Merge pull request #2077 from hashicorp/f-10-24-2024-schema-updates

10-24-2024 Schema Updates

CHANGELOG.md

@@ -2,9 +2,25 @@
 
 FEATURES:
 
+* **New Data Source:** `awscc_appsync_graph_ql_api`
+* **New Data Source:** `awscc_appsync_graph_ql_apis`
+* **New Data Source:** `awscc_backup_logically_air_gapped_backup_vault`
+* **New Data Source:** `awscc_backup_logically_air_gapped_backup_vaults`
+* **New Data Source:** `awscc_cognito_user_pool_identity_provider`
 * **New Data Source:** `awscc_controltower_landing_zone`
 * **New Data Source:** `awscc_controltower_landing_zones`
+* **New Data Source:** `awscc_redshift_integration`
+* **New Data Source:** `awscc_redshift_integrations`
+* **New Data Source:** `awscc_route53_record_set`
+* **New Data Source:** `awscc_sagemaker_endpoint`
+* **New Data Source:** `awscc_sagemaker_endpoints`
+* **New Resource:** `awscc_appsync_graph_ql_api`
+* **New Resource:** `awscc_backup_logically_air_gapped_backup_vault`
+* **New Resource:** `awscc_cognito_user_pool_identity_provider`
 * **New Resource:** `awscc_controltower_landing_zone`
+* **New Resource:** `awscc_redshift_integration`
+* **New Resource:** `awscc_route53_record_set`
+* **New Resource:** `awscc_sagemaker_endpoint`
 
 ## 1.17.0 (October 17, 2024)
 

docs/data-sources/apigateway_vpc_link.md

@@ -21,10 +21,10 @@ Data Source schema for AWS::ApiGateway::VpcLink
 
 ### Read-Only
 
-- `description` (String) The description of the VPC link.
-- `name` (String) The name used to label and identify the VPC link.
+- `description` (String)
+- `name` (String)
 - `tags` (Attributes Set) An array of arbitrary tags (key-value pairs) to associate with the VPC link. (see [below for nested schema](#nestedatt--tags))
-- `target_arns` (List of String) The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS-account of the API owner.
+- `target_arns` (List of String)
 - `vpc_link_id` (String)
 
 <a id="nestedatt--tags"></a>

docs/data-sources/apigatewayv2_domain_name.md

@@ -21,7 +21,7 @@ Data Source schema for AWS::ApiGatewayV2::DomainName
 
 ### Read-Only
 
-- `domain_name` (String) The custom domain name for your API in Amazon API Gateway. Uppercase letters are not supported.
+- `domain_name` (String) The custom domain name for your API in Amazon API Gateway. Uppercase letters and the underscore (``_``) character are not supported.
 - `domain_name_configurations` (Attributes List) The domain name configurations. (see [below for nested schema](#nestedatt--domain_name_configurations))
 - `mutual_tls_authentication` (Attributes) The mutual TLS authentication configuration for a custom domain name. (see [below for nested schema](#nestedatt--mutual_tls_authentication))
 - `regional_domain_name` (String)

docs/data-sources/appsync_graph_ql_api.md

@@ -0,0 +1,150 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_appsync_graph_ql_api Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Data Source schema for AWS::AppSync::GraphQLApi
+---
+
+# awscc_appsync_graph_ql_api (Data Source)
+
+Data Source schema for AWS::AppSync::GraphQLApi
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `additional_authentication_providers` (Attributes List) A list of additional authentication providers for the GraphqlApi API. (see [below for nested schema](#nestedatt--additional_authentication_providers))
+- `api_id` (String) Unique AWS AppSync GraphQL API identifier.
+- `api_type` (String) The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
+- `arn` (String) The Amazon Resource Name (ARN) of the API key
+- `authentication_type` (String) Security configuration for your GraphQL API
+- `enhanced_metrics_config` (Attributes) Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent. (see [below for nested schema](#nestedatt--enhanced_metrics_config))
+- `environment_variables` (Map of String) A map containing the list of resources with their properties and environment variables.
+- `graph_ql_dns` (String) The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
+- `graph_ql_endpoint_arn` (String) The GraphQL endpoint ARN.
+- `graph_ql_url` (String) The Endpoint URL of your GraphQL API.
+- `introspection_config` (String) Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
+- `lambda_authorizer_config` (Attributes) A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time. (see [below for nested schema](#nestedatt--lambda_authorizer_config))
+- `log_config` (Attributes) The Amazon CloudWatch Logs configuration. (see [below for nested schema](#nestedatt--log_config))
+- `merged_api_execution_role_arn` (String) The AWS Identity and Access Management service role ARN for a merged API.
+- `name` (String) The API name
+- `open_id_connect_config` (Attributes) The OpenID Connect configuration. (see [below for nested schema](#nestedatt--open_id_connect_config))
+- `owner_contact` (String) The owner contact information for an API resource.
+- `query_depth_limit` (Number) The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
+- `realtime_dns` (String) The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
+- `realtime_url` (String) The GraphQL API real-time endpoint URL.
+- `resolver_count_limit` (Number) The maximum number of resolvers that can be invoked in a single request.
+- `tags` (Attributes List) An arbitrary set of tags (key-value pairs) for this GraphQL API. (see [below for nested schema](#nestedatt--tags))
+- `user_pool_config` (Attributes) Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint. (see [below for nested schema](#nestedatt--user_pool_config))
+- `visibility` (String) Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
+- `xray_enabled` (Boolean) A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.
+
+<a id="nestedatt--additional_authentication_providers"></a>
+### Nested Schema for `additional_authentication_providers`
+
+Read-Only:
+
+- `authentication_type` (String) The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
+- `lambda_authorizer_config` (Attributes) (see [below for nested schema](#nestedatt--additional_authentication_providers--lambda_authorizer_config))
+- `open_id_connect_config` (Attributes) (see [below for nested schema](#nestedatt--additional_authentication_providers--open_id_connect_config))
+- `user_pool_config` (Attributes) (see [below for nested schema](#nestedatt--additional_authentication_providers--user_pool_config))
+
+<a id="nestedatt--additional_authentication_providers--lambda_authorizer_config"></a>
+### Nested Schema for `additional_authentication_providers.lambda_authorizer_config`
+
+Read-Only:
+
+- `authorizer_result_ttl_in_seconds` (Number) The number of seconds a response should be cached for.
+- `authorizer_uri` (String) The ARN of the Lambda function to be called for authorization.
+- `identity_validation_expression` (String) A regular expression for validation of tokens before the Lambda function is called.
+
+
+<a id="nestedatt--additional_authentication_providers--open_id_connect_config"></a>
+### Nested Schema for `additional_authentication_providers.open_id_connect_config`
+
+Read-Only:
+
+- `auth_ttl` (Number) The number of milliseconds that a token is valid after being authenticated.
+- `client_id` (String) The client identifier of the Relying party at the OpenID identity provider.
+- `iat_ttl` (Number) The number of milliseconds that a token is valid after it's issued to a user.
+- `issuer` (String) The issuer for the OIDC configuration.
+
+
+<a id="nestedatt--additional_authentication_providers--user_pool_config"></a>
+### Nested Schema for `additional_authentication_providers.user_pool_config`
+
+Read-Only:
+
+- `app_id_client_regex` (String) A regular expression for validating the incoming Amazon Cognito user pool app client ID.
+- `aws_region` (String) The AWS Region in which the user pool was created.
+- `user_pool_id` (String) The user pool ID
+
+
+
+<a id="nestedatt--enhanced_metrics_config"></a>
+### Nested Schema for `enhanced_metrics_config`
+
+Read-Only:
+
+- `data_source_level_metrics_behavior` (String) Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
+- `operation_level_metrics_config` (String) Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
+- `resolver_level_metrics_behavior` (String) Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:
+
+
+<a id="nestedatt--lambda_authorizer_config"></a>
+### Nested Schema for `lambda_authorizer_config`
+
+Read-Only:
+
+- `authorizer_result_ttl_in_seconds` (Number) The number of seconds a response should be cached for.
+- `authorizer_uri` (String) The ARN of the Lambda function to be called for authorization.
+- `identity_validation_expression` (String) A regular expression for validation of tokens before the Lambda function is called.
+
+
+<a id="nestedatt--log_config"></a>
+### Nested Schema for `log_config`
+
+Read-Only:
+
+- `cloudwatch_logs_role_arn` (String) The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
+- `exclude_verbose_content` (Boolean) Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
+- `field_log_level` (String) The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.
+
+
+<a id="nestedatt--open_id_connect_config"></a>
+### Nested Schema for `open_id_connect_config`
+
+Read-Only:
+
+- `auth_ttl` (Number) The number of milliseconds that a token is valid after being authenticated.
+- `client_id` (String) The client identifier of the Relying party at the OpenID identity provider.
+- `iat_ttl` (Number) The number of milliseconds that a token is valid after it's issued to a user.
+- `issuer` (String) The issuer for the OIDC configuration.
+
+
+<a id="nestedatt--tags"></a>
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)
+
+
+<a id="nestedatt--user_pool_config"></a>
+### Nested Schema for `user_pool_config`
+
+Read-Only:
+
+- `app_id_client_regex` (String) A regular expression for validating the incoming Amazon Cognito user pool app client ID.
+- `aws_region` (String) The AWS Region in which the user pool was created.
+- `default_action` (String) The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
+- `user_pool_id` (String) The user pool ID.

docs/data-sources/appsync_graph_ql_apis.md

@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_appsync_graph_ql_apis Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Plural Data Source schema for AWS::AppSync::GraphQLApi
+---
+
+# awscc_appsync_graph_ql_apis (Data Source)
+
+Plural Data Source schema for AWS::AppSync::GraphQLApi
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.

docs/data-sources/autoscaling_auto_scaling_group.md

@@ -43,7 +43,7 @@ Data Source schema for AWS::AutoScaling::AutoScalingGroup
 - `health_check_grace_period` (Number) The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service and marking it unhealthy due to a failed health check. This is useful if your instances do not immediately pass their health checks after they enter the ``InService`` state. For more information, see [Set the health check grace period for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/health-check-grace-period.html) in the *Amazon EC2 Auto Scaling User Guide*.
  Default: ``0`` seconds
 - `health_check_type` (String) A comma-separated value string of one or more health check types.
- The valid values are ``EC2``, ``ELB``, and ``VPC_LATTICE``. ``EC2`` is the default health check and cannot be disabled. For more information, see [Health checks for instances in an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-health-checks.html) in the *Amazon EC2 Auto Scaling User Guide*.
+ The valid values are ``EC2``, ``EBS``, ``ELB``, and ``VPC_LATTICE``. ``EC2`` is the default health check and cannot be disabled. For more information, see [Health checks for instances in an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-health-checks.html) in the *Amazon EC2 Auto Scaling User Guide*.
  Only specify ``EC2`` if you must clear a value that was previously set.
 - `instance_id` (String) The ID of the instance used to base the launch configuration on. For more information, see [Create an Auto Scaling group using an EC2 instance](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) in the *Amazon EC2 Auto Scaling User Guide*.
  If you specify ``LaunchTemplate``, ``MixedInstancesPolicy``, or ``LaunchConfigurationName``, don't specify ``InstanceId``.
@@ -74,6 +74,7 @@ Data Source schema for AWS::AutoScaling::AutoScalingGroup
 - `target_group_ar_ns` (List of String) The Amazon Resource Names (ARN) of the Elastic Load Balancing target groups to associate with the Auto Scaling group. Instances are registered as targets with the target groups. The target groups receive incoming traffic and route requests to one or more registered targets. For more information, see [Use Elastic Load Balancing to distribute traffic across the instances in your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) in the *Amazon EC2 Auto Scaling User Guide*.
 - `termination_policies` (List of String) A policy or a list of policies that are used to select the instance to terminate. These policies are executed in the order that you list them. For more information, see [Configure termination policies for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-termination-policies.html) in the *Amazon EC2 Auto Scaling User Guide*.
  Valid values: ``Default`` | ``AllocationStrategy`` | ``ClosestToNextInstanceHour`` | ``NewestInstance`` | ``OldestInstance`` | ``OldestLaunchConfiguration`` | ``OldestLaunchTemplate`` | ``arn:aws:lambda:region:account-id:function:my-function:my-alias``
+- `traffic_sources` (Attributes Set) (see [below for nested schema](#nestedatt--traffic_sources))
 - `vpc_zone_identifier` (List of String) A list of subnet IDs for a virtual private cloud (VPC) where instances in the Auto Scaling group can be created.
  If this resource specifies public subnets and is also in a VPC that is defined in the same stack template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the [VPC-gateway attachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html).
   When you update ``VPCZoneIdentifier``, this retains the same Auto Scaling group and replaces old instances with new ones, according to the specified subnets. You can optionally specify how CloudFormation handles these updates by using an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html).
@@ -455,3 +456,12 @@ Read-Only:
 - `key` (String) The tag key.
 - `propagate_at_launch` (Boolean) Set to ``true`` if you want CloudFormation to copy the tag to EC2 instances that are launched as part of the Auto Scaling group. Set to ``false`` if you want the tag attached only to the Auto Scaling group and not copied to any instances launched as part of the Auto Scaling group.
 - `value` (String) The tag value.
+
+
+<a id="nestedatt--traffic_sources"></a>
+### Nested Schema for `traffic_sources`
+
+Read-Only:
+
+- `identifier` (String)
+- `type` (String)

docs/data-sources/backup_logically_air_gapped_backup_vault.md

@@ -0,0 +1,41 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_backup_logically_air_gapped_backup_vault Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Data Source schema for AWS::Backup::LogicallyAirGappedBackupVault
+---
+
+# awscc_backup_logically_air_gapped_backup_vault (Data Source)
+
+Data Source schema for AWS::Backup::LogicallyAirGappedBackupVault
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `access_policy` (String)
+- `backup_vault_arn` (String)
+- `backup_vault_name` (String)
+- `backup_vault_tags` (Map of String)
+- `encryption_key_arn` (String)
+- `max_retention_days` (Number)
+- `min_retention_days` (Number)
+- `notifications` (Attributes) (see [below for nested schema](#nestedatt--notifications))
+- `vault_state` (String)
+- `vault_type` (String)
+
+<a id="nestedatt--notifications"></a>
+### Nested Schema for `notifications`
+
+Read-Only:
+
+- `backup_vault_events` (List of String)
+- `sns_topic_arn` (String)

docs/data-sources/backup_logically_air_gapped_backup_vaults.md

@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_backup_logically_air_gapped_backup_vaults Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Plural Data Source schema for AWS::Backup::LogicallyAirGappedBackupVault
+---
+
+# awscc_backup_logically_air_gapped_backup_vaults (Data Source)
+
+Plural Data Source schema for AWS::Backup::LogicallyAirGappedBackupVault
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.

docs/data-sources/cognito_user_pool_identity_provider.md

@@ -0,0 +1,29 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_cognito_user_pool_identity_provider Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Data Source schema for AWS::Cognito::UserPoolIdentityProvider
+---
+
+# awscc_cognito_user_pool_identity_provider (Data Source)
+
+Data Source schema for AWS::Cognito::UserPoolIdentityProvider
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `attribute_mapping` (Map of String)
+- `idp_identifiers` (List of String)
+- `provider_details` (Map of String)
+- `provider_name` (String)
+- `provider_type` (String)
+- `user_pool_id` (String)

docs/data-sources/ec2_capacity_reservation.md

@@ -37,6 +37,7 @@ Data Source schema for AWS::EC2::CapacityReservation
 - `tag_specifications` (Attributes List) (see [below for nested schema](#nestedatt--tag_specifications))
 - `tenancy` (String)
 - `total_instance_count` (Number)
+- `unused_reservation_billing_owner_id` (String)
 
 <a id="nestedatt--tag_specifications"></a>
 ### Nested Schema for `tag_specifications`