The namespace of the metric.
-
-### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat.metric.dimensions`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.bad_count_metric.metric_stat.metric.dimensions`
Required:
@@ -102,45 +155,172 @@ Required:
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric`
+Required:
-
-### Nested Schema for `goal`
+- `id` (String) A short name used to tie this object to the results in the response.
Optional:
-- `attainment_goal` (Number) The threshold that determines if the goal is being met. An attainment goal is the ratio of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.
-If you omit this parameter, 99 is used to represent 99% as the attainment goal.
-- `interval` (Attributes) The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.
-If you omit this parameter, a rolling interval of 7 days is used. (see [below for nested schema](#nestedatt--goal--interval))
-- `warning_threshold` (Number) The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
-
-### Nested Schema for `goal.interval`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat`
+
+Required:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
Optional:
-- `calendar_interval` (Attributes) If the interval for this service level objective is a calendar interval, this structure contains the interval specifications. (see [below for nested schema](#nestedatt--goal--interval--calendar_interval))
-- `rolling_interval` (Attributes) If the interval is a calendar interval, this structure contains the interval specifications. (see [below for nested schema](#nestedatt--goal--interval--rolling_interval))
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
-
-### Nested Schema for `goal.interval.calendar_interval`
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat.metric`
+
+Optional:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--monitored_request_count_metric--good_count_metric--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.monitored_request_count_metric.good_count_metric.metric_stat.metric.dimensions`
Required:
-- `duration` (Number) Specifies the duration of each calendar interval. For example, if `Duration` is 1 and `DurationUnit` is `MONTH`, each interval is one month, aligned with the calendar.
-- `duration_unit` (String) Specifies the calendar interval unit.
-- `start_time` (Number) Epoch time in seconds you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.
-As soon as one calendar interval ends, another automatically begins.
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
-
-### Nested Schema for `goal.interval.rolling_interval`
+
+
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric`
Required:
-- `duration` (Number) Specifies the duration of each calendar interval. For example, if `Duration` is 1 and `DurationUnit` is `MONTH`, each interval is one month, aligned with the calendar.
-- `duration_unit` (String) Specifies the calendar interval unit.
+- `id` (String) A short name used to tie this object to the results in the response.
+
+Optional:
+
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat`
+
+Required:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
+
+Optional:
+
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat.metric`
+
+Optional:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--request_based_sli--request_based_sli_metric--total_request_count_metric--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `request_based_sli.request_based_sli_metric.total_request_count_metric.metric_stat.metric.dimensions`
+
+Required:
+
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
+
+
+
+
+
+
+
+### Nested Schema for `sli`
+
+Required:
+
+- `comparison_operator` (String) The arithmetic operation used when comparing the specified metric to the threshold.
+- `metric_threshold` (Number) The value that the SLI metric is compared to.
+- `sli_metric` (Attributes) A structure that contains information about the metric that the SLO monitors. (see [below for nested schema](#nestedatt--sli--sli_metric))
+
+
+### Nested Schema for `sli.sli_metric`
+
+Optional:
+
+- `key_attributes` (Map of String) This is a string-to-string map that contains information about the type of object that this SLO is related to.
+- `metric_data_queries` (Attributes List) If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, this structure includes the information about that metric or expression. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries))
+- `metric_type` (String) If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used.
+- `operation_name` (String) If the SLO monitors a specific operation of the service, this field displays that operation name.
+- `period_seconds` (Number) The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.
+- `statistic` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic
+
+
+### Nested Schema for `sli.sli_metric.metric_data_queries`
+
+Required:
+
+- `id` (String) A short name used to tie this object to the results in the response.
+
+Optional:
+
+- `account_id` (String) The ID of the account where the metrics are located, if this is a cross-account alarm.
+- `expression` (String) The math expression to be performed on the returned data.
+- `metric_stat` (Attributes) A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat))
+- `return_data` (Boolean) This option indicates whether to return the timestamps and raw data values of this metric.
+
+
+### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat`
+
+Required:
+
+- `metric` (Attributes) This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat--metric))
+- `period` (Number) The granularity, in seconds, to be used for the metric.
+- `stat` (String) The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic.
+
+Optional:
+
+- `unit` (String) If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
+
+
+### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat.metric`
+
+Optional:
+
+- `dimensions` (Attributes List) An array of one or more dimensions to use to define the metric that you want to use. (see [below for nested schema](#nestedatt--sli--sli_metric--metric_data_queries--metric_stat--metric--dimensions))
+- `metric_name` (String) The name of the metric to use.
+- `namespace` (String) The namespace of the metric.
+
+
+### Nested Schema for `sli.sli_metric.metric_data_queries.metric_stat.metric.dimensions`
+
+Required:
+
+- `name` (String) The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names.
+- `value` (String) The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values
+
+
+
diff --git a/docs/resources/backup_restore_testing_plan.md b/docs/resources/backup_restore_testing_plan.md
index c5b7fbdaa..f4ce79947 100644
--- a/docs/resources/backup_restore_testing_plan.md
+++ b/docs/resources/backup_restore_testing_plan.md
@@ -24,6 +24,7 @@ Definition of AWS::Backup::RestoreTestingPlan Resource Type
### Optional
- `schedule_expression_timezone` (String)
+- `schedule_status` (String)
- `start_window_hours` (Number)
- `tags` (Attributes Set) (see [below for nested schema](#nestedatt--tags))
diff --git a/docs/resources/ec2_vpc_endpoint.md b/docs/resources/ec2_vpc_endpoint.md
index e113de0ff..0f92be371 100644
--- a/docs/resources/ec2_vpc_endpoint.md
+++ b/docs/resources/ec2_vpc_endpoint.md
@@ -4,14 +4,16 @@ subcategory: ""
description: |-
Specifies a VPC endpoint. A VPC endpoint provides a private connection between your VPC and an endpoint service. You can use an endpoint service provided by AWS, an MKT Partner, or another AWS accounts in your organization. For more information, see the User Guide https://docs.aws.amazon.com/vpc/latest/privatelink/.
An endpoint of type Interface establishes connections between the subnets in your VPC and an AWS-service, your own service, or a service hosted by another AWS-account. With an interface VPC endpoint, you specify the subnets in which to create the endpoint and the security groups to associate with the endpoint network interfaces.
- An endpoint of type gateway serves as a target for a route in your route table for traffic destined for S3 or DDB. You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to S3, see [W
+ An endpoint of type gateway serves as a target for a route in your route table for traffic destined for S3 or DDB. You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to S3, see Why can't I connect to an S3 bucket using a gateway VPC endpoint? https://docs.aws.amazon.com/premiumsupport/knowledge-center/connect-s3-vpc-endpoint
+ An endpoint of type GatewayLoadBalancer provides private connectivity between your VPC and virtual appliances from a service provider.
---
# awscc_ec2_vpc_endpoint (Resource)
Specifies a VPC endpoint. A VPC endpoint provides a private connection between your VPC and an endpoint service. You can use an endpoint service provided by AWS, an MKT Partner, or another AWS accounts in your organization. For more information, see the [User Guide](https://docs.aws.amazon.com/vpc/latest/privatelink/).
An endpoint of type ``Interface`` establishes connections between the subnets in your VPC and an AWS-service, your own service, or a service hosted by another AWS-account. With an interface VPC endpoint, you specify the subnets in which to create the endpoint and the security groups to associate with the endpoint network interfaces.
- An endpoint of type ``gateway`` serves as a target for a route in your route table for traffic destined for S3 or DDB. You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to S3, see [W
+ An endpoint of type ``gateway`` serves as a target for a route in your route table for traffic destined for S3 or DDB. You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to S3, see [Why can't I connect to an S3 bucket using a gateway VPC endpoint?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/connect-s3-vpc-endpoint)
+ An endpoint of type ``GatewayLoadBalancer`` provides private connectivity between your VPC and virtual appliances from a service provider.
## Example Usage
diff --git a/docs/resources/ecs_service.md b/docs/resources/ecs_service.md
index 1f974a90d..f6963ca98 100644
--- a/docs/resources/ecs_service.md
+++ b/docs/resources/ecs_service.md
@@ -3,15 +3,15 @@ page_title: "awscc_ecs_service Resource - terraform-provider-awscc"
subcategory: ""
description: |-
The AWS::ECS::Service resource creates an Amazon Elastic Container Service (Amazon ECS) service that runs and maintains the requested number of tasks and associated load balancers.
- The stack update fails if you change any properties that require replacement and at least one Amazon ECS Service Connect ServiceConnectService is configured. This is because AWS CloudFormation creates the replacement service first, but each ServiceConnectService must have a name that is unique in the namespace.
+ The stack update fails if you change any properties that require replacement and at least one ECS Service Connect ServiceConnectConfiguration property the is configured. This is because AWS CloudFormation creates the replacement service first, but each ServiceConnectService must have a name that is unique in the namespace.
Starting April 15, 2023, AWS; will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, ECS, or EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
---
# awscc_ecs_service (Resource)
The ``AWS::ECS::Service`` resource creates an Amazon Elastic Container Service (Amazon ECS) service that runs and maintains the requested number of tasks and associated load balancers.
- The stack update fails if you change any properties that require replacement and at least one Amazon ECS Service Connect ``ServiceConnectService`` is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceConnectService`` must have a name that is unique in the namespace.
- Starting April 15, 2023, AWS; will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, ECS, or EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
+ The stack update fails if you change any properties that require replacement and at least one ECS Service Connect ``ServiceConnectConfiguration`` property the is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceConnectService`` must have a name that is unique in the namespace.
+ Starting April 15, 2023, AWS; will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, ECS, or EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
## Example Usage
@@ -91,6 +91,7 @@ resource "awscc_ecs_service" "nginx" {
- `placement_strategies` (Attributes List) The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service. (see [below for nested schema](#nestedatt--placement_strategies))
- `platform_version` (String) The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the ``LATEST`` platform version is used. For more information, see [platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide*.
- `propagate_tags` (String) Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.
+ You must set this to a value other than ``NONE`` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide*.
The default is ``NONE``.
- `role` (String) The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the ``awsvpc`` network mode. If you specify the ``role`` parameter, you must also specify a load balancer object with the ``loadBalancers`` parameter.
If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the ``awsvpc`` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide*.
@@ -147,7 +148,9 @@ Optional:
- `deployment_circuit_breaker` (Attributes) The deployment circuit breaker can only be used for services using the rolling update (``ECS``) deployment type.
The *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide* (see [below for nested schema](#nestedatt--deployment_configuration--deployment_circuit_breaker))
- `maximum_percent` (Number) If a service is using the rolling update (``ECS``) deployment type, the ``maximumPercent`` parameter represents an upper limit on the number of your service's tasks that are allowed in the ``RUNNING`` or ``PENDING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the ``REPLICA`` service scheduler and has a ``desiredCount`` of four tasks and a ``maximumPercent`` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default ``maximumPercent`` value for a service using the ``REPLICA`` service scheduler is 200%.
- If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and tasks that use the EC2 launch type, the *maximum percent* value is set to the default value and is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state.
+ You can't specify a custom ``maximumPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type.
+ If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.
- `minimum_healthy_percent` (Number) If a service is using the rolling update (``ECS``) deployment type, the ``minimumHealthyPercent`` represents a lower limit on the number of your service's tasks that must remain in the ``RUNNING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a ``desiredCount`` of four tasks and a ``minimumHealthyPercent`` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.
For services that *do not* use a load balancer, the following should be noted:
+ A service is considered healthy if all essential containers within the tasks in the service pass their health checks.
@@ -158,7 +161,11 @@ Optional:
+ If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
+ If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
- If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value and is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.
+ The default value for a replica service for ``minimumHealthyPercent`` is 100%. The default ``minimumHealthyPercent`` value for a service using the ``DAEMON`` service schedule is 0% for the CLI, the AWS SDKs, and the APIs and 50% for the AWS Management Console.
+ The minimum number of healthy tasks during a deployment is the ``desiredCount`` multiplied by the ``minimumHealthyPercent``/100, rounded up to the nearest integer value.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state.
+ You can't specify a custom ``minimumHealthyPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type.
+ If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.
### Nested Schema for `deployment_configuration.alarms`
@@ -220,9 +227,9 @@ Optional:
Optional:
- `assign_public_ip` (String) Whether the task's elastic network interface receives a public IP address. The default value is ``DISABLED``.
-- `security_groups` (List of String) The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``AwsVpcConfiguration``.
+- `security_groups` (List of String) The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``awsvpcConfiguration``.
All specified security groups must be from the same VPC.
-- `subnets` (List of String) The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``AwsVpcConfiguration``.
+- `subnets` (List of String) The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``awsvpcConfiguration``.
All specified subnets must be from the same VPC.
@@ -248,7 +255,7 @@ Required:
Optional:
-- `field` (String) The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``CPU`` and ``MEMORY``. For the ``random`` placement strategy, this field is not used.
+- `field` (String) The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that's applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``cpu`` and ``memory``. For the ``random`` placement strategy, this field is not used.
@@ -260,12 +267,12 @@ Required:
Optional:
-- `log_configuration` (Attributes) The log configuration for the container. This parameter maps to ``LogConfig`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--log-driver`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/run/).
- By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
+- `log_configuration` (Attributes) The log configuration for the container. This parameter maps to ``LogConfig`` in the docker container create command and the ``--log-driver`` option to docker run.
+ By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.
Understand the following when specifying a log configuration for your containers.
+ Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.
For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.
- For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.
+ For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``,``syslog``, ``splunk``, and ``awsfirelens``.
+ This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
+ For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to. (see [below for nested schema](#nestedatt--service_connect_configuration--log_configuration))
@@ -281,9 +288,9 @@ Optional:
- `log_driver` (String) The log driver to use for the container.
For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.
- For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.
- For more information about using the ``awslogs`` log driver, see [Using the awslogs log driver](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.
- For more information about using the ``awsfirelens`` log driver, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``syslog``, ``splunk``, and ``awsfirelens``.
+ For more information about using the ``awslogs`` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.
+ For more information about using the ``awsfirelens`` log driver, see [Send Amazon ECS logs to an service or Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html).
If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.
- `options` (Map of String) The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `secret_options` (Attributes List) The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--service_connect_configuration--log_configuration--secret_options))
@@ -412,7 +419,7 @@ Optional:
- `encrypted` (Boolean) Indicates whether the volume should be encrypted. If no value is specified, encryption is turned on by default. This parameter maps 1:1 with the ``Encrypted`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.
- `filesystem_type` (String) The Linux filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the task will fail to start.
- The available filesystem types are? ``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default.
+ The available filesystem types are
``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default.
- `iops` (Number) The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type.
+ ``gp3``: 3,000 - 16,000 IOPS
@@ -451,7 +458,7 @@ Required:
Optional:
-- `propagate_tags` (String) Determines whether to propagate the tags from the task definition to ?the Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in ?``ServiceVolumeConfiguration``. If no value is specified, the tags aren't ?propagated.
+- `propagate_tags` (String) Determines whether to propagate the tags from the task definition to
the Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in
``ServiceVolumeConfiguration``. If no value is specified, the tags aren't
propagated.
- `tags` (Attributes List) The tags applied to this Amazon EBS volume. ``AmazonECSCreated`` and ``AmazonECSManaged`` are reserved tags that can't be used. (see [below for nested schema](#nestedatt--volume_configurations--managed_ebs_volume--tag_specifications--tags))
diff --git a/docs/resources/ecs_task_definition.md b/docs/resources/ecs_task_definition.md
index 806bff1b9..62a0b6e5b 100644
--- a/docs/resources/ecs_task_definition.md
+++ b/docs/resources/ecs_task_definition.md
@@ -107,18 +107,18 @@ Registers a new task definition from the supplied ``family`` and ``containerDefi
Required:
-- `image` (String) The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the docker conainer create command and the ``IMAGE`` parameter of docker run.
+- `image` (String) The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the docker container create command and the ``IMAGE`` parameter of docker run.
+ When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.
+ Images in Amazon ECR repositories can be specified by either using the full ``registry/repository:tag`` or ``registry/repository@digest``. For example, ``012345678910.dkr.ecr..amazonaws.com/:latest`` or ``012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE``.
+ Images in official repositories on Docker Hub use a single name (for example, ``ubuntu`` or ``mongo``).
+ Images in other repositories on Docker Hub are qualified with an organization name (for example, ``amazon/amazon-ecs-agent``).
+ Images in other online repositories are qualified further by a domain name (for example, ``quay.io/assemblyline/ubuntu``).
-- `name` (String) The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in tthe docker conainer create command and the ``--name`` option to docker run.
+- `name` (String) The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in tthe docker container create command and the ``--name`` option to docker run.
Optional:
-- `command` (List of String) The command that's passed to the container. This parameter maps to ``Cmd`` in the docker conainer create command and the ``COMMAND`` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.
-- `cpu` (Number) The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the docker conainer create commandand the ``--cpu-shares`` option to docker run.
+- `command` (List of String) The command that's passed to the container. This parameter maps to ``Cmd`` in the docker container create command and the ``COMMAND`` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.
+- `cpu` (Number) The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the docker container create commandand the ``--cpu-shares`` option to docker run.
This field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level ``cpu`` value.
You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024.
Linux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.
@@ -140,36 +140,36 @@ Optional:
+ Windows platform version ``1.0.0`` or later.
If the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html), the ``dependsOn`` parameter is not supported. For more information see [Issue #680](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/680) on the on the GitHub website. (see [below for nested schema](#nestedatt--container_definitions--depends_on))
-- `disable_networking` (Boolean) When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the docker conainer create command.
+- `disable_networking` (Boolean) When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the docker container create command.
This parameter is not supported for Windows containers.
-- `dns_search_domains` (List of String) A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the docker conainer create command and the ``--dns-search`` option to docker run.
+- `dns_search_domains` (List of String) A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the docker container create command and the ``--dns-search`` option to docker run.
This parameter is not supported for Windows containers.
-- `dns_servers` (List of String) A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the the docker conainer create command and the ``--dns`` option to docker run.
+- `dns_servers` (List of String) A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the docker container create command and the ``--dns`` option to docker run.
This parameter is not supported for Windows containers.
-- `docker_labels` (Map of String) A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the docker conainer create command and the ``--label`` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
+- `docker_labels` (Map of String) A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the docker container create command and the ``--label`` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `docker_security_options` (List of String) A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.
For Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.
For any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide*.
- This parameter maps to ``SecurityOpt`` in the docker conainer create command and the ``--security-opt`` option to docker run.
+ This parameter maps to ``SecurityOpt`` in the docker container create command and the ``--security-opt`` option to docker run.
The Amazon ECS container agent running on a container instance must register with the ``ECS_SELINUX_CAPABLE=true`` or ``ECS_APPARMOR_CAPABLE=true`` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.
Valid values: "no-new-privileges" | "apparmor:PROFILE" | "label:value" | "credentialspec:CredentialSpecFilePath"
- `entry_point` (List of String) Early versions of the Amazon ECS container agent don't properly handle ``entryPoint`` parameters. If you have problems using ``entryPoint``, update your container agent or enter your commands and arguments as ``command`` array items instead.
- The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in tthe docker conainer create command and the ``--entrypoint`` option to docker run.
-- `environment` (Attributes Set) The environment variables to pass to a container. This parameter maps to ``Env`` in the docker conainer create command and the ``--env`` option to docker run.
+ The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in tthe docker container create command and the ``--entrypoint`` option to docker run.
+- `environment` (Attributes Set) The environment variables to pass to a container. This parameter maps to ``Env`` in the docker container create command and the ``--env`` option to docker run.
We don't recommend that you use plaintext environment variables for sensitive information, such as credential data. (see [below for nested schema](#nestedatt--container_definitions--environment))
- `environment_files` (Attributes List) A list of files containing the environment variables to pass to a container. This parameter maps to the ``--env-file`` option to docker run.
You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file contains an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored.
If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--environment_files))
- `essential` (Boolean) If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the ``essential`` parameter of a container is marked as ``false``, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.
All tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide*.
-- `extra_hosts` (Attributes List) A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the docker conainer create command and the ``--add-host`` option to docker run.
+- `extra_hosts` (Attributes List) A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the docker container create command and the ``--add-host`` option to docker run.
This parameter isn't supported for Windows containers or tasks that use the ``awsvpc`` network mode. (see [below for nested schema](#nestedatt--container_definitions--extra_hosts))
- `firelens_configuration` (Attributes) The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--firelens_configuration))
-- `health_check` (Attributes) The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the docker conainer create command and the ``HEALTHCHECK`` parameter of docker run. (see [below for nested schema](#nestedatt--container_definitions--health_check))
-- `hostname` (String) The hostname to use for your container. This parameter maps to ``Hostname`` in thethe docker conainer create command and the ``--hostname`` option to docker run.
+- `health_check` (Attributes) The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the docker container create command and the ``HEALTHCHECK`` parameter of docker run. (see [below for nested schema](#nestedatt--container_definitions--health_check))
+- `hostname` (String) The hostname to use for your container. This parameter maps to ``Hostname`` in thethe docker container create command and the ``--hostname`` option to docker run.
The ``hostname`` parameter is not supported if you're using the ``awsvpc`` network mode.
-- `interactive` (Boolean) When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the docker conainer create command and the ``--interactive`` option to docker run.
-- `links` (Set of String) The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to ``Links`` in the docker conainer create command and the ``--link`` option to docker run.
+- `interactive` (Boolean) When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the docker container create command and the ``--interactive`` option to docker run.
+- `links` (Set of String) The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to ``Links`` in the docker container create command and the ``--link`` option to docker run.
This parameter is not supported for Windows containers.
Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.
- `linux_parameters` (Attributes) Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html).
@@ -184,27 +184,27 @@ Optional:
If using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level ``memory`` and ``memoryReservation`` value, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.
The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.
The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.
-- `memory_reservation` (Number) The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the the docker conainer create command and the ``--memory-reservation`` option to docker run.
+- `memory_reservation` (Number) The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the docker container create command and the ``--memory-reservation`` option to docker run.
If a task-level memory value is not specified, you must specify a non-zero integer for one or both of ``memory`` or ``memoryReservation`` in a container definition. If you specify both, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.
For example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a ``memoryReservation`` of 128 MiB, and a ``memory`` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.
The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.
The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.
- `mount_points` (Attributes List) The mount points for data volumes in your container.
- This parameter maps to ``Volumes`` in the the docker conainer create command and the ``--volume`` option to docker run.
+ This parameter maps to ``Volumes`` in the docker container create command and the ``--volume`` option to docker run.
Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. (see [below for nested schema](#nestedatt--container_definitions--mount_points))
- `port_mappings` (Attributes Set) The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.
For task definitions that use the ``awsvpc`` network mode, you should only specify the ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``.
Port mappings on Windows use the ``NetNAT`` gateway address rather than ``localhost``. There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.
This parameter maps to ``PortBindings`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--publish`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). If the network mode of a task definition is set to ``none``, then you can't specify port mappings. If the network mode of a task definition is set to ``host``, then host ports must either be undefined or they must match the container port in the port mapping.
After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the ``networkBindings`` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses. (see [below for nested schema](#nestedatt--container_definitions--port_mappings))
-- `privileged` (Boolean) When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the the docker conainer create command and the ``--privileged`` option to docker run
+- `privileged` (Boolean) When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the docker container create command and the ``--privileged`` option to docker run
This parameter is not supported for Windows containers or tasks run on FARGATElong.
-- `pseudo_terminal` (Boolean) When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in tthe docker conainer create command and the ``--tty`` option to docker run.
-- `readonly_root_filesystem` (Boolean) When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the docker conainer create command and the ``--read-only`` option to docker run.
+- `pseudo_terminal` (Boolean) When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in tthe docker container create command and the ``--tty`` option to docker run.
+- `readonly_root_filesystem` (Boolean) When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the docker container create command and the ``--read-only`` option to docker run.
This parameter is not supported for Windows containers.
- `repository_credentials` (Attributes) The private repository authentication credentials to use. (see [below for nested schema](#nestedatt--container_definitions--repository_credentials))
- `resource_requirements` (Attributes List) The type and amount of a resource to assign to a container. The only supported resource is a GPU. (see [below for nested schema](#nestedatt--container_definitions--resource_requirements))
-- `restart_policy` (Attributes) (see [below for nested schema](#nestedatt--container_definitions--restart_policy))
+- `restart_policy` (Attributes) The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--restart_policy))
- `secrets` (Attributes List) The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. (see [below for nested schema](#nestedatt--container_definitions--secrets))
- `start_timeout` (Number) Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a ``COMPLETE``, ``SUCCESS``, or ``HEALTHY`` status. If a ``startTimeout`` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a ``STOPPED`` state.
When the ``ECS_CONTAINER_START_TIMEOUT`` container agent configuration variable is used, it's enforced independently from this start timeout value.
@@ -222,10 +222,10 @@ Optional:
The max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.
For tasks that use the EC2 launch type, if the ``stopTimeout`` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable ``ECS_CONTAINER_STOP_TIMEOUT`` is used. If neither the ``stopTimeout`` parameter or the ``ECS_CONTAINER_STOP_TIMEOUT`` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.
The valid values are 2-120 seconds.
-- `system_controls` (Attributes List) A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in tthe docker conainer create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. (see [below for nested schema](#nestedatt--container_definitions--system_controls))
+- `system_controls` (Attributes List) A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in tthe docker container create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. (see [below for nested schema](#nestedatt--container_definitions--system_controls))
- `ulimits` (Attributes List) A list of ``ulimits`` to set in the container. This parameter maps to ``Ulimits`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--ulimit`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
This parameter is not supported for Windows containers. (see [below for nested schema](#nestedatt--container_definitions--ulimits))
-- `user` (String) The user to use inside the container. This parameter maps to ``User`` in the docker conainer create command and the ``--user`` option to docker run.
+- `user` (String) The user to use inside the container. This parameter maps to ``User`` in the docker container create command and the ``--user`` option to docker run.
When running tasks using the ``host`` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security.
You can specify the ``user`` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.
+ ``user``
@@ -236,8 +236,8 @@ Optional:
+ ``uid:group``
This parameter is not supported for Windows containers.
-- `volumes_from` (Attributes Set) Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in tthe docker conainer create command and the ``--volumes-from`` option to docker run. (see [below for nested schema](#nestedatt--container_definitions--volumes_from))
-- `working_directory` (String) The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the docker conainer create command and the ``--workdir`` option to docker run.
+- `volumes_from` (Attributes Set) Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in tthe docker container create command and the ``--volumes-from`` option to docker run. (see [below for nested schema](#nestedatt--container_definitions--volumes_from))
+- `working_directory` (String) The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the docker container create command and the ``--workdir`` option to docker run.
### Nested Schema for `container_definitions.depends_on`
@@ -302,7 +302,7 @@ Optional:
``[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]``
You don't include the double quotes and brackets when you use the AWS Management Console.
``CMD-SHELL, curl -f http://localhost/ || exit 1``
- An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in tthe docker conainer create command
+ An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in tthe docker container create command
- `interval` (Number) The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds.
- `retries` (Number) The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3.
- `start_period` (Number) The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off.
@@ -317,7 +317,7 @@ Optional:
- `capabilities` (Attributes) The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.
For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later. (see [below for nested schema](#nestedatt--container_definitions--linux_parameters--capabilities))
-- `devices` (Attributes List) Any host devices to expose to the container. This parameter maps to ``Devices`` in tthe docker conainer create command and the ``--device`` option to docker run.
+- `devices` (Attributes List) Any host devices to expose to the container. This parameter maps to ``Devices`` in tthe docker container create command and the ``--device`` option to docker run.
If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported. (see [below for nested schema](#nestedatt--container_definitions--linux_parameters--devices))
- `init_process_enabled` (Boolean) Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``
- `max_swap` (Number) The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the ``--memory-swap`` option to docker run where the value would be the sum of the container memory plus the ``maxSwap`` value.
@@ -337,10 +337,10 @@ Optional:
Optional:
-- `add` (List of String) The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker conainer create command and the ``--cap-add`` option to docker run.
+- `add` (List of String) The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker container create command and the ``--cap-add`` option to docker run.
Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability.
Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"``
-- `drop` (List of String) The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker conainer create command and the ``--cap-drop`` option to docker run.
+- `drop` (List of String) The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker container create command and the ``--cap-drop`` option to docker run.
Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"``
@@ -479,9 +479,9 @@ Required:
Optional:
-- `enabled` (Boolean)
-- `ignored_exit_codes` (List of Number)
-- `restart_attempt_period` (Number)
+- `enabled` (Boolean) Specifies whether a restart policy is enabled for the container.
+- `ignored_exit_codes` (List of Number) A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.
+- `restart_attempt_period` (Number) A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every ``restartAttemptPeriod`` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum ``restartAttemptPeriod`` of 60 seconds and a maximum ``restartAttemptPeriod`` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.
@@ -630,9 +630,9 @@ Optional:
- `autoprovision` (Boolean) If this value is ``true``, the Docker volume is created if it doesn't already exist.
This field is only used if the ``scope`` is ``shared``.
-- `driver` (String) The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to ``Driver`` in the docker conainer create command and the ``xxdriver`` option to docker volume create.
+- `driver` (String) The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to ``Driver`` in the docker container create command and the ``xxdriver`` option to docker volume create.
- `driver_opts` (Map of String) A map of Docker driver-specific options passed through. This parameter maps to ``DriverOpts`` in the docker create-volume command and the ``xxopt`` option to docker volume create.
-- `labels` (Map of String) Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the docker conainer create command and the ``xxlabel`` option to docker volume create.
+- `labels` (Map of String) Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the docker container create command and the ``xxlabel`` option to docker volume create.
- `scope` (String) The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a ``task`` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as ``shared`` persist after the task stops.
@@ -678,8 +678,8 @@ Optional:
Required:
-- `credentials_parameter` (String)
-- `domain` (String)
+- `credentials_parameter` (String) The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an ASMlong secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.
+- `domain` (String) A fully qualified domain name hosted by an [](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.
diff --git a/docs/resources/mediaconnect_flow.md b/docs/resources/mediaconnect_flow.md
index d0e26630e..d3f96af35 100644
--- a/docs/resources/mediaconnect_flow.md
+++ b/docs/resources/mediaconnect_flow.md
@@ -26,6 +26,7 @@ Resource schema for AWS::MediaConnect::Flow
- `maintenance` (Attributes) The maintenance settings you want to use for the flow. (see [below for nested schema](#nestedatt--maintenance))
- `media_streams` (Attributes List) The media streams associated with the flow. You can associate any of these media streams with sources and outputs on the flow. (see [below for nested schema](#nestedatt--media_streams))
- `source_failover_config` (Attributes) The source failover config of the flow. (see [below for nested schema](#nestedatt--source_failover_config))
+- `source_monitoring_config` (Attributes) The source monitoring config of the flow. (see [below for nested schema](#nestedatt--source_monitoring_config))
- `vpc_interfaces` (Attributes List) The VPC interfaces that you added to this flow. (see [below for nested schema](#nestedatt--vpc_interfaces))
### Read-Only
@@ -205,6 +206,14 @@ Required:
+
+### Nested Schema for `source_monitoring_config`
+
+Required:
+
+- `thumbnail_state` (String) The state of thumbnail monitoring.
+
+
### Nested Schema for `vpc_interfaces`
diff --git a/docs/resources/medialive_channel_placement_group.md b/docs/resources/medialive_channel_placement_group.md
new file mode 100644
index 000000000..c0583cd8d
--- /dev/null
+++ b/docs/resources/medialive_channel_placement_group.md
@@ -0,0 +1,47 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_channel_placement_group Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::ChannelPlacementGroup Resource Type
+---
+
+# awscc_medialive_channel_placement_group (Resource)
+
+Definition of AWS::MediaLive::ChannelPlacementGroup Resource Type
+
+
+
+
+## Schema
+
+### Optional
+
+- `cluster_id` (String) The ID of the cluster the node is on.
+- `name` (String) The name of the channel placement group.
+- `nodes` (List of String) List of nodes added to the channel placement group
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+### Read-Only
+
+- `arn` (String) The ARN of the channel placement group.
+- `channel_placement_group_id` (String) Unique internal identifier.
+- `channels` (List of String) List of channel IDs added to the channel placement group.
+- `id` (String) Uniquely identifies the resource.
+- `state` (String) The current state of the ChannelPlacementGroupState
+
+
+### Nested Schema for `tags`
+
+Optional:
+
+- `key` (String)
+- `value` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_channel_placement_group.example "id|cluster_id"
+```
diff --git a/docs/resources/medialive_cloudwatch_alarm_template.md b/docs/resources/medialive_cloudwatch_alarm_template.md
new file mode 100644
index 000000000..74a0618ef
--- /dev/null
+++ b/docs/resources/medialive_cloudwatch_alarm_template.md
@@ -0,0 +1,53 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_template Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::CloudWatchAlarmTemplate Resource Type
+---
+
+# awscc_medialive_cloudwatch_alarm_template (Resource)
+
+Definition of AWS::MediaLive::CloudWatchAlarmTemplate Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `comparison_operator` (String) The comparison operator used to compare the specified statistic and the threshold.
+- `group_identifier` (String) A cloudwatch alarm template group's identifier. Can be either be its id or current name.
+- `metric_name` (String) The name of the metric associated with the alarm. Must be compatible with targetResourceType.
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+- `statistic` (String) The statistic to apply to the alarm's metric data.
+- `target_resource_type` (String) The resource type this template should dynamically generate cloudwatch metric alarms for.
+- `treat_missing_data` (String) Specifies how missing data points are treated when evaluating the alarm's condition.
+
+### Optional
+
+- `datapoints_to_alarm` (Number) The number of datapoints within the evaluation period that must be breaching to trigger the alarm.
+- `description` (String) A resource's optional description.
+- `evaluation_periods` (Number) The number of periods over which data is compared to the specified threshold.
+- `period` (Number) The period, in seconds, over which the specified statistic is applied.
+- `tags` (Map of String) Represents the tags associated with a resource.
+- `threshold` (Number) The threshold value to compare with the specified statistic.
+
+### Read-Only
+
+- `arn` (String) A cloudwatch alarm template's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_id` (String) A cloudwatch alarm template's id. AWS provided templates have ids that start with `aws-`
+- `created_at` (String)
+- `group_id` (String) A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`
+- `id` (String) Uniquely identifies the resource.
+- `identifier` (String)
+- `modified_at` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_cloudwatch_alarm_template.example "identifier"
+```
diff --git a/docs/resources/medialive_cloudwatch_alarm_template_group.md b/docs/resources/medialive_cloudwatch_alarm_template_group.md
new file mode 100644
index 000000000..37f1d1d0f
--- /dev/null
+++ b/docs/resources/medialive_cloudwatch_alarm_template_group.md
@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cloudwatch_alarm_template_group Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::CloudWatchAlarmTemplateGroup Resource Type
+---
+
+# awscc_medialive_cloudwatch_alarm_template_group (Resource)
+
+Definition of AWS::MediaLive::CloudWatchAlarmTemplateGroup Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+
+### Optional
+
+- `description` (String) A resource's optional description.
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+### Read-Only
+
+- `arn` (String) A cloudwatch alarm template group's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_group_id` (String) A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`
+- `created_at` (String)
+- `id` (String) Uniquely identifies the resource.
+- `identifier` (String)
+- `modified_at` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_cloudwatch_alarm_template_group.example "identifier"
+```
diff --git a/docs/resources/medialive_cluster.md b/docs/resources/medialive_cluster.md
new file mode 100644
index 000000000..f3fce9aa2
--- /dev/null
+++ b/docs/resources/medialive_cluster.md
@@ -0,0 +1,66 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_cluster Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::Cluster Resource Type
+---
+
+# awscc_medialive_cluster (Resource)
+
+Definition of AWS::MediaLive::Cluster Resource Type
+
+
+
+
+## Schema
+
+### Optional
+
+- `cluster_type` (String) The hardware type for the cluster.
+- `instance_role_arn` (String) The IAM role your nodes will use.
+- `name` (String) The user-specified name of the Cluster to be created.
+- `network_settings` (Attributes) On premises settings which will have the interface network mappings and default Output logical interface (see [below for nested schema](#nestedatt--network_settings))
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+### Read-Only
+
+- `arn` (String) The ARN of the Cluster.
+- `channel_ids` (List of String) The MediaLive Channels that are currently running on Nodes in this Cluster.
+- `cluster_id` (String) The unique ID of the Cluster.
+- `id` (String) Uniquely identifies the resource.
+- `state` (String) The current state of the Cluster.
+
+
+### Nested Schema for `network_settings`
+
+Optional:
+
+- `default_route` (String) Default value if the customer does not define it in channel Output API
+- `interface_mappings` (Attributes List) Network mappings for the cluster (see [below for nested schema](#nestedatt--network_settings--interface_mappings))
+
+
+### Nested Schema for `network_settings.interface_mappings`
+
+Optional:
+
+- `logical_interface_name` (String) logical interface name, unique in the list
+- `network_id` (String) Network Id to be associated with the logical interface name, can be duplicated in list
+
+
+
+
+### Nested Schema for `tags`
+
+Optional:
+
+- `key` (String)
+- `value` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_cluster.example "id"
+```
diff --git a/docs/resources/medialive_event_bridge_rule_template.md b/docs/resources/medialive_event_bridge_rule_template.md
new file mode 100644
index 000000000..2a5460fd6
--- /dev/null
+++ b/docs/resources/medialive_event_bridge_rule_template.md
@@ -0,0 +1,53 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_template Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::EventBridgeRuleTemplate Resource Type
+---
+
+# awscc_medialive_event_bridge_rule_template (Resource)
+
+Definition of AWS::MediaLive::EventBridgeRuleTemplate Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `event_type` (String) The type of event to match with the rule.
+- `group_identifier` (String) An eventbridge rule template group's identifier. Can be either be its id or current name.
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+
+### Optional
+
+- `description` (String) A resource's optional description.
+- `event_targets` (Attributes List) Placeholder documentation for __listOfEventBridgeRuleTemplateTarget (see [below for nested schema](#nestedatt--event_targets))
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+### Read-Only
+
+- `arn` (String) An eventbridge rule template's ARN (Amazon Resource Name)
+- `created_at` (String) Placeholder documentation for __timestampIso8601
+- `event_bridge_rule_template_id` (String) An eventbridge rule template's id. AWS provided templates have ids that start with `aws-`
+- `group_id` (String) An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`
+- `id` (String) Uniquely identifies the resource.
+- `identifier` (String) Placeholder documentation for __string
+- `modified_at` (String) Placeholder documentation for __timestampIso8601
+
+
+### Nested Schema for `event_targets`
+
+Required:
+
+- `arn` (String) Target ARNs must be either an SNS topic or CloudWatch log group.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_event_bridge_rule_template.example "identifier"
+```
diff --git a/docs/resources/medialive_event_bridge_rule_template_group.md b/docs/resources/medialive_event_bridge_rule_template_group.md
new file mode 100644
index 000000000..fdf9036cb
--- /dev/null
+++ b/docs/resources/medialive_event_bridge_rule_template_group.md
@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_event_bridge_rule_template_group Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::EventBridgeRuleTemplateGroup Resource Type
+---
+
+# awscc_medialive_event_bridge_rule_template_group (Resource)
+
+Definition of AWS::MediaLive::EventBridgeRuleTemplateGroup Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+
+### Optional
+
+- `description` (String) A resource's optional description.
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+### Read-Only
+
+- `arn` (String) An eventbridge rule template group's ARN (Amazon Resource Name)
+- `created_at` (String)
+- `event_bridge_rule_template_group_id` (String) An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`
+- `id` (String) Uniquely identifies the resource.
+- `identifier` (String)
+- `modified_at` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_event_bridge_rule_template_group.example "identifier"
+```
diff --git a/docs/resources/medialive_network.md b/docs/resources/medialive_network.md
new file mode 100644
index 000000000..d6a6374a3
--- /dev/null
+++ b/docs/resources/medialive_network.md
@@ -0,0 +1,67 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_network Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Resource schema for AWS::MediaLive::Network.
+---
+
+# awscc_medialive_network (Resource)
+
+Resource schema for AWS::MediaLive::Network.
+
+
+
+
+## Schema
+
+### Required
+
+- `ip_pools` (Attributes List) The list of IP address cidr pools for the network (see [below for nested schema](#nestedatt--ip_pools))
+- `name` (String) The user-specified name of the Network to be created.
+
+### Optional
+
+- `routes` (Attributes List) The routes for the network (see [below for nested schema](#nestedatt--routes))
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+### Read-Only
+
+- `arn` (String) The ARN of the Network.
+- `associated_cluster_ids` (List of String)
+- `id` (String) Uniquely identifies the resource.
+- `network_id` (String) The unique ID of the Network.
+- `state` (String) The current state of the Network.
+
+
+### Nested Schema for `ip_pools`
+
+Optional:
+
+- `cidr` (String) IP address cidr pool
+
+
+
+### Nested Schema for `routes`
+
+Optional:
+
+- `cidr` (String) Ip address cidr
+- `gateway` (String) IP address for the route packet paths
+
+
+
+### Nested Schema for `tags`
+
+Optional:
+
+- `key` (String)
+- `value` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_network.example "id"
+```
diff --git a/docs/resources/medialive_sdi_source.md b/docs/resources/medialive_sdi_source.md
new file mode 100644
index 000000000..66d5d85c1
--- /dev/null
+++ b/docs/resources/medialive_sdi_source.md
@@ -0,0 +1,50 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_sdi_source Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::SdiSource Resource Type
+---
+
+# awscc_medialive_sdi_source (Resource)
+
+Definition of AWS::MediaLive::SdiSource Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `name` (String) The name of the SdiSource.
+- `type` (String) The interface mode of the SdiSource.
+
+### Optional
+
+- `mode` (String) The current state of the SdiSource.
+- `tags` (Attributes List) A collection of key-value pairs. (see [below for nested schema](#nestedatt--tags))
+
+### Read-Only
+
+- `arn` (String) The unique arn of the SdiSource.
+- `id` (String) Uniquely identifies the resource.
+- `inputs` (List of String) The list of inputs currently using this SDI source.
+- `sdi_source_id` (String) The unique identifier of the SdiSource.
+- `state` (String) The current state of the SdiSource.
+
+
+### Nested Schema for `tags`
+
+Optional:
+
+- `key` (String)
+- `value` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_sdi_source.example "id"
+```
diff --git a/docs/resources/medialive_signal_map.md b/docs/resources/medialive_signal_map.md
new file mode 100644
index 000000000..2ada36bcc
--- /dev/null
+++ b/docs/resources/medialive_signal_map.md
@@ -0,0 +1,130 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_medialive_signal_map Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Definition of AWS::MediaLive::SignalMap Resource Type
+---
+
+# awscc_medialive_signal_map (Resource)
+
+Definition of AWS::MediaLive::SignalMap Resource Type
+
+
+
+
+## Schema
+
+### Required
+
+- `discovery_entry_point_arn` (String) A top-level supported AWS resource ARN to discovery a signal map from.
+- `name` (String) A resource's name. Names must be unique within the scope of a resource type in a specific region.
+
+### Optional
+
+- `cloudwatch_alarm_template_group_identifiers` (List of String)
+- `description` (String) A resource's optional description.
+- `event_bridge_rule_template_group_identifiers` (List of String)
+- `force_rediscovery` (Boolean) If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.
+- `tags` (Map of String) Represents the tags associated with a resource.
+
+### Read-Only
+
+- `arn` (String) A signal map's ARN (Amazon Resource Name)
+- `cloudwatch_alarm_template_group_ids` (List of String)
+- `created_at` (String)
+- `error_message` (String) Error message associated with a failed creation or failed update attempt of a signal map.
+- `event_bridge_rule_template_group_ids` (List of String)
+- `failed_media_resource_map` (Attributes Map) A map representing an incomplete AWS media workflow as a graph. (see [below for nested schema](#nestedatt--failed_media_resource_map))
+- `id` (String) Uniquely identifies the resource.
+- `identifier` (String)
+- `last_discovered_at` (String)
+- `last_successful_monitor_deployment` (Attributes) Represents the latest successful monitor deployment of a signal map. (see [below for nested schema](#nestedatt--last_successful_monitor_deployment))
+- `media_resource_map` (Attributes Map) A map representing an AWS media workflow as a graph. (see [below for nested schema](#nestedatt--media_resource_map))
+- `modified_at` (String)
+- `monitor_changes_pending_deployment` (Boolean) If true, there are pending monitor changes for this signal map that can be deployed.
+- `monitor_deployment` (Attributes) Represents the latest monitor deployment of a signal map. (see [below for nested schema](#nestedatt--monitor_deployment))
+- `signal_map_id` (String) A signal map's id.
+- `status` (String) A signal map's current status which is dependent on its lifecycle actions or associated jobs.
+
+
+### Nested Schema for `failed_media_resource_map`
+
+Read-Only:
+
+- `destinations` (Attributes List) (see [below for nested schema](#nestedatt--failed_media_resource_map--destinations))
+- `name` (String) The logical name of an AWS media resource.
+- `sources` (Attributes List) (see [below for nested schema](#nestedatt--failed_media_resource_map--sources))
+
+
+### Nested Schema for `failed_media_resource_map.destinations`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+### Nested Schema for `failed_media_resource_map.sources`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+
+### Nested Schema for `last_successful_monitor_deployment`
+
+Read-Only:
+
+- `details_uri` (String) URI associated with a signal map's monitor deployment.
+- `status` (String) A signal map's monitor deployment status.
+
+
+
+### Nested Schema for `media_resource_map`
+
+Read-Only:
+
+- `destinations` (Attributes List) (see [below for nested schema](#nestedatt--media_resource_map--destinations))
+- `name` (String) The logical name of an AWS media resource.
+- `sources` (Attributes List) (see [below for nested schema](#nestedatt--media_resource_map--sources))
+
+
+### Nested Schema for `media_resource_map.destinations`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+### Nested Schema for `media_resource_map.sources`
+
+Read-Only:
+
+- `arn` (String) The ARN of a resource used in AWS media workflows.
+- `name` (String) The logical name of an AWS media resource.
+
+
+
+
+### Nested Schema for `monitor_deployment`
+
+Read-Only:
+
+- `details_uri` (String) URI associated with a signal map's monitor deployment.
+- `error_message` (String) Error message associated with a failed monitor deployment of a signal map.
+- `status` (String) A signal map's monitor deployment status.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_medialive_signal_map.example "identifier"
+```
diff --git a/docs/resources/paymentcryptography_key.md b/docs/resources/paymentcryptography_key.md
index f16b0ccb0..906d87ba1 100644
--- a/docs/resources/paymentcryptography_key.md
+++ b/docs/resources/paymentcryptography_key.md
@@ -165,9 +165,6 @@ Optional:
Required:
- `key` (String)
-
-Optional:
-
- `value` (String)
## Import
diff --git a/docs/resources/pcaconnectorscep_challenge.md b/docs/resources/pcaconnectorscep_challenge.md
new file mode 100644
index 000000000..ae87ad76b
--- /dev/null
+++ b/docs/resources/pcaconnectorscep_challenge.md
@@ -0,0 +1,37 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_pcaconnectorscep_challenge Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Represents a SCEP Challenge that is used for certificate enrollment
+---
+
+# awscc_pcaconnectorscep_challenge (Resource)
+
+Represents a SCEP Challenge that is used for certificate enrollment
+
+
+
+
+## Schema
+
+### Required
+
+- `connector_arn` (String)
+
+### Optional
+
+- `tags` (Map of String)
+
+### Read-Only
+
+- `challenge_arn` (String)
+- `id` (String) Uniquely identifies the resource.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_pcaconnectorscep_challenge.example "challenge_arn"
+```
diff --git a/docs/resources/pcaconnectorscep_connector.md b/docs/resources/pcaconnectorscep_connector.md
new file mode 100644
index 000000000..05ff8d24a
--- /dev/null
+++ b/docs/resources/pcaconnectorscep_connector.md
@@ -0,0 +1,67 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_pcaconnectorscep_connector Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Represents a Connector that allows certificate issuance through Simple Certificate Enrollment Protocol (SCEP)
+---
+
+# awscc_pcaconnectorscep_connector (Resource)
+
+Represents a Connector that allows certificate issuance through Simple Certificate Enrollment Protocol (SCEP)
+
+
+
+
+## Schema
+
+### Required
+
+- `certificate_authority_arn` (String)
+
+### Optional
+
+- `mobile_device_management` (Attributes) (see [below for nested schema](#nestedatt--mobile_device_management))
+- `tags` (Map of String)
+
+### Read-Only
+
+- `connector_arn` (String)
+- `endpoint` (String)
+- `id` (String) Uniquely identifies the resource.
+- `open_id_configuration` (Attributes) (see [below for nested schema](#nestedatt--open_id_configuration))
+- `type` (String)
+
+
+### Nested Schema for `mobile_device_management`
+
+Optional:
+
+- `intune` (Attributes) (see [below for nested schema](#nestedatt--mobile_device_management--intune))
+
+
+### Nested Schema for `mobile_device_management.intune`
+
+Required:
+
+- `azure_application_id` (String)
+- `domain` (String)
+
+
+
+
+### Nested Schema for `open_id_configuration`
+
+Read-Only:
+
+- `audience` (String)
+- `issuer` (String)
+- `subject` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_pcaconnectorscep_connector.example "connector_arn"
+```
diff --git a/docs/resources/pipes_pipe.md b/docs/resources/pipes_pipe.md
index 266896fa8..8abbb83d9 100644
--- a/docs/resources/pipes_pipe.md
+++ b/docs/resources/pipes_pipe.md
@@ -185,6 +185,7 @@ resource "awscc_pipes_pipe" "example" {
- `desired_state` (String)
- `enrichment` (String)
- `enrichment_parameters` (Attributes) (see [below for nested schema](#nestedatt--enrichment_parameters))
+- `kms_key_identifier` (String)
- `log_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configuration))
- `name` (String)
- `source_parameters` (Attributes) (see [below for nested schema](#nestedatt--source_parameters))
diff --git a/docs/resources/sagemaker_domain.md b/docs/resources/sagemaker_domain.md
index 729fd3f9d..1470e52fe 100644
--- a/docs/resources/sagemaker_domain.md
+++ b/docs/resources/sagemaker_domain.md
@@ -182,10 +182,30 @@ Optional:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--app_lifecycle_management))
- `custom_images` (Attributes List) A list of custom images for use for CodeEditor apps. (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with CodeEditor apps.
+
+### Nested Schema for `default_user_settings.code_editor_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_user_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_user_settings.code_editor_app_settings.custom_images`
@@ -245,11 +265,31 @@ Required:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images for use for JupyterLab apps. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `default_user_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_user_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_user_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_user_settings.jupyter_lab_app_settings.code_repositories`
@@ -467,11 +507,31 @@ Required:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images for use for JupyterLab apps. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `default_space_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--default_space_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `default_space_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `default_space_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/resources/sagemaker_space.md b/docs/resources/sagemaker_space.md
index d22fb1bfb..7c41d809c 100644
--- a/docs/resources/sagemaker_space.md
+++ b/docs/resources/sagemaker_space.md
@@ -60,8 +60,25 @@ Optional:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--app_lifecycle_management))
- `default_resource_spec` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--default_resource_spec))
+
+### Nested Schema for `space_settings.code_editor_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--space_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `space_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The space idle timeout value set in minutes
+
+
+
### Nested Schema for `space_settings.code_editor_app_settings.default_resource_spec`
@@ -95,9 +112,26 @@ Required:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--code_repositories))
- `default_resource_spec` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--default_resource_spec))
+
+### Nested Schema for `space_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--space_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `space_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The space idle timeout value set in minutes
+
+
+
### Nested Schema for `space_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/resources/sagemaker_user_profile.md b/docs/resources/sagemaker_user_profile.md
index 265990351..27c402fb0 100644
--- a/docs/resources/sagemaker_user_profile.md
+++ b/docs/resources/sagemaker_user_profile.md
@@ -77,10 +77,30 @@ Optional:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--app_lifecycle_management))
- `custom_images` (Attributes List) A list of custom images for use for CodeEditor apps. (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with CodeEditor apps.
+
+### Nested Schema for `user_settings.code_editor_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--user_settings--code_editor_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `user_settings.code_editor_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `user_settings.code_editor_app_settings.custom_images`
@@ -140,11 +160,31 @@ Required:
Optional:
+- `app_lifecycle_management` (Attributes) (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--app_lifecycle_management))
- `code_repositories` (Attributes List) A list of CodeRepositories available for use with JupyterLab apps. (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--code_repositories))
- `custom_images` (Attributes List) A list of custom images available for use for JupyterLab apps (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--custom_images))
- `default_resource_spec` (Attributes) The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--default_resource_spec))
- `lifecycle_config_arns` (List of String) A list of LifecycleConfigArns available for use with JupyterLab apps.
+
+### Nested Schema for `user_settings.jupyter_lab_app_settings.app_lifecycle_management`
+
+Optional:
+
+- `idle_settings` (Attributes) (see [below for nested schema](#nestedatt--user_settings--jupyter_lab_app_settings--app_lifecycle_management--idle_settings))
+
+
+### Nested Schema for `user_settings.jupyter_lab_app_settings.app_lifecycle_management.idle_settings`
+
+Optional:
+
+- `idle_timeout_in_minutes` (Number) The idle timeout value set in minutes
+- `lifecycle_management` (String) A flag to enable/disable AppLifecycleManagement settings
+- `max_idle_timeout_in_minutes` (Number) The maximum idle timeout value set in minutes
+- `min_idle_timeout_in_minutes` (Number) The minimum idle timeout value set in minutes
+
+
+
### Nested Schema for `user_settings.jupyter_lab_app_settings.code_repositories`
diff --git a/docs/resources/sns_subscription.md b/docs/resources/sns_subscription.md
new file mode 100644
index 000000000..286423928
--- /dev/null
+++ b/docs/resources/sns_subscription.md
@@ -0,0 +1,46 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_sns_subscription Resource - terraform-provider-awscc"
+subcategory: ""
+description: |-
+ Resource Type definition for AWS::SNS::Subscription
+---
+
+# awscc_sns_subscription (Resource)
+
+Resource Type definition for AWS::SNS::Subscription
+
+
+
+
+## Schema
+
+### Required
+
+- `protocol` (String) The subscription's protocol.
+- `topic_arn` (String) The ARN of the topic to subscribe to.
+
+### Optional
+
+- `delivery_policy` (String) The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic.
+- `endpoint` (String) The subscription's endpoint. The endpoint value depends on the protocol that you specify.
+- `filter_policy` (String) The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages.
+- `filter_policy_scope` (String) This attribute lets you choose the filtering scope by using one of the following string value types: MessageAttributes (default) and MessageBody.
+- `raw_message_delivery` (Boolean) When set to true, enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints.
+- `redrive_policy` (String) When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors are held in the dead-letter queue for further analysis or reprocessing.
+- `region` (String) For cross-region subscriptions, the region in which the topic resides.If no region is specified, AWS CloudFormation uses the region of the caller as the default.
+- `replay_policy` (String) Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.
+- `subscription_role_arn` (String) This property applies only to Amazon Data Firehose delivery stream subscriptions.
+
+### Read-Only
+
+- `arn` (String) Arn of the subscription
+- `id` (String) Uniquely identifies the resource.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import awscc_sns_subscription.example "arn"
+```
diff --git a/examples/resources/awscc_medialive_channel_placement_group/import.sh b/examples/resources/awscc_medialive_channel_placement_group/import.sh
new file mode 100644
index 000000000..6667d0263
--- /dev/null
+++ b/examples/resources/awscc_medialive_channel_placement_group/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_channel_placement_group.example "id|cluster_id"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_cloudwatch_alarm_template/import.sh b/examples/resources/awscc_medialive_cloudwatch_alarm_template/import.sh
new file mode 100644
index 000000000..1c782f689
--- /dev/null
+++ b/examples/resources/awscc_medialive_cloudwatch_alarm_template/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_cloudwatch_alarm_template.example "identifier"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_cloudwatch_alarm_template_group/import.sh b/examples/resources/awscc_medialive_cloudwatch_alarm_template_group/import.sh
new file mode 100644
index 000000000..162bfc3e8
--- /dev/null
+++ b/examples/resources/awscc_medialive_cloudwatch_alarm_template_group/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_cloudwatch_alarm_template_group.example "identifier"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_cluster/import.sh b/examples/resources/awscc_medialive_cluster/import.sh
new file mode 100644
index 000000000..0b57f94ac
--- /dev/null
+++ b/examples/resources/awscc_medialive_cluster/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_cluster.example "id"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_event_bridge_rule_template/import.sh b/examples/resources/awscc_medialive_event_bridge_rule_template/import.sh
new file mode 100644
index 000000000..d3ccb799d
--- /dev/null
+++ b/examples/resources/awscc_medialive_event_bridge_rule_template/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_event_bridge_rule_template.example "identifier"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_event_bridge_rule_template_group/import.sh b/examples/resources/awscc_medialive_event_bridge_rule_template_group/import.sh
new file mode 100644
index 000000000..47de4656c
--- /dev/null
+++ b/examples/resources/awscc_medialive_event_bridge_rule_template_group/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_event_bridge_rule_template_group.example "identifier"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_network/import.sh b/examples/resources/awscc_medialive_network/import.sh
new file mode 100644
index 000000000..6281b3ac7
--- /dev/null
+++ b/examples/resources/awscc_medialive_network/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_network.example "id"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_sdi_source/import.sh b/examples/resources/awscc_medialive_sdi_source/import.sh
new file mode 100644
index 000000000..2fda0ce4c
--- /dev/null
+++ b/examples/resources/awscc_medialive_sdi_source/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_sdi_source.example "id"
\ No newline at end of file
diff --git a/examples/resources/awscc_medialive_signal_map/import.sh b/examples/resources/awscc_medialive_signal_map/import.sh
new file mode 100644
index 000000000..af163c8c7
--- /dev/null
+++ b/examples/resources/awscc_medialive_signal_map/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_medialive_signal_map.example "identifier"
\ No newline at end of file
diff --git a/examples/resources/awscc_pcaconnectorscep_challenge/import.sh b/examples/resources/awscc_pcaconnectorscep_challenge/import.sh
new file mode 100644
index 000000000..22c25fdfd
--- /dev/null
+++ b/examples/resources/awscc_pcaconnectorscep_challenge/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_pcaconnectorscep_challenge.example "challenge_arn"
\ No newline at end of file
diff --git a/examples/resources/awscc_pcaconnectorscep_connector/import.sh b/examples/resources/awscc_pcaconnectorscep_connector/import.sh
new file mode 100644
index 000000000..c274c161f
--- /dev/null
+++ b/examples/resources/awscc_pcaconnectorscep_connector/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_pcaconnectorscep_connector.example "connector_arn"
\ No newline at end of file
diff --git a/examples/resources/awscc_sns_subscription/import.sh b/examples/resources/awscc_sns_subscription/import.sh
new file mode 100644
index 000000000..7cbc9ff9e
--- /dev/null
+++ b/examples/resources/awscc_sns_subscription/import.sh
@@ -0,0 +1 @@
+$ terraform import awscc_sns_subscription.example "arn"
\ No newline at end of file