Schema Docs
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - bucketName | No | string | No | - | S3 bucket name for project storage (scripts, artifacts, temp files). Auto-resolved from project when projectName is set. Use cases: Script storage; Processing artifacts; Centralized project storage AWS: S3 bucket Validation: Optional; auto-wired from project if projectName provided |
| - datasets | No | object | No | - | Map of dataset names to DataBrew dataset definitions for data source configuration. Use cases: Data source connections; Format-specific dataset configuration AWS: AWS Glue DataBrew datasets Validation: Optional; map of string to DatasetProps |
| - deploymentRoleArn | No | string | No | - | IAM role ARN for deployment operations and resource management. Auto-resolved from project when projectName is set. Use cases: Deployment permissions; Resource provisioning AWS: IAM role Validation: Optional; auto-wired from project if projectName provided |
| - jobs | No | object | No | - | Map of job names to DataBrew job definitions for automated data preparation and profiling. Use cases: Automated data preparation; Scheduled profiling; Transformation jobs AWS: AWS Glue DataBrew jobs Validation: Optional; map of string to DataBrewJobProps |
| - kmsArn | No | string | No | - | KMS key ARN for encrypting DataOps resources and data. Auto-resolved from project when projectName is set. Use cases: Data encryption; Security compliance AWS: KMS key Validation: Optional; auto-wired from project if projectName provided |
| - nag_suppressions | No | object | No | In #/definitions/MdaaNagSuppressionConfigs | Q-ENHANCED-PROPERTY Optional CDK Nag suppression configurations for compliance rule management enabling controlled security rule exceptions and compliance documentation. Provides structured approach to managing security rule suppressions with proper justification and documentation for compliance auditing. Use cases: Compliance management; Security rule exceptions; Audit documentation; Controlled suppressions AWS: CDK Nag suppressions for compliance rule management and security exception documentation Validation: Must be valid MdaaNagSuppressionConfigs if provided; enables structured compliance rule management |
| - notificationTopicArn | No | string | No | - | SNS topic ARN for job notifications and workflow alerts. Auto-resolved from project when projectName is set. Use cases: Job failure alerts; Workflow status notifications AWS: SNS topic Validation: Optional; auto-wired from project if projectName provided |
| - projectName | No | string | No | - | DataOps project name for DataBrew resource autowiring. Use cases: Project integration; Shared infrastructure reuse AWS: DataOps project reference Validation: Optional; must match an existing deployed project |
| - recipes | No | object | No | - | Map of recipe names to DataBrew recipe definitions for reusable data transformations. Use cases: Reusable transformation workflows; Data cleansing operations AWS: AWS Glue DataBrew recipes Validation: Optional; map of string to RecipeProps |
| - sagemakerBlueprint | No | object | No | In #/definitions/MdaaSageMakerCustomBluePrintConfig | Q-ENHANCED-PROPERTY Optional SageMaker blueprint configuration for governed self-service deployment enabling controlled infrastructure provisioning and governance. When specified, deploys the module as a SageMaker blueprint instead of direct deployment for governed access and compliance. Use cases: Governed deployment; Self-service provisioning; SageMaker integration; Controlled access AWS: SageMaker blueprint configuration for governed infrastructure deployment and self-service provisioning Validation: Must be valid MdaaServiceCatalogProductConfig if provided; enables SageMaker deployment mode |
| - securityConfigurationName | No | string | No | - | Glue security configuration name for job encryption (at rest, in transit, CloudWatch logs). Auto-resolved from project when projectName is set. Use cases: Job encryption; Security compliance AWS: Glue security configuration Validation: Optional; auto-wired from project if projectName provided |
| - service_catalog_product_config | No | object | No | In #/definitions/MdaaServiceCatalogProductConfig | Q-ENHANCED-PROPERTY Optional Service Catalog product configuration for governed self-service deployment enabling controlled infrastructure provisioning and governance. When specified, deploys the module as a Service Catalog product instead of direct deployment for governed access and compliance. Use cases: Governed deployment; Self-service provisioning; Service Catalog integration; Controlled access AWS: Service Catalog product configuration for governed infrastructure deployment and self-service provisioning Validation: Must be valid MdaaServiceCatalogProductConfig if provided; enables Service Catalog deployment mode |
1. Property root > bucketName
| Type | string |
| Required | No |
Description: S3 bucket name for project storage (scripts, artifacts, temp files). Auto-resolved from project when projectName is set.
Use cases: Script storage; Processing artifacts; Centralized project storage
AWS: S3 bucket
Validation: Optional; auto-wired from project if projectName provided
2. Property root > datasets
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Map of dataset names to DataBrew dataset definitions for data source configuration.
Use cases: Data source connections; Format-specific dataset configuration
AWS: AWS Glue DataBrew datasets
Validation: Optional; map of string to DatasetProps
2.1. Property root > datasets > DatasetProps
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/DatasetProps |
Description: Configuration for a DataBrew dataset with S3 and Glue Data Catalog integration.
Use cases: S3 data source configuration; Glue catalog integration; Dataset discovery; Data source management
AWS: DataBrew dataset configuration with S3 and Glue Data Catalog source integration
Validation: input is required; format and options must be compatible with data source
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - format | No | string | No | - | File format for S3-based datasets (e.g., CSV, JSON, Parquet). |
| - formatOptions | No | Combination | No | - | Format options for data interpretation including delimiters, headers, and encoding. |
| + input | No | Combination | No | - | Input configuration defining data source location from S3 or Glue Data Catalog. |
| - pathOptions | No | Combination | No | - | Path options for S3 path structure interpretation and file organization. |
2.1.1. Property root > datasets > additionalProperties > format
| Type | string |
| Required | No |
Description: File format for S3-based datasets (e.g., CSV, JSON, Parquet).
2.1.2. Property root > datasets > additionalProperties > formatOptions
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Format options for data interpretation including delimiters, headers, and encoding.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.FormatOptionsProperty |
2.1.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/IResolvable |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + creationStack | No | array of string | No | - | The creation stack of this resolvable which will be appended to errors thrown during resolution. This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons. |
| - typeHint | No | enum (of string) | No | - | The type that this token will likely resolve to. |
2.1.2.1.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 0 > creationStack
| Type | array of string |
| Required | Yes |
Description: The creation stack of this resolvable which will be appended to errors thrown during resolution.
This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| creationStack items | - |
2.1.2.1.1.1. root > datasets > additionalProperties > formatOptions > anyOf > item 0 > creationStack > creationStack items
| Type | string |
| Required | No |
2.1.2.1.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 0 > typeHint
| Type | enum (of string) |
| Required | No |
Description: The type that this token will likely resolve to.
Must be one of: * "number" * "string" * "string-list"
2.1.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > CfnDataset.FormatOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.FormatOptionsProperty |
Description: Represents a set of options that define the structure of either comma-separated value (CSV), Excel, or JSON input.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - csv | No | Combination | No | - | Options that define how CSV input is to be interpreted by DataBrew. |
| - excel | No | Combination | No | - | Options that define how Excel input is to be interpreted by DataBrew. |
| - json | No | Combination | No | - | Options that define how JSON input is to be interpreted by DataBrew. |
2.1.2.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Options that define how CSV input is to be interpreted by DataBrew.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.CsvOptionsProperty |
2.1.2.2.1.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.1.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > CfnDataset.CsvOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.CsvOptionsProperty |
Description: Represents a set of options that define how DataBrew will read a comma-separated value (CSV) file when creating a dataset from that file.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - delimiter | No | string | No | - | A single character that specifies the delimiter being used in the CSV file. |
| - headerRow | No | Combination | No | - | A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated. |
2.1.2.2.1.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > item 1 > delimiter
| Type | string |
| Required | No |
Description: A single character that specifies the delimiter being used in the CSV file.
2.1.2.2.1.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > item 1 > headerRow
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A variable that specifies whether the first row in the file is parsed as the header.
If this value is false, column names are auto-generated.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.2.2.1.2.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > item 1 > headerRow > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.1.2.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > csv > anyOf > item 1 > headerRow > anyOf > item 1
| Type | boolean |
| Required | No |
2.1.2.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Options that define how Excel input is to be interpreted by DataBrew.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.ExcelOptionsProperty |
2.1.2.2.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > CfnDataset.ExcelOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.ExcelOptionsProperty |
Description: Represents a set of options that define how DataBrew will interpret a Microsoft Excel file when creating a dataset from that file.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - headerRow | No | Combination | No | - | A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated. |
| - sheetIndexes | No | Combination | No | - | One or more sheet numbers in the Excel file that will be included in the dataset. |
| - sheetNames | No | array of string | No | - | One or more named sheets in the Excel file that will be included in the dataset. |
2.1.2.2.2.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > headerRow
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A variable that specifies whether the first row in the file is parsed as the header.
If this value is false, column names are auto-generated.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.2.2.2.2.1.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > headerRow > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.2.2.1.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > headerRow > anyOf > item 1
| Type | boolean |
| Required | No |
2.1.2.2.2.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetIndexes
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: One or more sheet numbers in the Excel file that will be included in the dataset.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.2.2.2.2.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetIndexes > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.2.2.2.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetIndexes > anyOf > item 1
| Type | array of number |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
2.1.2.2.2.2.2.2.1. root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetIndexes > anyOf > item 1 > item 1 items
| Type | number |
| Required | No |
2.1.2.2.2.2.3. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetNames
| Type | array of string |
| Required | No |
Description: One or more named sheets in the Excel file that will be included in the dataset.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| sheetNames items | - |
2.1.2.2.2.2.3.1. root > datasets > additionalProperties > formatOptions > anyOf > item 1 > excel > anyOf > item 1 > sheetNames > sheetNames items
| Type | string |
| Required | No |
2.1.2.2.3. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Options that define how JSON input is to be interpreted by DataBrew.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.JsonOptionsProperty |
2.1.2.2.3.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.3.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json > anyOf > CfnDataset.JsonOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.JsonOptionsProperty |
Description: Represents the JSON-specific options that define how input is to be interpreted by AWS Glue DataBrew .
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - multiLine | No | Combination | No | - | A value that specifies whether JSON input contains embedded new line characters. |
2.1.2.2.3.2.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json > anyOf > item 1 > multiLine
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A value that specifies whether JSON input contains embedded new line characters.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.2.2.3.2.1.1. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json > anyOf > item 1 > multiLine > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.2.2.3.2.1.2. Property root > datasets > additionalProperties > formatOptions > anyOf > item 1 > json > anyOf > item 1 > multiLine > anyOf > item 1
| Type | boolean |
| Required | No |
2.1.3. Property root > datasets > additionalProperties > input
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Input configuration defining data source location from S3 or Glue Data Catalog.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.InputProperty |
2.1.3.1. Property root > datasets > additionalProperties > input > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2. Property root > datasets > additionalProperties > input > anyOf > CfnDataset.InputProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.InputProperty |
Description: Represents information on how DataBrew can find data, in either the AWS Glue Data Catalog or Amazon S3.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - dataCatalogInputDefinition | No | Combination | No | - | The AWS Glue Data Catalog parameters for the data. |
| - databaseInputDefinition | No | Combination | No | - | Connection information for dataset input files stored in a database. |
| - metadata | No | Combination | No | - | Contains additional resource information needed for specific datasets. |
| - s3InputDefinition | No | Combination | No | - | The Amazon S3 location where the data is stored. |
2.1.3.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: The AWS Glue Data Catalog parameters for the data.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.DataCatalogInputDefinitionProperty |
2.1.3.2.1.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.1.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > CfnDataset.DataCatalogInputDefinitionProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.DataCatalogInputDefinitionProperty |
Description: Represents how metadata stored in the AWS Glue Data Catalog is defined in a DataBrew dataset.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - catalogId | No | string | No | - | The unique identifier of the AWS account that holds the Data Catalog that stores the data. |
| - databaseName | No | string | No | - | The name of a database in the Data Catalog. |
| - tableName | No | string | No | - | The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset. |
| - tempDirectory | No | Combination | No | - | An Amazon location that AWS Glue Data Catalog can use as a temporary directory. |
2.1.3.2.1.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > catalogId
| Type | string |
| Required | No |
Description: The unique identifier of the AWS account that holds the Data Catalog that stores the data.
2.1.3.2.1.2.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > databaseName
| Type | string |
| Required | No |
Description: The name of a database in the Data Catalog.
2.1.3.2.1.2.3. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tableName
| Type | string |
| Required | No |
Description: The name of a database table in the Data Catalog.
This table corresponds to a DataBrew dataset.
2.1.3.2.1.2.4. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: An Amazon location that AWS Glue Data Catalog can use as a temporary directory.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.S3LocationProperty |
2.1.3.2.1.2.4.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.1.2.4.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory > anyOf > CfnDataset.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.S3LocationProperty |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + bucket | No | string | No | - | The Amazon S3 bucket name. |
| - bucketOwner | No | string | No | - | The AWS account ID of the bucket owner. |
| - key | No | string | No | - | The unique name of the object in the bucket. |
2.1.3.2.1.2.4.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory > anyOf > item 1 > bucket
| Type | string |
| Required | Yes |
Description: The Amazon S3 bucket name.
2.1.3.2.1.2.4.2.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory > anyOf > item 1 > bucketOwner
| Type | string |
| Required | No |
Description: The AWS account ID of the bucket owner.
2.1.3.2.1.2.4.2.3. Property root > datasets > additionalProperties > input > anyOf > item 1 > dataCatalogInputDefinition > anyOf > item 1 > tempDirectory > anyOf > item 1 > key
| Type | string |
| Required | No |
Description: The unique name of the object in the bucket.
2.1.3.2.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Connection information for dataset input files stored in a database.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.DatabaseInputDefinitionProperty |
2.1.3.2.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.2.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > CfnDataset.DatabaseInputDefinitionProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.DatabaseInputDefinitionProperty |
Description: Connection information for dataset input files stored in a database.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - databaseTableName | No | string | No | - | The table within the target database. |
| + glueConnectionName | No | string | No | - | The AWS Glue Connection that stores the connection information for the target database. |
| - queryString | No | string | No | - | Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs. |
| - tempDirectory | No | Combination | No | - | An Amazon location that AWS Glue Data Catalog can use as a temporary directory. |
2.1.3.2.2.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > databaseTableName
| Type | string |
| Required | No |
Description: The table within the target database.
2.1.3.2.2.2.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > glueConnectionName
| Type | string |
| Required | Yes |
Description: The AWS Glue Connection that stores the connection information for the target database.
2.1.3.2.2.2.3. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > queryString
| Type | string |
| Required | No |
Description: Custom SQL to run against the provided AWS Glue connection.
This SQL will be used as the input for DataBrew projects and jobs.
2.1.3.2.2.2.4. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > tempDirectory
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: An Amazon location that AWS Glue Data Catalog can use as a temporary directory.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.S3LocationProperty |
2.1.3.2.2.2.4.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > tempDirectory > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.2.2.4.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > databaseInputDefinition > anyOf > item 1 > tempDirectory > anyOf > CfnDataset.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_input_anyOf_i1_dataCatalogInputDefinition_anyOf_i1_tempDirectory_anyOf_i1 |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
2.1.3.2.3. Property root > datasets > additionalProperties > input > anyOf > item 1 > metadata
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Contains additional resource information needed for specific datasets.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.MetadataProperty |
2.1.3.2.3.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > metadata > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.3.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > metadata > anyOf > CfnDataset.MetadataProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.MetadataProperty |
Description: Contains additional resource information needed for specific datasets.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - sourceArn | No | string | No | - | The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow. |
2.1.3.2.3.2.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > metadata > anyOf > item 1 > sourceArn
| Type | string |
| Required | No |
Description: The Amazon Resource Name (ARN) associated with the dataset.
Currently, DataBrew only supports ARNs from Amazon AppFlow.
2.1.3.2.4. Property root > datasets > additionalProperties > input > anyOf > item 1 > s3InputDefinition
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: The Amazon S3 location where the data is stored.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.S3LocationProperty |
2.1.3.2.4.1. Property root > datasets > additionalProperties > input > anyOf > item 1 > s3InputDefinition > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.3.2.4.2. Property root > datasets > additionalProperties > input > anyOf > item 1 > s3InputDefinition > anyOf > CfnDataset.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_input_anyOf_i1_dataCatalogInputDefinition_anyOf_i1_tempDirectory_anyOf_i1 |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
2.1.4. Property root > datasets > additionalProperties > pathOptions
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Path options for S3 path structure interpretation and file organization.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.PathOptionsProperty |
2.1.4.1. Property root > datasets > additionalProperties > pathOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2. Property root > datasets > additionalProperties > pathOptions > anyOf > CfnDataset.PathOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.PathOptionsProperty |
Description: Represents a set of options that define how DataBrew selects files for a given Amazon S3 path in a dataset.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - filesLimit | No | Combination | No | - | If provided, this structure imposes a limit on a number of files that should be selected. |
| - lastModifiedDateCondition | No | Combination | No | - | If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 . |
| - parameters | No | Combination | No | - | A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions. |
2.1.4.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: If provided, this structure imposes a limit on a number of files that should be selected.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.FilesLimitProperty |
2.1.4.2.1.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.1.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit > anyOf > CfnDataset.FilesLimitProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.FilesLimitProperty |
Description: Represents a limit imposed on number of Amazon S3 files that should be selected for a dataset from a connected Amazon S3 path.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + maxFiles | No | number | No | - | The number of Amazon S3 files to select. |
| - order | No | string | No | - | A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING. |
| - orderedBy | No | string | No | - | A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value. |
2.1.4.2.1.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit > anyOf > item 1 > maxFiles
| Type | number |
| Required | Yes |
Description: The number of Amazon S3 files to select.
2.1.4.2.1.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit > anyOf > item 1 > order
| Type | string |
| Required | No |
Description: A criteria to use for Amazon S3 files sorting before their selection.
By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.
2.1.4.2.1.2.3. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > filesLimit > anyOf > item 1 > orderedBy
| Type | string |
| Required | No |
Description: A criteria to use for Amazon S3 files sorting before their selection.
By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.
2.1.4.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.FilterExpressionProperty |
2.1.4.2.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > CfnDataset.FilterExpressionProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.FilterExpressionProperty |
Description: Represents a structure for defining parameter conditions.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + expression | No | string | No | - | The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, "(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)". Substitution variables should start with ':' symbol. |
| + valuesMap | No | Combination | No | - | The map of substitution variable names to their values used in this filter expression. |
2.1.4.2.2.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > expression
| Type | string |
| Required | Yes |
Description: The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions.
For example, "(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)". Substitution variables should start with ':' symbol.
2.1.4.2.2.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The map of substitution variable names to their values used in this filter expression.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.4.2.2.2.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.2.2.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
2.1.4.2.2.2.2.2.1. root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.FilterValueProperty |
2.1.4.2.2.2.2.2.1.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.2.2.2.2.1.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1 > item 1 items > anyOf > CfnDataset.FilterValueProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.FilterValueProperty |
Description: Represents a single entry in the ValuesMap of a FilterExpression .
A FilterValue associates the name of a substitution variable in an expression to its value.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + value | No | string | No | - | The value to be associated with the substitution variable. |
| + valueReference | No | string | No | - | The substitution variable reference. |
2.1.4.2.2.2.2.2.1.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1 > item 1 items > anyOf > item 1 > value
| Type | string |
| Required | Yes |
Description: The value to be associated with the substitution variable.
2.1.4.2.2.2.2.2.1.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > lastModifiedDateCondition > anyOf > item 1 > valuesMap > anyOf > item 1 > item 1 items > anyOf > item 1 > valueReference
| Type | string |
| Required | Yes |
Description: The substitution variable reference.
2.1.4.2.3. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.4.2.3.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
2.1.4.2.3.2.1. root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.PathParameterProperty |
2.1.4.2.3.2.1.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2.1.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > CfnDataset.PathParameterProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.PathParameterProperty |
Description: Represents a single entry in the path parameters of a dataset.
Each PathParameter consists of a name and a parameter definition.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + datasetParameter | No | Combination | No | - | The path parameter definition. |
| + pathParameterName | No | string | No | - | The name of the path parameter. |
2.1.4.2.3.2.1.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The path parameter definition.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.DatasetParameterProperty |
2.1.4.2.3.2.1.2.1.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2.1.2.1.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > CfnDataset.DatasetParameterProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.DatasetParameterProperty |
Description: Represents a dataset paramater that defines type and conditions for a parameter in the Amazon S3 path of the dataset.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - createColumn | No | Combination | No | - | Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset. |
| - datetimeOptions | No | Combination | No | - | Additional parameter options such as a format and a timezone. Required for datetime parameters. |
| - filter | No | Combination | No | - | The optional filter expression structure to apply additional matching criteria to the parameter. |
| + name | No | string | No | - | The name of the parameter that is used in the dataset's Amazon S3 path. |
| + type | No | string | No | - | The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'. |
2.1.4.2.3.2.1.2.1.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > createColumn
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
2.1.4.2.3.2.1.2.1.2.1.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > createColumn > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2.1.2.1.2.1.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > createColumn > anyOf > item 1
| Type | boolean |
| Required | No |
2.1.4.2.3.2.1.2.1.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Additional parameter options such as a format and a timezone.
Required for datetime parameters.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.DatetimeOptionsProperty |
2.1.4.2.3.2.1.2.1.2.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2.1.2.1.2.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions > anyOf > CfnDataset.DatetimeOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnDataset.DatetimeOptionsProperty |
Description: Represents additional options for correct interpretation of datetime parameters used in the Amazon S3 path of a dataset.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + format | No | string | No | - | Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. "MM.dd.yyyy-'at'-HH:mm". |
| - localeCode | No | string | No | - | Optional value for a non-US locale code, needed for correct interpretation of some date formats. |
| - timezoneOffset | No | string | No | - | Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed. |
2.1.4.2.3.2.1.2.1.2.2.2.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions > anyOf > item 1 > format
| Type | string |
| Required | Yes |
Description: Required option, that defines the datetime format used for a date parameter in the Amazon S3 path.
Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. "MM.dd.yyyy-'at'-HH:mm".
2.1.4.2.3.2.1.2.1.2.2.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions > anyOf > item 1 > localeCode
| Type | string |
| Required | No |
Description: Optional value for a non-US locale code, needed for correct interpretation of some date formats.
2.1.4.2.3.2.1.2.1.2.2.2.3. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > datetimeOptions > anyOf > item 1 > timezoneOffset
| Type | string |
| Required | No |
Description: Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path.
Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.
2.1.4.2.3.2.1.2.1.2.3. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > filter
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: The optional filter expression structure to apply additional matching criteria to the parameter.
| Any of(Option) |
|---|
| IResolvable |
| CfnDataset.FilterExpressionProperty |
2.1.4.2.3.2.1.2.1.2.3.1. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > filter > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
2.1.4.2.3.2.1.2.1.2.3.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > filter > anyOf > CfnDataset.FilterExpressionProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_pathOptions_anyOf_i1_lastModifiedDateCondition_anyOf_i1 |
Description: Represents a structure for defining parameter conditions.
2.1.4.2.3.2.1.2.1.2.4. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > name
| Type | string |
| Required | Yes |
Description: The name of the parameter that is used in the dataset's Amazon S3 path.
2.1.4.2.3.2.1.2.1.2.5. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > datasetParameter > anyOf > item 1 > type
| Type | string |
| Required | Yes |
Description: The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.
2.1.4.2.3.2.1.2.2. Property root > datasets > additionalProperties > pathOptions > anyOf > item 1 > parameters > anyOf > item 1 > item 1 items > anyOf > item 1 > pathParameterName
| Type | string |
| Required | Yes |
Description: The name of the path parameter.
3. Property root > deploymentRoleArn
| Type | string |
| Required | No |
Description: IAM role ARN for deployment operations and resource management. Auto-resolved from project when projectName is set.
Use cases: Deployment permissions; Resource provisioning
AWS: IAM role
Validation: Optional; auto-wired from project if projectName provided
4. Property root > jobs
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Map of job names to DataBrew job definitions for automated data preparation and profiling.
Use cases: Automated data preparation; Scheduled profiling; Transformation jobs
AWS: AWS Glue DataBrew jobs
Validation: Optional; map of string to DataBrewJobProps
4.1. Property root > jobs > DataBrewJobProps
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/DataBrewJobProps |
Description: Configuration for a DataBrew job defining recipe execution, data profiling, and automated data preparation workflows.
Use cases: Data processing jobs; Recipe execution; Data profiling; Automated preparation; Output management
AWS: Creates AWS Glue DataBrew jobs with recipe execution, profiling, and output configuration
Validation: type, kmsKeyArn, dataset, and executionRole are required; other properties are optional
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - dataCatalogOutputs | No | Combination | No | - | Data Catalog output configurations for Glue catalog integration. |
| - databaseOutputs | No | Combination | No | - | JDBC database output destinations for recipe job results. |
| + dataset | No | object | No | In #/definitions/ConfigOptions | Input dataset configuration referencing an existing or generated dataset. |
| + executionRole | No | object | No | In #/definitions/MdaaRoleRef | IAM execution role reference for job permissions. |
| - jobSample | No | Combination | No | - | Sample configuration for profile jobs controlling data sampling strategy. |
| + kmsKeyArn | No | string | No | - | KMS key ARN for encrypting job outputs and intermediate processing results. |
| - logSubscription | No | string | No | - | CloudWatch log subscription status for job execution monitoring. |
| - maxCapacity | No | number | No | - | Maximum number of nodes for job execution. |
| - maxRetries | No | number | No | - | Maximum retry attempts for failed job runs. |
| - outputLocation | No | Combination | No | - | Output location for profile job results. |
| - outputs | No | Combination | No | - | Output locations for recipe job results including S3 destinations and format specifications. |
| - profileConfiguration | No | Combination | No | - | Profile configuration for statistical analysis and data quality assessment. |
| - projectName | No | string | No | - | DataBrew project name for recipe job association. |
| - recipe | No | object | No | Same as dataset | Recipe configuration referencing an existing or generated recipe. |
| - schedule | No | object | No | In #/definitions/ConfigSchedule | Cron-based schedule configuration for automated job execution. |
| - timeout | No | number | No | - | Job timeout in minutes controlling maximum execution time. |
| + type | No | string | No | - | Job type: 'RECIPE' for data transformation or 'PROFILE' for data profiling. |
| - validationConfigurations | No | Combination | No | - | Validation configurations for profile job quality assessment. |
4.1.1. Property root > jobs > additionalProperties > dataCatalogOutputs
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Data Catalog output configurations for Glue catalog integration.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.1.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.1.2.1. root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.DataCatalogOutputProperty |
4.1.1.2.1.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > CfnJob.DataCatalogOutputProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.DataCatalogOutputProperty |
Description: Represents options that specify how and where in the AWS Glue Data Catalog DataBrew writes the output generated by recipe jobs.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - catalogId | No | string | No | - | The unique identifier of the AWS account that holds the Data Catalog that stores the data. |
| + databaseName | No | string | No | - | The name of a database in the Data Catalog. |
| - databaseOptions | No | Combination | No | - | Represents options that specify how and where DataBrew writes the database output generated by recipe jobs. |
| - overwrite | No | Combination | No | - | A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions. |
| - s3Options | No | Combination | No | - | Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs. |
| + tableName | No | string | No | - | The name of a table in the Data Catalog. |
4.1.1.2.1.2.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > catalogId
| Type | string |
| Required | No |
Description: The unique identifier of the AWS account that holds the Data Catalog that stores the data.
4.1.1.2.1.2.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseName
| Type | string |
| Required | Yes |
Description: The name of a database in the Data Catalog.
4.1.1.2.1.2.3. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.DatabaseTableOutputOptionsProperty |
4.1.1.2.1.2.3.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2.3.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > CfnJob.DatabaseTableOutputOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.DatabaseTableOutputOptionsProperty |
Description: Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + tableName | No | string | No | - | A prefix for the name of a table DataBrew will create in the database. |
| - tempDirectory | No | Combination | No | - | Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results. |
4.1.1.2.1.2.3.2.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tableName
| Type | string |
| Required | Yes |
Description: A prefix for the name of a table DataBrew will create in the database.
4.1.1.2.1.2.3.2.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.S3LocationProperty |
4.1.1.2.1.2.3.2.2.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2.3.2.2.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory > anyOf > CfnJob.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.S3LocationProperty |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + bucket | No | string | No | - | The Amazon S3 bucket name. |
| - bucketOwner | No | string | No | - | The AWS account ID of the bucket owner. |
| - key | No | string | No | - | The unique name of the object in the bucket. |
4.1.1.2.1.2.3.2.2.2.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory > anyOf > item 1 > bucket
| Type | string |
| Required | Yes |
Description: The Amazon S3 bucket name.
4.1.1.2.1.2.3.2.2.2.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory > anyOf > item 1 > bucketOwner
| Type | string |
| Required | No |
Description: The AWS account ID of the bucket owner.
4.1.1.2.1.2.3.2.2.2.3. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > item 1 > tempDirectory > anyOf > item 1 > key
| Type | string |
| Required | No |
Description: The unique name of the object in the bucket.
4.1.1.2.1.2.4. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A value that, if true, means that any data in the location specified for output is overwritten with new output.
Not supported with DatabaseOptions.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.1.2.1.2.4.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2.4.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite > anyOf > item 1
| Type | boolean |
| Required | No |
4.1.1.2.1.2.5. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.S3TableOutputOptionsProperty |
4.1.1.2.1.2.5.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2.5.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options > anyOf > CfnJob.S3TableOutputOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.S3TableOutputOptionsProperty |
Description: Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + location | No | Combination | No | - | Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job. |
4.1.1.2.1.2.5.2.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options > anyOf > item 1 > location
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.S3LocationProperty |
4.1.1.2.1.2.5.2.1.1. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options > anyOf > item 1 > location > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.1.2.1.2.5.2.1.2. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > s3Options > anyOf > item 1 > location > anyOf > CfnJob.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | jobs_additionalProperties_dataCatalogOutputs_anyOf_i1_items_anyOf_i1_databaseOptions_anyOf_i1_tempDirectory_anyOf_i1 |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
4.1.1.2.1.2.6. Property root > jobs > additionalProperties > dataCatalogOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > tableName
| Type | string |
| Required | Yes |
Description: The name of a table in the Data Catalog.
4.1.2. Property root > jobs > additionalProperties > databaseOutputs
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: JDBC database output destinations for recipe job results.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.2.1. Property root > jobs > additionalProperties > databaseOutputs > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.2.2. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.2.2.1. root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.DatabaseOutputProperty |
4.1.2.2.1.1. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.2.2.1.2. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > CfnJob.DatabaseOutputProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.DatabaseOutputProperty |
Description: Represents a JDBC database output object which defines the output destination for a DataBrew recipe job to write into.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + databaseOptions | No | Combination | No | - | Represents options that specify how and where DataBrew writes the database output generated by recipe jobs. |
| - databaseOutputMode | No | string | No | - | The output mode to write into the database. Currently supported option: NEW_TABLE. |
| + glueConnectionName | No | string | No | - | The AWS Glue connection that stores the connection information for the target database. |
4.1.2.2.1.2.1. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.DatabaseTableOutputOptionsProperty |
4.1.2.2.1.2.1.1. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.2.2.1.2.1.2. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOptions > anyOf > CfnJob.DatabaseTableOutputOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | jobs_additionalProperties_dataCatalogOutputs_anyOf_i1_items_anyOf_i1_databaseOptions_anyOf_i1 |
Description: Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
4.1.2.2.1.2.2. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > databaseOutputMode
| Type | string |
| Required | No |
Description: The output mode to write into the database.
Currently supported option: NEW_TABLE.
4.1.2.2.1.2.3. Property root > jobs > additionalProperties > databaseOutputs > anyOf > item 1 > item 1 items > anyOf > item 1 > glueConnectionName
| Type | string |
| Required | Yes |
Description: The AWS Glue connection that stores the connection information for the target database.
4.1.3. Property root > jobs > additionalProperties > dataset
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/ConfigOptions |
Description: Input dataset configuration referencing an existing or generated dataset.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - existing | No | object | No | In #/definitions/CfnJob.RecipeProperty | Existing recipe property for direct recipe specification. |
| - generated | No | string | No | - | Generated resource reference name for dynamic resource linking. |
4.1.3.1. Property root > jobs > additionalProperties > dataset > existing
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.RecipeProperty |
Description: Existing recipe property for direct recipe specification.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + name | No | string | No | - | The unique name for the recipe. |
| - version | No | string | No | - | The identifier for the version for the recipe. |
4.1.3.1.1. Property root > jobs > additionalProperties > dataset > existing > name
| Type | string |
| Required | Yes |
Description: The unique name for the recipe.
4.1.3.1.2. Property root > jobs > additionalProperties > dataset > existing > version
| Type | string |
| Required | No |
Description: The identifier for the version for the recipe.
4.1.3.2. Property root > jobs > additionalProperties > dataset > generated
| Type | string |
| Required | No |
Description: Generated resource reference name for dynamic resource linking.
4.1.4. Property root > jobs > additionalProperties > executionRole
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaRoleRef |
Description: IAM execution role reference for job permissions.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - arn | No | string | No | - | Full IAM role ARN for cross-account role references and explicit role identification. Use cases: Cross-account role references; Explicit role binding; Multi-account deployments AWS: Full IAM role ARN (arn:aws:iam::ACCOUNT:role/ROLE-NAME) Validation: Optional; must be a valid IAM role ARN if provided |
| - id | No | string | No | - | IAM role unique identifier for role resolution using the role's AWS-generated ID. Use cases: Stable role references; Role resolution by unique ID; Immutable role binding AWS: IAM role unique ID (e.g., AROA...) Validation: Optional; must be a valid IAM role unique ID if provided |
| - immutable | No | boolean | No | - | Flag indicating whether the referenced role should be treated as immutable and not modified by MDAA operations. Use cases: Pre-existing role protection; Externally managed roles; Read-only role references AWS: Controls whether MDAA attaches policies or modifies the referenced IAM role Validation: Optional boolean; defaults to false |
| - name | No | string | No | - | IAM role name for role resolution within the same AWS account. Use cases: Same-account role references; Role name-based resolution; Local IAM role binding AWS: IAM role name resolved via GetRole within the deployment account Validation: Optional; must be a valid IAM role name; mutually preferred with arn/id for resolution |
| - refId | No | string | No | - | Unique identifier for the role reference within a configuration scope, enabling role lookup and deduplication. Use cases: Role reference identification; Configuration deduplication; Role lookup key AWS: Logical identifier for IAM role references within MDAA configuration Validation: Optional; must be unique within the configuration scope if provided |
| - sso | No | boolean | No | - | Flag indicating the role should be resolved as an AWS SSO auto-generated role. Use cases: AWS IAM Identity Center integration; SSO permission set role binding; Federated access AWS: Resolves role via AWS SSO/Identity Center auto-generated role naming convention Validation: Optional boolean; defaults to false |
4.1.4.1. Property root > jobs > additionalProperties > executionRole > arn
| Type | string |
| Required | No |
Description: Full IAM role ARN for cross-account role references and explicit role identification.
Use cases: Cross-account role references; Explicit role binding; Multi-account deployments
AWS: Full IAM role ARN (arn:aws:iam::ACCOUNT:role/ROLE-NAME)
Validation: Optional; must be a valid IAM role ARN if provided
4.1.4.2. Property root > jobs > additionalProperties > executionRole > id
| Type | string |
| Required | No |
Description: IAM role unique identifier for role resolution using the role's AWS-generated ID.
Use cases: Stable role references; Role resolution by unique ID; Immutable role binding
AWS: IAM role unique ID (e.g., AROA...)
Validation: Optional; must be a valid IAM role unique ID if provided
4.1.4.3. Property root > jobs > additionalProperties > executionRole > immutable
| Type | boolean |
| Required | No |
Description: Flag indicating whether the referenced role should be treated as immutable and not modified by MDAA operations.
Use cases: Pre-existing role protection; Externally managed roles; Read-only role references
AWS: Controls whether MDAA attaches policies or modifies the referenced IAM role
Validation: Optional boolean; defaults to false
4.1.4.4. Property root > jobs > additionalProperties > executionRole > name
| Type | string |
| Required | No |
Description: IAM role name for role resolution within the same AWS account.
Use cases: Same-account role references; Role name-based resolution; Local IAM role binding
AWS: IAM role name resolved via GetRole within the deployment account
Validation: Optional; must be a valid IAM role name; mutually preferred with arn/id for resolution
4.1.4.5. Property root > jobs > additionalProperties > executionRole > refId
| Type | string |
| Required | No |
Description: Unique identifier for the role reference within a configuration scope, enabling role lookup and deduplication.
Use cases: Role reference identification; Configuration deduplication; Role lookup key
AWS: Logical identifier for IAM role references within MDAA configuration
Validation: Optional; must be unique within the configuration scope if provided
4.1.4.6. Property root > jobs > additionalProperties > executionRole > sso
| Type | boolean |
| Required | No |
Description: Flag indicating the role should be resolved as an AWS SSO auto-generated role.
Use cases: AWS IAM Identity Center integration; SSO permission set role binding; Federated access
AWS: Resolves role via AWS SSO/Identity Center auto-generated role naming convention
Validation: Optional boolean; defaults to false
4.1.5. Property root > jobs > additionalProperties > jobSample
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Sample configuration for profile jobs controlling data sampling strategy.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.JobSampleProperty |
4.1.5.1. Property root > jobs > additionalProperties > jobSample > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.5.2. Property root > jobs > additionalProperties > jobSample > anyOf > CfnJob.JobSampleProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.JobSampleProperty |
Description: A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run.
If a JobSample value isn't provided, the default is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - mode | No | string | No | - | A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following: - FULL_DATASET - The profile job is run on the entire dataset. - CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter. |
| - size | No | number | No | - | The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE. Long.MAX_VALUE = 9223372036854775807 |
4.1.5.2.1. Property root > jobs > additionalProperties > jobSample > anyOf > item 1 > mode
| Type | string |
| Required | No |
Description: A value that determines whether the profile job is run on the entire dataset or a specified number of rows.
This value must be one of the following:
- FULL_DATASET - The profile job is run on the entire dataset.
- CUSTOM_ROWS - The profile job is run on the number of rows specified in the
Sizeparameter.
4.1.5.2.2. Property root > jobs > additionalProperties > jobSample > anyOf > item 1 > size
| Type | number |
| Required | No |
Description: The Size parameter is only required when the mode is CUSTOM_ROWS.
The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.
Long.MAX_VALUE = 9223372036854775807
4.1.6. Property root > jobs > additionalProperties > kmsKeyArn
| Type | string |
| Required | Yes |
Description: KMS key ARN for encrypting job outputs and intermediate processing results.
4.1.7. Property root > jobs > additionalProperties > logSubscription
| Type | string |
| Required | No |
Description: CloudWatch log subscription status for job execution monitoring.
4.1.8. Property root > jobs > additionalProperties > maxCapacity
| Type | number |
| Required | No |
Description: Maximum number of nodes for job execution.
4.1.9. Property root > jobs > additionalProperties > maxRetries
| Type | number |
| Required | No |
Description: Maximum retry attempts for failed job runs.
4.1.10. Property root > jobs > additionalProperties > outputLocation
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Output location for profile job results.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.OutputLocationProperty |
4.1.10.1. Property root > jobs > additionalProperties > outputLocation > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.10.2. Property root > jobs > additionalProperties > outputLocation > anyOf > CfnJob.OutputLocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.OutputLocationProperty |
Description: The location in Amazon S3 or AWS Glue Data Catalog where the job writes its output.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + bucket | No | string | No | - | The Amazon S3 bucket name. |
| - bucketOwner | No | string | No | - | - |
| - key | No | string | No | - | The unique name of the object in the bucket. |
4.1.10.2.1. Property root > jobs > additionalProperties > outputLocation > anyOf > item 1 > bucket
| Type | string |
| Required | Yes |
Description: The Amazon S3 bucket name.
4.1.10.2.2. Property root > jobs > additionalProperties > outputLocation > anyOf > item 1 > bucketOwner
| Type | string |
| Required | No |
4.1.10.2.3. Property root > jobs > additionalProperties > outputLocation > anyOf > item 1 > key
| Type | string |
| Required | No |
Description: The unique name of the object in the bucket.
4.1.11. Property root > jobs > additionalProperties > outputs
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Output locations for recipe job results including S3 destinations and format specifications.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.11.1. Property root > jobs > additionalProperties > outputs > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.11.2.1. root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.OutputProperty |
4.1.11.2.1.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2.1.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > CfnJob.OutputProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.OutputProperty |
Description: Represents options that specify how and where in Amazon S3 DataBrew writes the output generated by recipe jobs or profile jobs.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - compressionFormat | No | string | No | - | The compression algorithm used to compress the output text of the job. |
| - format | No | string | No | - | The data format of the output of the job. |
| - formatOptions | No | Combination | No | - | Represents options that define how DataBrew formats job output files. |
| + location | No | Combination | No | - | The location in Amazon S3 where the job writes its output. |
| - maxOutputFiles | No | number | No | - | The maximum number of files to be generated by the job and written to the output folder. |
| - overwrite | No | Combination | No | - | A value that, if true, means that any data in the location specified for output is overwritten with new output. |
| - partitionColumns | No | array of string | No | - | The names of one or more partition columns for the output of the job. |
4.1.11.2.1.2.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > compressionFormat
| Type | string |
| Required | No |
Description: The compression algorithm used to compress the output text of the job.
4.1.11.2.1.2.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > format
| Type | string |
| Required | No |
Description: The data format of the output of the job.
4.1.11.2.1.2.3. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Represents options that define how DataBrew formats job output files.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.OutputFormatOptionsProperty |
4.1.11.2.1.2.3.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2.1.2.3.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > CfnJob.OutputFormatOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.OutputFormatOptionsProperty |
Description: Represents a set of options that define the structure of comma-separated (CSV) job output.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - csv | No | Combination | No | - | Represents a set of options that define the structure of comma-separated value (CSV) job output. |
4.1.11.2.1.2.3.2.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > item 1 > csv
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Represents a set of options that define the structure of comma-separated value (CSV) job output.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.CsvOutputOptionsProperty |
4.1.11.2.1.2.3.2.1.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > item 1 > csv > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2.1.2.3.2.1.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > item 1 > csv > anyOf > CfnJob.CsvOutputOptionsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.CsvOutputOptionsProperty |
Description: Represents a set of options that define how DataBrew will write a comma-separated value (CSV) file.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - delimiter | No | string | No | - | A single character that specifies the delimiter used to create CSV job output. |
4.1.11.2.1.2.3.2.1.2.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > formatOptions > anyOf > item 1 > csv > anyOf > item 1 > delimiter
| Type | string |
| Required | No |
Description: A single character that specifies the delimiter used to create CSV job output.
4.1.11.2.1.2.4. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > location
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The location in Amazon S3 where the job writes its output.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.S3LocationProperty |
4.1.11.2.1.2.4.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > location > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2.1.2.4.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > location > anyOf > CfnJob.S3LocationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | jobs_additionalProperties_dataCatalogOutputs_anyOf_i1_items_anyOf_i1_databaseOptions_anyOf_i1_tempDirectory_anyOf_i1 |
Description: Represents an Amazon S3 location (bucket name, bucket owner, and object key) where DataBrew can read input data, or write output from a job.
4.1.11.2.1.2.5. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > maxOutputFiles
| Type | number |
| Required | No |
Description: The maximum number of files to be generated by the job and written to the output folder.
4.1.11.2.1.2.6. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: A value that, if true, means that any data in the location specified for output is overwritten with new output.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.11.2.1.2.6.1. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.11.2.1.2.6.2. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > overwrite > anyOf > item 1
| Type | boolean |
| Required | No |
4.1.11.2.1.2.7. Property root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > partitionColumns
| Type | array of string |
| Required | No |
Description: The names of one or more partition columns for the output of the job.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| partitionColumns items | - |
4.1.11.2.1.2.7.1. root > jobs > additionalProperties > outputs > anyOf > item 1 > item 1 items > anyOf > item 1 > partitionColumns > partitionColumns items
| Type | string |
| Required | No |
4.1.12. Property root > jobs > additionalProperties > profileConfiguration
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Profile configuration for statistical analysis and data quality assessment.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.ProfileConfigurationProperty |
4.1.12.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > CfnJob.ProfileConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.ProfileConfigurationProperty |
Description: Configuration for profile jobs.
Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - columnStatisticsConfigurations | No | Combination | No | - | List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations. |
| - datasetStatisticsConfiguration | No | Combination | No | - | Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations. |
| - entityDetectorConfiguration | No | Combination | No | - | Configuration of entity detection for a profile job. When undefined, entity detection is disabled. |
| - profileColumns | No | Combination | No | - | List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns. |
4.1.12.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: List of configurations for column evaluations.
ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.12.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.12.2.1.2.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.ColumnStatisticsConfigurationProperty |
4.1.12.2.1.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > CfnJob.ColumnStatisticsConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.ColumnStatisticsConfigurationProperty |
Description: Configuration for column evaluations for a profile job.
ColumnStatisticsConfiguration can be used to select evaluations and override parameters of evaluations for particular columns.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - selectors | No | Combination | No | - | List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns. |
| + statistics | No | Combination | No | - | Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations. |
4.1.12.2.1.2.1.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: List of column selectors.
Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.12.2.1.2.1.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.12.2.1.2.1.2.1.2.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.ColumnSelectorProperty |
4.1.12.2.1.2.1.2.1.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.1.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1 > item 1 items > anyOf > CfnJob.ColumnSelectorProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.ColumnSelectorProperty |
Description: Selector of a column from a dataset for profile job configuration.
One selector includes either a column name or a regular expression.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - name | No | string | No | - | The name of a column from a dataset. |
| - regex | No | string | No | - | A regular expression for selecting a column from a dataset. |
4.1.12.2.1.2.1.2.1.2.1.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1 > item 1 items > anyOf > item 1 > name
| Type | string |
| Required | No |
Description: The name of a column from a dataset.
4.1.12.2.1.2.1.2.1.2.1.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > selectors > anyOf > item 1 > item 1 items > anyOf > item 1 > regex
| Type | string |
| Required | No |
Description: A regular expression for selecting a column from a dataset.
4.1.12.2.1.2.1.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Configuration for evaluations.
Statistics can be used to select evaluations and override parameters of evaluations.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.StatisticsConfigurationProperty |
4.1.12.2.1.2.1.2.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > CfnJob.StatisticsConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.StatisticsConfigurationProperty |
Description: Configuration of evaluations for a profile job.
This configuration can be used to select evaluations and override the parameters of selected evaluations.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - includedStatistics | No | array of string | No | - | List of included evaluations. When the list is undefined, all supported evaluations will be included. |
| - overrides | No | Combination | No | - | List of overrides for evaluations. |
4.1.12.2.1.2.1.2.2.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > includedStatistics
| Type | array of string |
| Required | No |
Description: List of included evaluations.
When the list is undefined, all supported evaluations will be included.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| includedStatistics items | - |
4.1.12.2.1.2.1.2.2.2.1.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > includedStatistics > includedStatistics items
| Type | string |
| Required | No |
4.1.12.2.1.2.1.2.2.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: List of overrides for evaluations.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.12.2.1.2.1.2.2.2.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.2.2.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.12.2.1.2.1.2.2.2.2.2.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.StatisticOverrideProperty |
4.1.12.2.1.2.1.2.2.2.2.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.2.2.2.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > CfnJob.StatisticOverrideProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.StatisticOverrideProperty |
Description: Override of a particular evaluation for a profile job.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + parameters | No | Combination | No | - | A map that includes overrides of an evaluation’s parameters. |
| + statistic | No | string | No | - | The name of an evaluation. |
4.1.12.2.1.2.1.2.2.2.2.2.1.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > item 1 > parameters
| Type | combining |
| Required | Yes |
| Additional properties | Any type allowed |
Description: A map that includes overrides of an evaluation’s parameters.
| Any of(Option) |
|---|
| IResolvable |
| Record%3Cstring%2Cstring%3E |
4.1.12.2.1.2.1.2.2.2.2.2.1.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > item 1 > parameters > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.1.2.1.2.2.2.2.2.1.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > item 1 > parameters > anyOf > Record%3Cstring%2Cstring%3E
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
| Defined in | #/definitions/Record%3Cstring%2Cstring%3E |
4.1.12.2.1.2.1.2.2.2.2.2.1.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > columnStatisticsConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > statistics > anyOf > item 1 > overrides > anyOf > item 1 > item 1 items > anyOf > item 1 > statistic
| Type | string |
| Required | Yes |
Description: The name of an evaluation.
4.1.12.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > datasetStatisticsConfiguration
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Configuration for inter-column evaluations.
Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.StatisticsConfigurationProperty |
4.1.12.2.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > datasetStatisticsConfiguration > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > datasetStatisticsConfiguration > anyOf > CfnJob.StatisticsConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | jobs_additionalProperties_profileConfiguration_anyOf_i1_columnStatisticsConfigurations_anyOf_i1_items_anyOf_i1_statistics_anyOf_i1 |
Description: Configuration of evaluations for a profile job.
This configuration can be used to select evaluations and override the parameters of selected evaluations.
4.1.12.2.3. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Configuration of entity detection for a profile job.
When undefined, entity detection is disabled.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.EntityDetectorConfigurationProperty |
4.1.12.2.3.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.3.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > CfnJob.EntityDetectorConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.EntityDetectorConfigurationProperty |
Description: Configuration of entity detection for a profile job.
When undefined, entity detection is disabled.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - allowedStatistics | No | Combination | No | - | Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities. |
| + entityTypes | No | array of string | No | - | Entity types to detect. Can be any of the following:. - USA_SSN - USA_ITIN - USA_PASSPORT_NUMBER - PHONE_NUMBER - USA_DRIVING_LICENSE - BANK_ACCOUNT - CREDIT_CARD - IP_ADDRESS - MAC_ADDRESS - USA_DEA_NUMBER - USA_HCPCS_CODE - USA_NATIONAL_PROVIDER_IDENTIFIER - USA_NATIONAL_DRUG_CODE - USA_HEALTH_INSURANCE_CLAIM_NUMBER - USA_MEDICARE_BENEFICIARY_IDENTIFIER - USA_CPT_CODE - PERSON_NAME - DATE The Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE. |
4.1.12.2.3.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > allowedStatistics
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Configuration of statistics that are allowed to be run on columns that contain detected entities.
When undefined, no statistics will be computed on columns that contain detected entities.
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.AllowedStatisticsProperty |
4.1.12.2.3.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > allowedStatistics > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.3.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > allowedStatistics > anyOf > CfnJob.AllowedStatisticsProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.AllowedStatisticsProperty |
Description: Configuration of statistics that are allowed to be run on columns that contain detected entities.
When undefined, no statistics will be computed on columns that contain detected entities.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + statistics | No | array of string | No | - | One or more column statistics to allow for columns that contain detected entities. |
4.1.12.2.3.2.1.2.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > allowedStatistics > anyOf > item 1 > statistics
| Type | array of string |
| Required | Yes |
Description: One or more column statistics to allow for columns that contain detected entities.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| statistics items | - |
4.1.12.2.3.2.1.2.1.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > allowedStatistics > anyOf > item 1 > statistics > statistics items
| Type | string |
| Required | No |
4.1.12.2.3.2.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > entityTypes
| Type | array of string |
| Required | Yes |
Description: Entity types to detect. Can be any of the following:.
- USA_SSN
- USA_ITIN
- USA_PASSPORT_NUMBER
- PHONE_NUMBER
- USA_DRIVING_LICENSE
- BANK_ACCOUNT
- CREDIT_CARD
- IP_ADDRESS
- MAC_ADDRESS
- USA_DEA_NUMBER
- USA_HCPCS_CODE
- USA_NATIONAL_PROVIDER_IDENTIFIER
- USA_NATIONAL_DRUG_CODE
- USA_HEALTH_INSURANCE_CLAIM_NUMBER
- USA_MEDICARE_BENEFICIARY_IDENTIFIER
- USA_CPT_CODE
- PERSON_NAME
- DATE
The Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| entityTypes items | - |
4.1.12.2.3.2.2.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > entityDetectorConfiguration > anyOf > item 1 > entityTypes > entityTypes items
| Type | string |
| Required | No |
4.1.12.2.4. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: List of column selectors.
ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.12.2.4.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.4.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.12.2.4.2.1. root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.ColumnSelectorProperty |
4.1.12.2.4.2.1.1. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.12.2.4.2.1.2. Property root > jobs > additionalProperties > profileConfiguration > anyOf > item 1 > profileColumns > anyOf > item 1 > item 1 items > anyOf > CfnJob.ColumnSelectorProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | jobs_additionalProperties_profileConfiguration_anyOf_i1_columnStatisticsConfigurations_anyOf_i1_items_anyOf_i1_selectors_anyOf_i1_items_anyOf_i1 |
Description: Selector of a column from a dataset for profile job configuration.
One selector includes either a column name or a regular expression.
4.1.13. Property root > jobs > additionalProperties > projectName
| Type | string |
| Required | No |
Description: DataBrew project name for recipe job association.
4.1.14. Property root > jobs > additionalProperties > recipe
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | dataset |
Description: Recipe configuration referencing an existing or generated recipe.
4.1.15. Property root > jobs > additionalProperties > schedule
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/ConfigSchedule |
Description: Cron-based schedule configuration for automated job execution.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + cronExpression | No | string | No | - | Cron expression defining when jobs should run. |
| - jobNames | No | array of string | No | - | Job names to execute on this schedule. |
| + name | No | string | No | - | Unique name for the schedule. |
4.1.15.1. Property root > jobs > additionalProperties > schedule > cronExpression
| Type | string |
| Required | Yes |
Description: Cron expression defining when jobs should run.
4.1.15.2. Property root > jobs > additionalProperties > schedule > jobNames
| Type | array of string |
| Required | No |
Description: Job names to execute on this schedule.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| jobNames items | - |
4.1.15.2.1. root > jobs > additionalProperties > schedule > jobNames > jobNames items
| Type | string |
| Required | No |
4.1.15.3. Property root > jobs > additionalProperties > schedule > name
| Type | string |
| Required | Yes |
Description: Unique name for the schedule.
4.1.16. Property root > jobs > additionalProperties > timeout
| Type | number |
| Required | No |
Description: Job timeout in minutes controlling maximum execution time.
4.1.17. Property root > jobs > additionalProperties > type
| Type | string |
| Required | Yes |
Description: Job type: 'RECIPE' for data transformation or 'PROFILE' for data profiling.
4.1.18. Property root > jobs > additionalProperties > validationConfigurations
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
Description: Validation configurations for profile job quality assessment.
| Any of(Option) |
|---|
| IResolvable |
| item 1 |
4.1.18.1. Property root > jobs > additionalProperties > validationConfigurations > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.18.2. Property root > jobs > additionalProperties > validationConfigurations > anyOf > item 1
| Type | array |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| item 1 items | - |
4.1.18.2.1. root > jobs > additionalProperties > validationConfigurations > anyOf > item 1 > item 1 items
| Type | combining |
| Required | No |
| Additional properties | Any type allowed |
| Any of(Option) |
|---|
| IResolvable |
| CfnJob.ValidationConfigurationProperty |
4.1.18.2.1.1. Property root > jobs > additionalProperties > validationConfigurations > anyOf > item 1 > item 1 items > anyOf > IResolvable
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: Interface for values that can be resolvable later
Tokens are special objects that participate in synthesis.
4.1.18.2.1.2. Property root > jobs > additionalProperties > validationConfigurations > anyOf > item 1 > item 1 items > anyOf > CfnJob.ValidationConfigurationProperty
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnJob.ValidationConfigurationProperty |
Description: Configuration for data quality validation.
Used to select the Rulesets and Validation Mode to be used in the profile job. When ValidationConfiguration is null, the profile job will run without data quality validation.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + rulesetArn | No | string | No | - | The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job. |
| - validationMode | No | string | No | - | Mode of data quality validation. Default mode is “CHECK_ALL” which verifies all rules defined in the selected ruleset. |
4.1.18.2.1.2.1. Property root > jobs > additionalProperties > validationConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > rulesetArn
| Type | string |
| Required | Yes |
Description: The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job.
The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.
4.1.18.2.1.2.2. Property root > jobs > additionalProperties > validationConfigurations > anyOf > item 1 > item 1 items > anyOf > item 1 > validationMode
| Type | string |
| Required | No |
Description: Mode of data quality validation.
Default mode is “CHECK_ALL” which verifies all rules defined in the selected ruleset.
5. Property root > kmsArn
| Type | string |
| Required | No |
Description: KMS key ARN for encrypting DataOps resources and data. Auto-resolved from project when projectName is set.
Use cases: Data encryption; Security compliance
AWS: KMS key
Validation: Optional; auto-wired from project if projectName provided
6. Property root > nag_suppressions
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaNagSuppressionConfigs |
Description: Q-ENHANCED-PROPERTY Optional CDK Nag suppression configurations for compliance rule management enabling controlled security rule exceptions and compliance documentation. Provides structured approach to managing security rule suppressions with proper justification and documentation for compliance auditing.
Use cases: Compliance management; Security rule exceptions; Audit documentation; Controlled suppressions
AWS: CDK Nag suppressions for compliance rule management and security exception documentation
Validation: Must be valid MdaaNagSuppressionConfigs if provided; enables structured compliance rule management
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + by_path | No | array | No | - | Array of CDK Nag suppressions organized by CloudFormation resource path, enabling targeted |
6.1. Property root > nag_suppressions > by_path
| Type | array |
| Required | Yes |
Description: Array of CDK Nag suppressions organized by CloudFormation resource path, enabling targeted
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| MdaaNagSuppressionByPath | - |
6.1.1. root > nag_suppressions > by_path > MdaaNagSuppressionByPath
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaNagSuppressionByPath |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + path | No | string | No | - | CloudFormation resource path identifying the specific resource for which CDK Nag rules should be suppressed |
| + suppressions | No | array of object | No | - | Array of specific CDK Nag rule suppressions with rule IDs and mandatory justifications for audit compliance |
6.1.1.1. Property root > nag_suppressions > by_path > by_path items > path
| Type | string |
| Required | Yes |
Description: CloudFormation resource path identifying the specific resource for which CDK Nag rules should be suppressed
6.1.1.2. Property root > nag_suppressions > by_path > by_path items > suppressions
| Type | array of object |
| Required | Yes |
Description: Array of specific CDK Nag rule suppressions with rule IDs and mandatory justifications for audit compliance
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| suppressions items | - |
6.1.1.2.1. root > nag_suppressions > by_path > by_path items > suppressions > suppressions items
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + id | No | string | No | - | - |
| + reason | No | string | No | - | - |
6.1.1.2.1.1. Property root > nag_suppressions > by_path > by_path items > suppressions > suppressions items > id
| Type | string |
| Required | Yes |
6.1.1.2.1.2. Property root > nag_suppressions > by_path > by_path items > suppressions > suppressions items > reason
| Type | string |
| Required | Yes |
7. Property root > notificationTopicArn
| Type | string |
| Required | No |
Description: SNS topic ARN for job notifications and workflow alerts. Auto-resolved from project when projectName is set.
Use cases: Job failure alerts; Workflow status notifications
AWS: SNS topic
Validation: Optional; auto-wired from project if projectName provided
8. Property root > projectName
| Type | string |
| Required | No |
Description: DataOps project name for DataBrew resource autowiring.
Use cases: Project integration; Shared infrastructure reuse
AWS: DataOps project reference
Validation: Optional; must match an existing deployed project
9. Property root > recipes
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Map of recipe names to DataBrew recipe definitions for reusable data transformations.
Use cases: Reusable transformation workflows; Data cleansing operations
AWS: AWS Glue DataBrew recipes
Validation: Optional; map of string to RecipeProps
9.1. Property root > recipes > RecipeProps
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/RecipeProps |
Description: Configuration for a DataBrew recipe with transformation step definitions.
Use cases: Data transformation recipes; Step-based data processing; Recipe documentation; Transformation workflows
AWS: DataBrew recipe configuration for data transformation steps and recipe management
Validation: steps is required; description should document recipe purpose and transformations
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - description | No | string | No | - | Description of the recipe's purpose and transformations. |
| + steps | No | string | No | - | JSON string of transformation steps for recipe execution. |
9.1.1. Property root > recipes > additionalProperties > description
| Type | string |
| Required | No |
Description: Description of the recipe's purpose and transformations.
9.1.2. Property root > recipes > additionalProperties > steps
| Type | string |
| Required | Yes |
Description: JSON string of transformation steps for recipe execution.
10. Property root > sagemakerBlueprint
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaSageMakerCustomBluePrintConfig |
Description: Q-ENHANCED-PROPERTY Optional SageMaker blueprint configuration for governed self-service deployment enabling controlled infrastructure provisioning and governance. When specified, deploys the module as a SageMaker blueprint instead of direct deployment for governed access and compliance.
Use cases: Governed deployment; Self-service provisioning; SageMaker integration; Controlled access
AWS: SageMaker blueprint configuration for governed infrastructure deployment and self-service provisioning
Validation: Must be valid MdaaServiceCatalogProductConfig if provided; enables SageMaker deployment mode
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - additionalAccounts | No | object | No | - | Q-ENHANCED-PROPERTY Optional map of additional AWS accounts where the SageMaker blueprint should be enabled. Each entry maps a friendly account name to account-specific configuration including provisioning role ARN and optional parameters and authorized domain units. Use cases: Multi-account deployment; Cross-account provisioning; Account-specific configuration AWS: AWS SageMaker blueprint multi-account provisioning configuration Validation: Must be object with string keys and valid account configuration values if provided |
| - authorizedDomainUnits | No | array of string | No | - | - |
| - blueprintName | No | string | No | - | - |
| - description | No | string | No | - | Q-ENHANCED-PROPERTY Description for the SageMaker blueprint that will be visible to end users in the SageMaker console. Should be descriptive and user-friendly to facilitate blueprint discovery and selection. Use cases: Product identification; User-friendly naming; SageMaker console display AWS: AWS SageMaker blueprint name for user interface display Validation: Must be non-empty string suitable for SageMaker blueprint naming |
| - domainBucketName | No | string | No | - | - |
| - domainConfig | No | object | No | In #/definitions/DomainConfig | - |
| - domainConfigSSMParam | No | string | No | - | Q-ENHANCED-PROPERTY Optional SSM parameter reference for domain configuration enabling dynamic domain configuration management. Specifies the SSM parameter containing domain configuration data for flexible domain setup and configuration management. Use cases: Dynamic configuration; SSM parameter reference; Configuration management; Flexible setup AWS: AWS Systems Manager parameter for DataZone domain configuration reference Validation: Must be valid SSM parameter name if provided; parameter must contain valid domain configuration |
| - enabledRegions | No | array of string | No | - | - |
| - parameters | No | object | No | - | Q-ENHANCED-PROPERTY Optional object containing named parameter configurations for the SageMaker blueprint. Enables parameterized blueprint deployment with validation rules and user input constraints. Use cases: Product parameterization; User input collection; Deployment customization AWS: AWS SageMaker blueprint parameters for user-configurable deployment options Validation: Must be object with string keys and valid MdaaServiceCatalogParameterConfig values if provided * |
| + provisioningRole | No | object | No | Same as executionRole | - |
10.1. Property root > sagemakerBlueprint > additionalAccounts
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Q-ENHANCED-PROPERTY Optional map of additional AWS accounts where the SageMaker blueprint should be enabled. Each entry maps a friendly account name to account-specific configuration including provisioning role ARN and optional parameters and authorized domain units.
Use cases: Multi-account deployment; Cross-account provisioning; Account-specific configuration
AWS: AWS SageMaker blueprint multi-account provisioning configuration
Validation: Must be object with string keys and valid account configuration values if provided
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | In #/definitions/AdditionalBlueprintAccount | - |
10.1.1. Property root > sagemakerBlueprint > additionalAccounts > AdditionalBlueprintAccount
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/AdditionalBlueprintAccount |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + account | No | string | No | - | - |
| - authorizedDomainUnits | No | array of string | No | - | - |
| - enabledRegions | No | array of string | No | - | - |
| - parameters | No | object | No | - | - |
| + provisioningRole | No | object | No | Same as executionRole | - |
10.1.1.1. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > account
| Type | string |
| Required | Yes |
10.1.1.2. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > authorizedDomainUnits
| Type | array of string |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| authorizedDomainUnits items | - |
10.1.1.2.1. root > sagemakerBlueprint > additionalAccounts > additionalProperties > authorizedDomainUnits > authorizedDomainUnits items
| Type | string |
| Required | No |
10.1.1.3. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > enabledRegions
| Type | array of string |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| enabledRegions items | - |
10.1.1.3.1. root > sagemakerBlueprint > additionalAccounts > additionalProperties > enabledRegions > enabledRegions items
| Type | string |
| Required | No |
10.1.1.4. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | In #/definitions/MdaaSageMakerBluePrintParameterConfig | - |
10.1.1.4.1. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > MdaaSageMakerBluePrintParameterConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaSageMakerBluePrintParameterConfig |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + blueprintParamProps | No | object | No | In #/definitions/MdaaSageMakerBluePrintParameterProps | - |
| - cfnParamProps | No | object | No | In #/definitions/CfnParameterProps | - |
10.1.1.4.1.1. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaSageMakerBluePrintParameterProps |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - defaultValue | No | string | No | - | - |
| - description | No | string | No | - | - |
| + fieldType | No | string | No | - | - |
| - isEditable | No | boolean | No | - | - |
| - isOptional | No | boolean | No | - | - |
| - isUpdateSupported | No | boolean | No | - | - |
10.1.1.4.1.1.1. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > defaultValue
| Type | string |
| Required | No |
10.1.1.4.1.1.2. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > description
| Type | string |
| Required | No |
10.1.1.4.1.1.3. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > fieldType
| Type | string |
| Required | Yes |
10.1.1.4.1.1.4. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > isEditable
| Type | boolean |
| Required | No |
10.1.1.4.1.1.5. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > isOptional
| Type | boolean |
| Required | No |
10.1.1.4.1.1.6. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > blueprintParamProps > isUpdateSupported
| Type | boolean |
| Required | No |
10.1.1.4.1.2. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnParameterProps |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - allowedPattern | No | string | No | - | A regular expression that represents the patterns to allow for String types. |
| - allowedValues | No | array of string | No | - | An array containing the list of values allowed for the parameter. |
| - constraintDescription | No | string | No | - | A string that explains a constraint when the constraint is violated. For example, without a constraint description, a parameter that has an allowed pattern of [A-Za-z0-9]+ displays the following error message when the user specifies an invalid value: |
| - default | No | object | No | - | A value of the appropriate type for the template to use if no value is specified when a stack is created. If you define constraints for the parameter, you must specify a value that adheres to those constraints. |
| - description | No | string | No | - | A string of up to 4000 characters that describes the parameter. |
| - maxLength | No | number | No | - | An integer value that determines the largest number of characters you want to allow for String types. |
| - maxValue | No | number | No | - | A numeric value that determines the largest numeric value you want to allow for Number types. |
| - minLength | No | number | No | - | An integer value that determines the smallest number of characters you want to allow for String types. |
| - minValue | No | number | No | - | A numeric value that determines the smallest numeric value you want to allow for Number types. |
| - noEcho | No | boolean | No | - | Whether to mask the parameter value when anyone makes a call that describes the stack. If you set the value to ``true``, the parameter value is masked with asterisks (``*``). |
| - type | No | string | No | - | The data type for the parameter (DataType). |
10.1.1.4.1.2.1. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > allowedPattern
| Type | string |
| Required | No |
| Default | "- No constraints on patterns allowed for parameter." |
Description: A regular expression that represents the patterns to allow for String types.
10.1.1.4.1.2.2. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > allowedValues
| Type | array of string |
| Required | No |
| Default | "- No constraints on values allowed for parameter." |
Description: An array containing the list of values allowed for the parameter.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| allowedValues items | - |
10.1.1.4.1.2.2.1. root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > allowedValues > allowedValues items
| Type | string |
| Required | No |
10.1.1.4.1.2.3. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > constraintDescription
| Type | string |
| Required | No |
| Default | "- No description with customized error message when user specifies invalid values." |
Description: A string that explains a constraint when the constraint is violated. For example, without a constraint description, a parameter that has an allowed pattern of [A-Za-z0-9]+ displays the following error message when the user specifies an invalid value:
10.1.1.4.1.2.4. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > default
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
| Default | "- No default value for parameter." |
Description: A value of the appropriate type for the template to use if no value is specified when a stack is created. If you define constraints for the parameter, you must specify a value that adheres to those constraints.
10.1.1.4.1.2.5. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > description
| Type | string |
| Required | No |
| Default | "- No description for the parameter." |
Description: A string of up to 4000 characters that describes the parameter.
10.1.1.4.1.2.6. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > maxLength
| Type | number |
| Required | No |
| Default | "- None." |
Description: An integer value that determines the largest number of characters you want to allow for String types.
10.1.1.4.1.2.7. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > maxValue
| Type | number |
| Required | No |
| Default | "- None." |
Description: A numeric value that determines the largest numeric value you want to allow for Number types.
10.1.1.4.1.2.8. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > minLength
| Type | number |
| Required | No |
| Default | "- None." |
Description: An integer value that determines the smallest number of characters you want to allow for String types.
10.1.1.4.1.2.9. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > minValue
| Type | number |
| Required | No |
| Default | "- None." |
Description: A numeric value that determines the smallest numeric value you want to allow for Number types.
10.1.1.4.1.2.10. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > noEcho
| Type | boolean |
| Required | No |
| Default | "- Parameter values are not masked." |
Description: Whether to mask the parameter value when anyone makes a call that describes the stack.
If you set the value to true, the parameter value is masked with asterisks (*****).
10.1.1.4.1.2.11. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > parameters > additionalProperties > cfnParamProps > type
| Type | string |
| Required | No |
| Default | "String" |
Description: The data type for the parameter (DataType).
10.1.1.5. Property root > sagemakerBlueprint > additionalAccounts > additionalProperties > provisioningRole
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | executionRole |
10.2. Property root > sagemakerBlueprint > authorizedDomainUnits
| Type | array of string |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| authorizedDomainUnits items | - |
10.2.1. root > sagemakerBlueprint > authorizedDomainUnits > authorizedDomainUnits items
| Type | string |
| Required | No |
10.3. Property root > sagemakerBlueprint > blueprintName
| Type | string |
| Required | No |
10.4. Property root > sagemakerBlueprint > description
| Type | string |
| Required | No |
Description: Q-ENHANCED-PROPERTY Description for the SageMaker blueprint that will be visible to end users in the SageMaker console. Should be descriptive and user-friendly to facilitate blueprint discovery and selection.
Use cases: Product identification; User-friendly naming; SageMaker console display
AWS: AWS SageMaker blueprint name for user interface display
Validation: Must be non-empty string suitable for SageMaker blueprint naming
10.5. Property root > sagemakerBlueprint > domainBucketName
| Type | string |
| Required | No |
10.6. Property root > sagemakerBlueprint > domainConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/DomainConfig |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + blueprintIds | No | object | No | - | - |
| + configParamArns | No | array of string | No | - | - |
| + customResourceRoleName | No | string | No | - | - |
| + domainArn | No | string | No | - | - |
| + domainBucketArn | No | string | No | - | - |
| + domainBucketUsagePolicyName | No | string | No | - | - |
| + domainConfigCr | No | object | No | In #/definitions/MdaaCustomResource | - |
| + domainId | No | string | No | - | - |
| + domainKmsKeyArn | No | string | No | - | - |
| + domainKmsUsagePolicyName | No | string | No | - | - |
| + domainName | No | string | No | - | - |
| + domainUnitIds | No | object | No | - | - |
| + domainVersion | No | string | No | - | - |
| + glueCatalogArns | No | array of string | No | - | - |
| + glueCatalogKmsKeyArns | No | array of string | No | - | - |
| + node | No | object | No | Same as node | The tree node. |
| + projectIds | No | object | No | - | - |
| + props | No | object | No | In #/definitions/DomainConfigProps | - |
| + ssmParamBase | No | string | No | - | - |
10.6.1. Property root > sagemakerBlueprint > domainConfig > blueprintIds
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.1.1. Property root > sagemakerBlueprint > domainConfig > blueprintIds > additionalProperties
| Type | string |
| Required | No |
10.6.2. Property root > sagemakerBlueprint > domainConfig > configParamArns
| Type | array of string |
| Required | Yes |
| Default | [] |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| configParamArns items | - |
10.6.2.1. root > sagemakerBlueprint > domainConfig > configParamArns > configParamArns items
| Type | string |
| Required | No |
10.6.3. Property root > sagemakerBlueprint > domainConfig > customResourceRoleName
| Type | string |
| Required | Yes |
10.6.4. Property root > sagemakerBlueprint > domainConfig > domainArn
| Type | string |
| Required | Yes |
10.6.5. Property root > sagemakerBlueprint > domainConfig > domainBucketArn
| Type | string |
| Required | Yes |
10.6.6. Property root > sagemakerBlueprint > domainConfig > domainBucketUsagePolicyName
| Type | string |
| Required | Yes |
10.6.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaCustomResource |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _allowCrossEnvironment | No | object | No | - | - |
| + _physicalName | No | object | No | - | - |
| + env | No | object | No | In #/definitions/ResourceEnvironment | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + handlerFunction | No | object | No | In #/definitions/MdaaLambdaFunction | Construct for creating a compliant Lambda Function |
| + node | No | object | No | Same as node | The tree node. |
| + physicalName | No | string | No | - | Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. This value will resolve to one of the following: - a concrete value (e.g. `"my-awesome-bucket"`) - `undefined`, when a name should be generated by CloudFormation - a concrete name generated automatically during synthesis, in cross-environment scenarios. |
| + ref | No | string | No | - | The physical name of this custom resource. |
| + resource | No | object | No | - | - |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > _allowCrossEnvironment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > _physicalName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/ResourceEnvironment |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + account | No | string | No | - | The AWS account ID that this resource belongs to. Since this can be a Token (for example, when the account is CloudFormation's AWS::AccountId intrinsic), make sure to use Token.compareStrings() instead of just comparing the values for equality. |
| + region | No | string | No | - | The AWS region that this resource belongs to. Since this can be a Token (for example, when the region is CloudFormation's AWS::Region intrinsic), make sure to use Token.compareStrings() instead of just comparing the values for equality. |
10.6.7.3.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > env > account
| Type | string |
| Required | Yes |
Description: The AWS account ID that this resource belongs to. Since this can be a Token (for example, when the account is CloudFormation's AWS::AccountId intrinsic), make sure to use Token.compareStrings() instead of just comparing the values for equality.
10.6.7.3.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > env > region
| Type | string |
| Required | Yes |
Description: The AWS region that this resource belongs to. Since this can be a Token (for example, when the region is CloudFormation's AWS::Region intrinsic), make sure to use Token.compareStrings() instead of just comparing the values for equality.
10.6.7.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaLambdaFunction |
Description: Construct for creating a compliant Lambda Function
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _allowCrossEnvironment | No | object | No | - | - |
| - _architecture | No | object | No | - | - |
| - _connections | No | object | No | In #/definitions/Connections | Actual connections object for this Lambda May be unset, in which case this Lambda is not configured use in a VPC. |
| - _currentVersion | No | object | No | - | - |
| + _functionUrlInvocationGrants | No | object | No | In #/definitions/Record%3Cstring%2CGrant%3E | Mapping of function URL invocation principals to grants. Used to de-dupe `grantInvokeUrl()` calls. |
| + _hasAddedArrayTokenStatements | No | object | No | - | Track whether we've added statements with array token resources to the role's default policy |
| + _hasAddedLiteralStatements | No | object | No | - | Track whether we've added statements with literal resources to the role's default policy |
| + _invocationGrants | No | object | No | Same as _functionUrlInvocationGrants | Mapping of invocation principals to grants. Used to de-dupe `grantInvoke()` calls. |
| - _latestVersion | No | object | No | - | - |
| + _layers | No | array | No | - | - |
| - _logGroup | No | object | No | - | - |
| - _logRetention | No | object | No | In #/definitions/LogRetention | Creates a custom resource to control the retention policy of a CloudWatch Logs log group. The log group is created if it doesn't already exist. The policy is removed when `retentionDays` is `undefined` or equal to `Infinity`. Log group can be created in the region that is different from stack region by specifying `logGroupRegion` |
| + _physicalName | No | object | No | - | - |
| + _policyCounter | No | object | No | - | The number of permissions added to this function |
| - _skipPermissions | No | boolean | No | - | Whether the user decides to skip adding permissions. The only use case is for cross-account, imported lambdas where the user commits to modifying the permisssions on the imported lambda outside CDK. |
| + _warnIfCurrentVersionCalled | No | boolean | No | - | Flag to delay adding a warning message until current version is invoked. |
| + architecture | No | object | No | In #/definitions/Architecture | The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
| + buildDeadLetterConfig | No | object | No | - | - |
| + buildDeadLetterQueue | No | object | No | - | - |
| + buildTracingConfig | No | object | No | - | - |
| + canCreatePermissions | No | const | No | - | Whether the addPermission() call adds any permissions True for new Lambdas, false for version $LATEST and imported Lambdas from different accounts. |
| + configureAdotInstrumentation | No | object | No | - | Add an AWS Distro for OpenTelemetry Lambda layer. |
| + configureLambdaInsights | No | object | No | - | Configured lambda insights on the function if specified. This is achieved by adding an imported layer which is added to the list of lambda layers on synthesis. https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versions.html |
| + configureParamsAndSecretsExtension | No | object | No | - | Add a Parameters and Secrets Extension Lambda layer. |
| + configureSnapStart | No | object | No | - | - |
| + configureVpc | No | object | No | - | If configured, set up the VPC-related properties Returns the VpcConfig that should be added to the Lambda creation properties. |
| + connections | No | object | No | Same as _connections | Access the Connections object Will fail if not a VPC-enabled Lambda Function |
| + currentVersion | No | object | No | In #/definitions/Version | Returns a `lambda.Version` which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. You can specify options for this version using the `currentVersionOptions` prop when initializing the `lambda.Function`. |
| - currentVersionOptions | No | object | No | - | - |
| - deadLetterQueue | No | object | No | In #/definitions/IQueue | The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
| - deadLetterTopic | No | object | No | In #/definitions/ITopic | The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + environment | No | object | No | - | Environment variables for this function |
| + functionArn | No | string | No | - | ARN of this function |
| + functionName | No | string | No | - | Name of this function |
| + functionRef | No | object | No | Same as functionRef | A reference to a Function resource. |
| + getLoggingConfig | No | object | No | - | Get Logging Config property for the function. This method returns the function LoggingConfig Property if the property is set on the function and undefined if not. |
| + grant | No | object | No | - | - |
| + grantPrincipal | No | object | No | Same as grantPrincipal | The principal this Lambda Function is running as |
| + hashMixins | No | object | No | - | - |
| + isBoundToVpc | No | boolean | No | - | Whether or not this Lambda function was bound to a VPC If this is is `false`, trying to access the `connections` object will fail. |
| + isPrincipalWithConditions | No | object | No | - | - |
| + isQueue | No | object | No | - | - |
| + latestVersion | No | object | No | Same as latestVersion | The `$LATEST` version of this function. Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations. To obtain a reference to an explicit version which references the current function configuration, use `lambdaFunction.currentVersion` instead. |
| + logGroup | No | object | No | In #/definitions/ILogGroup | The LogGroup where the Lambda function's logs are made available. If either `logRetention` is set or this property is called, a CloudFormation custom resource is added to the stack that pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention period (never expire, by default). Further, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention to never expire even if it was configured with a different value. |
| + node | No | object | No | Same as node | The tree node. |
| + parsePermissionPrincipal | No | object | No | - | Translate IPrincipal to something we can pass to AWS::Lambda::Permissions Do some nasty things because `Permission` supports a subset of what the full IAM principal language supports, and we may not be able to parse strings outright because they may be tokens. Try to recognize some specific Principal classes first, then try a generic fallback. |
| + permissionsNode | No | object | No | Same as node | The construct node where permissions are attached. |
| + physicalName | No | string | No | - | Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. This value will resolve to one of the following: - a concrete value (e.g. `"my-awesome-bucket"`) - `undefined`, when a name should be generated by CloudFormation - a concrete name generated automatically during synthesis, in cross-environment scenarios. |
| + renderEnvironment | No | object | No | - | - |
| + renderLayers | No | object | No | - | - |
| + resourceArnsForGrantInvoke | No | array of string | No | - | The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke() |
| - role | No | object | No | Same as role | Execution role associated with this function |
| + runtime | No | object | No | Same as sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__layers_items_compatibleRuntimes_items | The runtime configured for this lambda. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
| + statementHasArrayTokens | No | object | No | - | Check if a policy statement contains array tokens that would cause CloudFormation resolution conflicts when mixed with literal arrays in the same policy document. Array tokens are created by CloudFormation intrinsic functions that return arrays, such as Fn::Split, Fn::GetAZs, etc. These cannot be safely merged with literal resource arrays due to CloudFormation's token resolution limitations. Individual string tokens within literal arrays (e.g., `["arn:${token}:..."]`) are safe and do not cause conflicts, so they are not detected by this method. |
| - timeout | No | object | No | In #/definitions/Duration | The timeout configured for this lambda. |
| + validateConditionCombinations | No | object | No | - | - |
| + validateConditions | No | object | No | - | - |
| + validateProfiling | No | object | No | - | - |
10.6.7.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _allowCrossEnvironment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _architecture
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/Connections |
Description: Actual connections object for this Lambda
May be unset, in which case this Lambda is not configured use in a VPC.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _securityGroupRules | No | object | No | - | The rule that defines how to represent this peer in a security group |
| + _securityGroups | No | object | No | - | Underlying securityGroup for this Connections object, if present May be empty if this Connections object is not managing a SecurityGroup, but simply representing a Connectable peer. |
| + connections | No | object | No | Same as _connections | The network connections associated with this resource. |
| - defaultPort | No | object | No | In #/definitions/Port | The default port configured for this connection peer, if available |
| + remoteRule | No | object | No | - | When doing bidirectional grants between Security Groups in different stacks, put the rule on the other SG |
| + securityGroups | No | array | No | - | - |
| + skip | No | object | No | - | When doing bidirectional grants between Connections, make sure we don't recursive infinitely |
10.6.7.4.3.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > _securityGroupRules
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The rule that defines how to represent this peer in a security group
10.6.7.4.3.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > _securityGroups
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Underlying securityGroup for this Connections object, if present
May be empty if this Connections object is not managing a SecurityGroup, but simply representing a Connectable peer.
10.6.7.4.3.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: The network connections associated with this resource.
10.6.7.4.3.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > defaultPort
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/Port |
Description: The default port configured for this connection peer, if available
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + canInlineRule | No | boolean | No | - | Whether the rule containing this port range can be inlined into a securitygroup or not. |
| + props | No | object | No | - | - |
10.6.7.4.3.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > defaultPort > canInlineRule
| Type | boolean |
| Required | Yes |
Description: Whether the rule containing this port range can be inlined into a securitygroup or not.
10.6.7.4.3.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > defaultPort > props
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > remoteRule
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: When doing bidirectional grants between Security Groups in different stacks, put the rule on the other SG
10.6.7.4.3.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups
| Type | array |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| ISecurityGroup | Interface for security group-like objects |
10.6.7.4.3.6.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > ISecurityGroup
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/ISecurityGroup |
Description: Interface for security group-like objects
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + allowAllOutbound | No | boolean | No | - | Whether the SecurityGroup has been configured to allow all outbound traffic |
| + canInlineRule | No | boolean | No | - | Whether the rule can be inlined into a SecurityGroup or not |
| + connections | No | object | No | Same as _connections | The network connections associated with this resource. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + node | No | object | No | In #/definitions/Node | The tree node. |
| + securityGroupId | No | string | No | - | ID for the current security group |
| + securityGroupRef | No | object | No | In #/definitions/SecurityGroupReference | A reference to a SecurityGroup resource. |
| + stack | No | object | No | In #/definitions/Stack | The stack in which this resource is defined. |
| + uniqueId | No | string | No | - | A unique identifier for this connection peer |
10.6.7.4.3.6.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > allowAllOutbound
| Type | boolean |
| Required | Yes |
Description: Whether the SecurityGroup has been configured to allow all outbound traffic
10.6.7.4.3.6.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > canInlineRule
| Type | boolean |
| Required | Yes |
Description: Whether the rule can be inlined into a SecurityGroup or not
10.6.7.4.3.6.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: The network connections associated with this resource.
10.6.7.4.3.6.1.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.3.6.1.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/Node |
Description: The tree node.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - _addr | No | object | No | - | - |
| + _children | No | object | No | - | - |
| + _context | No | object | No | - | - |
| + _defaultChild | No | object | No | - | - |
| + _dependencies | No | object | No | - | - |
| + _locked | No | object | No | - | - |
| + _metadata | No | object | No | - | - |
| + _validations | No | object | No | - | - |
| + addChild | No | object | No | - | Adds a child construct to this node. |
| + addr | No | string | No | - | Returns an opaque tree-unique address for this construct. Addresses are 42 characters hexadecimal strings. They begin with "c8" followed by 40 lowercase hexadecimal characters (0-9a-f). Addresses are calculated using a SHA-1 of the components of the construct path. To enable refactorings of construct trees, constructs with the ID `Default` will be excluded from the calculation. In those cases constructs in the same tree may have the same addreess. |
| + children | No | array | No | - | All direct children of this construct. |
| - defaultChild | No | object | No | Same as sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items | Returns the child construct that has the id `Default` or `Resource"`. This is usually the construct that provides the bulk of the underlying functionality. Useful for modifications of the underlying construct that are not available at the higher levels. Override the defaultChild property. This should only be used in the cases where the correct default child is not named 'Resource' or 'Default' as it should be. If you set this to undefined, the default behavior of finding the child named 'Resource' or 'Default' will be used. |
| + dependencies | No | array | No | - | Return all dependencies registered on this node (non-recursive). |
| + host | No | object | No | - | - |
| + id | No | string | No | - | The id of this construct within the current scope. This is a a scope-unique id. To obtain an app-unique id for this construct, use `addr`. |
| + locked | No | boolean | No | - | Returns true if this construct or the scopes in which it is defined are locked. |
| + metadata | No | array | No | - | An immutable array of metadata objects associated with this construct. This can be used, for example, to implement support for deprecation notices, source mapping, etc. |
| + path | No | string | No | - | The full, absolute path of this construct in the tree. Components are separated by '/'. |
| + root | No | object | No | Same as sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items | Returns the root of the construct tree. |
| - scope | No | object | No | Same as sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items | Returns the scope in which this construct is defined. The value is `undefined` at the root of the construct scope tree. |
| + scopes | No | array | No | - | All parent scopes of this construct. |
10.6.7.4.3.6.1.5.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _addr
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _children
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _context
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _defaultChild
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _dependencies
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _locked
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _metadata
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > _validations
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > addChild
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Adds a child construct to this node.
10.6.7.4.3.6.1.5.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > addr
| Type | string |
| Required | Yes |
Description: Returns an opaque tree-unique address for this construct.
Addresses are 42 characters hexadecimal strings. They begin with "c8" followed by 40 lowercase hexadecimal characters (0-9a-f).
Addresses are calculated using a SHA-1 of the components of the construct path.
To enable refactorings of construct trees, constructs with the ID Default
will be excluded from the calculation. In those cases constructs in the
same tree may have the same addreess.
10.6.7.4.3.6.1.5.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > children
| Type | array |
| Required | Yes |
Description: All direct children of this construct.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| IConstruct | Represents a construct. |
10.6.7.4.3.6.1.5.11.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > children > IConstruct
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/IConstruct |
Description: Represents a construct.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + node | No | object | No | Same as node | The tree node. |
10.6.7.4.3.6.1.5.11.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > children > children items > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.3.6.1.5.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > defaultChild
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items |
Description: Returns the child construct that has the id Default or Resource".
This is usually the construct that provides the bulk of the underlying functionality.
Useful for modifications of the underlying construct that are not available at the higher levels.
Override the defaultChild property.
This should only be used in the cases where the correct default child is not named 'Resource' or 'Default' as it should be.
If you set this to undefined, the default behavior of finding the child named 'Resource' or 'Default' will be used.
10.6.7.4.3.6.1.5.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > dependencies
| Type | array |
| Required | Yes |
Description: Return all dependencies registered on this node (non-recursive).
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| IConstruct | Represents a construct. |
10.6.7.4.3.6.1.5.13.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > dependencies > IConstruct
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items |
Description: Represents a construct.
10.6.7.4.3.6.1.5.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > host
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.5.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > id
| Type | string |
| Required | Yes |
Description: The id of this construct within the current scope.
This is a a scope-unique id. To obtain an app-unique id for this construct, use addr.
10.6.7.4.3.6.1.5.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > locked
| Type | boolean |
| Required | Yes |
Description: Returns true if this construct or the scopes in which it is defined are locked.
10.6.7.4.3.6.1.5.17. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata
| Type | array |
| Required | Yes |
Description: An immutable array of metadata objects associated with this construct. This can be used, for example, to implement support for deprecation notices, source mapping, etc.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| MetadataEntry | An entry in the construct metadata table. |
10.6.7.4.3.6.1.5.17.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata > MetadataEntry
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MetadataEntry |
Description: An entry in the construct metadata table.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + data | No | object | No | - | The data. |
| - trace | No | array of string | No | - | Stack trace at the point of adding the metadata. Only available if `addMetadata()` is called with `stackTrace: true`. |
| + type | No | string | No | - | The metadata entry type. |
10.6.7.4.3.6.1.5.17.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata > metadata items > data
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The data.
10.6.7.4.3.6.1.5.17.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata > metadata items > trace
| Type | array of string |
| Required | No |
| Default | "- no trace information" |
Description: Stack trace at the point of adding the metadata.
Only available if addMetadata() is called with stackTrace: true.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| trace items | - |
10.6.7.4.3.6.1.5.17.1.2.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata > metadata items > trace > trace items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.5.17.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > metadata > metadata items > type
| Type | string |
| Required | Yes |
Description: The metadata entry type.
10.6.7.4.3.6.1.5.18. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > path
| Type | string |
| Required | Yes |
Description: The full, absolute path of this construct in the tree.
Components are separated by '/'.
10.6.7.4.3.6.1.5.19. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > root
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items |
Description: Returns the root of the construct tree.
10.6.7.4.3.6.1.5.20. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > scope
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items |
Description: Returns the scope in which this construct is defined.
The value is undefined at the root of the construct scope tree.
10.6.7.4.3.6.1.5.21. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > scopes
| Type | array |
| Required | Yes |
Description: All parent scopes of this construct.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| IConstruct | Represents a construct. |
10.6.7.4.3.6.1.5.21.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > node > scopes > IConstruct
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__connections_securityGroups_items_node_children_items |
Description: Represents a construct.
10.6.7.4.3.6.1.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > securityGroupId
| Type | string |
| Required | Yes |
Description: ID for the current security group
10.6.7.4.3.6.1.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > securityGroupRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/SecurityGroupReference |
Description: A reference to a SecurityGroup resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + securityGroupId | No | string | No | - | The Id of the SecurityGroup resource. |
10.6.7.4.3.6.1.7.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > securityGroupRef > securityGroupId
| Type | string |
| Required | Yes |
Description: The Id of the SecurityGroup resource.
10.6.7.4.3.6.1.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/Stack |
Description: The stack in which this resource is defined.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _crossRegionReferences | No | boolean | No | - | Whether cross region references are enabled for this stack |
| + _logicalIds | No | object | No | - | Logical ID generation strategy |
| + _missingContext | No | object | No | - | Lists all missing contextual information. This is returned when the stack is synthesized under the 'missing' attribute and allows tooling to obtain the context and re-synthesize. |
| - _notificationArns | No | array of string | No | - | SNS Notification ARNs to receive stack events. |
| + _stackDependencies | No | object | No | - | Other stacks this stack depends on |
| + _stackName | No | object | No | - | - |
| + _suppressTemplateIndentation | No | object | No | - | Enable this flag to suppress indentation in generated CloudFormation templates. If not specified, the value of the `@aws-cdk/core:suppressTemplateIndentation` context key will be used. If that is not specified, then the default value `false` will be used. |
| + _terminationProtection | No | object | No | - | - |
| + _versionReportingEnabled | No | boolean | No | - | Whether version reporting is enabled for this stack Controls whether the CDK Metadata resource is injected |
| + account | No | string | No | - | The AWS account into which this stack will be deployed. This value is resolved according to the following rules: 1. The value provided to `env.account` when the stack is defined. This can either be a concrete account (e.g. `585695031111`) or the `Aws.ACCOUNT_ID` token. 3. `Aws.ACCOUNT_ID`, which represents the CloudFormation intrinsic reference `{ "Ref": "AWS::AccountId" }` encoded as a string token. Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (`Token.isUnresolved(stack.account)` returns `true`), this implies that the user wishes that this stack will synthesize into an account-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using `Annotations.of(construct).addError()`) or implement some other account-agnostic behavior. |
| + addPermissionsBoundaryAspect | No | object | No | - | Adds an aspect to the stack that will apply the permissions boundary. This will only add the aspect if the permissions boundary has been set |
| + artifactId | No | string | No | - | The ID of the cloud assembly artifact for this stack. |
| + availabilityZones | No | array of string | No | - | Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack. If the stack is environment-agnostic (either account and/or region are tokens), this property will return an array with 2 tokens that will resolve at deploy-time to the first two availability zones returned from CloudFormation's `Fn::GetAZs` intrinsic function. If they are not available in the context, returns a set of dummy values and reports them as missing, and let the CLI resolve them by calling EC2 `DescribeAvailabilityZones` on the target environment. To specify a different strategy for selecting availability zones override this method. |
| + bundlingRequired | No | boolean | No | - | Indicates whether the stack requires bundling or not |
| + dependencies | No | array | No | - | Return the stacks this stack depends on |
| + environment | No | string | No | - | The environment coordinates in which this stack is deployed. In the form `aws://account/region`. Use `stack.account` and `stack.region` to obtain the specific values, no need to parse. You can use this value to determine if two stacks are targeting the same environment. If either `stack.account` or `stack.region` are not concrete values (e.g. `Aws.ACCOUNT_ID` or `Aws.REGION`) the special strings `unknown-account` and/or `unknown-region` will be used respectively to indicate this stack is region/account-agnostic. |
| + generateStackArtifactId | No | object | No | - | The artifact ID for this stack Stack artifact ID is unique within the App's Cloud Assembly. |
| + generateStackId | No | object | No | - | Generate an ID with respect to the given container construct. |
| + generateStackName | No | object | No | - | Calculate the stack name based on the construct path The stack name is the name under which we'll deploy the stack, and incorporates containing Stage names by default. Generally this looks a lot like how logical IDs are calculated. The stack name is calculated based on the construct root path, as follows: - Path is calculated with respect to containing App or Stage (if any) - If the path is one component long just use that component, otherwise combine them with a hash. Since the hash is quite ugly and we'd like to avoid it if possible -- but we can't anymore in the general case since it has been written into legacy stacks. The introduction of Stages makes it possible to make this nicer however. When a Stack is nested inside a Stage, we use the path components below the Stage, and prefix the path components of the Stage before it. |
| + maxResources | No | object | No | - | Maximum number of resources in the stack Set to 0 to mean "unlimited". |
| + nested | No | boolean | No | - | Indicates if this is a nested stack, in which case `parentStack` will include a reference to it's parent. |
| - nestedStackParent | No | object | No | Same as stack | If this is a nested stack, returns it's parent stack. |
| - nestedStackResource | No | object | No | In #/definitions/CfnResource | If this is a nested stack, this represents its `AWS::CloudFormation::Stack` resource. `undefined` for top-level (non-nested) stacks. |
| + node | No | object | No | Same as node | The tree node. |
| + notificationArns | No | array of string | No | - | Returns the list of notification Amazon Resource Names (ARNs) for the current stack. |
| + parseEnvironment | No | object | No | - | Determine the various stack environment attributes. |
| + partition | No | string | No | - | The partition in which this stack is defined |
| + permissionsBoundaryArn | No | object | No | - | If a permissions boundary has been applied on this scope or any parent scope then this will return the ARN of the permissions boundary. This will return the permissions boundary that has been applied to the most specific scope. For example: const stage = new Stage(app, 'stage', { permissionsBoundary: PermissionsBoundary.fromName('stage-pb'), }); const stack = new Stack(stage, 'Stack', { permissionsBoundary: PermissionsBoundary.fromName('some-other-pb'), }); Stack.permissionsBoundaryArn === 'arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/some-other-pb'; |
| + region | No | string | No | - | The AWS region into which this stack will be deployed (e.g. `us-west-2`). This value is resolved according to the following rules: 1. The value provided to `env.region` when the stack is defined. This can either be a concrete region (e.g. `us-west-2`) or the `Aws.REGION` token. 3. `Aws.REGION`, which is represents the CloudFormation intrinsic reference `{ "Ref": "AWS::Region" }` encoded as a string token. Preferably, you should use the return value as an opaque string and not attempt to parse it to implement your logic. If you do, you must first check that it is a concrete value an not an unresolved token. If this value is an unresolved token (`Token.isUnresolved(stack.region)` returns `true`), this implies that the user wishes that this stack will synthesize into a region-agnostic template. In this case, your code should either fail (throw an error, emit a synth error using `Annotations.of(construct).addError()`) or implement some other region-agnostic behavior. |
| + resolveExportedValue | No | object | No | - | - |
| + stackDependencyReasons | No | object | No | - | Check whether this stack has a (transitive) dependency on another stack Returns the list of reasons on the dependency path, or undefined if there is no dependency. |
| + stackId | No | string | No | - | The ID of the stack |
| + stackName | No | string | No | - | The concrete CloudFormation physical stack name. This is either the name defined explicitly in the `stackName` prop or allocated based on the stack's location in the construct tree. Stacks that are directly defined under the app use their construct `id` as their stack name. Stacks that are defined deeper within the tree will use a hashed naming scheme based on the construct path to ensure uniqueness. If you wish to obtain the deploy-time AWS::StackName intrinsic, you can use `Aws.STACK_NAME` directly. |
| + synthesizer | No | object | No | In #/definitions/IStackSynthesizer | Synthesis method for this stack |
| + tags | No | object | No | In #/definitions/TagManager | Tags to be applied to the stack. |
| + templateFile | No | string | No | - | The name of the CloudFormation template file emitted to the output directory during synthesis. Example value: `MyStack.template.json` |
| + templateOptions | No | object | No | In #/definitions/ITemplateOptions | Options for CloudFormation template (like version, transform, description). |
| + terminationProtection | No | boolean | No | - | Whether termination protection is enabled for this stack. |
| + urlSuffix | No | string | No | - | The Amazon domain suffix for the region in which this stack is defined |
10.6.7.4.3.6.1.8.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _crossRegionReferences
| Type | boolean |
| Required | Yes |
Description: Whether cross region references are enabled for this stack
10.6.7.4.3.6.1.8.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _logicalIds
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Logical ID generation strategy
10.6.7.4.3.6.1.8.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _missingContext
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Lists all missing contextual information. This is returned when the stack is synthesized under the 'missing' attribute and allows tooling to obtain the context and re-synthesize.
10.6.7.4.3.6.1.8.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _notificationArns
| Type | array of string |
| Required | No |
Description: SNS Notification ARNs to receive stack events.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| _notificationArns items | - |
10.6.7.4.3.6.1.8.4.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _notificationArns > _notificationArns items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _stackDependencies
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Other stacks this stack depends on
10.6.7.4.3.6.1.8.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _stackName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _suppressTemplateIndentation
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Default | "- the value of@aws-cdk/core:suppressTemplateIndentation, orfalseif that is not set." |
Description: Enable this flag to suppress indentation in generated CloudFormation templates.
If not specified, the value of the @aws-cdk/core:suppressTemplateIndentation
context key will be used. If that is not specified, then the
default value false will be used.
10.6.7.4.3.6.1.8.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _terminationProtection
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > _versionReportingEnabled
| Type | boolean |
| Required | Yes |
Description: Whether version reporting is enabled for this stack
Controls whether the CDK Metadata resource is injected
10.6.7.4.3.6.1.8.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > account
| Type | string |
| Required | Yes |
Description: The AWS account into which this stack will be deployed.
This value is resolved according to the following rules:
- The value provided to
env.accountwhen the stack is defined. This can either be a concrete account (e.g.585695031111) or theAws.ACCOUNT_IDtoken. Aws.ACCOUNT_ID, which represents the CloudFormation intrinsic reference{ "Ref": "AWS::AccountId" }encoded as a string token.
Preferably, you should use the return value as an opaque string and not
attempt to parse it to implement your logic. If you do, you must first
check that it is a concrete value an not an unresolved token. If this
value is an unresolved token (Token.isUnresolved(stack.account) returns
true), this implies that the user wishes that this stack will synthesize
into an account-agnostic template. In this case, your code should either
fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or
implement some other account-agnostic behavior.
10.6.7.4.3.6.1.8.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > addPermissionsBoundaryAspect
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Adds an aspect to the stack that will apply the permissions boundary. This will only add the aspect if the permissions boundary has been set
10.6.7.4.3.6.1.8.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > artifactId
| Type | string |
| Required | Yes |
Description: The ID of the cloud assembly artifact for this stack.
10.6.7.4.3.6.1.8.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > availabilityZones
| Type | array of string |
| Required | Yes |
Description: Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
If the stack is environment-agnostic (either account and/or region are
tokens), this property will return an array with 2 tokens that will resolve
at deploy-time to the first two availability zones returned from CloudFormation's
Fn::GetAZs intrinsic function.
If they are not available in the context, returns a set of dummy values and
reports them as missing, and let the CLI resolve them by calling EC2
DescribeAvailabilityZones on the target environment.
To specify a different strategy for selecting availability zones override this method.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| availabilityZones items | - |
10.6.7.4.3.6.1.8.13.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > availabilityZones > availabilityZones items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > bundlingRequired
| Type | boolean |
| Required | Yes |
Description: Indicates whether the stack requires bundling or not
10.6.7.4.3.6.1.8.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > dependencies
| Type | array |
| Required | Yes |
Description: Return the stacks this stack depends on
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| Stack | A root construct which represents a single CloudFormation stack. |
10.6.7.4.3.6.1.8.15.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > dependencies > Stack
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: A root construct which represents a single CloudFormation stack.
10.6.7.4.3.6.1.8.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > environment
| Type | string |
| Required | Yes |
Description: The environment coordinates in which this stack is deployed. In the form
aws://account/region. Use stack.account and stack.region to obtain
the specific values, no need to parse.
You can use this value to determine if two stacks are targeting the same environment.
If either stack.account or stack.region are not concrete values (e.g.
Aws.ACCOUNT_ID or Aws.REGION) the special strings unknown-account and/or
unknown-region will be used respectively to indicate this stack is
region/account-agnostic.
10.6.7.4.3.6.1.8.17. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > generateStackArtifactId
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The artifact ID for this stack
Stack artifact ID is unique within the App's Cloud Assembly.
10.6.7.4.3.6.1.8.18. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > generateStackId
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Generate an ID with respect to the given container construct.
10.6.7.4.3.6.1.8.19. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > generateStackName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Calculate the stack name based on the construct path
The stack name is the name under which we'll deploy the stack, and incorporates containing Stage names by default.
Generally this looks a lot like how logical IDs are calculated. The stack name is calculated based on the construct root path, as follows:
- Path is calculated with respect to containing App or Stage (if any)
- If the path is one component long just use that component, otherwise combine them with a hash.
Since the hash is quite ugly and we'd like to avoid it if possible -- but we can't anymore in the general case since it has been written into legacy stacks. The introduction of Stages makes it possible to make this nicer however. When a Stack is nested inside a Stage, we use the path components below the Stage, and prefix the path components of the Stage before it.
10.6.7.4.3.6.1.8.20. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > maxResources
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Maximum number of resources in the stack
Set to 0 to mean "unlimited".
10.6.7.4.3.6.1.8.21. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nested
| Type | boolean |
| Required | Yes |
Description: Indicates if this is a nested stack, in which case parentStack will include a reference to it's parent.
10.6.7.4.3.6.1.8.22. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackParent
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: If this is a nested stack, returns it's parent stack.
10.6.7.4.3.6.1.8.23. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnResource |
Description: If this is a nested stack, this represents its AWS::CloudFormation::Stack
resource. undefined for top-level (non-nested) stacks.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _cfnProperties | No | object | No | - | AWS CloudFormation resource properties. This object is returned via cfnProperties |
| - _logicalIdLocked | No | object | No | - | If the logicalId is locked then it can no longer be overridden. This is needed for cases where the logicalId is consumed prior to synthesis (i.e. Stack.exportValue). |
| - _logicalIdOverride | No | object | No | - | An explicit logical ID provided by `overrideLogicalId`. |
| + cfnOptions | No | object | No | In #/definitions/ICfnResourceOptions | Options for this resource, such as condition, update policy etc. |
| + cfnProperties | No | object | No | - | - |
| + cfnResourceType | No | string | No | - | AWS resource type. |
| + creationStack | No | array of string | No | - | - |
| + dependsOn | No | object | No | - | Logical IDs of dependencies. Is filled during prepare(). |
| + logicalId | No | string | No | - | The logical ID for this CloudFormation stack element. The logical ID of the element is calculated from the path of the resource node in the construct tree. To override this value, use `overrideLogicalId(newLogicalId)`. |
| + node | No | object | No | Same as node | The tree node. |
| + rawOverrides | No | object | No | - | An object to be merged on top of the entire resource definition. |
| + ref | No | string | No | - | Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. |
| + stack | No | object | No | Same as stack | The stack in which this element is defined. CfnElements must be defined within a stack scope (directly or indirectly). |
| + synthesizeLogicalId | No | object | No | - | Called during synthesize to render the logical ID of this element. If `overrideLogicalId` was it will be used, otherwise, we will allocate the logical ID through the stack. |
| + updatedProperites | No | object | No | - | Deprecated |
| + updatedProperties | No | object | No | - | Return properties modified after initiation Resources that expose mutable properties should override this function to collect and return the properties object for this resource. |
10.6.7.4.3.6.1.8.23.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > _cfnProperties
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: AWS CloudFormation resource properties.
This object is returned via cfnProperties
10.6.7.4.3.6.1.8.23.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > _logicalIdLocked
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
Description: If the logicalId is locked then it can no longer be overridden. This is needed for cases where the logicalId is consumed prior to synthesis (i.e. Stack.exportValue).
10.6.7.4.3.6.1.8.23.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > _logicalIdOverride
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
Description: An explicit logical ID provided by overrideLogicalId.
10.6.7.4.3.6.1.8.23.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/ICfnResourceOptions |
Description: Options for this resource, such as condition, update policy etc.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - condition | No | object | No | In #/definitions/CfnCondition | A condition to associate with this resource. This means that only if the condition evaluates to 'true' when the stack is deployed, the resource will be included. This is provided to allow CDK projects to produce legacy templates, but normally there is no need to use it in CDK projects. |
| - creationPolicy | No | object | No | In #/definitions/CfnCreationPolicy | Associate the CreationPolicy attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals or the timeout period is exceeded. To signal a resource, you can use the cfn-signal helper script or SignalResource API. AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent. |
| - deletionPolicy | No | enum (of string) | No | - | With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. Note that this capability also applies to update operations that lead to resources being removed. |
| - description | No | string | No | - | The description of this resource. Used for informational purposes only, is not processed in any way (and stays with the CloudFormation template, is not passed to the underlying resource, even if it does have a 'description' property). |
| - metadata | No | object | No | - | Metadata associated with the CloudFormation resource. This is not the same as the construct metadata which can be added using construct.addMetadata(), but would not appear in the CloudFormation template automatically. |
| - updatePolicy | No | object | No | In #/definitions/CfnUpdatePolicy | Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. |
| - updateReplacePolicy | No | enum (of string) | No | - | Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. |
| - version | No | string | No | - | The version of this resource. Used only for custom CloudFormation resources. |
10.6.7.4.3.6.1.8.23.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnCondition |
Description: A condition to associate with this resource. This means that only if the condition evaluates to 'true' when the stack is deployed, the resource will be included. This is provided to allow CDK projects to produce legacy templates, but normally there is no need to use it in CDK projects.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - _logicalIdLocked | No | object | No | - | If the logicalId is locked then it can no longer be overridden. This is needed for cases where the logicalId is consumed prior to synthesis (i.e. Stack.exportValue). |
| - _logicalIdOverride | No | object | No | - | An explicit logical ID provided by `overrideLogicalId`. |
| + creationStack | No | array of string | No | - | - |
| - expression | No | object | No | In #/definitions/ICfnConditionExpression | The condition statement. |
| + logicalId | No | string | No | - | The logical ID for this CloudFormation stack element. The logical ID of the element is calculated from the path of the resource node in the construct tree. To override this value, use `overrideLogicalId(newLogicalId)`. |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this element is defined. CfnElements must be defined within a stack scope (directly or indirectly). |
| + synthesizeLogicalId | No | object | No | - | Called during synthesize to render the logical ID of this element. If `overrideLogicalId` was it will be used, otherwise, we will allocate the logical ID through the stack. |
10.6.7.4.3.6.1.8.23.4.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > _logicalIdLocked
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
Description: If the logicalId is locked then it can no longer be overridden. This is needed for cases where the logicalId is consumed prior to synthesis (i.e. Stack.exportValue).
10.6.7.4.3.6.1.8.23.4.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > _logicalIdOverride
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
Description: An explicit logical ID provided by overrideLogicalId.
10.6.7.4.3.6.1.8.23.4.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > creationStack
| Type | array of string |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| creationStack items | - |
10.6.7.4.3.6.1.8.23.4.1.3.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > creationStack > creationStack items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.23.4.1.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > expression
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/ICfnConditionExpression |
Description: The condition statement.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + creationStack | No | array of string | No | - | The creation stack of this resolvable which will be appended to errors thrown during resolution. This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons. |
| - typeHint | No | enum (of string) | No | - | The type that this token will likely resolve to. |
10.6.7.4.3.6.1.8.23.4.1.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > expression > creationStack
| Type | array of string |
| Required | Yes |
Description: The creation stack of this resolvable which will be appended to errors thrown during resolution.
This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| creationStack items | - |
10.6.7.4.3.6.1.8.23.4.1.4.1.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > expression > creationStack > creationStack items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.23.4.1.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > expression > typeHint
| Type | enum (of string) |
| Required | No |
Description: The type that this token will likely resolve to.
Must be one of: * "number" * "string" * "string-list"
10.6.7.4.3.6.1.8.23.4.1.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > logicalId
| Type | string |
| Required | Yes |
Description: The logical ID for this CloudFormation stack element. The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use overrideLogicalId(newLogicalId).
10.6.7.4.3.6.1.8.23.4.1.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.3.6.1.8.23.4.1.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this element is defined. CfnElements must be defined within a stack scope (directly or indirectly).
10.6.7.4.3.6.1.8.23.4.1.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > condition > synthesizeLogicalId
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Called during synthesize to render the logical ID of this element. If
overrideLogicalId was it will be used, otherwise, we will allocate the
logical ID through the stack.
10.6.7.4.3.6.1.8.23.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnCreationPolicy |
Description: Associate the CreationPolicy attribute with a resource to prevent its status from reaching create complete until AWS CloudFormation receives a specified number of success signals or the timeout period is exceeded. To signal a resource, you can use the cfn-signal helper script or SignalResource API. AWS CloudFormation publishes valid signals to the stack events so that you track the number of signals sent.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - autoScalingCreationPolicy | No | object | No | In #/definitions/CfnResourceAutoScalingCreationPolicy | For an Auto Scaling group replacement update, specifies how many instances must signal success for the update to succeed. |
| - resourceSignal | No | object | No | In #/definitions/CfnResourceSignal | When AWS CloudFormation creates the associated resource, configures the number of required success signals and the length of time that AWS CloudFormation waits for those signals. |
| - startFleet | No | boolean | No | - | For an AppStream Fleet creation, specifies that the fleet is started after creation. |
10.6.7.4.3.6.1.8.23.4.2.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > autoScalingCreationPolicy
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnResourceAutoScalingCreationPolicy |
Description: For an Auto Scaling group replacement update, specifies how many instances must signal success for the update to succeed.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - minSuccessfulInstancesPercent | No | number | No | - | Specifies the percentage of instances in an Auto Scaling replacement update that must signal success for the update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success. If an instance doesn't send a signal within the time specified by the Timeout property, AWS CloudFormation assumes that the instance wasn't created. |
10.6.7.4.3.6.1.8.23.4.2.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > autoScalingCreationPolicy > minSuccessfulInstancesPercent
| Type | number |
| Required | No |
Description: Specifies the percentage of instances in an Auto Scaling replacement update that must signal success for the update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success. If an instance doesn't send a signal within the time specified by the Timeout property, AWS CloudFormation assumes that the instance wasn't created.
10.6.7.4.3.6.1.8.23.4.2.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > resourceSignal
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnResourceSignal |
Description: When AWS CloudFormation creates the associated resource, configures the number of required success signals and the length of time that AWS CloudFormation waits for those signals.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - count | No | number | No | - | The number of success signals AWS CloudFormation must receive before it sets the resource status as CREATE_COMPLETE. If the resource receives a failure signal or doesn't receive the specified number of signals before the timeout period expires, the resource creation fails and AWS CloudFormation rolls the stack back. |
| - timeout | No | string | No | - | The length of time that AWS CloudFormation waits for the number of signals that was specified in the Count property. The timeout period starts after AWS CloudFormation starts creating the resource, and the timeout expires no sooner than the time you specify but can occur shortly thereafter. The maximum time that you can specify is 12 hours. |
10.6.7.4.3.6.1.8.23.4.2.2.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > resourceSignal > count
| Type | number |
| Required | No |
Description: The number of success signals AWS CloudFormation must receive before it sets the resource status as CREATE_COMPLETE. If the resource receives a failure signal or doesn't receive the specified number of signals before the timeout period expires, the resource creation fails and AWS CloudFormation rolls the stack back.
10.6.7.4.3.6.1.8.23.4.2.2.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > resourceSignal > timeout
| Type | string |
| Required | No |
Description: The length of time that AWS CloudFormation waits for the number of signals that was specified in the Count property. The timeout period starts after AWS CloudFormation starts creating the resource, and the timeout expires no sooner than the time you specify but can occur shortly thereafter. The maximum time that you can specify is 12 hours.
10.6.7.4.3.6.1.8.23.4.2.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > creationPolicy > startFleet
| Type | boolean |
| Required | No |
Description: For an AppStream Fleet creation, specifies that the fleet is started after creation.
10.6.7.4.3.6.1.8.23.4.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > deletionPolicy
| Type | enum (of string) |
| Required | No |
Description: With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. Note that this capability also applies to update operations that lead to resources being removed.
Must be one of: * "Delete" * "Retain" * "RetainExceptOnCreate" * "Snapshot"
10.6.7.4.3.6.1.8.23.4.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > description
| Type | string |
| Required | No |
Description: The description of this resource. Used for informational purposes only, is not processed in any way (and stays with the CloudFormation template, is not passed to the underlying resource, even if it does have a 'description' property).
10.6.7.4.3.6.1.8.23.4.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > metadata
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Metadata associated with the CloudFormation resource. This is not the same as the construct metadata which can be added using construct.addMetadata(), but would not appear in the CloudFormation template automatically.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | - | - |
10.6.7.4.3.6.1.8.23.4.5.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > metadata > additionalProperties
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.23.4.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnUpdatePolicy |
Description: Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - autoScalingReplacingUpdate | No | object | No | In #/definitions/CfnAutoScalingReplacingUpdate | Specifies whether an Auto Scaling group and the instances it contains are replaced during an update. During replacement, AWS CloudFormation retains the old group until it finishes creating the new one. If the update fails, AWS CloudFormation can roll back to the old Auto Scaling group and delete the new Auto Scaling group. |
| - autoScalingRollingUpdate | No | object | No | In #/definitions/CfnAutoScalingRollingUpdate | To specify how AWS CloudFormation handles rolling updates for an Auto Scaling group, use the AutoScalingRollingUpdate policy. Rolling updates enable you to specify whether AWS CloudFormation updates instances that are in an Auto Scaling group in batches or all at once. |
| - autoScalingScheduledAction | No | object | No | In #/definitions/CfnAutoScalingScheduledAction | To specify how AWS CloudFormation handles updates for the MinSize, MaxSize, and DesiredCapacity properties when the AWS::AutoScaling::AutoScalingGroup resource has an associated scheduled action, use the AutoScalingScheduledAction policy. |
| - codeDeployLambdaAliasUpdate | No | object | No | In #/definitions/CfnCodeDeployLambdaAliasUpdate | To perform an AWS CodeDeploy deployment when the version changes on an AWS::Lambda::Alias resource, use the CodeDeployLambdaAliasUpdate update policy. |
| - enableVersionUpgrade | No | boolean | No | - | To upgrade an Amazon ES domain to a new version of Elasticsearch rather than replacing the entire AWS::Elasticsearch::Domain resource, use the EnableVersionUpgrade update policy. |
| - useOnlineResharding | No | boolean | No | - | To modify a replication group's shards by adding or removing shards, rather than replacing the entire AWS::ElastiCache::ReplicationGroup resource, use the UseOnlineResharding update policy. |
10.6.7.4.3.6.1.8.23.4.6.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingReplacingUpdate
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnAutoScalingReplacingUpdate |
Description: Specifies whether an Auto Scaling group and the instances it contains are replaced during an update. During replacement, AWS CloudFormation retains the old group until it finishes creating the new one. If the update fails, AWS CloudFormation can roll back to the old Auto Scaling group and delete the new Auto Scaling group.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - willReplace | No | boolean | No | - | - |
10.6.7.4.3.6.1.8.23.4.6.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingReplacingUpdate > willReplace
| Type | boolean |
| Required | No |
10.6.7.4.3.6.1.8.23.4.6.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnAutoScalingRollingUpdate |
Description: To specify how AWS CloudFormation handles rolling updates for an Auto Scaling group, use the AutoScalingRollingUpdate policy. Rolling updates enable you to specify whether AWS CloudFormation updates instances that are in an Auto Scaling group in batches or all at once.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - maxBatchSize | No | number | No | - | Specifies the maximum number of instances that AWS CloudFormation updates. |
| - minActiveInstancesPercent | No | number | No | - | Specifies the percentage of instances in an Auto Scaling group that must remain in service while AWS CloudFormation updates old instances. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum active percentage of 50, three instances must remain in service. |
| - minInstancesInService | No | number | No | - | Specifies the minimum number of instances that must be in service within the Auto Scaling group while AWS CloudFormation updates old instances. |
| - minSuccessfulInstancesPercent | No | number | No | - | Specifies the percentage of instances in an Auto Scaling rolling update that must signal success for an update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success. If an instance doesn't send a signal within the time specified in the PauseTime property, AWS CloudFormation assumes that the instance wasn't updated. If you specify this property, you must also enable the WaitOnResourceSignals and PauseTime properties. |
| - pauseTime | No | string | No | - | The amount of time that AWS CloudFormation pauses after making a change to a batch of instances to give those instances time to start software applications. For example, you might need to specify PauseTime when scaling up the number of instances in an Auto Scaling group. If you enable the WaitOnResourceSignals property, PauseTime is the amount of time that AWS CloudFormation should wait for the Auto Scaling group to receive the required number of valid signals from added or replaced instances. If the PauseTime is exceeded before the Auto Scaling group receives the required number of signals, the update fails. For best results, specify a time period that gives your applications sufficient time to get started. If the update needs to be rolled back, a short PauseTime can cause the rollback to fail. Specify PauseTime in the ISO8601 duration format (in the format PT#H#M#S, where each # is the number of hours, minutes, and seconds, respectively). The maximum PauseTime is one hour (PT1H). |
| - suspendProcesses | No | array of string | No | - | Specifies the Auto Scaling processes to suspend during a stack update. Suspending processes prevents Auto Scaling from interfering with a stack update. For example, you can suspend alarming so that Auto Scaling doesn't execute scaling policies associated with an alarm. For valid values, see the ScalingProcesses.member.N parameter for the SuspendProcesses action in the Auto Scaling API Reference. |
| - waitOnResourceSignals | No | boolean | No | - | Specifies whether the Auto Scaling group waits on signals from new instances during an update. Use this property to ensure that instances have completed installing and configuring applications before the Auto Scaling group update proceeds. AWS CloudFormation suspends the update of an Auto Scaling group after new EC2 instances are launched into the group. AWS CloudFormation must receive a signal from each new instance within the specified PauseTime before continuing the update. To signal the Auto Scaling group, use the cfn-signal helper script or SignalResource API. To have instances wait for an Elastic Load Balancing health check before they signal success, add a health-check verification by using the cfn-init helper script. For an example, see the verify_instance_health command in the Auto Scaling rolling updates sample template. |
10.6.7.4.3.6.1.8.23.4.6.2.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > maxBatchSize
| Type | number |
| Required | No |
Description: Specifies the maximum number of instances that AWS CloudFormation updates.
10.6.7.4.3.6.1.8.23.4.6.2.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > minActiveInstancesPercent
| Type | number |
| Required | No |
Description: Specifies the percentage of instances in an Auto Scaling group that must remain in service while AWS CloudFormation updates old instances. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum active percentage of 50, three instances must remain in service.
10.6.7.4.3.6.1.8.23.4.6.2.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > minInstancesInService
| Type | number |
| Required | No |
Description: Specifies the minimum number of instances that must be in service within the Auto Scaling group while AWS CloudFormation updates old instances.
10.6.7.4.3.6.1.8.23.4.6.2.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > minSuccessfulInstancesPercent
| Type | number |
| Required | No |
Description: Specifies the percentage of instances in an Auto Scaling rolling update that must signal success for an update to succeed. You can specify a value from 0 to 100. AWS CloudFormation rounds to the nearest tenth of a percent. For example, if you update five instances with a minimum successful percentage of 50, three instances must signal success.
If an instance doesn't send a signal within the time specified in the PauseTime property, AWS CloudFormation assumes that the instance wasn't updated.
If you specify this property, you must also enable the WaitOnResourceSignals and PauseTime properties.
10.6.7.4.3.6.1.8.23.4.6.2.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > pauseTime
| Type | string |
| Required | No |
Description: The amount of time that AWS CloudFormation pauses after making a change to a batch of instances to give those instances time to start software applications. For example, you might need to specify PauseTime when scaling up the number of instances in an Auto Scaling group.
If you enable the WaitOnResourceSignals property, PauseTime is the amount of time that AWS CloudFormation should wait for the Auto Scaling group to receive the required number of valid signals from added or replaced instances. If the PauseTime is exceeded before the Auto Scaling group receives the required number of signals, the update fails. For best results, specify a time period that gives your applications sufficient time to get started. If the update needs to be rolled back, a short PauseTime can cause the rollback to fail.
Specify PauseTime in the ISO8601 duration format (in the format PT#H#M#S, where each # is the number of hours, minutes, and seconds, respectively). The maximum PauseTime is one hour (PT1H).
10.6.7.4.3.6.1.8.23.4.6.2.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > suspendProcesses
| Type | array of string |
| Required | No |
Description: Specifies the Auto Scaling processes to suspend during a stack update. Suspending processes prevents Auto Scaling from interfering with a stack update. For example, you can suspend alarming so that Auto Scaling doesn't execute scaling policies associated with an alarm. For valid values, see the ScalingProcesses.member.N parameter for the SuspendProcesses action in the Auto Scaling API Reference.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| suspendProcesses items | - |
10.6.7.4.3.6.1.8.23.4.6.2.6.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > suspendProcesses > suspendProcesses items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.23.4.6.2.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingRollingUpdate > waitOnResourceSignals
| Type | boolean |
| Required | No |
Description: Specifies whether the Auto Scaling group waits on signals from new instances during an update. Use this property to ensure that instances have completed installing and configuring applications before the Auto Scaling group update proceeds. AWS CloudFormation suspends the update of an Auto Scaling group after new EC2 instances are launched into the group. AWS CloudFormation must receive a signal from each new instance within the specified PauseTime before continuing the update. To signal the Auto Scaling group, use the cfn-signal helper script or SignalResource API.
To have instances wait for an Elastic Load Balancing health check before they signal success, add a health-check verification by using the cfn-init helper script. For an example, see the verify_instance_health command in the Auto Scaling rolling updates sample template.
10.6.7.4.3.6.1.8.23.4.6.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingScheduledAction
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnAutoScalingScheduledAction |
Description: To specify how AWS CloudFormation handles updates for the MinSize, MaxSize, and DesiredCapacity properties when the AWS::AutoScaling::AutoScalingGroup resource has an associated scheduled action, use the AutoScalingScheduledAction policy.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - ignoreUnmodifiedGroupSizeProperties | No | boolean | No | - | - |
10.6.7.4.3.6.1.8.23.4.6.3.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > autoScalingScheduledAction > ignoreUnmodifiedGroupSizeProperties
| Type | boolean |
| Required | No |
10.6.7.4.3.6.1.8.23.4.6.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > codeDeployLambdaAliasUpdate
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/CfnCodeDeployLambdaAliasUpdate |
Description: To perform an AWS CodeDeploy deployment when the version changes on an AWS::Lambda::Alias resource, use the CodeDeployLambdaAliasUpdate update policy.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - afterAllowTrafficHook | No | string | No | - | The name of the Lambda function to run after traffic routing completes. |
| + applicationName | No | string | No | - | The name of the AWS CodeDeploy application. |
| - beforeAllowTrafficHook | No | string | No | - | The name of the Lambda function to run before traffic routing starts. |
| + deploymentGroupName | No | string | No | - | The name of the AWS CodeDeploy deployment group. This is where the traffic-shifting policy is set. |
10.6.7.4.3.6.1.8.23.4.6.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > codeDeployLambdaAliasUpdate > afterAllowTrafficHook
| Type | string |
| Required | No |
Description: The name of the Lambda function to run after traffic routing completes.
10.6.7.4.3.6.1.8.23.4.6.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > codeDeployLambdaAliasUpdate > applicationName
| Type | string |
| Required | Yes |
Description: The name of the AWS CodeDeploy application.
10.6.7.4.3.6.1.8.23.4.6.4.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > codeDeployLambdaAliasUpdate > beforeAllowTrafficHook
| Type | string |
| Required | No |
Description: The name of the Lambda function to run before traffic routing starts.
10.6.7.4.3.6.1.8.23.4.6.4.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > codeDeployLambdaAliasUpdate > deploymentGroupName
| Type | string |
| Required | Yes |
Description: The name of the AWS CodeDeploy deployment group. This is where the traffic-shifting policy is set.
10.6.7.4.3.6.1.8.23.4.6.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > enableVersionUpgrade
| Type | boolean |
| Required | No |
Description: To upgrade an Amazon ES domain to a new version of Elasticsearch rather than replacing the entire AWS::Elasticsearch::Domain resource, use the EnableVersionUpgrade update policy.
10.6.7.4.3.6.1.8.23.4.6.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updatePolicy > useOnlineResharding
| Type | boolean |
| Required | No |
Description: To modify a replication group's shards by adding or removing shards, rather than replacing the entire AWS::ElastiCache::ReplicationGroup resource, use the UseOnlineResharding update policy.
10.6.7.4.3.6.1.8.23.4.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > updateReplacePolicy
| Type | enum (of string) |
| Required | No |
Description: Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation.
Must be one of: * "Delete" * "Retain" * "RetainExceptOnCreate" * "Snapshot"
10.6.7.4.3.6.1.8.23.4.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnOptions > version
| Type | string |
| Required | No |
Description: The version of this resource. Used only for custom CloudFormation resources.
10.6.7.4.3.6.1.8.23.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnProperties
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | - | - |
10.6.7.4.3.6.1.8.23.5.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnProperties > additionalProperties
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.23.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > cfnResourceType
| Type | string |
| Required | Yes |
Description: AWS resource type.
10.6.7.4.3.6.1.8.23.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > creationStack
| Type | array of string |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| creationStack items | - |
10.6.7.4.3.6.1.8.23.7.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > creationStack > creationStack items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.23.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > dependsOn
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Logical IDs of dependencies.
Is filled during prepare().
10.6.7.4.3.6.1.8.23.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > logicalId
| Type | string |
| Required | Yes |
Description: The logical ID for this CloudFormation stack element. The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use overrideLogicalId(newLogicalId).
10.6.7.4.3.6.1.8.23.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.3.6.1.8.23.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > rawOverrides
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: An object to be merged on top of the entire resource definition.
10.6.7.4.3.6.1.8.23.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > ref
| Type | string |
| Required | Yes |
Description: Return a string that will be resolved to a CloudFormation { Ref } for this element.
If, by any chance, the intrinsic reference of a resource is not a string, you could
coerce it to an IResolvable through Lazy.any({ produce: resource.ref }).
10.6.7.4.3.6.1.8.23.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this element is defined. CfnElements must be defined within a stack scope (directly or indirectly).
10.6.7.4.3.6.1.8.23.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > synthesizeLogicalId
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Called during synthesize to render the logical ID of this element. If
overrideLogicalId was it will be used, otherwise, we will allocate the
logical ID through the stack.
10.6.7.4.3.6.1.8.23.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > updatedProperites
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
Description: Deprecated
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | - | - |
10.6.7.4.3.6.1.8.23.15.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > updatedProperites > additionalProperties
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.23.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > updatedProperties
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
Description: Return properties modified after initiation
Resources that expose mutable properties should override this function to collect and return the properties object for this resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | - | - |
10.6.7.4.3.6.1.8.23.16.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > nestedStackResource > updatedProperties > additionalProperties
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.24. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.3.6.1.8.25. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > notificationArns
| Type | array of string |
| Required | Yes |
Description: Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| notificationArns items | - |
10.6.7.4.3.6.1.8.25.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > notificationArns > notificationArns items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.26. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > parseEnvironment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Determine the various stack environment attributes.
10.6.7.4.3.6.1.8.27. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > partition
| Type | string |
| Required | Yes |
Description: The partition in which this stack is defined
10.6.7.4.3.6.1.8.28. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > permissionsBoundaryArn
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: If a permissions boundary has been applied on this scope or any parent scope then this will return the ARN of the permissions boundary.
This will return the permissions boundary that has been applied to the most specific scope.
For example:
const stage = new Stage(app, 'stage', { permissionsBoundary: PermissionsBoundary.fromName('stage-pb'), });
const stack = new Stack(stage, 'Stack', { permissionsBoundary: PermissionsBoundary.fromName('some-other-pb'), });
Stack.permissionsBoundaryArn === 'arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/some-other-pb';
10.6.7.4.3.6.1.8.29. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > region
| Type | string |
| Required | Yes |
Description: The AWS region into which this stack will be deployed (e.g. us-west-2).
This value is resolved according to the following rules:
- The value provided to
env.regionwhen the stack is defined. This can either be a concrete region (e.g.us-west-2) or theAws.REGIONtoken. Aws.REGION, which is represents the CloudFormation intrinsic reference{ "Ref": "AWS::Region" }encoded as a string token.
Preferably, you should use the return value as an opaque string and not
attempt to parse it to implement your logic. If you do, you must first
check that it is a concrete value an not an unresolved token. If this
value is an unresolved token (Token.isUnresolved(stack.region) returns
true), this implies that the user wishes that this stack will synthesize
into a region-agnostic template. In this case, your code should either
fail (throw an error, emit a synth error using Annotations.of(construct).addError()) or
implement some other region-agnostic behavior.
10.6.7.4.3.6.1.8.30. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > resolveExportedValue
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.31. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > stackDependencyReasons
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Check whether this stack has a (transitive) dependency on another stack
Returns the list of reasons on the dependency path, or undefined if there is no dependency.
10.6.7.4.3.6.1.8.32. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > stackId
| Type | string |
| Required | Yes |
Description: The ID of the stack
10.6.7.4.3.6.1.8.33. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > stackName
| Type | string |
| Required | Yes |
Description: The concrete CloudFormation physical stack name.
This is either the name defined explicitly in the stackName prop or
allocated based on the stack's location in the construct tree. Stacks that
are directly defined under the app use their construct id as their stack
name. Stacks that are defined deeper within the tree will use a hashed naming
scheme based on the construct path to ensure uniqueness.
If you wish to obtain the deploy-time AWS::StackName intrinsic,
you can use Aws.STACK_NAME directly.
10.6.7.4.3.6.1.8.34. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > synthesizer
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/IStackSynthesizer |
Description: Synthesis method for this stack
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - bootstrapQualifier | No | string | No | - | The qualifier used to bootstrap this stack |
| - lookupRole | No | string | No | - | The role used to lookup for this stack |
10.6.7.4.3.6.1.8.34.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > synthesizer > bootstrapQualifier
| Type | string |
| Required | No |
| Default | "- no qualifier" |
Description: The qualifier used to bootstrap this stack
10.6.7.4.3.6.1.8.34.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > synthesizer > lookupRole
| Type | string |
| Required | No |
| Default | "- no role" |
Description: The role used to lookup for this stack
10.6.7.4.3.6.1.8.35. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/TagManager |
Description: Tags to be applied to the stack.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _setTag | No | object | No | - | - |
| + didHaveInitialTags | No | object | No | - | - |
| - dynamicTags | No | object | No | - | - |
| + externalTagPriority | No | object | No | - | - |
| + parseExternalTags | No | object | No | - | Parse external tags. Set the parseable ones into this tag manager. Save the rest (tokens, lazies) in `this.dynamicTags`. |
| + priorities | No | object | No | - | - |
| + renderedTags | No | object | No | Same as datasets_additionalProperties_formatOptions_anyOf_i0 | A lazy value that represents the rendered tags at synthesis time If you need to make a custom construct taggable, use the value of this property to pass to the `tags` property of the underlying construct. |
| + resourceTypeName | No | object | No | - | - |
| + sortedTags | No | object | No | - | - |
| + tagFormatter | No | object | No | - | - |
| + tagPropertyName | No | string | No | - | The property name for tag values Normally this is `tags` but some resources choose a different name. Cognito UserPool uses UserPoolTags |
| + tags | No | object | No | - | - |
10.6.7.4.3.6.1.8.35.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > _setTag
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > didHaveInitialTags
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > dynamicTags
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > externalTagPriority
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > parseExternalTags
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Parse external tags.
Set the parseable ones into this tag manager. Save the rest (tokens, lazies) in this.dynamicTags.
10.6.7.4.3.6.1.8.35.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > priorities
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > renderedTags
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | datasets_additionalProperties_formatOptions_anyOf_i0 |
Description: A lazy value that represents the rendered tags at synthesis time
If you need to make a custom construct taggable, use the value of this
property to pass to the tags property of the underlying construct.
10.6.7.4.3.6.1.8.35.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > resourceTypeName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > sortedTags
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > tagFormatter
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.35.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > tagPropertyName
| Type | string |
| Required | Yes |
Description: The property name for tag values
Normally this is tags but some resources choose a different name. Cognito
UserPool uses UserPoolTags
10.6.7.4.3.6.1.8.35.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > tags > tags
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.36. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateFile
| Type | string |
| Required | Yes |
Description: The name of the CloudFormation template file emitted to the output directory during synthesis.
Example value: MyStack.template.json
10.6.7.4.3.6.1.8.37. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/ITemplateOptions |
Description: Options for CloudFormation template (like version, transform, description).
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - description | No | string | No | - | Gets or sets the description of this stack. If provided, it will be included in the CloudFormation template's "Description" attribute. |
| - metadata | No | object | No | - | Metadata associated with the CloudFormation template. |
| - templateFormatVersion | No | string | No | - | Gets or sets the AWSTemplateFormatVersion field of the CloudFormation template. |
| - transforms | No | array of string | No | - | Gets or sets the top-level template transform(s) for this stack (e.g. `["AWS::Serverless-2016-10-31"]`). |
10.6.7.4.3.6.1.8.37.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > description
| Type | string |
| Required | No |
Description: Gets or sets the description of this stack. If provided, it will be included in the CloudFormation template's "Description" attribute.
10.6.7.4.3.6.1.8.37.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > metadata
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Metadata associated with the CloudFormation template.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | - | - |
10.6.7.4.3.6.1.8.37.2.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > metadata > additionalProperties
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.3.6.1.8.37.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > templateFormatVersion
| Type | string |
| Required | No |
Description: Gets or sets the AWSTemplateFormatVersion field of the CloudFormation template.
10.6.7.4.3.6.1.8.37.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > transforms
| Type | array of string |
| Required | No |
Description: Gets or sets the top-level template transform(s) for this stack (e.g. ["AWS::Serverless-2016-10-31"]).
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| transforms items | - |
10.6.7.4.3.6.1.8.37.4.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > templateOptions > transforms > transforms items
| Type | string |
| Required | No |
10.6.7.4.3.6.1.8.38. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > terminationProtection
| Type | boolean |
| Required | Yes |
Description: Whether termination protection is enabled for this stack.
10.6.7.4.3.6.1.8.39. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > stack > urlSuffix
| Type | string |
| Required | Yes |
Description: The Amazon domain suffix for the region in which this stack is defined
10.6.7.4.3.6.1.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > securityGroups > securityGroups items > uniqueId
| Type | string |
| Required | Yes |
Description: A unique identifier for this connection peer
10.6.7.4.3.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _connections > skip
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: When doing bidirectional grants between Connections, make sure we don't recursive infinitely
10.6.7.4.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _currentVersion
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _functionUrlInvocationGrants
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Defined in | #/definitions/Record%3Cstring%2CGrant%3E |
Description: Mapping of function URL invocation principals to grants. Used to de-dupe grantInvokeUrl() calls.
10.6.7.4.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _hasAddedArrayTokenStatements
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Track whether we've added statements with array token resources to the role's default policy
10.6.7.4.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _hasAddedLiteralStatements
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Track whether we've added statements with literal resources to the role's default policy
10.6.7.4.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _invocationGrants
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Same definition as | _functionUrlInvocationGrants |
Description: Mapping of invocation principals to grants. Used to de-dupe grantInvoke() calls.
10.6.7.4.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _latestVersion
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers
| Type | array |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| ILayerVersion | - |
10.6.7.4.10.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > ILayerVersion
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/ILayerVersion |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - compatibleRuntimes | No | array | No | - | The runtimes compatible with this Layer. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + layerVersionArn | No | string | No | - | The ARN of the Lambda Layer version that this Layer defines. |
| + layerVersionRef | No | object | No | In #/definitions/LayerVersionReference | A reference to a LayerVersion resource. |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.10.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes
| Type | array |
| Required | No |
| Default | "- All supported runtimes. Setting this to Runtime.ALL is equivalent to leaving it undefined." |
Description: The runtimes compatible with this Layer.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| Runtime | Lambda function runtime environment. ... |
10.6.7.4.10.1.1.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > Runtime
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/Runtime |
Description: Lambda function runtime environment.
If you need to use a runtime name that doesn't exist as a static member, you
can instantiate a Runtime object, e.g: new Runtime('nodejs99.99').
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + bundlingImage | No | object | No | In #/definitions/DockerImage | The bundling Docker image for this runtime. |
| - family | No | enum (of integer) | No | - | The runtime family. |
| + isVariable | No | boolean | No | - | Enabled for runtime enums that always target the latest available. |
| + name | No | string | No | - | The name of this runtime, as expected by the Lambda resource. |
| + supportsCodeGuruProfiling | No | boolean | No | - | Whether this runtime is integrated with and supported for profiling using Amazon CodeGuru Profiler. |
| + supportsInlineCode | No | boolean | No | - | Whether the ``ZipFile`` (aka inline code) property can be used with this runtime. |
| + supportsSnapStart | No | boolean | No | - | Whether this runtime supports snapstart. |
10.6.7.4.10.1.1.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > bundlingImage
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/DockerImage |
Description: The bundling Docker image for this runtime.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + image | No | string | No | - | The Docker image |
10.6.7.4.10.1.1.1.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > bundlingImage > image
| Type | string |
| Required | Yes |
Description: The Docker image
10.6.7.4.10.1.1.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > family
| Type | enum (of integer) |
| Required | No |
Description: The runtime family.
Must be one of: * 0 * 1 * 2 * 3 * 4 * 5 * 6
10.6.7.4.10.1.1.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > isVariable
| Type | boolean |
| Required | Yes |
Description: Enabled for runtime enums that always target the latest available.
10.6.7.4.10.1.1.1.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > name
| Type | string |
| Required | Yes |
Description: The name of this runtime, as expected by the Lambda resource.
10.6.7.4.10.1.1.1.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > supportsCodeGuruProfiling
| Type | boolean |
| Required | Yes |
Description: Whether this runtime is integrated with and supported for profiling using Amazon CodeGuru Profiler.
10.6.7.4.10.1.1.1.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > supportsInlineCode
| Type | boolean |
| Required | Yes |
Description: Whether the ZipFile (aka inline code) property can be used with this
runtime.
10.6.7.4.10.1.1.1.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > compatibleRuntimes > compatibleRuntimes items > supportsSnapStart
| Type | boolean |
| Required | Yes |
Description: Whether this runtime supports snapstart.
10.6.7.4.10.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.10.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > layerVersionArn
| Type | string |
| Required | Yes |
Description: The ARN of the Lambda Layer version that this Layer defines.
10.6.7.4.10.1.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > layerVersionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/LayerVersionReference |
Description: A reference to a LayerVersion resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + layerVersionArn | No | string | No | - | The LayerVersionArn of the LayerVersion resource. |
10.6.7.4.10.1.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > layerVersionRef > layerVersionArn
| Type | string |
| Required | Yes |
Description: The LayerVersionArn of the LayerVersion resource.
10.6.7.4.10.1.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.10.1.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _layers > _layers items > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _logGroup
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _logRetention
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/LogRetention |
Description: Creates a custom resource to control the retention policy of a CloudWatch Logs
log group. The log group is created if it doesn't already exist. The policy
is removed when retentionDays is undefined or equal to Infinity.
Log group can be created in the region that is different from stack region by
specifying logGroupRegion
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + ensureSingletonLogRetentionFunction | No | object | No | - | Helper method to ensure that only one instance of LogRetentionFunction resources are in the stack mimicking the behaviour of aws-cdk-lib/aws-lambda's SingletonFunction to prevent circular dependencies |
| + logGroupArn | No | string | No | - | The ARN of the LogGroup. |
| + node | No | object | No | Same as node | The tree node. |
10.6.7.4.12.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _logRetention > ensureSingletonLogRetentionFunction
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Helper method to ensure that only one instance of LogRetentionFunction resources are in the stack mimicking the behaviour of aws-cdk-lib/aws-lambda's SingletonFunction to prevent circular dependencies
10.6.7.4.12.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _logRetention > logGroupArn
| Type | string |
| Required | Yes |
Description: The ARN of the LogGroup.
10.6.7.4.12.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _logRetention > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _physicalName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _policyCounter
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The number of permissions added to this function
10.6.7.4.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _skipPermissions
| Type | boolean |
| Required | No |
Description: Whether the user decides to skip adding permissions. The only use case is for cross-account, imported lambdas where the user commits to modifying the permisssions on the imported lambda outside CDK.
10.6.7.4.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > _warnIfCurrentVersionCalled
| Type | boolean |
| Required | Yes |
Description: Flag to delay adding a warning message until current version is invoked.
10.6.7.4.17. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > architecture
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/Architecture |
Description: The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + dockerPlatform | No | string | No | - | The platform to use for this architecture when building with Docker. |
| + name | No | string | No | - | The name of the architecture as recognized by the AWS Lambda service APIs. |
10.6.7.4.17.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > architecture > dockerPlatform
| Type | string |
| Required | Yes |
Description: The platform to use for this architecture when building with Docker.
10.6.7.4.17.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > architecture > name
| Type | string |
| Required | Yes |
Description: The name of the architecture as recognized by the AWS Lambda service APIs.
10.6.7.4.18. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > buildDeadLetterConfig
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.19. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > buildDeadLetterQueue
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.20. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > buildTracingConfig
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.21. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > canCreatePermissions
| Type | const |
| Required | Yes |
| Default | true |
Description: Whether the addPermission() call adds any permissions
True for new Lambdas, false for version $LATEST and imported Lambdas from different accounts.
Specific value: true
10.6.7.4.22. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > configureAdotInstrumentation
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Add an AWS Distro for OpenTelemetry Lambda layer.
10.6.7.4.23. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > configureLambdaInsights
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Configured lambda insights on the function if specified. This is achieved by adding an imported layer which is added to the list of lambda layers on synthesis.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versions.html
10.6.7.4.24. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > configureParamsAndSecretsExtension
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Add a Parameters and Secrets Extension Lambda layer.
10.6.7.4.25. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > configureSnapStart
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.26. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > configureVpc
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: If configured, set up the VPC-related properties
Returns the VpcConfig that should be added to the Lambda creation properties.
10.6.7.4.27. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: Access the Connections object
Will fail if not a VPC-enabled Lambda Function
10.6.7.4.28. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/Version |
Description: Returns a lambda.Version which represents the current version of this
Lambda function. A new version will be created every time the function's
configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + _allowCrossEnvironment | No | object | No | - | - |
| - _connections | No | object | No | Same as _connections | Actual connections object for this Lambda May be unset, in which case this Lambda is not configured use in a VPC. |
| + _functionUrlInvocationGrants | No | object | No | Same as _functionUrlInvocationGrants | Mapping of function URL invocation principals to grants. Used to de-dupe `grantInvokeUrl()` calls. |
| + _hasAddedArrayTokenStatements | No | object | No | - | Track whether we've added statements with array token resources to the role's default policy |
| + _hasAddedLiteralStatements | No | object | No | - | Track whether we've added statements with literal resources to the role's default policy |
| + _invocationGrants | No | object | No | Same as _functionUrlInvocationGrants | Mapping of invocation principals to grants. Used to de-dupe `grantInvoke()` calls. |
| - _latestVersion | No | object | No | - | - |
| + _physicalName | No | object | No | - | - |
| + _policyCounter | No | object | No | - | The number of permissions added to this function |
| - _skipPermissions | No | boolean | No | - | Whether the user decides to skip adding permissions. The only use case is for cross-account, imported lambdas where the user commits to modifying the permisssions on the imported lambda outside CDK. |
| + _warnIfCurrentVersionCalled | No | boolean | No | - | Flag to delay adding a warning message until current version is invoked. |
| + architecture | No | object | No | Same as architecture | The architecture of this Lambda Function. |
| + canCreatePermissions | No | const | No | - | Whether the addPermission() call adds any permissions True for new Lambdas, false for version $LATEST and imported Lambdas from different accounts. |
| + connections | No | object | No | Same as _connections | Access the Connections object Will fail if not a VPC-enabled Lambda Function |
| + determineProvisionedConcurrency | No | object | No | - | Validate that the provisionedConcurrentExecutions makes sense Member must have value greater than or equal to 1 |
| + edgeArn | No | string | No | - | The ARN of the version for Lambda@Edge. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + functionArn | No | string | No | - | The ARN fo the function. |
| + functionName | No | string | No | - | The name of the function. |
| + functionRef | No | object | No | In #/definitions/FunctionReference | A reference to a Function resource. |
| + grant | No | object | No | - | - |
| + grantPrincipal | No | object | No | In #/definitions/IPrincipal | The principal this Lambda Function is running as |
| + isBoundToVpc | No | boolean | No | - | Whether or not this Lambda function was bound to a VPC If this is is `false`, trying to access the `connections` object will fail. |
| + isPrincipalWithConditions | No | object | No | - | - |
| + lambda | No | object | No | In #/definitions/IFunction | The underlying `IFunction` |
| + latestVersion | No | object | No | Same as latestVersion | The `$LATEST` version of this function. Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations. To obtain a reference to an explicit version which references the current function configuration, use `lambdaFunction.currentVersion` instead. |
| + node | No | object | No | Same as node | The tree node. |
| + parsePermissionPrincipal | No | object | No | - | Translate IPrincipal to something we can pass to AWS::Lambda::Permissions Do some nasty things because `Permission` supports a subset of what the full IAM principal language supports, and we may not be able to parse strings outright because they may be tokens. Try to recognize some specific Principal classes first, then try a generic fallback. |
| + permissionsNode | No | object | No | Same as node | The construct node where permissions are attached. |
| + physicalName | No | string | No | - | Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. This value will resolve to one of the following: - a concrete value (e.g. `"my-awesome-bucket"`) - `undefined`, when a name should be generated by CloudFormation - a concrete name generated automatically during synthesis, in cross-environment scenarios. |
| + qualifier | No | string | No | - | The qualifier of the version or alias of this function. A qualifier is the identifier that's appended to a version or alias ARN. |
| + resourceArnsForGrantInvoke | No | array of string | No | - | The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke() |
| - role | No | object | No | Same as role | The IAM role associated with this function. Undefined if the function was imported without a role. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
| + statementHasArrayTokens | No | object | No | - | Check if a policy statement contains array tokens that would cause CloudFormation resolution conflicts when mixed with literal arrays in the same policy document. Array tokens are created by CloudFormation intrinsic functions that return arrays, such as Fn::Split, Fn::GetAZs, etc. These cannot be safely merged with literal resource arrays due to CloudFormation's token resolution limitations. Individual string tokens within literal arrays (e.g., `["arn:${token}:..."]`) are safe and do not cause conflicts, so they are not detected by this method. |
| + validateConditionCombinations | No | object | No | - | - |
| + validateConditions | No | object | No | - | - |
| + version | No | string | No | - | The most recently deployed version of this function. |
| + versionRef | No | object | No | Same as versionRef | A reference to a Version resource. |
10.6.7.4.28.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _allowCrossEnvironment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _connections
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: Actual connections object for this Lambda
May be unset, in which case this Lambda is not configured use in a VPC.
10.6.7.4.28.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _functionUrlInvocationGrants
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Same definition as | _functionUrlInvocationGrants |
Description: Mapping of function URL invocation principals to grants. Used to de-dupe grantInvokeUrl() calls.
10.6.7.4.28.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _hasAddedArrayTokenStatements
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Track whether we've added statements with array token resources to the role's default policy
10.6.7.4.28.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _hasAddedLiteralStatements
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Track whether we've added statements with literal resources to the role's default policy
10.6.7.4.28.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _invocationGrants
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Same definition as | _functionUrlInvocationGrants |
Description: Mapping of invocation principals to grants. Used to de-dupe grantInvoke() calls.
10.6.7.4.28.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _latestVersion
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.28.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _physicalName
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _policyCounter
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: The number of permissions added to this function
10.6.7.4.28.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _skipPermissions
| Type | boolean |
| Required | No |
Description: Whether the user decides to skip adding permissions. The only use case is for cross-account, imported lambdas where the user commits to modifying the permisssions on the imported lambda outside CDK.
10.6.7.4.28.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > _warnIfCurrentVersionCalled
| Type | boolean |
| Required | Yes |
Description: Flag to delay adding a warning message until current version is invoked.
10.6.7.4.28.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > architecture
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | architecture |
Description: The architecture of this Lambda Function.
10.6.7.4.28.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > canCreatePermissions
| Type | const |
| Required | Yes |
| Default | true |
Description: Whether the addPermission() call adds any permissions
True for new Lambdas, false for version $LATEST and imported Lambdas from different accounts.
Specific value: true
10.6.7.4.28.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: Access the Connections object
Will fail if not a VPC-enabled Lambda Function
10.6.7.4.28.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > determineProvisionedConcurrency
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Validate that the provisionedConcurrentExecutions makes sense
Member must have value greater than or equal to 1
10.6.7.4.28.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > edgeArn
| Type | string |
| Required | Yes |
Description: The ARN of the version for Lambda@Edge.
10.6.7.4.28.17. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.28.18. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > functionArn
| Type | string |
| Required | Yes |
Description: The ARN fo the function.
10.6.7.4.28.19. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > functionName
| Type | string |
| Required | Yes |
Description: The name of the function.
10.6.7.4.28.20. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > functionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/FunctionReference |
Description: A reference to a Function resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + functionArn | No | string | No | - | The ARN of the Function resource. |
| + functionName | No | string | No | - | The FunctionName of the Function resource. |
10.6.7.4.28.20.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > functionRef > functionArn
| Type | string |
| Required | Yes |
Description: The ARN of the Function resource.
10.6.7.4.28.20.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > functionRef > functionName
| Type | string |
| Required | Yes |
Description: The FunctionName of the Function resource.
10.6.7.4.28.21. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grant
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.22. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/IPrincipal |
Description: The principal this Lambda Function is running as
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + assumeRoleAction | No | string | No | - | When this Principal is used in an AssumeRole policy, the action to use. |
| + grantPrincipal | No | object | No | Same as grantPrincipal | The principal to grant permissions to |
| + policyFragment | No | object | No | In #/definitions/PrincipalPolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
| - principalAccount | No | string | No | - | The AWS account ID of this principal. Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId. |
10.6.7.4.28.22.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > assumeRoleAction
| Type | string |
| Required | Yes |
Description: When this Principal is used in an AssumeRole policy, the action to use.
10.6.7.4.28.22.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | grantPrincipal |
Description: The principal to grant permissions to
10.6.7.4.28.22.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > policyFragment
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/PrincipalPolicyFragment |
Description: Return the policy fragment that identifies this principal in a Policy.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + conditions | No | object | No | In #/definitions/Conditions | The conditions under which the policy is in effect. See the IAM documentation. |
| + principalJson | No | object | No | - | - |
10.6.7.4.28.22.3.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > policyFragment > conditions
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Defined in | #/definitions/Conditions |
Description: The conditions under which the policy is in effect. See the IAM documentation.
10.6.7.4.28.22.3.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > policyFragment > principalJson
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | array of string | No | - | - |
10.6.7.4.28.22.3.2.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > policyFragment > principalJson > additionalProperties
| Type | array of string |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| additionalProperties items | - |
10.6.7.4.28.22.3.2.1.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > policyFragment > principalJson > additionalProperties > additionalProperties items
| Type | string |
| Required | No |
10.6.7.4.28.22.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > grantPrincipal > principalAccount
| Type | string |
| Required | No |
Description: The AWS account ID of this principal. Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
10.6.7.4.28.23. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > isBoundToVpc
| Type | boolean |
| Required | Yes |
Description: Whether or not this Lambda function was bound to a VPC
If this is is false, trying to access the connections object will fail.
10.6.7.4.28.24. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > isPrincipalWithConditions
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.25. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/IFunction |
Description: The underlying IFunction
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + architecture | No | object | No | Same as architecture | The system architectures compatible with this lambda function. |
| + connections | No | object | No | Same as _connections | The network connections associated with this resource. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + functionArn | No | string | No | - | The ARN of the function. |
| + functionName | No | string | No | - | The name of the function. |
| + functionRef | No | object | No | Same as functionRef | A reference to a Function resource. |
| + grantPrincipal | No | object | No | Same as grantPrincipal | The principal to grant permissions to |
| + isBoundToVpc | No | boolean | No | - | Whether or not this Lambda function was bound to a VPC If this is is `false`, trying to access the `connections` object will fail. |
| + latestVersion | No | object | No | In #/definitions/IVersion | The `$LATEST` version of this function. Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations. To obtain a reference to an explicit version which references the current function configuration, use `lambdaFunction.currentVersion` instead. |
| + node | No | object | No | Same as node | The tree node. |
| + permissionsNode | No | object | No | Same as node | The construct node where permissions are attached. |
| + resourceArnsForGrantInvoke | No | array of string | No | - | The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). This property is for cdk modules to consume only. You should not need to use this property. Instead, use grantInvoke() directly. |
| - role | No | object | No | Same as role | The IAM role associated with this function. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.28.25.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > architecture
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | architecture |
Description: The system architectures compatible with this lambda function.
10.6.7.4.28.25.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: The network connections associated with this resource.
10.6.7.4.28.25.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.28.25.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > functionArn
| Type | string |
| Required | Yes |
Description: The ARN of the function.
10.6.7.4.28.25.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > functionName
| Type | string |
| Required | Yes |
Description: The name of the function.
10.6.7.4.28.25.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > functionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | functionRef |
Description: A reference to a Function resource.
10.6.7.4.28.25.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | grantPrincipal |
Description: The principal to grant permissions to
10.6.7.4.28.25.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > isBoundToVpc
| Type | boolean |
| Required | Yes |
Description: Whether or not this Lambda function was bound to a VPC
If this is is false, trying to access the connections object will fail.
10.6.7.4.28.25.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/IVersion |
Description: The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + architecture | No | object | No | Same as architecture | The system architectures compatible with this lambda function. |
| + connections | No | object | No | Same as _connections | The network connections associated with this resource. |
| + edgeArn | No | string | No | - | The ARN of the version for Lambda@Edge. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + functionArn | No | string | No | - | The ARN of the function. |
| + functionName | No | string | No | - | The name of the function. |
| + functionRef | No | object | No | Same as functionRef | A reference to a Function resource. |
| + grantPrincipal | No | object | No | Same as grantPrincipal | The principal to grant permissions to |
| + isBoundToVpc | No | boolean | No | - | Whether or not this Lambda function was bound to a VPC If this is is `false`, trying to access the `connections` object will fail. |
| + lambda | No | object | No | Same as lambda | The underlying AWS Lambda function. |
| + latestVersion | No | object | No | Same as latestVersion | The `$LATEST` version of this function. Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations. To obtain a reference to an explicit version which references the current function configuration, use `lambdaFunction.currentVersion` instead. |
| + node | No | object | No | Same as node | The tree node. |
| + permissionsNode | No | object | No | Same as node | The construct node where permissions are attached. |
| + resourceArnsForGrantInvoke | No | array of string | No | - | The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). This property is for cdk modules to consume only. You should not need to use this property. Instead, use grantInvoke() directly. |
| - role | No | object | No | In #/definitions/IRole | The IAM role associated with this function. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
| + version | No | string | No | - | The most recently deployed version of this function. |
| + versionRef | No | object | No | In #/definitions/VersionReference | A reference to a Version resource. |
10.6.7.4.28.25.9.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > architecture
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | architecture |
Description: The system architectures compatible with this lambda function.
10.6.7.4.28.25.9.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > connections
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | _connections |
Description: The network connections associated with this resource.
10.6.7.4.28.25.9.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > edgeArn
| Type | string |
| Required | Yes |
Description: The ARN of the version for Lambda@Edge.
10.6.7.4.28.25.9.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.28.25.9.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > functionArn
| Type | string |
| Required | Yes |
Description: The ARN of the function.
10.6.7.4.28.25.9.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > functionName
| Type | string |
| Required | Yes |
Description: The name of the function.
10.6.7.4.28.25.9.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > functionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | functionRef |
Description: A reference to a Function resource.
10.6.7.4.28.25.9.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | grantPrincipal |
Description: The principal to grant permissions to
10.6.7.4.28.25.9.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > isBoundToVpc
| Type | boolean |
| Required | Yes |
Description: Whether or not this Lambda function was bound to a VPC
If this is is false, trying to access the connections object will fail.
10.6.7.4.28.25.9.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > lambda
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | lambda |
Description: The underlying AWS Lambda function.
10.6.7.4.28.25.9.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > latestVersion
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | latestVersion |
Description: The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
10.6.7.4.28.25.9.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.28.25.9.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > permissionsNode
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The construct node where permissions are attached.
10.6.7.4.28.25.9.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > resourceArnsForGrantInvoke
| Type | array of string |
| Required | Yes |
Description: The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
This property is for cdk modules to consume only. You should not need to use this property. Instead, use grantInvoke() directly.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| resourceArnsForGrantInvoke items | - |
10.6.7.4.28.25.9.14.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > resourceArnsForGrantInvoke > resourceArnsForGrantInvoke items
| Type | string |
| Required | No |
10.6.7.4.28.25.9.15. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/IRole |
Description: The IAM role associated with this function.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + assumeRoleAction | No | string | No | - | When this Principal is used in an AssumeRole policy, the action to use. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + grantPrincipal | No | object | No | Same as grantPrincipal | The principal to grant permissions to |
| + node | No | object | No | Same as node | The tree node. |
| + policyFragment | No | object | No | Same as policyFragment | Return the policy fragment that identifies this principal in a Policy. |
| - principalAccount | No | string | No | - | The AWS account ID of this principal. Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId. |
| + roleArn | No | string | No | - | Returns the ARN of this role. |
| + roleName | No | string | No | - | Returns the name of this role. |
| + roleRef | No | object | No | In #/definitions/RoleReference | A reference to a Role resource. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.28.25.9.15.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > assumeRoleAction
| Type | string |
| Required | Yes |
Description: When this Principal is used in an AssumeRole policy, the action to use.
10.6.7.4.28.25.9.15.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.28.25.9.15.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | grantPrincipal |
Description: The principal to grant permissions to
10.6.7.4.28.25.9.15.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.28.25.9.15.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > policyFragment
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | policyFragment |
Description: Return the policy fragment that identifies this principal in a Policy.
10.6.7.4.28.25.9.15.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > principalAccount
| Type | string |
| Required | No |
Description: The AWS account ID of this principal. Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
10.6.7.4.28.25.9.15.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > roleArn
| Type | string |
| Required | Yes |
Description: Returns the ARN of this role.
10.6.7.4.28.25.9.15.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > roleName
| Type | string |
| Required | Yes |
Description: Returns the name of this role.
10.6.7.4.28.25.9.15.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > roleRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/RoleReference |
Description: A reference to a Role resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + roleArn | No | string | No | - | The ARN of the Role resource. |
| + roleName | No | string | No | - | The RoleName of the Role resource. |
10.6.7.4.28.25.9.15.9.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > roleRef > roleArn
| Type | string |
| Required | Yes |
Description: The ARN of the Role resource.
10.6.7.4.28.25.9.15.9.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > roleRef > roleName
| Type | string |
| Required | Yes |
Description: The RoleName of the Role resource.
10.6.7.4.28.25.9.15.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > role > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.28.25.9.16. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.28.25.9.17. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > version
| Type | string |
| Required | Yes |
Description: The most recently deployed version of this function.
10.6.7.4.28.25.9.18. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > versionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/VersionReference |
Description: A reference to a Version resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + functionArn | No | string | No | - | The FunctionArn of the Version resource. |
10.6.7.4.28.25.9.18.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > latestVersion > versionRef > functionArn
| Type | string |
| Required | Yes |
Description: The FunctionArn of the Version resource.
10.6.7.4.28.25.10. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.28.25.11. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > permissionsNode
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The construct node where permissions are attached.
10.6.7.4.28.25.12. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > resourceArnsForGrantInvoke
| Type | array of string |
| Required | Yes |
Description: The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
This property is for cdk modules to consume only. You should not need to use this property. Instead, use grantInvoke() directly.
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| resourceArnsForGrantInvoke items | - |
10.6.7.4.28.25.12.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > resourceArnsForGrantInvoke > resourceArnsForGrantInvoke items
| Type | string |
| Required | No |
10.6.7.4.28.25.13. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > role
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | role |
Description: The IAM role associated with this function.
10.6.7.4.28.25.14. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > lambda > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.28.26. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > latestVersion
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | latestVersion |
Description: The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
10.6.7.4.28.27. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.28.28. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > parsePermissionPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Translate IPrincipal to something we can pass to AWS::Lambda::Permissions
Do some nasty things because Permission supports a subset of what the
full IAM principal language supports, and we may not be able to parse strings
outright because they may be tokens.
Try to recognize some specific Principal classes first, then try a generic fallback.
10.6.7.4.28.29. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > permissionsNode
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The construct node where permissions are attached.
10.6.7.4.28.30. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > physicalName
| Type | string |
| Required | Yes |
Description: Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
- a concrete value (e.g. "my-awesome-bucket")
- undefined, when a name should be generated by CloudFormation
- a concrete name generated automatically during synthesis, in
cross-environment scenarios.
10.6.7.4.28.31. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > qualifier
| Type | string |
| Required | Yes |
Description: The qualifier of the version or alias of this function. A qualifier is the identifier that's appended to a version or alias ARN.
10.6.7.4.28.32. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > resourceArnsForGrantInvoke
| Type | array of string |
| Required | Yes |
Description: The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke()
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| resourceArnsForGrantInvoke items | - |
10.6.7.4.28.32.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > resourceArnsForGrantInvoke > resourceArnsForGrantInvoke items
| Type | string |
| Required | No |
10.6.7.4.28.33. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > role
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | role |
Description: The IAM role associated with this function.
Undefined if the function was imported without a role.
10.6.7.4.28.34. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.28.35. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > statementHasArrayTokens
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Check if a policy statement contains array tokens that would cause CloudFormation resolution conflicts when mixed with literal arrays in the same policy document.
Array tokens are created by CloudFormation intrinsic functions that return arrays, such as Fn::Split, Fn::GetAZs, etc. These cannot be safely merged with literal resource arrays due to CloudFormation's token resolution limitations.
Individual string tokens within literal arrays (e.g., ["arn:${token}:..."]) are
safe and do not cause conflicts, so they are not detected by this method.
10.6.7.4.28.36. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > validateConditionCombinations
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.37. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > validateConditions
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.28.38. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > version
| Type | string |
| Required | Yes |
Description: The most recently deployed version of this function.
10.6.7.4.28.39. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersion > versionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | versionRef |
Description: A reference to a Version resource.
10.6.7.4.29. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > currentVersionOptions
| Type | object |
| Required | No |
| Additional properties | Any type allowed |
10.6.7.4.30. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/IQueue |
Description: The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - encryptionMasterKey | No | object | No | In #/definitions/IKey | If this queue is server-side encrypted, this is the KMS encryption key. |
| - encryptionType | No | enum (of string) | No | - | Whether the contents of the queue are encrypted, and by what type of key. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + fifo | No | boolean | No | - | Whether this queue is an Amazon SQS FIFO queue. If false, this is a standard queue. |
| + node | No | object | No | Same as node | The tree node. |
| + queueArn | No | string | No | - | The ARN of this queue |
| + queueName | No | string | No | - | The name of this queue |
| + queueUrl | No | string | No | - | The URL of this queue |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.30.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/IKey |
Description: If this queue is server-side encrypted, this is the KMS encryption key.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + keyArn | No | string | No | - | The ARN of the key. |
| + keyId | No | string | No | - | The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab). |
| + keyRef | No | object | No | In #/definitions/KeyReference | A reference to a Key resource. |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.30.1.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.30.1.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyArn
| Type | string |
| Required | Yes |
Description: The ARN of the key.
10.6.7.4.30.1.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyId
| Type | string |
| Required | Yes |
Description: The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
10.6.7.4.30.1.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/KeyReference |
Description: A reference to a Key resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + keyArn | No | string | No | - | The ARN of the Key resource. |
| + keyId | No | string | No | - | The KeyId of the Key resource. |
10.6.7.4.30.1.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef > keyArn
| Type | string |
| Required | Yes |
Description: The ARN of the Key resource.
10.6.7.4.30.1.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef > keyId
| Type | string |
| Required | Yes |
Description: The KeyId of the Key resource.
10.6.7.4.30.1.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.30.1.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.30.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionType
| Type | enum (of string) |
| Required | No |
Description: Whether the contents of the queue are encrypted, and by what type of key.
Must be one of: * "KMS" * "KMS_MANAGED" * "NONE" * "SQS_MANAGED"
10.6.7.4.30.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.30.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > fifo
| Type | boolean |
| Required | Yes |
Description: Whether this queue is an Amazon SQS FIFO queue. If false, this is a standard queue.
10.6.7.4.30.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.30.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > queueArn
| Type | string |
| Required | Yes |
Description: The ARN of this queue
10.6.7.4.30.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > queueName
| Type | string |
| Required | Yes |
Description: The name of this queue
10.6.7.4.30.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > queueUrl
| Type | string |
| Required | Yes |
Description: The URL of this queue
10.6.7.4.30.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.31. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/ITopic |
Description: The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + contentBasedDeduplication | No | boolean | No | - | Enables content-based deduplication for FIFO topics. |
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + fifo | No | boolean | No | - | Whether this topic is an Amazon SNS FIFO queue. If false, this is a standard topic. |
| - masterKey | No | object | No | In #/definitions/IKey | A KMS Key, either managed by this CDK app, or imported. This property applies only to server-side encryption. |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
| + topicArn | No | string | No | - | The ARN of the topic |
| + topicName | No | string | No | - | The name of the topic |
10.6.7.4.31.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > contentBasedDeduplication
| Type | boolean |
| Required | Yes |
Description: Enables content-based deduplication for FIFO topics.
10.6.7.4.31.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.31.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > fifo
| Type | boolean |
| Required | Yes |
Description: Whether this topic is an Amazon SNS FIFO queue. If false, this is a standard topic.
10.6.7.4.31.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > masterKey
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Default | "None" |
| Defined in | #/definitions/IKey |
Description: A KMS Key, either managed by this CDK app, or imported.
This property applies only to server-side encryption.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + keyArn | No | string | No | - | The ARN of the key. |
| + keyId | No | string | No | - | The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab). |
| + keyRef | No | object | No | In #/definitions/KeyReference | A reference to a Key resource. |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.31.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.31.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyArn
| Type | string |
| Required | Yes |
Description: The ARN of the key.
10.6.7.4.31.4.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyId
| Type | string |
| Required | Yes |
Description: The ID of the key (the part that looks something like: 1234abcd-12ab-34cd-56ef-1234567890ab).
10.6.7.4.31.4.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/KeyReference |
Description: A reference to a Key resource.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + keyArn | No | string | No | - | The ARN of the Key resource. |
| + keyId | No | string | No | - | The KeyId of the Key resource. |
10.6.7.4.31.4.4.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef > keyArn
| Type | string |
| Required | Yes |
Description: The ARN of the Key resource.
10.6.7.4.31.4.4.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > keyRef > keyId
| Type | string |
| Required | Yes |
Description: The KeyId of the Key resource.
10.6.7.4.31.4.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.31.4.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterQueue > encryptionMasterKey > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.31.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.31.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.31.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > topicArn
| Type | string |
| Required | Yes |
Description: The ARN of the topic
10.6.7.4.31.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > deadLetterTopic > topicName
| Type | string |
| Required | Yes |
Description: The name of the topic
10.6.7.4.32. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.33. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > environment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Environment variables for this function
10.6.7.4.34. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > functionArn
| Type | string |
| Required | Yes |
Description: ARN of this function
10.6.7.4.35. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > functionName
| Type | string |
| Required | Yes |
Description: Name of this function
10.6.7.4.36. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > functionRef
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | functionRef |
Description: A reference to a Function resource.
10.6.7.4.37. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > getLoggingConfig
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Get Logging Config property for the function. This method returns the function LoggingConfig Property if the property is set on the function and undefined if not.
10.6.7.4.38. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > grant
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.39. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > grantPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | grantPrincipal |
Description: The principal this Lambda Function is running as
10.6.7.4.40. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > hashMixins
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.41. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > isBoundToVpc
| Type | boolean |
| Required | Yes |
Description: Whether or not this Lambda function was bound to a VPC
If this is is false, trying to access the connections object will fail.
10.6.7.4.42. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > isPrincipalWithConditions
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.43. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > isQueue
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.44. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > latestVersion
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | latestVersion |
Description: The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
10.6.7.4.45. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/ILogGroup |
Description: The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + env | No | object | No | Same as env | The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. |
| + logGroupArn | No | string | No | - | The ARN of this log group, with ':*' appended |
| + logGroupName | No | string | No | - | The name of this log group |
| + node | No | object | No | Same as node | The tree node. |
| + stack | No | object | No | Same as stack | The stack in which this resource is defined. |
10.6.7.4.45.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup > env
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | env |
Description: The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
10.6.7.4.45.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup > logGroupArn
| Type | string |
| Required | Yes |
Description: The ARN of this log group, with ':*' appended
10.6.7.4.45.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup > logGroupName
| Type | string |
| Required | Yes |
Description: The name of this log group
10.6.7.4.45.4. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.45.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > logGroup > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.46. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.4.47. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > parsePermissionPrincipal
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Translate IPrincipal to something we can pass to AWS::Lambda::Permissions
Do some nasty things because Permission supports a subset of what the
full IAM principal language supports, and we may not be able to parse strings
outright because they may be tokens.
Try to recognize some specific Principal classes first, then try a generic fallback.
10.6.7.4.48. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > permissionsNode
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The construct node where permissions are attached.
10.6.7.4.49. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > physicalName
| Type | string |
| Required | Yes |
Description: Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
- a concrete value (e.g. "my-awesome-bucket")
- undefined, when a name should be generated by CloudFormation
- a concrete name generated automatically during synthesis, in
cross-environment scenarios.
10.6.7.4.50. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > renderEnvironment
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.51. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > renderLayers
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.52. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > resourceArnsForGrantInvoke
| Type | array of string |
| Required | Yes |
Description: The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke()
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| resourceArnsForGrantInvoke items | - |
10.6.7.4.52.1. root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > resourceArnsForGrantInvoke > resourceArnsForGrantInvoke items
| Type | string |
| Required | No |
10.6.7.4.53. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > role
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | role |
Description: Execution role associated with this function
10.6.7.4.54. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > runtime
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_domainConfig_domainConfigCr_handlerFunction__layers_items_compatibleRuntimes_items |
Description: The runtime configured for this lambda.
10.6.7.4.55. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.7.4.56. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > statementHasArrayTokens
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Check if a policy statement contains array tokens that would cause CloudFormation resolution conflicts when mixed with literal arrays in the same policy document.
Array tokens are created by CloudFormation intrinsic functions that return arrays, such as Fn::Split, Fn::GetAZs, etc. These cannot be safely merged with literal resource arrays due to CloudFormation's token resolution limitations.
Individual string tokens within literal arrays (e.g., ["arn:${token}:..."]) are
safe and do not cause conflicts, so they are not detected by this method.
10.6.7.4.57. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > timeout
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/Duration |
Description: The timeout configured for this lambda.
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + amount | No | object | No | - | - |
| + components | No | object | No | - | Return the duration in a set of whole numbered time components, ordered from largest to smallest Only components != 0 will be returned. Can combine millis and seconds together for the benefit of toIsoString, makes the logic in there simpler. |
| + unit | No | object | No | - | - |
10.6.7.4.57.1. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > timeout > amount
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.57.2. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > timeout > components
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
Description: Return the duration in a set of whole numbered time components, ordered from largest to smallest
Only components != 0 will be returned.
Can combine millis and seconds together for the benefit of toIsoString, makes the logic in there simpler.
10.6.7.4.57.3. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > timeout > unit
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.58. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > validateConditionCombinations
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.59. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > validateConditions
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.4.60. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > handlerFunction > validateProfiling
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.5. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.7.6. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > physicalName
| Type | string |
| Required | Yes |
Description: Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
- a concrete value (e.g. "my-awesome-bucket")
- undefined, when a name should be generated by CloudFormation
- a concrete name generated automatically during synthesis, in
cross-environment scenarios.
10.6.7.7. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > ref
| Type | string |
| Required | Yes |
Description: The physical name of this custom resource.
10.6.7.8. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > resource
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
10.6.7.9. Property root > sagemakerBlueprint > domainConfig > domainConfigCr > stack
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | stack |
Description: The stack in which this resource is defined.
10.6.8. Property root > sagemakerBlueprint > domainConfig > domainId
| Type | string |
| Required | Yes |
10.6.9. Property root > sagemakerBlueprint > domainConfig > domainKmsKeyArn
| Type | string |
| Required | Yes |
10.6.10. Property root > sagemakerBlueprint > domainConfig > domainKmsUsagePolicyName
| Type | string |
| Required | Yes |
10.6.11. Property root > sagemakerBlueprint > domainConfig > domainName
| Type | string |
| Required | Yes |
10.6.12. Property root > sagemakerBlueprint > domainConfig > domainUnitIds
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.12.1. Property root > sagemakerBlueprint > domainConfig > domainUnitIds > additionalProperties
| Type | string |
| Required | No |
10.6.13. Property root > sagemakerBlueprint > domainConfig > domainVersion
| Type | string |
| Required | Yes |
10.6.14. Property root > sagemakerBlueprint > domainConfig > glueCatalogArns
| Type | array of string |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| glueCatalogArns items | - |
10.6.14.1. root > sagemakerBlueprint > domainConfig > glueCatalogArns > glueCatalogArns items
| Type | string |
| Required | No |
10.6.15. Property root > sagemakerBlueprint > domainConfig > glueCatalogKmsKeyArns
| Type | array of string |
| Required | Yes |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| glueCatalogKmsKeyArns items | - |
10.6.15.1. root > sagemakerBlueprint > domainConfig > glueCatalogKmsKeyArns > glueCatalogKmsKeyArns items
| Type | string |
| Required | No |
10.6.16. Property root > sagemakerBlueprint > domainConfig > node
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: The tree node.
10.6.17. Property root > sagemakerBlueprint > domainConfig > projectIds
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.17.1. Property root > sagemakerBlueprint > domainConfig > projectIds > additionalProperties
| Type | string |
| Required | No |
10.6.18. Property root > sagemakerBlueprint > domainConfig > props
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/DomainConfigProps |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - blueprintIds | No | object | No | - | - |
| - createConfigParams | No | boolean | No | - | - |
| - createOutputs | No | boolean | No | - | Flag controlling CloudFormation output and stack export creation for construct resources |
| - createParams | No | boolean | No | - | Flag controlling SSM parameter creation for construct resource references enabling |
| - customResourceRoleName | No | string | No | - | - |
| - domainArn | No | string | No | - | DataZone domain ARN for AWS resource identification and IAM policy integration enabling |
| - domainBucketArn | No | string | No | - | - |
| - domainBucketUsagePolicyName | No | string | No | - | Domain Bucket usage policy name |
| - domainId | No | string | No | - | DataZone domain ID for unique domain identification within AWS enabling cross-service |
| - domainKmsKeyArn | No | string | No | - | KMS key ARN for domain encryption ensuring data protection compliance and secure domain operations |
| - domainKmsUsagePolicyName | No | string | No | - | Domain KMS usage policy name for key access management enabling controlled encryption key |
| - domainName | No | string | No | - | DataZone domain name for domain identification and management enabling unique domain naming |
| - domainUnitIds | No | object | No | - | Map of domain unit names to identifiers for hierarchical domain organization enabling |
| - domainVersion | No | string | No | - | Domain version for domain lifecycle management and versioning control enabling domain evolution tracking |
| - glueCatalogArns | No | array of string | No | - | Array of Glue catalog ARNs for catalog integration enabling data catalog connectivity with DataZone |
| - glueCatalogKmsKeyArns | No | array of string | No | - | Array of Glue catalog KMS key ARNs for catalog encryption enabling secure catalog integration with DataZone |
| + naming | No | object | No | In #/definitions/IMdaaResourceNaming | MDAA naming implementation for consistent resource naming across all MDAA constructs |
| - projectIds | No | object | No | - | - |
| - refresh | No | boolean | No | - | - |
| + ssmParamBase | No | string | No | - | SSM parameter base path for domain configuration storage enabling centralized configuration management |
10.6.18.1. Property root > sagemakerBlueprint > domainConfig > props > blueprintIds
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.18.1.1. Property root > sagemakerBlueprint > domainConfig > props > blueprintIds > additionalProperties
| Type | string |
| Required | No |
10.6.18.2. Property root > sagemakerBlueprint > domainConfig > props > createConfigParams
| Type | boolean |
| Required | No |
10.6.18.3. Property root > sagemakerBlueprint > domainConfig > props > createOutputs
| Type | boolean |
| Required | No |
Description: Flag controlling CloudFormation output and stack export creation for construct resources
10.6.18.4. Property root > sagemakerBlueprint > domainConfig > props > createParams
| Type | boolean |
| Required | No |
Description: Flag controlling SSM parameter creation for construct resource references enabling
10.6.18.5. Property root > sagemakerBlueprint > domainConfig > props > customResourceRoleName
| Type | string |
| Required | No |
10.6.18.6. Property root > sagemakerBlueprint > domainConfig > props > domainArn
| Type | string |
| Required | No |
Description: DataZone domain ARN for AWS resource identification and IAM policy integration enabling
10.6.18.7. Property root > sagemakerBlueprint > domainConfig > props > domainBucketArn
| Type | string |
| Required | No |
10.6.18.8. Property root > sagemakerBlueprint > domainConfig > props > domainBucketUsagePolicyName
| Type | string |
| Required | No |
Description: Domain Bucket usage policy name
10.6.18.9. Property root > sagemakerBlueprint > domainConfig > props > domainId
| Type | string |
| Required | No |
Description: DataZone domain ID for unique domain identification within AWS enabling cross-service
10.6.18.10. Property root > sagemakerBlueprint > domainConfig > props > domainKmsKeyArn
| Type | string |
| Required | No |
Description: KMS key ARN for domain encryption ensuring data protection compliance and secure domain operations
10.6.18.11. Property root > sagemakerBlueprint > domainConfig > props > domainKmsUsagePolicyName
| Type | string |
| Required | No |
Description: Domain KMS usage policy name for key access management enabling controlled encryption key
10.6.18.12. Property root > sagemakerBlueprint > domainConfig > props > domainName
| Type | string |
| Required | No |
Description: DataZone domain name for domain identification and management enabling unique domain naming
10.6.18.13. Property root > sagemakerBlueprint > domainConfig > props > domainUnitIds
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Map of domain unit names to identifiers for hierarchical domain organization enabling
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.18.13.1. Property root > sagemakerBlueprint > domainConfig > props > domainUnitIds > additionalProperties
| Type | string |
| Required | No |
10.6.18.14. Property root > sagemakerBlueprint > domainConfig > props > domainVersion
| Type | string |
| Required | No |
Description: Domain version for domain lifecycle management and versioning control enabling domain evolution tracking
10.6.18.15. Property root > sagemakerBlueprint > domainConfig > props > glueCatalogArns
| Type | array of string |
| Required | No |
Description: Array of Glue catalog ARNs for catalog integration enabling data catalog connectivity with DataZone
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| glueCatalogArns items | - |
10.6.18.15.1. root > sagemakerBlueprint > domainConfig > props > glueCatalogArns > glueCatalogArns items
| Type | string |
| Required | No |
10.6.18.16. Property root > sagemakerBlueprint > domainConfig > props > glueCatalogKmsKeyArns
| Type | array of string |
| Required | No |
Description: Array of Glue catalog KMS key ARNs for catalog encryption enabling secure catalog integration with DataZone
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| glueCatalogKmsKeyArns items | - |
10.6.18.16.1. root > sagemakerBlueprint > domainConfig > props > glueCatalogKmsKeyArns > glueCatalogKmsKeyArns items
| Type | string |
| Required | No |
10.6.18.17. Property root > sagemakerBlueprint > domainConfig > props > naming
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/IMdaaResourceNaming |
Description: MDAA naming implementation for consistent resource naming across all MDAA constructs
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + props | No | object | No | In #/definitions/MdaaResourceNamingConfig | Configuration properties containing organizational context and CDK node access for the naming implementation |
10.6.18.17.1. Property root > sagemakerBlueprint > domainConfig > props > naming > props
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaResourceNamingConfig |
Description: Configuration properties containing organizational context and CDK node access for the naming implementation
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + cdkNode | No | object | No | Same as node | CDK construct node providing access to context values for custom naming implementations |
| + domain | No | string | No | - | Domain identifier from MDAA configuration representing logical business or organizational boundaries |
| + env | No | string | No | - | Environment identifier from MDAA configuration that distinguishes deployment stages within the same domain |
| + moduleName | No | string | No | - | Module name from MDAA configuration identifying the specific MDAA module deployment within a domain/environment |
| + org | No | string | No | - | Organization identifier from MDAA configuration that serves as the top-level namespace for all AWS resource names |
10.6.18.17.1.1. Property root > sagemakerBlueprint > domainConfig > props > naming > props > cdkNode
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | node |
Description: CDK construct node providing access to context values for custom naming implementations
10.6.18.17.1.2. Property root > sagemakerBlueprint > domainConfig > props > naming > props > domain
| Type | string |
| Required | Yes |
Description: Domain identifier from MDAA configuration representing logical business or organizational boundaries
10.6.18.17.1.3. Property root > sagemakerBlueprint > domainConfig > props > naming > props > env
| Type | string |
| Required | Yes |
Description: Environment identifier from MDAA configuration that distinguishes deployment stages within the same domain
10.6.18.17.1.4. Property root > sagemakerBlueprint > domainConfig > props > naming > props > moduleName
| Type | string |
| Required | Yes |
Description: Module name from MDAA configuration identifying the specific MDAA module deployment within a domain/environment
10.6.18.17.1.5. Property root > sagemakerBlueprint > domainConfig > props > naming > props > org
| Type | string |
| Required | Yes |
Description: Organization identifier from MDAA configuration that serves as the top-level namespace for all AWS resource names
10.6.18.18. Property root > sagemakerBlueprint > domainConfig > props > projectIds
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | string | No | - | - |
10.6.18.18.1. Property root > sagemakerBlueprint > domainConfig > props > projectIds > additionalProperties
| Type | string |
| Required | No |
10.6.18.19. Property root > sagemakerBlueprint > domainConfig > props > refresh
| Type | boolean |
| Required | No |
10.6.18.20. Property root > sagemakerBlueprint > domainConfig > props > ssmParamBase
| Type | string |
| Required | Yes |
Description: SSM parameter base path for domain configuration storage enabling centralized configuration management
10.6.19. Property root > sagemakerBlueprint > domainConfig > ssmParamBase
| Type | string |
| Required | Yes |
10.7. Property root > sagemakerBlueprint > domainConfigSSMParam
| Type | string |
| Required | No |
Description: Q-ENHANCED-PROPERTY Optional SSM parameter reference for domain configuration enabling dynamic domain configuration management. Specifies the SSM parameter containing domain configuration data for flexible domain setup and configuration management.
Use cases: Dynamic configuration; SSM parameter reference; Configuration management; Flexible setup
AWS: AWS Systems Manager parameter for DataZone domain configuration reference
Validation: Must be valid SSM parameter name if provided; parameter must contain valid domain configuration
10.8. Property root > sagemakerBlueprint > enabledRegions
| Type | array of string |
| Required | No |
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| enabledRegions items | - |
10.8.1. root > sagemakerBlueprint > enabledRegions > enabledRegions items
| Type | string |
| Required | No |
10.9. Property root > sagemakerBlueprint > parameters
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Q-ENHANCED-PROPERTY Optional object containing named parameter configurations for the SageMaker blueprint. Enables parameterized blueprint deployment with validation rules and user input constraints.
Use cases: Product parameterization; User input collection; Deployment customization
AWS: AWS SageMaker blueprint parameters for user-configurable deployment options
Validation: Must be object with string keys and valid MdaaServiceCatalogParameterConfig values if provided *
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | Same as sagemakerBlueprint_additionalAccounts_additionalProperties_parameters_additionalProperties | - |
10.9.1. Property root > sagemakerBlueprint > parameters > MdaaSageMakerBluePrintParameterConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Same definition as | sagemakerBlueprint_additionalAccounts_additionalProperties_parameters_additionalProperties |
10.10. Property root > sagemakerBlueprint > provisioningRole
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | executionRole |
11. Property root > securityConfigurationName
| Type | string |
| Required | No |
Description: Glue security configuration name for job encryption (at rest, in transit, CloudWatch logs). Auto-resolved from project when projectName is set.
Use cases: Job encryption; Security compliance
AWS: Glue security configuration
Validation: Optional; auto-wired from project if projectName provided
12. Property root > service_catalog_product_config
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaServiceCatalogProductConfig |
Description: Q-ENHANCED-PROPERTY Optional Service Catalog product configuration for governed self-service deployment enabling controlled infrastructure provisioning and governance. When specified, deploys the module as a Service Catalog product instead of direct deployment for governed access and compliance.
Use cases: Governed deployment; Self-service provisioning; Service Catalog integration; Controlled access
AWS: Service Catalog product configuration for governed infrastructure deployment and self-service provisioning
Validation: Must be valid MdaaServiceCatalogProductConfig if provided; enables Service Catalog deployment mode
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - launch_role_name | No | string | No | - | IAM role name that will be used to launch the Service Catalog product |
| + name | No | string | No | - | Display name for the Service Catalog product that will be visible to end users in the Service Catalog console |
| + owner | No | string | No | - | Owner identifier for the Service Catalog product, typically representing the team or organization |
| - parameters | No | object | No | - | Object containing named parameter configurations for the Service Catalog product |
| + portfolio_arn | No | string | No | - | ARN of the AWS Service Catalog portfolio where the product will be associated |
| + portfolio_bucket_name | No | string | No | - | - |
12.1. Property root > service_catalog_product_config > launch_role_name
| Type | string |
| Required | No |
Description: IAM role name that will be used to launch the Service Catalog product
12.2. Property root > service_catalog_product_config > name
| Type | string |
| Required | Yes |
Description: Display name for the Service Catalog product that will be visible to end users in the Service Catalog console
12.3. Property root > service_catalog_product_config > owner
| Type | string |
| Required | Yes |
Description: Owner identifier for the Service Catalog product, typically representing the team or organization
12.4. Property root > service_catalog_product_config > parameters
| Type | object |
| Required | No |
| Additional properties | Each additional property must conform to the schema |
Description: Object containing named parameter configurations for the Service Catalog product
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | In #/definitions/MdaaServiceCatalogParameterConfig | - |
12.4.1. Property root > service_catalog_product_config > parameters > MdaaServiceCatalogParameterConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaServiceCatalogParameterConfig |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - constraints | No | object | No | In #/definitions/MdaaServiceCatalogConstraintConfig | Constraint configuration that defines additional validation rules for the Service Catalog product parameter |
| + props | No | object | No | Same as cfnParamProps | CloudFormation parameter properties that define the parameter characteristics including type, |
12.4.1.1. Property root > service_catalog_product_config > parameters > additionalProperties > constraints
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaServiceCatalogConstraintConfig |
Description: Constraint configuration that defines additional validation rules for the Service Catalog product parameter
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + description | No | string | No | - | Human-readable description explaining the purpose and scope of the Service Catalog constraint |
| + rules | No | object | No | - | Object containing named constraint rules that define the validation logic for Service Catalog product parameters |
12.4.1.1.1. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > description
| Type | string |
| Required | Yes |
Description: Human-readable description explaining the purpose and scope of the Service Catalog constraint
12.4.1.1.2. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules
| Type | object |
| Required | Yes |
| Additional properties | Each additional property must conform to the schema |
Description: Object containing named constraint rules that define the validation logic for Service Catalog product parameters
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| - | No | object | No | In #/definitions/MdaaServiceCatalogConstraintRuleConfig | - |
12.4.1.1.2.1. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > MdaaServiceCatalogConstraintRuleConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaServiceCatalogConstraintRuleConfig |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + assertions | No | array | No | - | Array of constraint assertions that define the validation logic to be applied when the condition is met |
| + condition | No | object | No | In #/definitions/MdaaServiceCatalogConstraintRuleCondititionConfig | Condition configuration that determines when the constraint rule assertions should be evaluated |
12.4.1.1.2.1.1. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > additionalProperties > assertions
| Type | array |
| Required | Yes |
Description: Array of constraint assertions that define the validation logic to be applied when the condition is met
| Array restrictions | |
|---|---|
| Min items | N/A |
| Max items | N/A |
| Items unicity | False |
| Additional items | False |
| Tuple validation | See below |
| Each item of this array must be | Description |
|---|---|
| MdaaServiceCatalogConstraintRuleAssertionConfig | - |
12.4.1.1.2.1.1.1. root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > additionalProperties > assertions > MdaaServiceCatalogConstraintRuleAssertionConfig
| Type | object |
| Required | No |
| Additional properties | Not allowed |
| Defined in | #/definitions/MdaaServiceCatalogConstraintRuleAssertionConfig |
| Property | Pattern | Type | Deprecated | Definition | Title/Description |
|---|---|---|---|---|---|
| + assert | No | string | No | - | Constraint assertion expression that defines the validation logic for Service Catalog product parameters |
| + description | No | string | No | - | Human-readable description explaining the purpose and requirements of the constraint assertion |
12.4.1.1.2.1.1.1.1. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > additionalProperties > assertions > assertions items > assert
| Type | string |
| Required | Yes |
Description: Constraint assertion expression that defines the validation logic for Service Catalog product parameters
12.4.1.1.2.1.1.1.2. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > additionalProperties > assertions > assertions items > description
| Type | string |
| Required | Yes |
Description: Human-readable description explaining the purpose and requirements of the constraint assertion
12.4.1.1.2.1.2. Property root > service_catalog_product_config > parameters > additionalProperties > constraints > rules > additionalProperties > condition
| Type | object |
| Required | Yes |
| Additional properties | Any type allowed |
| Defined in | #/definitions/MdaaServiceCatalogConstraintRuleCondititionConfig |
Description: Condition configuration that determines when the constraint rule assertions should be evaluated
12.4.1.2. Property root > service_catalog_product_config > parameters > additionalProperties > props
| Type | object |
| Required | Yes |
| Additional properties | Not allowed |
| Same definition as | cfnParamProps |
Description: CloudFormation parameter properties that define the parameter characteristics including type,
12.5. Property root > service_catalog_product_config > portfolio_arn
| Type | string |
| Required | Yes |
Description: ARN of the AWS Service Catalog portfolio where the product will be associated
12.6. Property root > service_catalog_product_config > portfolio_bucket_name
| Type | string |
| Required | Yes |