From 875587b34cfa66d508ada8d28fde8e511b2327dc Mon Sep 17 00:00:00 2001 From: James Woolfenden Date: Tue, 4 Feb 2025 20:36:16 +0000 Subject: [PATCH] schema update --- src/aws.go | 55 +- src/aws_datasource.go | 8 +- src/azure_datasource_test.go | 28 +- src/compare.go | 3 + src/coverage/aws.md | 4 +- src/coverage/coverage.go | 5 +- src/data_test.go | 7 + src/error_test.go | 9 + src/files.go | 14 +- src/files_aws.go | 7 +- src/gitHub.go | 13 +- src/make.go | 27 +- .../resource/aps/aws_prometheus_scraper.json | 6 +- .../aws_cloudwatch_metric_stream.json | 11 +- .../connect/aws_connect_phone_number.json | 4 +- .../detective/aws_detective_graph.json | 6 +- .../ec2/aws_verifiedaccess_endpoint.json | 21 +- .../aws/resource/ec2/aws_vpc_ipam.json | 13 +- .../kafka/aws_mskconnect_connector.json | 61 + .../aws_organizations_account.json | 1 + ...aws_organizations_organizational_unit.json | 3 +- .../aws_organizations_policy.json | 3 +- .../sso/aws_ssoadmin_application.json | 5 +- .../aws_timestreaminfluxdb_db_instance.json | 4 +- src/parse/aws-members.json | 4104 ++++++++--------- src/parse/azurerm-members.json | 2844 ++++++------ src/parse/google-members.json | 2808 +++++------ src/parse/parse.go | 3 + src/parse/parse_test.go | 8 + src/policy.go | 3 + src/policy_test.go | 1 + src/readme.go | 11 +- src/scan.go | 6 +- src/scan_test.go | 27 +- .../aws-acmpca-certificateauthority.json | 2 - .../aws-apigateway-documentationversion.json | 6 +- .../aws-apigateway-gatewayresponse.json | 10 +- src/schema/aws-apigateway-method.json | 70 +- src/schema/aws-apigateway-model.json | 8 +- .../aws-apigateway-requestvalidator.json | 8 +- src/schema/aws-apigateway-resource.json | 6 +- src/schema/aws-apigateway-restapi.json | 22 +- src/schema/aws-apigateway-stage.json | 52 +- src/schema/aws-apigateway-usageplan.json | 30 +- src/schema/aws-apigateway-usageplankey.json | 2 +- src/schema/aws-apigateway-vpclink.json | 6 +- src/schema/aws-appflow-flow.json | 7 + src/schema/aws-aps-rulegroupsnamespace.json | 4 + src/schema/aws-aps-scraper.json | 28 +- src/schema/aws-aps-workspace.json | 4 + src/schema/aws-athena-datacatalog.json | 2 +- src/schema/aws-backupgateway-hypervisor.json | 13 +- src/schema/aws-batch-jobdefinition.json | 33 + src/schema/aws-bedrock-knowledgebase.json | 8 + src/schema/aws-budgets-budgetsaction.json | 5 + .../aws-cloudformation-publictypeversion.json | 4 +- src/schema/aws-cloudformation-publisher.json | 4 +- .../aws-cloudformation-typeactivation.json | 4 +- src/schema/aws-cloudfront-distribution.json | 25 + src/schema/aws-cloudfront-vpcorigin.json | 164 + src/schema/aws-cloudwatch-metricstream.json | 21 +- .../aws-codeconnections-connection.json | 5 + .../aws-codestarconnections-connection.json | 5 + src/schema/aws-comprehend-flywheel.json | 4 + src/schema/aws-config-configrule.json | 2 +- src/schema/aws-connect-instance.json | 5 + src/schema/aws-connect-phonenumber.json | 4 +- src/schema/aws-connect-quickconnect.json | 4 + src/schema/aws-connect-securityprofile.json | 4 + src/schema/aws-datazone-datasource.json | 21 +- src/schema/aws-detective-graph.json | 6 +- src/schema/aws-dynamodb-table.json | 2 +- src/schema/aws-ec2-capacityreservation.json | 18 +- src/schema/aws-ec2-eip.json | 5 + src/schema/aws-ec2-ipam.json | 11 +- src/schema/aws-ec2-ipamresourcediscovery.json | 4 +- src/schema/aws-ec2-launchtemplate.json | 4 +- src/schema/aws-ec2-placementgroup.json | 1 + .../aws-ec2-verifiedaccessendpoint.json | 283 +- src/schema/aws-ec2-vpnconnection.json | 1 + src/schema/aws-ecr-publicrepository.json | 7 + src/schema/aws-ecs-service.json | 22 +- .../aws-eks-identityproviderconfig.json | 4 + src/schema/aws-fms-policy.json | 7 + src/schema/aws-glue-connection.json | 127 + src/schema/aws-glue-tableoptimizer.json | 48 + src/schema/aws-healthimaging-datastore.json | 5 + src/schema/aws-iot-billinggroup.json | 9 +- src/schema/aws-iot-thinggroup.json | 9 +- src/schema/aws-iot-thingtype.json | 5 + .../aws-iotfleetwise-statetemplate.json | 7 + src/schema/aws-iotfleetwise-vehicle.json | 99 + src/schema/aws-iotsitewise-gateway.json | 36 +- src/schema/aws-ivs-channel.json | 44 +- src/schema/aws-ivs-ingestconfiguration.json | 4 +- src/schema/aws-ivs-playbackkeypair.json | 2 +- src/schema/aws-ivs-publickey.json | 2 +- .../aws-ivs-recordingconfiguration.json | 4 +- src/schema/aws-ivs-stage.json | 5 +- src/schema/aws-ivs-storageconfiguration.json | 4 +- src/schema/aws-ivs-streamkey.json | 4 +- src/schema/aws-kafkaconnect-connector.json | 1 - .../aws-kinesisfirehose-deliverystream.json | 18 + src/schema/aws-lambda-codesigningconfig.json | 5 + src/schema/aws-m2-application.json | 6 + src/schema/aws-m2-environment.json | 6 + src/schema/aws-mediaconnect-flow.json | 105 +- src/schema/aws-msk-serverlesscluster.json | 5 + ...aws-neptunegraph-privategraphendpoint.json | 3 +- src/schema/aws-organizations-account.json | 1 + .../aws-organizations-organizationalunit.json | 1 + src/schema/aws-organizations-policy.json | 1 + .../aws-panorama-applicationinstance.json | 13 +- src/schema/aws-panorama-package.json | 13 +- src/schema/aws-panorama-packageversion.json | 1 - src/schema/aws-pcs-cluster.json | 1 - src/schema/aws-pcs-computenodegroup.json | 1 - src/schema/aws-pcs-queue.json | 1 - src/schema/aws-qbusiness-webexperience.json | 29 + src/schema/aws-quicksight-topic.json | 34 +- src/schema/aws-ram-permission.json | 5 + src/schema/aws-rds-dbcluster.json | 2 +- src/schema/aws-rds-dbinstance.json | 6 +- src/schema/aws-resiliencehub-app.json | 5 - src/schema/aws-resourcegroups-group.json | 3 +- src/schema/aws-s3-bucket.json | 83 +- src/schema/aws-sagemaker-featuregroup.json | 5 + src/schema/aws-sagemaker-image.json | 5 + src/schema/aws-sagemaker-pipeline.json | 12 + src/schema/aws-securityhub-hub.json | 5 + src/schema/aws-signer-profilepermission.json | 6 + src/schema/aws-signer-signingprofile.json | 12 + .../aws-ssmincidents-replicationset.json | 9 +- src/schema/aws-ssmincidents-responseplan.json | 5 + src/schema/aws-sso-application.json | 10 +- src/schema/aws-timestream-database.json | 12 + .../aws-timestream-influxdbinstance.json | 30 +- src/schema/aws-timestream-scheduledquery.json | 12 + src/schema/aws-timestream-table.json | 12 + src/utils_test.go | 1 + src/watch.go | 23 +- .../aws/backup/aws_mskconnect_connector.tf | 1 + 142 files changed, 6735 insertions(+), 5298 deletions(-) create mode 100644 src/mapping/aws/resource/kafka/aws_mskconnect_connector.json create mode 100644 src/schema/aws-cloudfront-vpcorigin.json create mode 100644 terraform/aws/backup/aws_mskconnect_connector.tf diff --git a/src/aws.go b/src/aws.go index b35c2c7f..80b9f293 100644 --- a/src/aws.go +++ b/src/aws.go @@ -47,7 +47,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_api_gateway_documentation_part": awsApigatewayv2Api, "aws_api_gateway_documentation_version": awsApigatewayv2Api, "aws_api_gateway_domain_name": awsApigatewayv2Api, - "aws_api_gateway_domain_name_access_association": awsApiGatewayDomainNameAccessAssociation, + "aws_api_gateway_domain_name_access_association": awsAPIGatewayDomainNameAccessAssociation, "aws_api_gateway_gateway_response": awsApigatewayv2Api, "aws_api_gateway_integration": awsApigatewayv2Api, "aws_api_gateway_integration_response": awsApigatewayv2Api, @@ -112,15 +112,15 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_appstream_stack": awsAppstreamStack, "aws_appstream_user": awsAppstreamUser, "aws_appstream_user_stack_association": awsAppstreamUserStackAssociation, - "aws_appsync_api_cache": awsAppsyncApiCache, - "aws_appsync_api_key": awsAppsyncApiKey, + "aws_appsync_api_cache": awsAppsyncAPICache, + "aws_appsync_api_key": awsAppsyncAPIKey, "aws_appsync_datasource": awsAppsyncDatasource, "aws_appsync_domain_name": awsAppsyncDomainName, "aws_appsync_domain_name_api_association": awsAppsyncDomainNameAPIAssociation, "aws_appsync_function": awsAppsyncFunction, "aws_appsync_graphql_api": awsAppsyncGraphAPI, "aws_appsync_resolver": awsAppsyncResolver, - "aws_appsync_source_api_association": awsAppsyncSourceApiAssociation, + "aws_appsync_source_api_association": awsAppsyncSourceAPIAssociation, "aws_appsync_type": awsAppsyncType, "aws_athena_data_catalog": awsAthenaDataCatalog, "aws_athena_database": awsAthenaDatabase, @@ -134,7 +134,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_auditmanager_control": awsAuditmanagerControl, "aws_auditmanager_framework": awsAuditmanagerFramework, "aws_auditmanager_framework_share": awsAuditmanagerFrameworkShare, - "aws_auditmanager_organization_admin_account_registration": awsAuditmanagerOrganizationAdminAccountRegistration, + "aws_auditmanager_organization_admin_account_registration": awsAuditmanagerOrganizationAdminAccountRegistration, //nolint:lll "aws_autoscaling_attachment": awsAutoscalingAttachment, "aws_autoscaling_group": awsAutoscalingGroup, "aws_autoscaling_group_tag": awsAutoscalingGroupTag, @@ -1155,7 +1155,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_servicecatalogappregistry_attribute_group": awsServicecatalogappregistryAttributeGroup, "aws_servicecatalogappregistry_attribute_group_association": awsServicecatalogappregistryAttributeGroupAssociation, "aws_transfer_server": awsTransferServer, - "aws_transfer_ssh_key": awsTransferSshKey, + "aws_transfer_ssh_key": awsTransferSSHKey, "aws_transfer_user": awsTransferUser, "aws_vpc_block_public_access_exclusion": awsVpcBlockPublicAccessExclusion, "aws_vpc_block_public_access_options": awsVpcBlockPublicAccessOptions, @@ -1184,7 +1184,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_ssm_default_patch_baseline": awsSsmDefaultPatchBaseline, "aws_ssm_service_setting": awsSsmServiceSetting, "aws_ssmquicksetup_configuration_manager": awsSsmquicksetupConfigurationManager, - "aws_wafregional_web_acl_association": awsWafregionalWebAclAssociation, + "aws_wafregional_web_acl_association": awsWafregionalWebACLAssociation, "aws_bedrockagent_agent_collaborator": awsBedrockagentAgentCollaborator, "aws_bedrockagent_agent_knowledge_base_association": awsBedrockagentKnowledgeBaseAssociation, "aws_cloudformation_stack_instances": awsCloudformationStackInstances, @@ -1231,7 +1231,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_prometheus_workspace": awsPrometheusWorkspace, "aws_rds_certificate": awsRdsCertificate, "aws_rds_cluster_snapshot_copy": awsRdsClusterSnapshotCopy, - "aws_rds_custom_db_engine_version": awsRdsCustomDbEngineVersion, + "aws_rds_custom_db_engine_version": awsRdsCustomDBEngineVersion, "aws_rds_export_task": awsRdsExportTask, "aws_rds_reserved_instance": awsRdsReservedInstance, "aws_dataexchange_data_set": awsDataexchangeDataSet, @@ -1274,7 +1274,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_lightsail_lb_attachment": awsLightsailLbAttachment, "aws_lightsail_lb_certificate": awsLightsailLbCertificate, "aws_lightsail_lb_certificate_attachment": awsLightsailLbCertificateAttachment, - "aws_lightsail_lb_https_redirection_policy": awsLightsailLbHttpsRedirectionPolicy, + "aws_lightsail_lb_https_redirection_policy": awsLightsailLbHTTPSRedirectionPolicy, "aws_lightsail_lb_stickiness_policy": awsLightsailLbStickinessPolicy, "aws_dx_bgp_peer": awsDxBgpPeer, "aws_dx_connection": awsDxConnection, @@ -1311,10 +1311,11 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals "aws_opsworks_permission": awsOpsworksPermission, "aws_opsworks_php_app_layer": awsOpsworksPhpAppLayer, "aws_opsworks_rails_app_layer": awsOpsworksRailsAppLayer, - "aws_opsworks_rds_db_instance": awsOpsworksRdsDbInstance, + "aws_opsworks_rds_db_instance": awsOpsworksRdsDBInstance, "aws_opsworks_stack": awsOpsworksStack, "aws_opsworks_static_web_layer": awsOpsworksStaticWebLayer, "aws_opsworks_user_profile": awsOpsworksUserProfile, + "aws_mskconnect_connector": awsMskconnectConnector, } // GetAWSPermissions for AWS resources. @@ -1405,13 +1406,9 @@ func GetPermissionMap(raw []byte, attributes []string, resource string) ([]strin return nil, &invalidJSONError{} } - //zero length is perfectly valid if no permissions required - //if len(attributes) == 0 { - // return nil, &zeroLengthAttributesError{resource} - //} - var mappings []interface{} err := json.Unmarshal(raw, &mappings) + if err != nil { return nil, &unmarshallJSONError{err, resource} } @@ -1439,9 +1436,16 @@ func GetPermissionMap(raw []byte, attributes []string, resource string) ([]strin for _, attribute := range attributes { if resourceAttributes[attribute] != nil { for _, entry := range resourceAttributes[attribute].([]interface{}) { + value, ok := entry.(string) + + if !ok { + log.Error().Msg("failed to cast to string") + continue + } + found = append( found, - entry.(string), + value, ) } } @@ -1462,9 +1466,17 @@ const ( destroy = "destroy" ) +type parameterNilError struct { + parameter string +} + +func (m *parameterNilError) Error() string { + return fmt.Sprintf("%s was nil", m.parameter) +} + func getActionPermissions(permissionMap map[string]interface{}, found []string) ([]string, error) { if permissionMap == nil { - return nil, fmt.Errorf("permissionMap was nil") + return nil, ¶meterNilError{parameter: "permissionMap"} } for _, action := range []string{apply, plan, modify, destroy} { @@ -1477,7 +1489,14 @@ func getActionPermissions(permissionMap map[string]interface{}, found []string) } for _, entry := range temp { - found = append(found, entry.(string)) + value, ok := entry.(string) + if !ok { + log.Error().Msg("failed to cast string") + + continue + } + + found = append(found, value) } } } diff --git a/src/aws_datasource.go b/src/aws_datasource.go index e764b2d1..a8b61682 100644 --- a/src/aws_datasource.go +++ b/src/aws_datasource.go @@ -394,7 +394,7 @@ var tFLookupDataAWS = map[string]interface{}{ "aws_organizations_organizational_unit": dataAwsOrganizationsOrganizationalUnit, "aws_organizations_organizational_unit_child_accounts": dataAwsOrganizationsOrganizationalUnitChildsAccounts, "aws_organizations_organizational_unit_descendant_accounts": dataAwsOrganizationsOrganizationalUnitDescendantAccounts, - "aws_organizations_organizational_unit_descendant_organizational_units": dataAwsOrganizationsOrganizationalUnitDescendantOrganizationalUnits, + "aws_organizations_organizational_unit_descendant_organizational_units": dataAwsOrganizationsOrganizationalUnitDescendantOrganizationalUnits, //nolint:lll "aws_organizations_organizational_units": dataAwsOrganizationsOrganizationalUnits, "aws_organizations_policies": dataAwsOrganizationsPolicies, "aws_organizations_policies_for_target": dataAwsOrganizationsPoliciesForTarget, @@ -449,7 +449,7 @@ var tFLookupDataAWS = map[string]interface{}{ "aws_route53_resolver_firewall_config": dataAwsRoute53ResolverFirewallConfig, "aws_route53_resolver_firewall_domain_list": dataAwsRoute53ResolverFirewallDomainList, "aws_route53_resolver_firewall_rule_group": dataAwsRoute53ResolverFirewallRuleGroup, - "aws_route53_resolver_firewall_rule_group_association": dataAwsRoute53ResolverFirewallGroupAssociation, + "aws_route53_resolver_firewall_rule_group_association": dataAwsRoute53ResolverFirewallGroupAssociation, //nolint:lll "aws_route53_resolver_firewall_rules": dataAwsRoute53ResolverFirewallRules, "aws_route53_resolver_query_log_config": dataAwsRoute53ResolverQueryLogConfig, "aws_route53_resolver_rule": dataAwsRoute53ResolverRule, @@ -479,7 +479,7 @@ var tFLookupDataAWS = map[string]interface{}{ "aws_secretsmanager_secrets": dataAwsSecretsmanagerSecrets, "aws_security_group": dataAwsSecurityGroup, "aws_security_groups": dataAwsSecurityGroup, - "aws_serverlessapplicationrepository_application": dataAwsServerlessapplicationrepositoryApplication, + "aws_serverlessapplicationrepository_application": dataAwsServerlessapplicationrepositoryApplication, //nolint:lll "aws_service": placeholder, "aws_service_discovery_dns_namespace": dataAwsServiceDiscoveryDNSNamespace, "aws_service_discovery_http_namespace": dataAwsServiceDiscoveryHTTPNamespace, @@ -530,7 +530,7 @@ var tFLookupDataAWS = map[string]interface{}{ "aws_ssoadmin_instances": dataAwsSsoadminInstances, "aws_ssoadmin_permission_set": dataAwsSsoadminPermissionSet, "aws_ssoadmin_permission_sets": dataAwsSsoadminPermissionSets, - "aws_ssoadmin_principal_application_assignments": dataAwsSsoadminPrincipalApplicationAssignments, + "aws_ssoadmin_principal_application_assignments": dataAwsSsoadminPrincipalApplicationAssignments, //nolint:lll "aws_storagegateway_local_disk": placeholder, "aws_subnet": dataAwsSubnetIDs, "aws_subnet_ids": dataAwsSubnetIDs, diff --git a/src/azure_datasource_test.go b/src/azure_datasource_test.go index 00817595..1d19b54d 100644 --- a/src/azure_datasource_test.go +++ b/src/azure_datasource_test.go @@ -20,16 +20,26 @@ func TestGetAZUREDataPermissions(t *testing.T) { want []string wantErr bool }{ - {name: "pass", args: args{ - result: pike.ResourceV2{ - TypeName: "data", - Name: "azurerm_resource_group", - ResourceName: "pike", - Provider: "azurerm", - Attributes: []string{"name", "location", "tags"}, + { + name: "pass", + args: args{ + result: pike.ResourceV2{ + TypeName: "data", + Name: "azurerm_resource_group", + ResourceName: "pike", + Provider: "azurerm", + Attributes: []string{"name", "location", "tags"}, + }, }, - }, want: []string{"Microsoft.Resources/subscriptions/resourcegroups/read"}}, - {name: "empty", wantErr: true}, + want: []string{"Microsoft.Resources/subscriptions/resourcegroups/read"}, + wantErr: false, + }, + { + name: "empty", + args: args{}, + want: nil, + wantErr: true, + }, { name: "guff", args: args{result: pike.ResourceV2{ diff --git a/src/compare.go b/src/compare.go index fb0c220f..cdb1dece 100644 --- a/src/compare.go +++ b/src/compare.go @@ -91,6 +91,7 @@ func (m *compareDifferenceError) Error() string { func CompareIAMPolicy(policy string, oldPolicy string) (bool, error) { differ := diff.New() compare, err := differ.Compare([]byte(policy), []byte(oldPolicy)) + if err != nil { return false, &compareDifferenceError{err} } @@ -113,6 +114,7 @@ func (m *formatterError) Error() string { func ShowDifferences(policy string, compare diff.Diff) (bool, error) { var aJSON map[string]interface{} err := json.Unmarshal([]byte(policy), &aJSON) + if err != nil { return false, &marshallPolicyError{err} } @@ -124,6 +126,7 @@ func ShowDifferences(policy string, compare diff.Diff) (bool, error) { myFormatter := formatter.NewAsciiFormatter(aJSON, myConfig) diffString, err := myFormatter.Format(compare) + if err != nil { return false, &formatterError{err} } diff --git a/src/coverage/aws.md b/src/coverage/aws.md index 93d9e467..b4a9c8c1 100644 --- a/src/coverage/aws.md +++ b/src/coverage/aws.md @@ -1,6 +1,6 @@ # todo aws -Resource percentage coverage 87.75 +Resource percentage coverage 82.43 Datasource percentage coverage 100.00 ./resource.ps1 aws_cognito_managed_user_pool_client @@ -70,7 +70,7 @@ Datasource percentage coverage 100.00 ./resource.ps1 aws_main_route_table_association ./resource.ps1 aws_memorydb_multi_region_cluster ./resource.ps1 aws_msk_single_scram_secret_association -./resource.ps1 aws_mskconnect_connector + ./resource.ps1 aws_mskconnect_custom_plugin ./resource.ps1 aws_mskconnect_worker_configuration ./resource.ps1 aws_neptune_global_cluster diff --git a/src/coverage/coverage.go b/src/coverage/coverage.go index a2f0aa13..b2237a09 100644 --- a/src/coverage/coverage.go +++ b/src/coverage/coverage.go @@ -88,6 +88,7 @@ func coverageAzure() error { target = Prepend + target err := os.WriteFile("azure.md", []byte(target), 0o700) + if err != nil { return &fileWriteError{err} } @@ -122,8 +123,10 @@ func coverageGcp() error { target = Prepend + target err := os.WriteFile("google.md", []byte(target), 0o700) + if err != nil { - return &fileWriteError{} + + return &fileWriteError{err} } return nil diff --git a/src/data_test.go b/src/data_test.go index b219f37c..65b6a5eb 100644 --- a/src/data_test.go +++ b/src/data_test.go @@ -76,6 +76,7 @@ func TestGetResources(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + got, err := pike.GetResources(tt.args.file, tt.args.dirName) if (err != nil) != tt.wantErr { @@ -382,11 +383,13 @@ func TestGetPermission(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() got, err := pike.GetPermission(tt.args.result) + if (err != nil) != tt.wantErr { t.Errorf("GetPermission() error = %v, wantErr %v", err, tt.wantErr) return } + if !reflect.DeepEqual(got, tt.want) { t.Errorf("GetPermission() = %v, want %v", got, tt.want) } @@ -434,12 +437,15 @@ func TestGetResourceBlocks(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + got, err := pike.GetResourceBlocks(tt.args.file) + if (err != nil) != tt.wantErr { t.Errorf("GetResourceBlocks() error = %v, wantErr %v", err, tt.wantErr) return } + if !reflect.DeepEqual(got.SrcRange, tt.want) { t.Errorf("GetResourceBlocks() = %v, want %v", got.SrcRange, tt.want) } @@ -542,6 +548,7 @@ func TestDetectBackend(t *testing.T) { if (err != nil) != tt.wantErr { t.Errorf("DetectBackend() error = %v, wantErr %v", err, tt.wantErr) + return } diff --git a/src/error_test.go b/src/error_test.go index 68453949..ec9885c5 100644 --- a/src/error_test.go +++ b/src/error_test.go @@ -382,6 +382,7 @@ func TestEmptyTypeNameError(t *testing.T) { t.Run("implements error interface", func(t *testing.T) { t.Parallel() var err error = &emptyTypeNameError{} // Verify it satisfies error interface + if err == nil { t.Error("emptyTypeNameError should implement error interface") } @@ -645,6 +646,7 @@ func TestDirectoryErrors(t *testing.T) { t.Run("empty directory error", func(t *testing.T) { err := &emptyDirectoryError{} expected := "directory value cannot be an empty string" + if err.Error() != expected { t.Errorf("expected %q, got %q", expected, err.Error()) } @@ -653,6 +655,7 @@ func TestDirectoryErrors(t *testing.T) { t.Run("directory not found error", func(t *testing.T) { err := &directoryNotFoundError{directory: "/tmp/nonexistent"} expected := "directory does not exist: /tmp/nonexistent" + if err.Error() != expected { t.Errorf("expected %q, got %q", expected, err.Error()) } @@ -663,12 +666,14 @@ func TestARNErrors(t *testing.T) { t.Run("empty ARN error", func(t *testing.T) { err := &arnEmptyError{} expected := "ARN cannot be empty" + if err.Error() != expected { t.Errorf("expected %q, got %q", expected, err.Error()) } }) t.Run("invalid ARN error", func(t *testing.T) { + t.Parallel() err := &invalidARNError{arn: "invalid:arn"} expected := "invalid ARN: invalid:arn" @@ -679,7 +684,9 @@ func TestARNErrors(t *testing.T) { } func TestAWSErrors(t *testing.T) { + t.Run("AWS config error", func(t *testing.T) { + t.Parallel() err := &awsConfigError{err: &emptyNameError{}} expected := "failed to load AWS config: Name cannot be empty" @@ -689,6 +696,7 @@ func TestAWSErrors(t *testing.T) { }) t.Run("get IAM version error", func(t *testing.T) { + t.Parallel() err := &getIAMVersionError{err: &emptyNameError{}} expected := "failed to get IAM version: Name cannot be empty" @@ -727,6 +735,7 @@ func TestPolicyErrors(t *testing.T) { }) t.Run("marshall policy error", func(t *testing.T) { + t.Parallel() err := &marshallPolicyError{err: &emptyNameError{}} expected := "failed to marshal policy: Name cannot be empty" diff --git a/src/files.go b/src/files.go index d2ef6d40..01f3489f 100644 --- a/src/files.go +++ b/src/files.go @@ -3071,7 +3071,7 @@ var awsS3tablesTablePolicy []byte var awsS3tablesTableBucket []byte //go:embed mapping/aws/resource/apigateway/aws_api_gateway_domain_name_access_association.json -var awsApiGatewayDomainNameAccessAssociation []byte +var awsAPIGatewayDomainNameAccessAssociation []byte //go:embed mapping/aws/resource/appconfig/aws_appconfig_deployment_strategy.json var awsAppconfigDeploymentStrategy []byte @@ -3116,16 +3116,16 @@ var awsAppstreamUser []byte var awsAppstreamUserStackAssociation []byte //go:embed mapping/aws/resource/appsync/aws_appsync_api_cache.json -var awsAppsyncApiCache []byte +var awsAppsyncAPICache []byte //go:embed mapping/aws/resource/appsync/aws_appsync_api_key.json -var awsAppsyncApiKey []byte +var awsAppsyncAPIKey []byte //go:embed mapping/aws/resource/appsync/aws_appsync_datasource.json var awsAppsyncDatasource []byte //go:embed mapping/aws/resource/appsync/aws_appsync_source_api_association.json -var awsAppsyncSourceApiAssociation []byte +var awsAppsyncSourceAPIAssociation []byte //go:embed mapping/aws/resource/appsync/aws_appsync_type.json var awsAppsyncType []byte @@ -3257,7 +3257,7 @@ var awsServicecatalogappregistryAttributeGroupAssociation []byte var awsTransferServer []byte //go:embed mapping/aws/resource/transfer/aws_transfer_ssh_key.json -var awsTransferSshKey []byte +var awsTransferSSHKey []byte //go:embed mapping/aws/resource/transfer/aws_transfer_user.json var awsTransferUser []byte @@ -3338,7 +3338,7 @@ var awsSsmServiceSetting []byte var awsSsmquicksetupConfigurationManager []byte //go:embed mapping/aws/resource/wafregional/aws_wafregional_web_acl_association.json -var awsWafregionalWebAclAssociation []byte +var awsWafregionalWebACLAssociation []byte //go:embed mapping/aws/resource/bedrock/aws_bedrockagent_agent_collaborator.json var awsBedrockagentAgentCollaborator []byte @@ -3479,7 +3479,7 @@ var awsRdsCertificate []byte var awsRdsClusterSnapshotCopy []byte //go:embed mapping/aws/resource/rds/aws_rds_custom_db_engine_version.json -var awsRdsCustomDbEngineVersion []byte +var awsRdsCustomDBEngineVersion []byte //go:embed mapping/aws/resource/rds/aws_rds_export_task.json var awsRdsExportTask []byte diff --git a/src/files_aws.go b/src/files_aws.go index ad21af4a..b1ba1978 100644 --- a/src/files_aws.go +++ b/src/files_aws.go @@ -125,7 +125,7 @@ var awsLightsailLbCertificate []byte var awsLightsailLbCertificateAttachment []byte //go:embed mapping/aws/resource/lightsail/aws_lightsail_lb_https_redirection_policy.json -var awsLightsailLbHttpsRedirectionPolicy []byte +var awsLightsailLbHTTPSRedirectionPolicy []byte //go:embed mapping/aws/resource/lightsail/aws_lightsail_lb_stickiness_policy.json var awsLightsailLbStickinessPolicy []byte @@ -236,7 +236,7 @@ var awsOpsworksPhpAppLayer []byte var awsOpsworksRailsAppLayer []byte //go:embed mapping/aws/resource/opsworks/aws_opsworks_rds_db_instance.json -var awsOpsworksRdsDbInstance []byte +var awsOpsworksRdsDBInstance []byte //go:embed mapping/aws/resource/opsworks/aws_opsworks_stack.json var awsOpsworksStack []byte @@ -246,3 +246,6 @@ var awsOpsworksStaticWebLayer []byte //go:embed mapping/aws/resource/opsworks/aws_opsworks_user_profile.json var awsOpsworksUserProfile []byte + +//go:embed mapping/aws/resource/kafka/aws_mskconnect_connector.json +var awsMskconnectConnector []byte diff --git a/src/gitHub.go b/src/gitHub.go index b374c4ab..768d616d 100644 --- a/src/gitHub.go +++ b/src/gitHub.go @@ -2,7 +2,6 @@ package pike import ( "context" - "errors" "fmt" "io" "net/http" @@ -151,6 +150,7 @@ func (m *listBranchesError) Error() string { func VerifyBranch(client *github.Client, owner string, repo string, branch string) error { ctx := context.Background() branches, _, err := client.Repositories.ListBranches(ctx, owner, repo, nil) + if err != nil { return &listBranchesError{err} } @@ -168,7 +168,16 @@ func VerifyBranch(client *github.Client, owner string, repo string, branch strin return nil } - return errors.New("branch " + branch + " not found for " + repo) + return &branchNotFoundError{branch, repo} +} + +type branchNotFoundError struct { + branch string + repo string +} + +func (m *branchNotFoundError) Error() string { + return fmt.Sprintf("branch %s not found for repo %s", m.branch, m.repo) } // VerifyURL tests a url. diff --git a/src/make.go b/src/make.go index 25967a72..e820a05e 100644 --- a/src/make.go +++ b/src/make.go @@ -2,7 +2,6 @@ package pike import ( "context" - "errors" "fmt" "os" "os/exec" @@ -50,7 +49,7 @@ func Make(directory string) (*string, error) { myValue, ok := arn.Value.(string) if !ok { - return nil, fmt.Errorf("arn value is not a string") + return nil, &castToStringError{"arn"} } log.Info().Msgf("aws role create/updated %s", myValue) @@ -58,13 +57,27 @@ func Make(directory string) (*string, error) { role, ok := arn.Value.(string) if !ok { - return nil, fmt.Errorf("arn value is not a string") + return nil, &castToStringError{"arn"} } return &role, nil } - return nil, errors.New("no arn found in state") + return nil, &arnNotFoundInStateError{} +} + +type castToStringError struct { + value string +} + +func (e *castToStringError) Error() string { + return fmt.Sprint("cannot convert ", e.value, " to a string") +} + +type arnNotFoundInStateError struct{} + +func (e *arnNotFoundInStateError) Error() string { + return "no arn found in state" } func tfApply(policyPath string) (*tfexec.Terraform, error) { @@ -75,7 +88,7 @@ func tfApply(policyPath string) (*tfexec.Terraform, error) { terraform, err := tfexec.NewTerraform(policyPath, tfPath) if err != nil { - return nil, err + return nil, &terraformNewError{err: err} } err = terraform.Init(context.Background(), tfexec.Upgrade(true)) @@ -88,7 +101,7 @@ func tfApply(policyPath string) (*tfexec.Terraform, error) { err = terraform.Apply(ctx) if err != nil { - return nil, &terraformApplyError{err: err} + return nil, &terraformApplyError{err: err, target: policyPath} } return terraform, nil @@ -166,12 +179,14 @@ func tfPlan(policyPath string) error { cmd = exec.CommandContext(ctx, terraform.ExecPath(), chdir, "show", "--json", "tf.plan") stdout, err = cmd.Output() + if err != nil { return &terraformPlanError{err} } outfile := filepath.Join(policyPath, "tf.json") err = os.WriteFile(outfile, stdout, 0o666) + if err != nil { return &writeFileError{file: outfile, err: err} } diff --git a/src/mapping/aws/resource/aps/aws_prometheus_scraper.json b/src/mapping/aws/resource/aps/aws_prometheus_scraper.json index 9a896d98..87094592 100644 --- a/src/mapping/aws/resource/aps/aws_prometheus_scraper.json +++ b/src/mapping/aws/resource/aps/aws_prometheus_scraper.json @@ -13,7 +13,8 @@ "eks:CreateAccessEntry", "eks:DescribeCluster", "iam:CreateServiceLinkedRole", - "iam:DeleteServiceLinkedRole" + "iam:DeleteServiceLinkedRole", + "iam:PassRole" ], "attributes": { "tags": [ @@ -36,7 +37,8 @@ "aps:DescribeScraper", "aps:UpdateScraper", "aps:DescribeWorkspace", - "aps:ListTagsForResource" + "aps:ListTagsForResource", + "iam:PassRole" ], "plan": [ "aps:DescribeScraper", diff --git a/src/mapping/aws/resource/cloudwatch/aws_cloudwatch_metric_stream.json b/src/mapping/aws/resource/cloudwatch/aws_cloudwatch_metric_stream.json index 028c6bb2..e0a63402 100644 --- a/src/mapping/aws/resource/cloudwatch/aws_cloudwatch_metric_stream.json +++ b/src/mapping/aws/resource/cloudwatch/aws_cloudwatch_metric_stream.json @@ -16,7 +16,14 @@ "destroy": [ "cloudwatch:DeleteMetricStream" ], - "modify": [], - "plan": [] + "modify": [ + "cloudwatch:PutMetricStream", + "cloudwatch:GetMetricStream", + "iam:PassRole" + ], + "plan": [ + "cloudwatch:GetMetricStream", + "cloudwatch:ListTagsForResource" + ] } ] diff --git a/src/mapping/aws/resource/connect/aws_connect_phone_number.json b/src/mapping/aws/resource/connect/aws_connect_phone_number.json index 481bb742..b448c120 100644 --- a/src/mapping/aws/resource/connect/aws_connect_phone_number.json +++ b/src/mapping/aws/resource/connect/aws_connect_phone_number.json @@ -8,7 +8,9 @@ "connect:ReleasePhoneNumber", "connect:ImportPhoneNumber", "sms-voice:DescribePhoneNumbers", - "connect:UpdatePhoneNumberMetadata" + "connect:UpdatePhoneNumberMetadata", + "social-messaging:GetLinkedWhatsAppBusinessAccountPhoneNumber", + "social-messaging:TagResource" ], "attributes": { "tags": [ diff --git a/src/mapping/aws/resource/detective/aws_detective_graph.json b/src/mapping/aws/resource/detective/aws_detective_graph.json index 6d19d253..dafc6c79 100644 --- a/src/mapping/aws/resource/detective/aws_detective_graph.json +++ b/src/mapping/aws/resource/detective/aws_detective_graph.json @@ -4,8 +4,8 @@ "detective:CreateGraph", "detective:UpdateOrganizationConfiguration", "organizations:DescribeOrganization", - "detective:DeleteGraph", "detective:ListGraphs", + "detective:DeleteGraph", "detective:ListTagsForResource", "detective:DescribeOrganizationConfiguration", "detective:UpdateOrganizationConfiguration" @@ -17,9 +17,11 @@ ] }, "destroy": [ - "detective:DeleteGraph" + "detective:DeleteGraph", + "detective:ListGraphs" ], "modify": [ + "detective:ListGraphs", "detective:UpdateOrganizationConfiguration" ], "plan": [] diff --git a/src/mapping/aws/resource/ec2/aws_verifiedaccess_endpoint.json b/src/mapping/aws/resource/ec2/aws_verifiedaccess_endpoint.json index a93d228a..5c689d41 100644 --- a/src/mapping/aws/resource/ec2/aws_verifiedaccess_endpoint.json +++ b/src/mapping/aws/resource/ec2/aws_verifiedaccess_endpoint.json @@ -13,13 +13,23 @@ "ec2:DescribeTags", "ec2:DescribeVerifiedAccessEndpoints", "ec2:ModifyVerifiedAccessEndpoint", + "ec2:DescribeVerifiedAccessEndpoints", + "ec2:DescribeSecurityGroups", + "ec2:DescribeVpcs", "iam:CreateServiceLinkedRole", "iam:ListRoles", "sso:CreateManagedApplicationInstance", "sso:DeleteManagedApplicationInstance", "sso:GetManagedApplicationInstance", "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration" + "sso:GetSharedSsoConfiguration", + "sso:PutApplicationAccessScope", + "sso:GetSharedSsoConfiguration", + "rds:DescribeDbInstances", + "rds:DescribeDbProxies", + "rds:DescribeDbClusters", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeVpcEndpointServiceConfigurations" ], "attributes": { "load_balancer_options": [ @@ -57,6 +67,13 @@ "acm:DeleteCertificateRelation", "sso:DeleteManagedApplicationInstance" ], - "plan": [] + "plan": [ + "ec2:DescribeVerifiedAccessEndpoints", + "ec2:GetVerifiedAccessEndpointPolicy", + "ec2:DescribeTags", + "rds:DescribeDbInstances", + "rds:DescribeDbProxies", + "rds:DescribeDbClusters" + ] } ] diff --git a/src/mapping/aws/resource/ec2/aws_vpc_ipam.json b/src/mapping/aws/resource/ec2/aws_vpc_ipam.json index 9a8fa85d..7575d539 100644 --- a/src/mapping/aws/resource/ec2/aws_vpc_ipam.json +++ b/src/mapping/aws/resource/ec2/aws_vpc_ipam.json @@ -6,7 +6,9 @@ "ec2:DescribeIpams", "ec2:DeleteIpam", "ec2:ModifyIpam", - "ec2:DescribeTags" + "ec2:DescribeTags", + "ec2:DescribeIpamResourceDiscoveries", + "ec2:ModifyIpamResourceDiscovery" ], "attributes": { "tags": [ @@ -18,8 +20,13 @@ "ec2:DeleteIpam" ], "modify": [ - "ec2:ModifyIpam" + "ec2:ModifyIpam", + "ec2:DescribeIpamResourceDiscoveries", + "ec2:ModifyIpamResourceDiscovery" ], - "plan": [] + "plan": [ + "ec2:DescribeIpams", + "ec2:DescribeIpamResourceDiscoveries" + ] } ] diff --git a/src/mapping/aws/resource/kafka/aws_mskconnect_connector.json b/src/mapping/aws/resource/kafka/aws_mskconnect_connector.json new file mode 100644 index 00000000..95457a8a --- /dev/null +++ b/src/mapping/aws/resource/kafka/aws_mskconnect_connector.json @@ -0,0 +1,61 @@ +[ + { + "apply": [ + "kafkaconnect:CreateConnector", + "kafkaconnect:DescribeConnector", + "kafkaconnect:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "ec2:CreateNetworkInterface", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "logs:CreateLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups", + "s3:GetBucketPolicy", + "s3:PutBucketPolicy", + "firehose:TagDeliveryStream", + "kafkaconnect:UpdateConnector", + "kafkaconnect:DeleteConnector", + "logs:DeleteLogDelivery", + "logs:UpdateLogDelivery" + ], + "attributes": { + "tags": [ + "kafkaconnect:TagResource", + "kafkaconnect:UntagResource" + ] + }, + "destroy": [ + "kafkaconnect:DeleteConnector", + "kafkaconnect:DescribeConnector", + "logs:DeleteLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries" + ], + "modify": [ + "kafkaconnect:UpdateConnector", + "kafkaconnect:DescribeConnector", + "kafkaconnect:DescribeConnectorOperation", + "kafkaconnect:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "logs:UpdateLogDelivery", + "logs:GetLogDelivery", + "logs:ListLogDeliveries", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups", + "s3:GetBucketPolicy", + "s3:PutBucketPolicy", + "firehose:TagDeliveryStream" + ], + "plan": [ + "kafkaconnect:DescribeConnector", + "kafkaconnect:ListTagsForResource" + ] + } +] diff --git a/src/mapping/aws/resource/organizations/aws_organizations_account.json b/src/mapping/aws/resource/organizations/aws_organizations_account.json index c83bbf41..c4d14724 100644 --- a/src/mapping/aws/resource/organizations/aws_organizations_account.json +++ b/src/mapping/aws/resource/organizations/aws_organizations_account.json @@ -4,6 +4,7 @@ "organizations:CreateAccount", "organizations:DescribeCreateAccountStatus", "organizations:MoveAccount", + "organizations:ListAccounts", "organizations:ListParents", "organizations:DescribeAccount", "organizations:ListTagsForResource", diff --git a/src/mapping/aws/resource/organizations/aws_organizations_organizational_unit.json b/src/mapping/aws/resource/organizations/aws_organizations_organizational_unit.json index 5e6ad722..1a1c4f78 100644 --- a/src/mapping/aws/resource/organizations/aws_organizations_organizational_unit.json +++ b/src/mapping/aws/resource/organizations/aws_organizations_organizational_unit.json @@ -5,7 +5,8 @@ "organizations:DescribeOrganizationalUnit", "organizations:ListParents", "organizations:ListTagsForResource", - "organizations:UpdateOrganizationalUnit" + "organizations:UpdateOrganizationalUnit", + "organizations:ListOrganizationalUnitsForParent" ], "attributes": { "tags": [ diff --git a/src/mapping/aws/resource/organizations/aws_organizations_policy.json b/src/mapping/aws/resource/organizations/aws_organizations_policy.json index 531a4753..830ad735 100644 --- a/src/mapping/aws/resource/organizations/aws_organizations_policy.json +++ b/src/mapping/aws/resource/organizations/aws_organizations_policy.json @@ -8,7 +8,8 @@ "organizations:AttachPolicy", "organizations:DetachPolicy", "organizations:ListTagsForResource", - "organizations:ListTargetsForPolicy" + "organizations:ListTargetsForPolicy", + "organizations:ListPolicies" ], "attributes": { "tags": [ diff --git a/src/mapping/aws/resource/sso/aws_ssoadmin_application.json b/src/mapping/aws/resource/sso/aws_ssoadmin_application.json index 190b96b2..76ff0220 100644 --- a/src/mapping/aws/resource/sso/aws_ssoadmin_application.json +++ b/src/mapping/aws/resource/sso/aws_ssoadmin_application.json @@ -3,7 +3,8 @@ "apply": [ "sso:CreateApplication", "sso:DescribeApplication", - "sso:DeleteApplication" + "sso:DeleteApplication", + "sso:ListTagsForResource" ], "attributes": { "tags": [ @@ -24,4 +25,4 @@ "sso:ListTagsForResource" ] } -] +] diff --git a/src/mapping/aws/resource/timestreamwrite/aws_timestreaminfluxdb_db_instance.json b/src/mapping/aws/resource/timestreamwrite/aws_timestreaminfluxdb_db_instance.json index 5c9c17aa..899ca2f5 100644 --- a/src/mapping/aws/resource/timestreamwrite/aws_timestreaminfluxdb_db_instance.json +++ b/src/mapping/aws/resource/timestreamwrite/aws_timestreaminfluxdb_db_instance.json @@ -32,7 +32,9 @@ "timestream-influxdb:GetDbInstance", "timestream-influxdb:ListDbInstances", "timestream-influxdb:UpdateDbInstance", - "timestream-influxdb:ListTagsForResource" + "timestream-influxdb:ListTagsForResource", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" ], "plan": [ "timestream-influxdb:GetDbInstance", diff --git a/src/parse/aws-members.json b/src/parse/aws-members.json index 8d7ea59b..10c21cec 100755 --- a/src/parse/aws-members.json +++ b/src/parse/aws-members.json @@ -1,2052 +1,2052 @@ -{ - "resources": [ - "aws_accessanalyzer_analyzer", - "aws_accessanalyzer_archive_rule", - "aws_account_alternate_contact", - "aws_account_primary_contact", - "aws_account_region", - "aws_acm_certificate", - "aws_acm_certificate_validation", - "aws_acmpca_certificate", - "aws_acmpca_certificate_authority", - "aws_acmpca_certificate_authority_certificate", - "aws_acmpca_permission", - "aws_acmpca_policy", - "aws_alb", - "aws_ami", - "aws_ami_copy", - "aws_ami_from_instance", - "aws_ami_launch_permission", - "aws_amplify_app", - "aws_amplify_backend_environment", - "aws_amplify_branch", - "aws_amplify_domain_association", - "aws_amplify_webhook", - "aws_api_gateway_account", - "aws_api_gateway_api_key", - "aws_api_gateway_authorizer", - "aws_api_gateway_base_path_mapping", - "aws_api_gateway_client_certificate", - "aws_api_gateway_deployment", - "aws_api_gateway_documentation_part", - "aws_api_gateway_documentation_version", - "aws_api_gateway_domain_name", - "aws_api_gateway_domain_name_access_association", - "aws_api_gateway_gateway_response", - "aws_api_gateway_integration", - "aws_api_gateway_integration_response", - "aws_api_gateway_method", - "aws_api_gateway_method_response", - "aws_api_gateway_method_settings", - "aws_api_gateway_model", - "aws_api_gateway_request_validator", - "aws_api_gateway_resource", - "aws_api_gateway_rest_api", - "aws_api_gateway_rest_api_policy", - "aws_api_gateway_stage", - "aws_api_gateway_usage_plan", - "aws_api_gateway_usage_plan_key", - "aws_api_gateway_vpc_link", - "aws_apigatewayv2_api", - "aws_apigatewayv2_api_mapping", - "aws_apigatewayv2_authorizer", - "aws_apigatewayv2_deployment", - "aws_apigatewayv2_domain_name", - "aws_apigatewayv2_integration", - "aws_apigatewayv2_integration_response", - "aws_apigatewayv2_model", - "aws_apigatewayv2_route", - "aws_apigatewayv2_route_response", - "aws_apigatewayv2_stage", - "aws_apigatewayv2_vpc_link", - "aws_app_cookie_stickiness_policy", - "aws_appautoscaling_policy", - "aws_appautoscaling_scheduled_action", - "aws_appautoscaling_target", - "aws_appconfig_application", - "aws_appconfig_configuration_profile", - "aws_appconfig_deployment", - "aws_appconfig_deployment_strategy", - "aws_appconfig_environment", - "aws_appconfig_extension", - "aws_appconfig_extension_association", - "aws_appconfig_hosted_configuration_version", - "aws_appfabric_app_authorization", - "aws_appfabric_app_authorization_connection", - "aws_appfabric_app_bundle", - "aws_appfabric_ingestion", - "aws_appfabric_ingestion_destination", - "aws_appflow_connector_profile", - "aws_appflow_flow", - "aws_appintegrations_data_integration", - "aws_appintegrations_event_integration", - "aws_applicationinsights_application", - "aws_appmesh_gateway_route", - "aws_appmesh_mesh", - "aws_appmesh_route", - "aws_appmesh_virtual_gateway", - "aws_appmesh_virtual_node", - "aws_appmesh_virtual_router", - "aws_appmesh_virtual_service", - "aws_apprunner_auto_scaling_configuration_version", - "aws_apprunner_connection", - "aws_apprunner_custom_domain_association", - "aws_apprunner_default_auto_scaling_configuration_version", - "aws_apprunner_deployment", - "aws_apprunner_observability_configuration", - "aws_apprunner_service", - "aws_apprunner_vpc_connector", - "aws_apprunner_vpc_ingress_connection", - "aws_appstream_directory_config", - "aws_appstream_fleet", - "aws_appstream_fleet_stack_association", - "aws_appstream_image_builder", - "aws_appstream_stack", - "aws_appstream_user", - "aws_appstream_user_stack_association", - "aws_appsync_api_cache", - "aws_appsync_api_key", - "aws_appsync_datasource", - "aws_appsync_domain_name", - "aws_appsync_domain_name_api_association", - "aws_appsync_function", - "aws_appsync_graphql_api", - "aws_appsync_resolver", - "aws_appsync_source_api_association", - "aws_appsync_type", - "aws_athena_data_catalog", - "aws_athena_database", - "aws_athena_named_query", - "aws_athena_prepared_statement", - "aws_athena_workgroup", - "aws_auditmanager_account_registration", - "aws_auditmanager_assessment", - "aws_auditmanager_assessment_delegation", - "aws_auditmanager_assessment_report", - "aws_auditmanager_control", - "aws_auditmanager_framework", - "aws_auditmanager_framework_share", - "aws_auditmanager_organization_admin_account_registration", - "aws_autoscaling_attachment", - "aws_autoscaling_group", - "aws_autoscaling_group_tag", - "aws_autoscaling_lifecycle_hook", - "aws_autoscaling_notification", - "aws_autoscaling_policy", - "aws_autoscaling_schedule", - "aws_autoscaling_traffic_source_attachment", - "aws_autoscalingplans_scaling_plan", - "aws_backup_framework", - "aws_backup_global_settings", - "aws_backup_logically_air_gapped_vault", - "aws_backup_plan", - "aws_backup_region_settings", - "aws_backup_report_plan", - "aws_backup_selection", - "aws_backup_vault", - "aws_backup_vault_lock_configuration", - "aws_backup_vault_notifications", - "aws_backup_vault_policy", - "aws_batch_compute_environment", - "aws_batch_job_definition", - "aws_batch_job_queue", - "aws_batch_scheduling_policy", - "aws_bcmdataexports_export", - "aws_bedrock_custom_model", - "aws_bedrock_guardrail", - "aws_bedrock_guardrail_version", - "aws_bedrock_inference_profile", - "aws_bedrock_model_invocation_logging_configuration", - "aws_bedrock_provisioned_model_throughput", - "aws_bedrockagent_agent", - "aws_bedrockagent_agent_action_group", - "aws_bedrockagent_agent_alias", - "aws_bedrockagent_agent_collaborator", - "aws_bedrockagent_agent_knowledge_base_association", - "aws_bedrockagent_data_source", - "aws_bedrockagent_knowledge_base", - "aws_budgets_budget", - "aws_budgets_budget_action", - "aws_ce_anomaly_monitor", - "aws_ce_anomaly_subscription", - "aws_ce_cost_allocation_tag", - "aws_ce_cost_category", - "aws_chatbot_slack_channel_configuration", - "aws_chatbot_teams_channel_configuration", - "aws_chime_voice_connector", - "aws_chime_voice_connector_group", - "aws_chime_voice_connector_logging", - "aws_chime_voice_connector_origination", - "aws_chime_voice_connector_streaming", - "aws_chime_voice_connector_termination", - "aws_chime_voice_connector_termination_credentials", - "aws_chimesdkmediapipelines_media_insights_pipeline_configuration", - "aws_chimesdkvoice_global_settings", - "aws_chimesdkvoice_sip_media_application", - "aws_chimesdkvoice_sip_rule", - "aws_chimesdkvoice_voice_profile_domain", - "aws_cleanrooms_collaboration", - "aws_cleanrooms_configured_table", - "aws_cleanrooms_membership", - "aws_cloud9_environment_ec2", - "aws_cloud9_environment_membership", - "aws_cloudcontrolapi_resource", - "aws_cloudformation_stack", - "aws_cloudformation_stack_instances", - "aws_cloudformation_stack_set", - "aws_cloudformation_stack_set_instance", - "aws_cloudformation_type", - "aws_cloudfront_cache_policy", - "aws_cloudfront_continuous_deployment_policy", - "aws_cloudfront_distribution", - "aws_cloudfront_field_level_encryption_config", - "aws_cloudfront_field_level_encryption_profile", - "aws_cloudfront_function", - "aws_cloudfront_key_group", - "aws_cloudfront_key_value_store", - "aws_cloudfront_monitoring_subscription", - "aws_cloudfront_origin_access_control", - "aws_cloudfront_origin_access_identity", - "aws_cloudfront_origin_request_policy", - "aws_cloudfront_public_key", - "aws_cloudfront_realtime_log_config", - "aws_cloudfront_response_headers_policy", - "aws_cloudfront_vpc_origin", - "aws_cloudfrontkeyvaluestore_key", - "aws_cloudhsm_v2_cluster", - "aws_cloudhsm_v2_hsm", - "aws_cloudsearch_domain", - "aws_cloudsearch_domain_service_access_policy", - "aws_cloudtrail", - "aws_cloudtrail_event_data_store", - "aws_cloudtrail_organization_delegated_admin_account", - "aws_cloudwatch_composite_alarm", - "aws_cloudwatch_dashboard", - "aws_cloudwatch_event_api_destination", - "aws_cloudwatch_event_archive", - "aws_cloudwatch_event_bus", - "aws_cloudwatch_event_bus_policy", - "aws_cloudwatch_event_connection", - "aws_cloudwatch_event_endpoint", - "aws_cloudwatch_event_permission", - "aws_cloudwatch_event_rule", - "aws_cloudwatch_event_target", - "aws_cloudwatch_log_account_policy", - "aws_cloudwatch_log_anomaly_detector", - "aws_cloudwatch_log_data_protection_policy", - "aws_cloudwatch_log_delivery", - "aws_cloudwatch_log_delivery_destination", - "aws_cloudwatch_log_delivery_destination_policy", - "aws_cloudwatch_log_delivery_source", - "aws_cloudwatch_log_destination", - "aws_cloudwatch_log_destination_policy", - "aws_cloudwatch_log_group", - "aws_cloudwatch_log_index_policy", - "aws_cloudwatch_log_metric_filter", - "aws_cloudwatch_log_resource_policy", - "aws_cloudwatch_log_stream", - "aws_cloudwatch_log_subscription_filter", - "aws_cloudwatch_metric_alarm", - "aws_cloudwatch_metric_stream", - "aws_cloudwatch_query_definition", - "aws_codeartifact_domain", - "aws_codeartifact_domain_permissions_policy", - "aws_codeartifact_repository", - "aws_codeartifact_repository_permissions_policy", - "aws_codebuild_fleet", - "aws_codebuild_project", - "aws_codebuild_report_group", - "aws_codebuild_resource_policy", - "aws_codebuild_source_credential", - "aws_codebuild_webhook", - "aws_codecatalyst_dev_environment", - "aws_codecatalyst_project", - "aws_codecatalyst_source_repository", - "aws_codecommit_approval_rule_template", - "aws_codecommit_approval_rule_template_association", - "aws_codecommit_repository", - "aws_codecommit_trigger", - "aws_codeconnections_connection", - "aws_codeconnections_host", - "aws_codedeploy_app", - "aws_codedeploy_deployment_config", - "aws_codedeploy_deployment_group", - "aws_codeguruprofiler_profiling_group", - "aws_codegurureviewer_repository_association", - "aws_codepipeline", - "aws_codepipeline_custom_action_type", - "aws_codepipeline_webhook", - "aws_codestarconnections_connection", - "aws_codestarconnections_host", - "aws_codestarnotifications_notification_rule", - "aws_cognito_identity_pool", - "aws_cognito_identity_pool_provider_principal_tag", - "aws_cognito_identity_pool_roles_attachment", - "aws_cognito_identity_provider", - "aws_cognito_managed_user_pool_client", - "aws_cognito_resource_server", - "aws_cognito_risk_configuration", - "aws_cognito_user", - "aws_cognito_user_group", - "aws_cognito_user_in_group", - "aws_cognito_user_pool", - "aws_cognito_user_pool_client", - "aws_cognito_user_pool_domain", - "aws_cognito_user_pool_ui_customization", - "aws_comprehend_document_classifier", - "aws_comprehend_entity_recognizer", - "aws_computeoptimizer_enrollment_status", - "aws_computeoptimizer_recommendation_preferences", - "aws_config_aggregate_authorization", - "aws_config_config_rule", - "aws_config_configuration_aggregator", - "aws_config_configuration_recorder", - "aws_config_configuration_recorder_status", - "aws_config_conformance_pack", - "aws_config_delivery_channel", - "aws_config_organization_conformance_pack", - "aws_config_organization_custom_policy_rule", - "aws_config_organization_custom_rule", - "aws_config_organization_managed_rule", - "aws_config_remediation_configuration", - "aws_config_retention_configuration", - "aws_connect_bot_association", - "aws_connect_contact_flow", - "aws_connect_contact_flow_module", - "aws_connect_hours_of_operation", - "aws_connect_instance", - "aws_connect_instance_storage_config", - "aws_connect_lambda_function_association", - "aws_connect_phone_number", - "aws_connect_queue", - "aws_connect_quick_connect", - "aws_connect_routing_profile", - "aws_connect_security_profile", - "aws_connect_user", - "aws_connect_user_hierarchy_group", - "aws_connect_user_hierarchy_structure", - "aws_connect_vocabulary", - "aws_controltower_control", - "aws_controltower_landing_zone", - "aws_costoptimizationhub_enrollment_status", - "aws_costoptimizationhub_preferences", - "aws_cur_report_definition", - "aws_customer_gateway", - "aws_customerprofiles_domain", - "aws_customerprofiles_profile", - "aws_dataexchange_data_set", - "aws_dataexchange_revision", - "aws_datapipeline_pipeline", - "aws_datapipeline_pipeline_definition", - "aws_datasync_agent", - "aws_datasync_location_azure_blob", - "aws_datasync_location_efs", - "aws_datasync_location_fsx_lustre_file_system", - "aws_datasync_location_fsx_ontap_file_system", - "aws_datasync_location_fsx_openzfs_file_system", - "aws_datasync_location_fsx_windows_file_system", - "aws_datasync_location_hdfs", - "aws_datasync_location_nfs", - "aws_datasync_location_object_storage", - "aws_datasync_location_s3", - "aws_datasync_location_smb", - "aws_datasync_task", - "aws_datazone_asset_type", - "aws_datazone_domain", - "aws_datazone_environment", - "aws_datazone_environment_blueprint_configuration", - "aws_datazone_environment_profile", - "aws_datazone_form_type", - "aws_datazone_glossary", - "aws_datazone_glossary_term", - "aws_datazone_project", - "aws_datazone_user_profile", - "aws_dax_cluster", - "aws_dax_parameter_group", - "aws_dax_subnet_group", - "aws_db_cluster_snapshot", - "aws_db_event_subscription", - "aws_db_instance", - "aws_db_instance_automated_backups_replication", - "aws_db_instance_role_association", - "aws_db_option_group", - "aws_db_parameter_group", - "aws_db_proxy", - "aws_db_proxy_default_target_group", - "aws_db_proxy_endpoint", - "aws_db_proxy_target", - "aws_db_snapshot", - "aws_db_snapshot_copy", - "aws_db_subnet_group", - "aws_default_network_acl", - "aws_default_route_table", - "aws_default_security_group", - "aws_default_subnet", - "aws_default_vpc", - "aws_default_vpc_dhcp_options", - "aws_detective_graph", - "aws_detective_invitation_accepter", - "aws_detective_member", - "aws_detective_organization_admin_account", - "aws_detective_organization_configuration", - "aws_devicefarm_device_pool", - "aws_devicefarm_instance_profile", - "aws_devicefarm_network_profile", - "aws_devicefarm_project", - "aws_devicefarm_upload", - "aws_devopsguru_event_sources_config", - "aws_devopsguru_notification_channel", - "aws_devopsguru_resource_collection", - "aws_devopsguru_service_integration", - "aws_directory_service_conditional_forwarder", - "aws_directory_service_directory", - "aws_directory_service_log_subscription", - "aws_directory_service_radius_settings", - "aws_directory_service_region", - "aws_directory_service_shared_directory", - "aws_directory_service_shared_directory_accepter", - "aws_directory_service_trust", - "aws_dlm_lifecycle_policy", - "aws_dms_certificate", - "aws_dms_endpoint", - "aws_dms_event_subscription", - "aws_dms_replication_config", - "aws_dms_replication_instance", - "aws_dms_replication_subnet_group", - "aws_dms_replication_task", - "aws_dms_s3_endpoint", - "aws_docdb_cluster", - "aws_docdb_cluster_instance", - "aws_docdb_cluster_parameter_group", - "aws_docdb_cluster_snapshot", - "aws_docdb_event_subscription", - "aws_docdb_global_cluster", - "aws_docdb_subnet_group", - "aws_docdbelastic_cluster", - "aws_drs_replication_configuration_template", - "aws_dx_bgp_peer", - "aws_dx_connection", - "aws_dx_connection_association", - "aws_dx_connection_confirmation", - "aws_dx_gateway", - "aws_dx_gateway_association", - "aws_dx_gateway_association_proposal", - "aws_dx_hosted_connection", - "aws_dx_hosted_private_virtual_interface", - "aws_dx_hosted_private_virtual_interface_accepter", - "aws_dx_hosted_public_virtual_interface", - "aws_dx_hosted_public_virtual_interface_accepter", - "aws_dx_hosted_transit_virtual_interface", - "aws_dx_hosted_transit_virtual_interface_accepter", - "aws_dx_lag", - "aws_dx_macsec_key_association", - "aws_dx_private_virtual_interface", - "aws_dx_public_virtual_interface", - "aws_dx_transit_virtual_interface", - "aws_dynamodb_contributor_insights", - "aws_dynamodb_global_table", - "aws_dynamodb_kinesis_streaming_destination", - "aws_dynamodb_resource_policy", - "aws_dynamodb_table", - "aws_dynamodb_table_export", - "aws_dynamodb_table_item", - "aws_dynamodb_table_replica", - "aws_dynamodb_tag", - "aws_ebs_default_kms_key", - "aws_ebs_encryption_by_default", - "aws_ebs_fast_snapshot_restore", - "aws_ebs_snapshot", - "aws_ebs_snapshot_block_public_access", - "aws_ebs_snapshot_copy", - "aws_ebs_snapshot_import", - "aws_ebs_volume", - "aws_ec2_availability_zone_group", - "aws_ec2_capacity_block_reservation", - "aws_ec2_capacity_reservation", - "aws_ec2_carrier_gateway", - "aws_ec2_client_vpn_authorization_rule", - "aws_ec2_client_vpn_endpoint", - "aws_ec2_client_vpn_network_association", - "aws_ec2_client_vpn_route", - "aws_ec2_fleet", - "aws_ec2_host", - "aws_ec2_image_block_public_access", - "aws_ec2_instance", - "aws_ec2_instance_connect_endpoint", - "aws_ec2_instance_metadata_defaults", - "aws_ec2_instance_state", - "aws_ec2_local_gateway_route", - "aws_ec2_local_gateway_route_table_vpc_association", - "aws_ec2_managed_prefix_list", - "aws_ec2_managed_prefix_list_entry", - "aws_ec2_network_insights_analysis", - "aws_ec2_network_insights_path", - "aws_ec2_serial_console_access", - "aws_ec2_subnet_cidr_reservation", - "aws_ec2_tag", - "aws_ec2_traffic_mirror_filter", - "aws_ec2_traffic_mirror_filter_rule", - "aws_ec2_traffic_mirror_session", - "aws_ec2_traffic_mirror_target", - "aws_ec2_transit_gateway", - "aws_ec2_transit_gateway_connect", - "aws_ec2_transit_gateway_connect_peer", - "aws_ec2_transit_gateway_default_route_table_association", - "aws_ec2_transit_gateway_default_route_table_propagation", - "aws_ec2_transit_gateway_multicast_domain", - "aws_ec2_transit_gateway_multicast_domain_association", - "aws_ec2_transit_gateway_multicast_group_member", - "aws_ec2_transit_gateway_multicast_group_source", - "aws_ec2_transit_gateway_peering_attachment", - "aws_ec2_transit_gateway_peering_attachment_accepter", - "aws_ec2_transit_gateway_policy_table", - "aws_ec2_transit_gateway_policy_table_association", - "aws_ec2_transit_gateway_prefix_list_reference", - "aws_ec2_transit_gateway_route", - "aws_ec2_transit_gateway_route_table", - "aws_ec2_transit_gateway_route_table_association", - "aws_ec2_transit_gateway_route_table_propagation", - "aws_ec2_transit_gateway_vpc_attachment", - "aws_ec2_transit_gateway_vpc_attachment_accepter", - "aws_ecr_account_setting", - "aws_ecr_lifecycle_policy", - "aws_ecr_pull_through_cache_rule", - "aws_ecr_registry_policy", - "aws_ecr_registry_scanning_configuration", - "aws_ecr_replication_configuration", - "aws_ecr_repository", - "aws_ecr_repository_creation_template", - "aws_ecr_repository_policy", - "aws_ecrpublic_repository", - "aws_ecrpublic_repository_policy", - "aws_ecs_account_setting_default", - "aws_ecs_capacity_provider", - "aws_ecs_cluster", - "aws_ecs_cluster_capacity_providers", - "aws_ecs_service", - "aws_ecs_tag", - "aws_ecs_task_definition", - "aws_ecs_task_set", - "aws_efs_access_point", - "aws_efs_backup_policy", - "aws_efs_file_system", - "aws_efs_file_system_policy", - "aws_efs_mount_target", - "aws_efs_replication_configuration", - "aws_egress_only_internet_gateway", - "aws_eip", - "aws_eip_association", - "aws_eip_domain_name", - "aws_eks_access_entry", - "aws_eks_access_policy_association", - "aws_eks_addon", - "aws_eks_cluster", - "aws_eks_fargate_profile", - "aws_eks_identity_provider_config", - "aws_eks_node_group", - "aws_eks_pod_identity_association", - "aws_elastic_beanstalk_application", - "aws_elastic_beanstalk_application_version", - "aws_elastic_beanstalk_configuration_template", - "aws_elastic_beanstalk_environment", - "aws_elasticache_cluster", - "aws_elasticache_global_replication_group", - "aws_elasticache_parameter_group", - "aws_elasticache_replication_group", - "aws_elasticache_reserved_cache_node", - "aws_elasticache_serverless_cache", - "aws_elasticache_subnet_group", - "aws_elasticache_user", - "aws_elasticache_user_group", - "aws_elasticache_user_group_association", - "aws_elasticsearch_domain", - "aws_elasticsearch_domain_policy", - "aws_elasticsearch_domain_saml_options", - "aws_elasticsearch_vpc_endpoint", - "aws_elastictranscoder_pipeline", - "aws_elastictranscoder_preset", - "aws_elb", - "aws_elb_attachment", - "aws_emr_block_public_access_configuration", - "aws_emr_cluster", - "aws_emr_instance_fleet", - "aws_emr_instance_group", - "aws_emr_managed_scaling_policy", - "aws_emr_security_configuration", - "aws_emr_studio", - "aws_emr_studio_session_mapping", - "aws_emrcontainers_job_template", - "aws_emrcontainers_virtual_cluster", - "aws_emrserverless_application", - "aws_evidently_feature", - "aws_evidently_launch", - "aws_evidently_project", - "aws_evidently_segment", - "aws_finspace_kx_cluster", - "aws_finspace_kx_database", - "aws_finspace_kx_dataview", - "aws_finspace_kx_environment", - "aws_finspace_kx_scaling_group", - "aws_finspace_kx_user", - "aws_finspace_kx_volume", - "aws_fis_experiment_template", - "aws_flow_log", - "aws_fms_admin_account", - "aws_fms_policy", - "aws_fms_resource_set", - "aws_fsx_backup", - "aws_fsx_data_repository_association", - "aws_fsx_file_cache", - "aws_fsx_lustre_file_system", - "aws_fsx_ontap_file_system", - "aws_fsx_ontap_storage_virtual_machine", - "aws_fsx_ontap_volume", - "aws_fsx_openzfs_file_system", - "aws_fsx_openzfs_snapshot", - "aws_fsx_openzfs_volume", - "aws_fsx_windows_file_system", - "aws_gamelift_alias", - "aws_gamelift_build", - "aws_gamelift_fleet", - "aws_gamelift_game_server_group", - "aws_gamelift_game_session_queue", - "aws_gamelift_script", - "aws_glacier_vault", - "aws_glacier_vault_lock", - "aws_globalaccelerator_accelerator", - "aws_globalaccelerator_cross_account_attachment", - "aws_globalaccelerator_custom_routing_accelerator", - "aws_globalaccelerator_custom_routing_endpoint_group", - "aws_globalaccelerator_custom_routing_listener", - "aws_globalaccelerator_endpoint_group", - "aws_globalaccelerator_listener", - "aws_glue_catalog_database", - "aws_glue_catalog_table", - "aws_glue_catalog_table_optimizer", - "aws_glue_classifier", - "aws_glue_connection", - "aws_glue_crawler", - "aws_glue_data_catalog_encryption_settings", - "aws_glue_data_quality_ruleset", - "aws_glue_dev_endpoint", - "aws_glue_job", - "aws_glue_ml_transform", - "aws_glue_partition", - "aws_glue_partition_index", - "aws_glue_registry", - "aws_glue_resource_policy", - "aws_glue_schema", - "aws_glue_security_configuration", - "aws_glue_trigger", - "aws_glue_user_defined_function", - "aws_glue_workflow", - "aws_grafana_license_association", - "aws_grafana_role_association", - "aws_grafana_workspace", - "aws_grafana_workspace_api_key", - "aws_grafana_workspace_saml_configuration", - "aws_grafana_workspace_service_account", - "aws_grafana_workspace_service_account_token", - "aws_guardduty_detector", - "aws_guardduty_detector_feature", - "aws_guardduty_filter", - "aws_guardduty_invite_accepter", - "aws_guardduty_ipset", - "aws_guardduty_malware_protection_plan", - "aws_guardduty_member", - "aws_guardduty_member_detector_feature", - "aws_guardduty_organization_admin_account", - "aws_guardduty_organization_configuration", - "aws_guardduty_organization_configuration_feature", - "aws_guardduty_publishing_destination", - "aws_guardduty_threatintelset", - "aws_iam_access_key", - "aws_iam_account_alias", - "aws_iam_account_password_policy", - "aws_iam_group", - "aws_iam_group_membership", - "aws_iam_group_policies_exclusive", - "aws_iam_group_policy", - "aws_iam_group_policy_attachment", - "aws_iam_group_policy_attachments_exclusive", - "aws_iam_instance_profile", - "aws_iam_openid_connect_provider", - "aws_iam_organizations_features", - "aws_iam_policy", - "aws_iam_policy_attachment", - "aws_iam_role", - "aws_iam_role_policies_exclusive", - "aws_iam_role_policy", - "aws_iam_role_policy_attachment", - "aws_iam_role_policy_attachments_exclusive", - "aws_iam_saml_provider", - "aws_iam_security_token_service_preferences", - "aws_iam_server_certificate", - "aws_iam_service_linked_role", - "aws_iam_service_specific_credential", - "aws_iam_signing_certificate", - "aws_iam_user", - "aws_iam_user_group_membership", - "aws_iam_user_login_profile", - "aws_iam_user_policies_exclusive", - "aws_iam_user_policy", - "aws_iam_user_policy_attachment", - "aws_iam_user_policy_attachments_exclusive", - "aws_iam_user_ssh_key", - "aws_iam_virtual_mfa_device", - "aws_identitystore_group", - "aws_identitystore_group_membership", - "aws_identitystore_user", - "aws_imagebuilder_component", - "aws_imagebuilder_container_recipe", - "aws_imagebuilder_distribution_configuration", - "aws_imagebuilder_image", - "aws_imagebuilder_image_pipeline", - "aws_imagebuilder_image_recipe", - "aws_imagebuilder_infrastructure_configuration", - "aws_imagebuilder_lifecycle_policy", - "aws_imagebuilder_workflow", - "aws_inspector2_delegated_admin_account", - "aws_inspector2_enabler", - "aws_inspector2_member_association", - "aws_inspector2_organization_configuration", - "aws_inspector_assessment_target", - "aws_inspector_assessment_template", - "aws_inspector_resource_group", - "aws_instance", - "aws_internet_gateway", - "aws_internet_gateway_attachment", - "aws_internetmonitor_monitor", - "aws_iot_authorizer", - "aws_iot_billing_group", - "aws_iot_ca_certificate", - "aws_iot_certificate", - "aws_iot_domain_configuration", - "aws_iot_event_configurations", - "aws_iot_indexing_configuration", - "aws_iot_logging_options", - "aws_iot_policy", - "aws_iot_policy_attachment", - "aws_iot_provisioning_template", - "aws_iot_role_alias", - "aws_iot_thing", - "aws_iot_thing_group", - "aws_iot_thing_group_membership", - "aws_iot_thing_principal_attachment", - "aws_iot_thing_type", - "aws_iot_topic_rule", - "aws_iot_topic_rule_destination", - "aws_ivs_channel", - "aws_ivs_playback_key_pair", - "aws_ivs_recording_configuration", - "aws_ivschat_logging_configuration", - "aws_ivschat_room", - "aws_kendra_data_source", - "aws_kendra_experience", - "aws_kendra_faq", - "aws_kendra_index", - "aws_kendra_query_suggestions_block_list", - "aws_kendra_thesaurus", - "aws_key_pair", - "aws_keyspaces_keyspace", - "aws_keyspaces_table", - "aws_kinesis_analytics_application", - "aws_kinesis_firehose_delivery_stream", - "aws_kinesis_resource_policy", - "aws_kinesis_stream", - "aws_kinesis_stream_consumer", - "aws_kinesis_video_stream", - "aws_kinesisanalyticsv2_application", - "aws_kinesisanalyticsv2_application_snapshot", - "aws_kms_alias", - "aws_kms_ciphertext", - "aws_kms_custom_key_store", - "aws_kms_external_key", - "aws_kms_grant", - "aws_kms_key", - "aws_kms_key_policy", - "aws_kms_replica_external_key", - "aws_kms_replica_key", - "aws_lakeformation_data_cells_filter", - "aws_lakeformation_data_lake_settings", - "aws_lakeformation_lf_tag", - "aws_lakeformation_permissions", - "aws_lakeformation_resource", - "aws_lakeformation_resource_lf_tag", - "aws_lakeformation_resource_lf_tags", - "aws_lambda_alias", - "aws_lambda_code_signing_config", - "aws_lambda_event_source_mapping", - "aws_lambda_function", - "aws_lambda_function_event_invoke_config", - "aws_lambda_function_recursion_config", - "aws_lambda_function_url", - "aws_lambda_invocation", - "aws_lambda_layer_version", - "aws_lambda_layer_version_permission", - "aws_lambda_permission", - "aws_lambda_provisioned_concurrency_config", - "aws_lambda_runtime_management_config", - "aws_launch_configuration", - "aws_launch_template", - "aws_lb", - "aws_lb_cookie_stickiness_policy", - "aws_lb_listener", - "aws_lb_listener_certificate", - "aws_lb_listener_rule", - "aws_lb_ssl_negotiation_policy", - "aws_lb_target_group", - "aws_lb_target_group_attachment", - "aws_lb_trust_store", - "aws_lb_trust_store_revocation", - "aws_lex_bot", - "aws_lex_bot_alias", - "aws_lex_intent", - "aws_lex_slot_type", - "aws_lexv2models_bot", - "aws_lexv2models_bot_locale", - "aws_lexv2models_bot_version", - "aws_lexv2models_intent", - "aws_lexv2models_slot", - "aws_lexv2models_slot_type", - "aws_licensemanager_association", - "aws_licensemanager_grant", - "aws_licensemanager_grant_accepter", - "aws_licensemanager_license_configuration", - "aws_lightsail_bucket", - "aws_lightsail_bucket_access_key_access_key", - "aws_lightsail_bucket_resource_access", - "aws_lightsail_certificate", - "aws_lightsail_container_service", - "aws_lightsail_container_service_deployment_version", - "aws_lightsail_database", - "aws_lightsail_disk", - "aws_lightsail_disk_attachment", - "aws_lightsail_distribution", - "aws_lightsail_domain", - "aws_lightsail_domain_entry", - "aws_lightsail_instance", - "aws_lightsail_instance_public_ports", - "aws_lightsail_key_pair", - "aws_lightsail_lb", - "aws_lightsail_lb_attachment", - "aws_lightsail_lb_certificate", - "aws_lightsail_lb_certificate_attachment", - "aws_lightsail_lb_https_redirection_policy", - "aws_lightsail_lb_stickiness_policy", - "aws_lightsail_static_ip", - "aws_lightsail_static_ip_attachment", - "aws_load_balancer_backend_server_policy", - "aws_load_balancer_listener_policy", - "aws_load_balancer_policy", - "aws_location_geofence_collection", - "aws_location_map", - "aws_location_place_index", - "aws_location_route_calculator", - "aws_location_tracker", - "aws_location_tracker_association", - "aws_m2_application", - "aws_m2_deployment", - "aws_m2_environment", - "aws_macie2_account", - "aws_macie2_classification_export_configuration", - "aws_macie2_classification_job", - "aws_macie2_custom_data_identifier", - "aws_macie2_findings_filter", - "aws_macie2_invitation_accepter", - "aws_macie2_member", - "aws_macie2_organization_admin_account", - "aws_main_route_table_association", - "aws_media_convert_queue", - "aws_media_package_channel", - "aws_media_packagev2_channel_group", - "aws_media_store_container", - "aws_media_store_container_policy", - "aws_medialive_channel", - "aws_medialive_input", - "aws_medialive_input_security_group", - "aws_medialive_multiplex", - "aws_medialive_multiplex_program", - "aws_memorydb_acl", - "aws_memorydb_cluster", - "aws_memorydb_multi_region_cluster", - "aws_memorydb_parameter_group", - "aws_memorydb_snapshot", - "aws_memorydb_subnet_group", - "aws_memorydb_user", - "aws_mq_broker", - "aws_mq_configuration", - "aws_msk_cluster", - "aws_msk_cluster_policy", - "aws_msk_configuration", - "aws_msk_replicator", - "aws_msk_scram_secret_association", - "aws_msk_serverless_cluster", - "aws_msk_single_scram_secret_association", - "aws_msk_vpc_connection", - "aws_mskconnect_connector", - "aws_mskconnect_custom_plugin", - "aws_mskconnect_worker_configuration", - "aws_mwaa_environment", - "aws_nat_gateway", - "aws_neptune_cluster", - "aws_neptune_cluster_endpoint", - "aws_neptune_cluster_instance", - "aws_neptune_cluster_parameter_group", - "aws_neptune_cluster_snapshot", - "aws_neptune_event_subscription", - "aws_neptune_global_cluster", - "aws_neptune_parameter_group", - "aws_neptune_subnet_group", - "aws_network_acl", - "aws_network_acl_association", - "aws_network_acl_rule", - "aws_network_interface", - "aws_network_interface_attachment", - "aws_network_interface_sg_attachment", - "aws_networkfirewall_firewall", - "aws_networkfirewall_firewall_policy", - "aws_networkfirewall_logging_configuration", - "aws_networkfirewall_resource_policy", - "aws_networkfirewall_rule_group", - "aws_networkfirewall_tls_inspection_configuration", - "aws_networkmanager_attachment_accepter", - "aws_networkmanager_connect_attachment", - "aws_networkmanager_connect_peer", - "aws_networkmanager_connection", - "aws_networkmanager_core_network", - "aws_networkmanager_core_network_policy_attachment", - "aws_networkmanager_customer_gateway_association", - "aws_networkmanager_device", - "aws_networkmanager_dx_gateway_attachment", - "aws_networkmanager_global_network", - "aws_networkmanager_link", - "aws_networkmanager_link_association", - "aws_networkmanager_site", - "aws_networkmanager_site_to_site_vpn_attachment", - "aws_networkmanager_transit_gateway_connect_peer_association", - "aws_networkmanager_transit_gateway_peering", - "aws_networkmanager_transit_gateway_registration", - "aws_networkmanager_transit_gateway_route_table_attachment", - "aws_networkmanager_vpc_attachment", - "aws_networkmonitor_monitor", - "aws_networkmonitor_probe", - "aws_oam_link", - "aws_oam_sink", - "aws_oam_sink_policy", - "aws_opensearch_authorize_vpc_endpoint_access", - "aws_opensearch_domain", - "aws_opensearch_domain_policy", - "aws_opensearch_domain_saml_options", - "aws_opensearch_inbound_connection_accepter", - "aws_opensearch_outbound_connection", - "aws_opensearch_package", - "aws_opensearch_package_association", - "aws_opensearch_vpc_endpoint", - "aws_opensearchserverless_access_policy", - "aws_opensearchserverless_collection", - "aws_opensearchserverless_lifecycle_policy", - "aws_opensearchserverless_security_config", - "aws_opensearchserverless_security_policy", - "aws_opensearchserverless_vpc_endpoint", - "aws_opsworks_application", - "aws_opsworks_custom_layer", - "aws_opsworks_ecs_cluster_layer", - "aws_opsworks_ganglia_layer", - "aws_opsworks_haproxy_layer", - "aws_opsworks_instance", - "aws_opsworks_java_app_layer", - "aws_opsworks_memcached_layer", - "aws_opsworks_mysql_layer", - "aws_opsworks_nodejs_app_layer", - "aws_opsworks_permission", - "aws_opsworks_php_app_layer", - "aws_opsworks_rails_app_layer", - "aws_opsworks_rds_db_instance", - "aws_opsworks_stack", - "aws_opsworks_static_web_layer", - "aws_opsworks_user_profile", - "aws_organizations_account", - "aws_organizations_delegated_administrator", - "aws_organizations_organization", - "aws_organizations_organizational_unit", - "aws_organizations_policy", - "aws_organizations_policy_attachment", - "aws_organizations_resource_policy", - "aws_osis_pipeline", - "aws_paymentcryptography_key", - "aws_paymentcryptography_key_alias", - "aws_pinpoint_adm_channel", - "aws_pinpoint_apns_channel", - "aws_pinpoint_apns_sandbox_channel", - "aws_pinpoint_apns_voip_channel", - "aws_pinpoint_apns_voip_sandbox_channel", - "aws_pinpoint_app", - "aws_pinpoint_baidu_channel", - "aws_pinpoint_email_channel", - "aws_pinpoint_email_template", - "aws_pinpoint_event_stream", - "aws_pinpoint_gcm_channel", - "aws_pinpoint_sms_channel", - "aws_pinpointsmsvoicev2_configuration_set", - "aws_pinpointsmsvoicev2_opt_out_list", - "aws_pinpointsmsvoicev2_phone_number", - "aws_pipes_pipe", - "aws_placement_group", - "aws_prometheus_alert_manager_definition", - "aws_prometheus_rule_group_namespace", - "aws_prometheus_scraper", - "aws_prometheus_workspace", - "aws_proxy_protocol_policy", - "aws_qldb_ledger", - "aws_qldb_stream", - "aws_quicksight_account_subscription", - "aws_quicksight_analysis", - "aws_quicksight_dashboard", - "aws_quicksight_data_set", - "aws_quicksight_data_source", - "aws_quicksight_folder", - "aws_quicksight_folder_membership", - "aws_quicksight_group", - "aws_quicksight_group_membership", - "aws_quicksight_iam_policy_assignment", - "aws_quicksight_ingestion", - "aws_quicksight_namespace", - "aws_quicksight_refresh_schedule", - "aws_quicksight_template", - "aws_quicksight_template_alias", - "aws_quicksight_theme", - "aws_quicksight_user", - "aws_quicksight_vpc_connection", - "aws_ram_principal_association", - "aws_ram_resource_association", - "aws_ram_resource_share", - "aws_ram_resource_share_accepter", - "aws_ram_sharing_with_organization", - "aws_rbin_rule", - "aws_rds_certificate", - "aws_rds_cluster", - "aws_rds_cluster_activity_stream", - "aws_rds_cluster_endpoint", - "aws_rds_cluster_instance", - "aws_rds_cluster_parameter_group", - "aws_rds_cluster_role_association", - "aws_rds_cluster_snapshot_copy", - "aws_rds_custom_db_engine_version", - "aws_rds_export_task", - "aws_rds_global_cluster", - "aws_rds_instance_state", - "aws_rds_integration", - "aws_rds_reserved_instance", - "aws_redshift_authentication_profile", - "aws_redshift_cluster", - "aws_redshift_cluster_iam_roles", - "aws_redshift_cluster_snapshot", - "aws_redshift_data_share_authorization", - "aws_redshift_data_share_consumer_association", - "aws_redshift_endpoint_access", - "aws_redshift_endpoint_authorization", - "aws_redshift_event_subscription", - "aws_redshift_hsm_client_certificate", - "aws_redshift_hsm_configuration", - "aws_redshift_logging", - "aws_redshift_parameter_group", - "aws_redshift_partner", - "aws_redshift_resource_policy", - "aws_redshift_scheduled_action", - "aws_redshift_snapshot_copy", - "aws_redshift_snapshot_copy_grant", - "aws_redshift_snapshot_schedule", - "aws_redshift_snapshot_schedule_association", - "aws_redshift_subnet_group", - "aws_redshift_usage_limit", - "aws_redshiftdata_statement", - "aws_redshiftserverless_custom_domain_association", - "aws_redshiftserverless_endpoint_access", - "aws_redshiftserverless_namespace", - "aws_redshiftserverless_resource_policy", - "aws_redshiftserverless_snapshot", - "aws_redshiftserverless_usage_limit", - "aws_redshiftserverless_workgroup", - "aws_rekognition_collection", - "aws_rekognition_project", - "aws_rekognition_stream_processor", - "aws_resiliencehub_resiliency_policy", - "aws_resourceexplorer2_index", - "aws_resourceexplorer2_view", - "aws_resourcegroups_group", - "aws_resourcegroups_resource", - "aws_rolesanywhere_profile", - "aws_rolesanywhere_trust_anchor", - "aws_route", - "aws_route53_cidr_collection", - "aws_route53_cidr_location", - "aws_route53_delegation_set", - "aws_route53_health_check", - "aws_route53_hosted_zone_dnssec", - "aws_route53_key_signing_key", - "aws_route53_query_log", - "aws_route53_record", - "aws_route53_resolver_config", - "aws_route53_resolver_dnssec_config", - "aws_route53_resolver_endpoint", - "aws_route53_resolver_firewall_config", - "aws_route53_resolver_firewall_domain_list", - "aws_route53_resolver_firewall_rule", - "aws_route53_resolver_firewall_rule_group", - "aws_route53_resolver_firewall_rule_group_association", - "aws_route53_resolver_query_log_config", - "aws_route53_resolver_query_log_config_association", - "aws_route53_resolver_rule", - "aws_route53_resolver_rule_association", - "aws_route53_traffic_policy", - "aws_route53_traffic_policy_instance", - "aws_route53_vpc_association_authorization", - "aws_route53_zone", - "aws_route53_zone_association", - "aws_route53domains_delegation_signer_record", - "aws_route53domains_domain", - "aws_route53domains_registered_domain", - "aws_route53profiles_association", - "aws_route53profiles_profile", - "aws_route53profiles_resource_association", - "aws_route53recoverycontrolconfig_cluster", - "aws_route53recoverycontrolconfig_control_panel", - "aws_route53recoverycontrolconfig_routing_control", - "aws_route53recoverycontrolconfig_safety_rule", - "aws_route53recoveryreadiness_cell", - "aws_route53recoveryreadiness_readiness_check", - "aws_route53recoveryreadiness_recovery_group", - "aws_route53recoveryreadiness_resource_set", - "aws_route_table", - "aws_route_table_association", - "aws_rum_app_monitor", - "aws_rum_metrics_destination", - "aws_s3_access_point", - "aws_s3_account_public_access_block", - "aws_s3_bucket", - "aws_s3_bucket_accelerate_configuration", - "aws_s3_bucket_acl", - "aws_s3_bucket_analytics_configuration", - "aws_s3_bucket_cors_configuration", - "aws_s3_bucket_intelligent_tiering_configuration", - "aws_s3_bucket_inventory", - "aws_s3_bucket_lifecycle_configuration", - "aws_s3_bucket_logging", - "aws_s3_bucket_metric", - "aws_s3_bucket_notification", - "aws_s3_bucket_object", - "aws_s3_bucket_object_lock_configuration", - "aws_s3_bucket_ownership_controls", - "aws_s3_bucket_policy", - "aws_s3_bucket_public_access_block", - "aws_s3_bucket_replication_configuration", - "aws_s3_bucket_request_payment_configuration", - "aws_s3_bucket_server_side_encryption_configuration", - "aws_s3_bucket_versioning", - "aws_s3_bucket_website_configuration", - "aws_s3_directory_bucket", - "aws_s3_object", - "aws_s3_object_copy", - "aws_s3control_access_grant", - "aws_s3control_access_grants_instance", - "aws_s3control_access_grants_instance_resource_policy", - "aws_s3control_access_grants_location", - "aws_s3control_access_point_policy", - "aws_s3control_bucket", - "aws_s3control_bucket_lifecycle_configuration", - "aws_s3control_bucket_policy", - "aws_s3control_multi_region_access_point", - "aws_s3control_multi_region_access_point_policy", - "aws_s3control_object_lambda_access_point", - "aws_s3control_object_lambda_access_point_policy", - "aws_s3control_storage_lens_configuration", - "aws_s3outposts_endpoint", - "aws_s3tables_namespace", - "aws_s3tables_table", - "aws_s3tables_table_bucket", - "aws_s3tables_table_bucket_policy", - "aws_s3tables_table_policy", - "aws_sagemaker_app", - "aws_sagemaker_app_image_config", - "aws_sagemaker_code_repository", - "aws_sagemaker_data_quality_job_definition", - "aws_sagemaker_device", - "aws_sagemaker_device_fleet", - "aws_sagemaker_domain", - "aws_sagemaker_endpoint", - "aws_sagemaker_endpoint_configuration", - "aws_sagemaker_feature_group", - "aws_sagemaker_flow_definition", - "aws_sagemaker_hub", - "aws_sagemaker_human_task_ui", - "aws_sagemaker_image", - "aws_sagemaker_image_version", - "aws_sagemaker_mlflow_tracking_server", - "aws_sagemaker_model", - "aws_sagemaker_model_package_group", - "aws_sagemaker_model_package_group_policy", - "aws_sagemaker_monitoring_schedule", - "aws_sagemaker_notebook_instance", - "aws_sagemaker_notebook_instance_lifecycle_configuration", - "aws_sagemaker_pipeline", - "aws_sagemaker_project", - "aws_sagemaker_servicecatalog_portfolio_status", - "aws_sagemaker_space", - "aws_sagemaker_studio_lifecycle_config", - "aws_sagemaker_user_profile", - "aws_sagemaker_workforce", - "aws_sagemaker_workteam", - "aws_scheduler_schedule", - "aws_scheduler_schedule_group", - "aws_schemas_discoverer", - "aws_schemas_registry", - "aws_schemas_registry_policy", - "aws_schemas_schema", - "aws_secretsmanager_secret", - "aws_secretsmanager_secret_policy", - "aws_secretsmanager_secret_rotation", - "aws_secretsmanager_secret_version", - "aws_security_group", - "aws_security_group_rule", - "aws_securityhub_account", - "aws_securityhub_action_target", - "aws_securityhub_automation_rule", - "aws_securityhub_configuration_policy", - "aws_securityhub_configuration_policy_association", - "aws_securityhub_finding_aggregator", - "aws_securityhub_insight", - "aws_securityhub_invite_accepter", - "aws_securityhub_member", - "aws_securityhub_organization_admin_account", - "aws_securityhub_organization_configuration", - "aws_securityhub_product_subscription", - "aws_securityhub_standards_control", - "aws_securityhub_standards_control_association", - "aws_securityhub_standards_subscription", - "aws_securitylake_aws_log_source", - "aws_securitylake_custom_log_source", - "aws_securitylake_data_lake", - "aws_securitylake_subscriber", - "aws_securitylake_subscriber_notification", - "aws_serverlessapplicationrepository_cloudformation_stack", - "aws_service_discovery_http_namespace", - "aws_service_discovery_instance", - "aws_service_discovery_private_dns_namespace", - "aws_service_discovery_public_dns_namespace", - "aws_service_discovery_service", - "aws_servicecatalog_budget_resource_association", - "aws_servicecatalog_constraint", - "aws_servicecatalog_organizations_access", - "aws_servicecatalog_portfolio", - "aws_servicecatalog_portfolio_share", - "aws_servicecatalog_principal_portfolio_association", - "aws_servicecatalog_product", - "aws_servicecatalog_product_portfolio_association", - "aws_servicecatalog_provisioned_product", - "aws_servicecatalog_provisioning_artifact", - "aws_servicecatalog_service_action", - "aws_servicecatalog_tag_option", - "aws_servicecatalog_tag_option_resource_association", - "aws_servicecatalogappregistry_application", - "aws_servicecatalogappregistry_attribute_group", - "aws_servicecatalogappregistry_attribute_group_association", - "aws_servicequotas_service_quota", - "aws_servicequotas_template", - "aws_servicequotas_template_association", - "aws_ses_active_receipt_rule_set", - "aws_ses_configuration_set", - "aws_ses_domain_dkim", - "aws_ses_domain_identity", - "aws_ses_domain_identity_verification", - "aws_ses_domain_mail_from", - "aws_ses_email_identity", - "aws_ses_event_destination", - "aws_ses_identity_notification_topic", - "aws_ses_identity_policy", - "aws_ses_receipt_filter", - "aws_ses_receipt_rule", - "aws_ses_receipt_rule_set", - "aws_ses_template", - "aws_sesv2_account_suppression_attributes", - "aws_sesv2_account_vdm_attributes", - "aws_sesv2_configuration_set", - "aws_sesv2_configuration_set_event_destination", - "aws_sesv2_contact_list", - "aws_sesv2_dedicated_ip_assignment", - "aws_sesv2_dedicated_ip_pool", - "aws_sesv2_email_identity", - "aws_sesv2_email_identity_feedback_attributes", - "aws_sesv2_email_identity_mail_from_attributes", - "aws_sesv2_email_identity_policy", - "aws_sfn_activity", - "aws_sfn_alias", - "aws_sfn_state_machine", - "aws_shield_application_layer_automatic_response", - "aws_shield_drt_access_log_bucket_association", - "aws_shield_drt_access_role_arn_association", - "aws_shield_proactive_engagement", - "aws_shield_protection", - "aws_shield_protection_group", - "aws_shield_protection_health_check_association", - "aws_shield_subscription", - "aws_signer_signing_job", - "aws_signer_signing_profile", - "aws_signer_signing_profile_permission", - "aws_simpledb_domain", - "aws_snapshot_create_volume_permission", - "aws_sns_platform_application", - "aws_sns_sms_preferences", - "aws_sns_topic", - "aws_sns_topic_data_protection_policy", - "aws_sns_topic_policy", - "aws_sns_topic_subscription", - "aws_spot_datafeed_subscription", - "aws_spot_fleet_request", - "aws_spot_instance_request", - "aws_sqs_queue", - "aws_sqs_queue_policy", - "aws_sqs_queue_redrive_allow_policy", - "aws_sqs_queue_redrive_policy", - "aws_ssm_activation", - "aws_ssm_association", - "aws_ssm_default_patch_baseline", - "aws_ssm_document", - "aws_ssm_maintenance_window", - "aws_ssm_maintenance_window_target", - "aws_ssm_maintenance_window_task", - "aws_ssm_parameter", - "aws_ssm_patch_baseline", - "aws_ssm_patch_group", - "aws_ssm_resource_data_sync", - "aws_ssm_service_setting", - "aws_ssmcontacts_contact", - "aws_ssmcontacts_contact_channel", - "aws_ssmcontacts_plan", - "aws_ssmcontacts_rotation", - "aws_ssmincidents_replication_set", - "aws_ssmincidents_response_plan", - "aws_ssmquicksetup_configuration_manager", - "aws_ssoadmin_account_assignment", - "aws_ssoadmin_application", - "aws_ssoadmin_application_access_scope", - "aws_ssoadmin_application_assignment", - "aws_ssoadmin_application_assignment_configuration", - "aws_ssoadmin_customer_managed_policy_attachment", - "aws_ssoadmin_instance_access_control_attributes", - "aws_ssoadmin_managed_policy_attachment", - "aws_ssoadmin_permission_set", - "aws_ssoadmin_permission_set_inline_policy", - "aws_ssoadmin_permissions_boundary_attachment", - "aws_ssoadmin_trusted_token_issuer", - "aws_storagegateway_cache", - "aws_storagegateway_cached_iscsi_volume", - "aws_storagegateway_file_system_association", - "aws_storagegateway_gateway", - "aws_storagegateway_nfs_file_share", - "aws_storagegateway_smb_file_share", - "aws_storagegateway_stored_iscsi_volume", - "aws_storagegateway_tape_pool", - "aws_storagegateway_upload_buffer", - "aws_storagegateway_working_storage", - "aws_subnet", - "aws_swf_domain", - "aws_synthetics_canary", - "aws_synthetics_group", - "aws_synthetics_group_association", - "aws_timestreaminfluxdb_db_instance", - "aws_timestreamquery_scheduled_query", - "aws_timestreamwrite_database", - "aws_timestreamwrite_table", - "aws_transcribe_language_model", - "aws_transcribe_medical_vocabulary", - "aws_transcribe_vocabulary", - "aws_transcribe_vocabulary_filter", - "aws_transfer_access", - "aws_transfer_agreement", - "aws_transfer_certificate", - "aws_transfer_connector", - "aws_transfer_profile", - "aws_transfer_server", - "aws_transfer_ssh_key", - "aws_transfer_tag", - "aws_transfer_user", - "aws_transfer_workflow", - "aws_verifiedaccess_endpoint", - "aws_verifiedaccess_group", - "aws_verifiedaccess_instance", - "aws_verifiedaccess_instance_logging_configuration", - "aws_verifiedaccess_instance_trust_provider_attachment", - "aws_verifiedaccess_trust_provider", - "aws_verifiedpermissions_identity_source", - "aws_verifiedpermissions_policy", - "aws_verifiedpermissions_policy_store", - "aws_verifiedpermissions_policy_template", - "aws_verifiedpermissions_schema", - "aws_volume_attachment", - "aws_vpc", - "aws_vpc_block_public_access_exclusion", - "aws_vpc_block_public_access_options", - "aws_vpc_dhcp_options", - "aws_vpc_dhcp_options_association", - "aws_vpc_endpoint", - "aws_vpc_endpoint_connection_accepter", - "aws_vpc_endpoint_connection_notification", - "aws_vpc_endpoint_policy", - "aws_vpc_endpoint_private_dns", - "aws_vpc_endpoint_route_table_association", - "aws_vpc_endpoint_security_group_association", - "aws_vpc_endpoint_service", - "aws_vpc_endpoint_service_allowed_principal", - "aws_vpc_endpoint_service_private_dns_verification", - "aws_vpc_endpoint_subnet_association", - "aws_vpc_ipam", - "aws_vpc_ipam_organization_admin_account", - "aws_vpc_ipam_pool", - "aws_vpc_ipam_pool_cidr", - "aws_vpc_ipam_pool_cidr_allocation", - "aws_vpc_ipam_preview_next_cidr", - "aws_vpc_ipam_resource_discovery", - "aws_vpc_ipam_resource_discovery_association", - "aws_vpc_ipam_scope", - "aws_vpc_ipv4_cidr_block_association", - "aws_vpc_ipv6_cidr_block_association", - "aws_vpc_network_performance_metric_subscription", - "aws_vpc_peering_connection", - "aws_vpc_peering_connection_accepter", - "aws_vpc_peering_connection_options", - "aws_vpc_security_group_egress_rule", - "aws_vpc_security_group_ingress_rule", - "aws_vpc_security_group_vpc_association", - "aws_vpclattice_access_log_subscription", - "aws_vpclattice_auth_policy", - "aws_vpclattice_listener", - "aws_vpclattice_listener_rule", - "aws_vpclattice_resource_configuration", - "aws_vpclattice_resource_gateway", - "aws_vpclattice_resource_policy", - "aws_vpclattice_service", - "aws_vpclattice_service_network", - "aws_vpclattice_service_network_resource_association", - "aws_vpclattice_service_network_service_association", - "aws_vpclattice_service_network_vpc_association", - "aws_vpclattice_target_group", - "aws_vpclattice_target_group_attachment", - "aws_vpn_connection", - "aws_vpn_connection_route", - "aws_vpn_gateway", - "aws_vpn_gateway_attachment", - "aws_vpn_gateway_route_propagation", - "aws_waf_byte_match_set", - "aws_waf_geo_match_set", - "aws_waf_ipset", - "aws_waf_rate_based_rule", - "aws_waf_regex_match_set", - "aws_waf_regex_pattern_set", - "aws_waf_rule", - "aws_waf_rule_group", - "aws_waf_size_constraint_set", - "aws_waf_sql_injection_match_set", - "aws_waf_web_acl", - "aws_waf_xss_match_set", - "aws_wafregional_byte_match_set", - "aws_wafregional_geo_match_set", - "aws_wafregional_ipset", - "aws_wafregional_rate_based_rule", - "aws_wafregional_regex_match_set", - "aws_wafregional_regex_pattern_set", - "aws_wafregional_rule", - "aws_wafregional_rule_group", - "aws_wafregional_size_constraint_set", - "aws_wafregional_sql_injection_match_set", - "aws_wafregional_web_acl", - "aws_wafregional_web_acl_association", - "aws_wafregional_xss_match_set", - "aws_wafv2_ip_set", - "aws_wafv2_regex_pattern_set", - "aws_wafv2_rule_group", - "aws_wafv2_web_acl", - "aws_wafv2_web_acl_association", - "aws_wafv2_web_acl_logging_configuration", - "aws_worklink_fleet", - "aws_worklink_website_certificate_authority_association", - "aws_workspaces_connection_alias", - "aws_workspaces_directory", - "aws_workspaces_ip_group", - "aws_workspaces_workspace", - "aws_xray_encryption_config", - "aws_xray_group", - "aws_xray_sampling_rule" - ], - "dataSources": [ - "aws_acm_certificate", - "aws_acmpca_certificate", - "aws_acmpca_certificate_authority", - "aws_ami", - "aws_ami_ids", - "aws_api_gateway_api_key", - "aws_api_gateway_authorizer", - "aws_api_gateway_authorizers", - "aws_api_gateway_domain_name", - "aws_api_gateway_export", - "aws_api_gateway_resource", - "aws_api_gateway_rest_api", - "aws_api_gateway_sdk", - "aws_api_gateway_vpc_link", - "aws_apigatewayv2_api", - "aws_apigatewayv2_apis", - "aws_apigatewayv2_export", - "aws_apigatewayv2_vpc_link", - "aws_appconfig_configuration_profile", - "aws_appconfig_configuration_profiles", - "aws_appconfig_environment", - "aws_appconfig_environments", - "aws_appintegrations_event_integration", - "aws_appmesh_gateway_route", - "aws_appmesh_mesh", - "aws_appmesh_route", - "aws_appmesh_virtual_gateway", - "aws_appmesh_virtual_node", - "aws_appmesh_virtual_router", - "aws_appmesh_virtual_service", - "aws_apprunner_hosted_zone_id", - "aws_appstream_image", - "aws_arn", - "aws_athena_named_query", - "aws_auditmanager_control", - "aws_auditmanager_framework", - "aws_autoscaling_group", - "aws_autoscaling_groups", - "aws_availability_zone", - "aws_availability_zones", - "aws_backup_framework", - "aws_backup_plan", - "aws_backup_report_plan", - "aws_backup_selection", - "aws_backup_vault", - "aws_batch_compute_environment", - "aws_batch_job_definition", - "aws_batch_job_queue", - "aws_batch_scheduling_policy", - "aws_bedrock_custom_model", - "aws_bedrock_custom_models", - "aws_bedrock_foundation_model", - "aws_bedrock_foundation_models", - "aws_bedrock_inference_profile", - "aws_bedrock_inference_profiles", - "aws_bedrockagent_agent_versions", - "aws_billing_service_account", - "aws_budgets_budget", - "aws_caller_identity", - "aws_canonical_user_id", - "aws_chatbot_slack_workspace", - "aws_cloudcontrolapi_resource", - "aws_cloudformation_export", - "aws_cloudformation_stack", - "aws_cloudformation_type", - "aws_cloudfront_cache_policy", - "aws_cloudfront_distribution", - "aws_cloudfront_log_delivery_canonical_user_id", - "aws_cloudfront_origin_access_control", - "aws_cloudfront_origin_access_identities", - "aws_cloudfront_origin_access_identity", - "aws_cloudfront_origin_request_policy", - "aws_cloudfront_realtime_log_config", - "aws_cloudfront_response_headers_policy", - "aws_cloudhsm_v2_cluster", - "aws_cloudtrail_service_account", - "aws_cloudwatch_event_bus", - "aws_cloudwatch_event_buses", - "aws_cloudwatch_event_connection", - "aws_cloudwatch_event_source", - "aws_cloudwatch_log_data_protection_policy_document", - "aws_cloudwatch_log_group", - "aws_cloudwatch_log_groups", - "aws_codeartifact_authorization_token", - "aws_codeartifact_repository_endpoint", - "aws_codebuild_fleet", - "aws_codecatalyst_dev_environment", - "aws_codecommit_approval_rule_template", - "aws_codecommit_repository", - "aws_codeguruprofiler_profiling_group", - "aws_codestarconnections_connection", - "aws_cognito_identity_pool", - "aws_cognito_user_group", - "aws_cognito_user_groups", - "aws_cognito_user_pool", - "aws_cognito_user_pool_client", - "aws_cognito_user_pool_clients", - "aws_cognito_user_pool_signing_certificate", - "aws_cognito_user_pools", - "aws_connect_bot_association", - "aws_connect_contact_flow", - "aws_connect_contact_flow_module", - "aws_connect_hours_of_operation", - "aws_connect_instance", - "aws_connect_instance_storage_config", - "aws_connect_lambda_function_association", - "aws_connect_prompt", - "aws_connect_queue", - "aws_connect_quick_connect", - "aws_connect_routing_profile", - "aws_connect_security_profile", - "aws_connect_user", - "aws_connect_user_hierarchy_group", - "aws_connect_user_hierarchy_structure", - "aws_connect_vocabulary", - "aws_controltower_controls", - "aws_cur_report_definition", - "aws_customer_gateway", - "aws_datazone_environment_blueprint", - "aws_db_cluster_snapshot", - "aws_db_event_categories", - "aws_db_instance", - "aws_db_instances", - "aws_db_parameter_group", - "aws_db_proxy", - "aws_db_snapshot", - "aws_db_subnet_group", - "aws_default_tags", - "aws_devopsguru_notification_channel", - "aws_devopsguru_resource_collection", - "aws_directory_service_directory", - "aws_dms_certificate", - "aws_dms_endpoint", - "aws_dms_replication_instance", - "aws_dms_replication_subnet_group", - "aws_dms_replication_task", - "aws_docdb_engine_version", - "aws_docdb_orderable_db_instance", - "aws_dx_connection", - "aws_dx_gateway", - "aws_dx_location", - "aws_dx_locations", - "aws_dx_router_configuration", - "aws_dynamodb_table", - "aws_dynamodb_table_item", - "aws_ebs_default_kms_key", - "aws_ebs_encryption_by_default", - "aws_ebs_snapshot", - "aws_ebs_snapshot_ids", - "aws_ebs_volume", - "aws_ebs_volumes", - "aws_ec2_capacity_block_offering", - "aws_ec2_client_vpn_endpoint", - "aws_ec2_coip_pool", - "aws_ec2_coip_pools", - "aws_ec2_host", - "aws_ec2_instance_type", - "aws_ec2_instance_type_offering", - "aws_ec2_instance_type_offerings", - "aws_ec2_instance_types", - "aws_ec2_local_gateway", - "aws_ec2_local_gateway_route_table", - "aws_ec2_local_gateway_route_tables", - "aws_ec2_local_gateway_virtual_interface", - "aws_ec2_local_gateway_virtual_interface_group", - "aws_ec2_local_gateway_virtual_interface_groups", - "aws_ec2_local_gateways", - "aws_ec2_managed_prefix_list", - "aws_ec2_managed_prefix_lists", - "aws_ec2_network_insights_analysis", - "aws_ec2_network_insights_path", - "aws_ec2_public_ipv4_pool", - "aws_ec2_public_ipv4_pools", - "aws_ec2_serial_console_access", - "aws_ec2_spot_price", - "aws_ec2_transit_gateway", - "aws_ec2_transit_gateway_attachment", - "aws_ec2_transit_gateway_attachments", - "aws_ec2_transit_gateway_connect", - "aws_ec2_transit_gateway_connect_peer", - "aws_ec2_transit_gateway_dx_gateway_attachment", - "aws_ec2_transit_gateway_multicast_domain", - "aws_ec2_transit_gateway_peering_attachment", - "aws_ec2_transit_gateway_peering_attachments", - "aws_ec2_transit_gateway_route_table", - "aws_ec2_transit_gateway_route_table_associations", - "aws_ec2_transit_gateway_route_table_routes", - "aws_ec2_transit_gateway_route_tables", - "aws_ec2_transit_gateway_vpc_attachment", - "aws_ec2_transit_gateway_vpc_attachments", - "aws_ec2_transit_gateway_vpn_attachment", - "aws_ec2_transitgateway_route_table_propagations", - "aws_ecr_authorization_token", - "aws_ecr_image", - "aws_ecr_lifecycle_policy_document", - "aws_ecr_pull_through_cache_rule", - "aws_ecr_repositories", - "aws_ecr_repository", - "aws_ecr_repository_creation_template", - "aws_ecrpublic_authorization_token", - "aws_ecs_cluster", - "aws_ecs_clusters", - "aws_ecs_container_definition", - "aws_ecs_service", - "aws_ecs_task_definition", - "aws_ecs_task_execution", - "aws_efs_access_point", - "aws_efs_access_points", - "aws_efs_file_system", - "aws_efs_mount_target", - "aws_eip", - "aws_eips", - "aws_eks_access_entry", - "aws_eks_addon", - "aws_eks_addon_version", - "aws_eks_cluster", - "aws_eks_cluster_auth", - "aws_eks_clusters", - "aws_eks_node_group", - "aws_eks_node_groups", - "aws_elastic_beanstalk_application", - "aws_elastic_beanstalk_hosted_zone", - "aws_elastic_beanstalk_solution_stack", - "aws_elasticache_cluster", - "aws_elasticache_replication_group", - "aws_elasticache_reserved_cache_node_offering", - "aws_elasticache_serverless_cache", - "aws_elasticache_user", - "aws_elasticsearch_domain", - "aws_elb_hosted_zone_id", - "aws_elb_service_account", - "aws_emr_release_labels", - "aws_emr_supported_instance_types", - "aws_emrcontainers_virtual_cluster", - "aws_fsx_ontap_file_system", - "aws_fsx_ontap_storage_virtual_machine", - "aws_fsx_ontap_storage_virtual_machines", - "aws_fsx_openzfs_snapshot", - "aws_fsx_windows_file_system", - "aws_globalaccelerator_accelerator", - "aws_globalaccelerator_custom_routing_accelerator", - "aws_glue_catalog_table", - "aws_glue_connection", - "aws_glue_data_catalog_encryption_settings", - "aws_glue_registry", - "aws_glue_script", - "aws_grafana_workspace", - "aws_guardduty_detector", - "aws_guardduty_finding_ids", - "aws_iam_access_keys", - "aws_iam_account_alias", - "aws_iam_group", - "aws_iam_instance_profile", - "aws_iam_instance_profiles", - "aws_iam_openid_connect_provider", - "aws_iam_policy", - "aws_iam_policy_document", - "aws_iam_principal_policy_simulation", - "aws_iam_role", - "aws_iam_roles", - "aws_iam_server_certificate", - "aws_iam_session_context", - "aws_iam_user", - "aws_iam_user_ssh_key", - "aws_iam_users", - "aws_identitystore_group", - "aws_identitystore_groups", - "aws_identitystore_user", - "aws_imagebuilder_component", - "aws_imagebuilder_components", - "aws_imagebuilder_container_recipe", - "aws_imagebuilder_container_recipes", - "aws_imagebuilder_distribution_configuration", - "aws_imagebuilder_distribution_configurations", - "aws_imagebuilder_image", - "aws_imagebuilder_image_pipeline", - "aws_imagebuilder_image_pipelines", - "aws_imagebuilder_image_recipe", - "aws_imagebuilder_image_recipes", - "aws_imagebuilder_infrastructure_configuration", - "aws_imagebuilder_infrastructure_configurations", - "aws_inspector_rules_packages", - "aws_instance", - "aws_instances", - "aws_internet_gateway", - "aws_iot_endpoint", - "aws_iot_registration_code", - "aws_ip_ranges", - "aws_ivs_stream_key", - "aws_kendra_experience", - "aws_kendra_faq", - "aws_kendra_index", - "aws_kendra_query_suggestions_block_list", - "aws_kendra_thesaurus", - "aws_key_pair", - "aws_kinesis_firehose_delivery_stream", - "aws_kinesis_stream", - "aws_kinesis_stream_consumer", - "aws_kms_alias", - "aws_kms_ciphertext", - "aws_kms_custom_key_store", - "aws_kms_secret", - "aws_kms_secrets", - "aws_lakeformation_data_lake_settings", - "aws_lakeformation_permissions", - "aws_lakeformation_resource", - "aws_lambda_alias", - "aws_lambda_code_signing_config", - "aws_lambda_function", - "aws_lambda_invocation", - "aws_launch_configuration", - "aws_launch_template", - "aws_lb", - "aws_lb_hosted_zone_id", - "aws_lb_listener", - "aws_lb_listener_rule", - "aws_lb_target_group", - "aws_lb_trust_store", - "aws_lbs", - "aws_lex_bot", - "aws_lex_bot_alias", - "aws_lex_intent", - "aws_lex_slot_type", - "aws_licensemanager_grants", - "aws_licensemanager_received_license", - "aws_licensemanager_received_licenses", - "aws_location_geofence_collection", - "aws_location_map", - "aws_location_place_index", - "aws_location_route_calculator", - "aws_location_tracker", - "aws_location_tracker_association", - "aws_location_tracker_associations", - "aws_medialive_input", - "aws_mq_broker", - "aws_mq_broker_engine_types", - "aws_mq_broker_instance_type_offerings", - "aws_msk_bootstrap_brokers", - "aws_msk_broker_nodes", - "aws_msk_cluster", - "aws_msk_configuration", - "aws_msk_vpc_connection", - "aws_mskconnect_connector", - "aws_mskconnect_custom_plugin", - "aws_mskconnect_worker_configuration", - "aws_nat_gateway", - "aws_nat_gateways", - "aws_neptune_engine_version", - "aws_neptune_orderable_db_instance", - "aws_network_acls", - "aws_network_interfaces", - "aws_networkfirewall_firewall", - "aws_networkfirewall_firewall_policy", - "aws_networkfirewall_resource_policy", - "aws_networkmanager_connection", - "aws_networkmanager_connections", - "aws_networkmanager_core_network_policy_document", - "aws_networkmanager_device", - "aws_networkmanager_devices", - "aws_networkmanager_global_network", - "aws_networkmanager_global_networks", - "aws_networkmanager_link", - "aws_networkmanager_links", - "aws_networkmanager_site", - "aws_networkmanager_sites", - "aws_oam_link", - "aws_oam_links", - "aws_oam_sink", - "aws_oam_sinks", - "aws_opensearch_domain", - "aws_opensearchserverless_access_policy", - "aws_opensearchserverless_collection", - "aws_opensearchserverless_lifecycle_policy", - "aws_opensearchserverless_security_config", - "aws_opensearchserverless_security_policy", - "aws_opensearchserverless_vpc_endpoint", - "aws_organizations_delegated_administrators", - "aws_organizations_delegated_services", - "aws_organizations_organization", - "aws_organizations_organizational_unit", - "aws_organizations_organizational_unit_child_accounts", - "aws_organizations_organizational_unit_descendant_accounts", - "aws_organizations_organizational_unit_descendant_organizational_units", - "aws_organizations_organizational_units", - "aws_organizations_policies", - "aws_organizations_policies_for_target", - "aws_organizations_policy", - "aws_organizations_resource_tags", - "aws_outposts_asset", - "aws_outposts_assets", - "aws_outposts_outpost", - "aws_outposts_outpost_instance_type", - "aws_outposts_outpost_instance_types", - "aws_outposts_outposts", - "aws_outposts_site", - "aws_outposts_sites", - "aws_partition", - "aws_polly_voices", - "aws_prefix_list", - "aws_pricing_product", - "aws_prometheus_default_scraper_configuration", - "aws_prometheus_workspace", - "aws_prometheus_workspaces", - "aws_qldb_ledger", - "aws_quicksight_analysis", - "aws_quicksight_data_set", - "aws_quicksight_group", - "aws_quicksight_theme", - "aws_quicksight_user", - "aws_ram_resource_share", - "aws_rds_certificate", - "aws_rds_cluster", - "aws_rds_cluster_parameter_group", - "aws_rds_clusters", - "aws_rds_engine_version", - "aws_rds_orderable_db_instance", - "aws_rds_reserved_instance_offering", - "aws_redshift_cluster", - "aws_redshift_cluster_credentials", - "aws_redshift_data_shares", - "aws_redshift_orderable_cluster", - "aws_redshift_producer_data_shares", - "aws_redshift_service_account", - "aws_redshift_subnet_group", - "aws_redshiftserverless_credentials", - "aws_redshiftserverless_namespace", - "aws_redshiftserverless_workgroup", - "aws_region", - "aws_regions", - "aws_resourceexplorer2_search", - "aws_resourcegroupstaggingapi_resources", - "aws_route", - "aws_route53_delegation_set", - "aws_route53_records", - "aws_route53_resolver_endpoint", - "aws_route53_resolver_firewall_config", - "aws_route53_resolver_firewall_domain_list", - "aws_route53_resolver_firewall_rule_group", - "aws_route53_resolver_firewall_rule_group_association", - "aws_route53_resolver_firewall_rules", - "aws_route53_resolver_query_log_config", - "aws_route53_resolver_rule", - "aws_route53_resolver_rules", - "aws_route53_traffic_policy_document", - "aws_route53_zone", - "aws_route53_zones", - "aws_route53profiles_profiles", - "aws_route_table", - "aws_route_tables", - "aws_s3_account_public_access_block", - "aws_s3_bucket", - "aws_s3_bucket_object", - "aws_s3_bucket_objects", - "aws_s3_bucket_policy", - "aws_s3_directory_buckets", - "aws_s3_object", - "aws_s3_objects", - "aws_s3control_multi_region_access_point", - "aws_sagemaker_prebuilt_ecr_image", - "aws_saml_provider", - "aws_secretsmanager_random_password", - "aws_secretsmanager_secret", - "aws_secretsmanager_secret_rotation", - "aws_secretsmanager_secret_version", - "aws_secretsmanager_secret_versions", - "aws_secretsmanager_secrets", - "aws_security_group", - "aws_security_groups", - "aws_serverlessapplicationrepository_application", - "aws_service", - "aws_service_discovery_dns_namespace", - "aws_service_discovery_http_namespace", - "aws_service_discovery_service", - "aws_service_principal", - "aws_servicecatalog_constraint", - "aws_servicecatalog_launch_paths", - "aws_servicecatalog_portfolio", - "aws_servicecatalog_portfolio_constraints", - "aws_servicecatalog_product", - "aws_servicecatalog_provisioning_artifacts", - "aws_servicecatalogappregistry_application", - "aws_servicecatalogappregistry_attribute_group", - "aws_servicecatalogappregistry_attribute_group_associations", - "aws_servicequotas_service", - "aws_servicequotas_service_quota", - "aws_servicequotas_templates", - "aws_ses_active_receipt_rule_set", - "aws_ses_domain_identity", - "aws_ses_email_identity", - "aws_sesv2_configuration_set", - "aws_sesv2_dedicated_ip_pool", - "aws_sesv2_email_identity", - "aws_sesv2_email_identity_mail_from_attributes", - "aws_sfn_activity", - "aws_sfn_alias", - "aws_sfn_state_machine", - "aws_sfn_state_machine_versions", - "aws_shield_protection", - "aws_signer_signing_job", - "aws_signer_signing_profile", - "aws_sns_topic", - "aws_spot_datafeed_subscription", - "aws_sqs_queue", - "aws_sqs_queues", - "aws_ssm_document", - "aws_ssm_instances", - "aws_ssm_parameter", - "aws_ssm_parameters_by_path", - "aws_ssm_patch_baseline", - "aws_ssm_patch_baselines", - "aws_ssmcontacts_contact", - "aws_ssmcontacts_contact_channel", - "aws_ssmcontacts_plan", - "aws_ssmcontacts_rotation", - "aws_ssmincidents_replication_set", - "aws_ssmincidents_response_plan", - "aws_ssoadmin_application", - "aws_ssoadmin_application_assignments", - "aws_ssoadmin_application_providers", - "aws_ssoadmin_instances", - "aws_ssoadmin_permission_set", - "aws_ssoadmin_permission_sets", - "aws_ssoadmin_principal_application_assignments", - "aws_storagegateway_local_disk", - "aws_subnet", - "aws_subnet_ids", - "aws_subnets", - "aws_synthetics_runtime_version", - "aws_synthetics_runtime_versions", - "aws_timestreamwrite_database", - "aws_timestreamwrite_table", - "aws_transfer_connector", - "aws_transfer_server", - "aws_verifiedpermissions_policy_store", - "aws_vpc", - "aws_vpc_dhcp_options", - "aws_vpc_endpoint", - "aws_vpc_endpoint_service", - "aws_vpc_ipam_pool", - "aws_vpc_ipam_pool_cidrs", - "aws_vpc_ipam_pools", - "aws_vpc_ipam_preview_next_cidr", - "aws_vpc_peering_connection", - "aws_vpc_peering_connections", - "aws_vpc_security_group_rule", - "aws_vpc_security_group_rules", - "aws_vpclattice_auth_policy", - "aws_vpclattice_listener", - "aws_vpclattice_resource_policy", - "aws_vpclattice_service", - "aws_vpclattice_service_network", - "aws_vpcs", - "aws_vpn_gateway", - "aws_waf_ipset", - "aws_waf_rate_based_rule", - "aws_waf_rule", - "aws_waf_web_acl", - "aws_wafregional_ipset", - "aws_wafregional_rate_based_rule", - "aws_wafregional_rule", - "aws_wafregional_web_acl", - "aws_wafv2_ip_set", - "aws_wafv2_regex_pattern_set", - "aws_wafv2_rule_group", - "aws_wafv2_web_acl", - "aws_workspaces_bundle", - "aws_workspaces_directory", - "aws_workspaces_image", - "ssm_maintenance_windows" - ] -} \ No newline at end of file +{ + "dataSources": [ + "aws_acm_certificate", + "aws_acmpca_certificate", + "aws_acmpca_certificate_authority", + "aws_ami", + "aws_ami_ids", + "aws_api_gateway_api_key", + "aws_api_gateway_authorizer", + "aws_api_gateway_authorizers", + "aws_api_gateway_domain_name", + "aws_api_gateway_export", + "aws_api_gateway_resource", + "aws_api_gateway_rest_api", + "aws_api_gateway_sdk", + "aws_api_gateway_vpc_link", + "aws_apigatewayv2_api", + "aws_apigatewayv2_apis", + "aws_apigatewayv2_export", + "aws_apigatewayv2_vpc_link", + "aws_appconfig_configuration_profile", + "aws_appconfig_configuration_profiles", + "aws_appconfig_environment", + "aws_appconfig_environments", + "aws_appintegrations_event_integration", + "aws_appmesh_gateway_route", + "aws_appmesh_mesh", + "aws_appmesh_route", + "aws_appmesh_virtual_gateway", + "aws_appmesh_virtual_node", + "aws_appmesh_virtual_router", + "aws_appmesh_virtual_service", + "aws_apprunner_hosted_zone_id", + "aws_appstream_image", + "aws_arn", + "aws_athena_named_query", + "aws_auditmanager_control", + "aws_auditmanager_framework", + "aws_autoscaling_group", + "aws_autoscaling_groups", + "aws_availability_zone", + "aws_availability_zones", + "aws_backup_framework", + "aws_backup_plan", + "aws_backup_report_plan", + "aws_backup_selection", + "aws_backup_vault", + "aws_batch_compute_environment", + "aws_batch_job_definition", + "aws_batch_job_queue", + "aws_batch_scheduling_policy", + "aws_bedrock_custom_model", + "aws_bedrock_custom_models", + "aws_bedrock_foundation_model", + "aws_bedrock_foundation_models", + "aws_bedrock_inference_profile", + "aws_bedrock_inference_profiles", + "aws_bedrockagent_agent_versions", + "aws_billing_service_account", + "aws_budgets_budget", + "aws_caller_identity", + "aws_canonical_user_id", + "aws_chatbot_slack_workspace", + "aws_cloudcontrolapi_resource", + "aws_cloudformation_export", + "aws_cloudformation_stack", + "aws_cloudformation_type", + "aws_cloudfront_cache_policy", + "aws_cloudfront_distribution", + "aws_cloudfront_log_delivery_canonical_user_id", + "aws_cloudfront_origin_access_control", + "aws_cloudfront_origin_access_identities", + "aws_cloudfront_origin_access_identity", + "aws_cloudfront_origin_request_policy", + "aws_cloudfront_realtime_log_config", + "aws_cloudfront_response_headers_policy", + "aws_cloudhsm_v2_cluster", + "aws_cloudtrail_service_account", + "aws_cloudwatch_event_bus", + "aws_cloudwatch_event_buses", + "aws_cloudwatch_event_connection", + "aws_cloudwatch_event_source", + "aws_cloudwatch_log_data_protection_policy_document", + "aws_cloudwatch_log_group", + "aws_cloudwatch_log_groups", + "aws_codeartifact_authorization_token", + "aws_codeartifact_repository_endpoint", + "aws_codebuild_fleet", + "aws_codecatalyst_dev_environment", + "aws_codecommit_approval_rule_template", + "aws_codecommit_repository", + "aws_codeguruprofiler_profiling_group", + "aws_codestarconnections_connection", + "aws_cognito_identity_pool", + "aws_cognito_user_group", + "aws_cognito_user_groups", + "aws_cognito_user_pool", + "aws_cognito_user_pool_client", + "aws_cognito_user_pool_clients", + "aws_cognito_user_pool_signing_certificate", + "aws_cognito_user_pools", + "aws_connect_bot_association", + "aws_connect_contact_flow", + "aws_connect_contact_flow_module", + "aws_connect_hours_of_operation", + "aws_connect_instance", + "aws_connect_instance_storage_config", + "aws_connect_lambda_function_association", + "aws_connect_prompt", + "aws_connect_queue", + "aws_connect_quick_connect", + "aws_connect_routing_profile", + "aws_connect_security_profile", + "aws_connect_user", + "aws_connect_user_hierarchy_group", + "aws_connect_user_hierarchy_structure", + "aws_connect_vocabulary", + "aws_controltower_controls", + "aws_cur_report_definition", + "aws_customer_gateway", + "aws_datazone_environment_blueprint", + "aws_db_cluster_snapshot", + "aws_db_event_categories", + "aws_db_instance", + "aws_db_instances", + "aws_db_parameter_group", + "aws_db_proxy", + "aws_db_snapshot", + "aws_db_subnet_group", + "aws_default_tags", + "aws_devopsguru_notification_channel", + "aws_devopsguru_resource_collection", + "aws_directory_service_directory", + "aws_dms_certificate", + "aws_dms_endpoint", + "aws_dms_replication_instance", + "aws_dms_replication_subnet_group", + "aws_dms_replication_task", + "aws_docdb_engine_version", + "aws_docdb_orderable_db_instance", + "aws_dx_connection", + "aws_dx_gateway", + "aws_dx_location", + "aws_dx_locations", + "aws_dx_router_configuration", + "aws_dynamodb_table", + "aws_dynamodb_table_item", + "aws_ebs_default_kms_key", + "aws_ebs_encryption_by_default", + "aws_ebs_snapshot", + "aws_ebs_snapshot_ids", + "aws_ebs_volume", + "aws_ebs_volumes", + "aws_ec2_capacity_block_offering", + "aws_ec2_client_vpn_endpoint", + "aws_ec2_coip_pool", + "aws_ec2_coip_pools", + "aws_ec2_host", + "aws_ec2_instance_type", + "aws_ec2_instance_type_offering", + "aws_ec2_instance_type_offerings", + "aws_ec2_instance_types", + "aws_ec2_local_gateway", + "aws_ec2_local_gateway_route_table", + "aws_ec2_local_gateway_route_tables", + "aws_ec2_local_gateway_virtual_interface", + "aws_ec2_local_gateway_virtual_interface_group", + "aws_ec2_local_gateway_virtual_interface_groups", + "aws_ec2_local_gateways", + "aws_ec2_managed_prefix_list", + "aws_ec2_managed_prefix_lists", + "aws_ec2_network_insights_analysis", + "aws_ec2_network_insights_path", + "aws_ec2_public_ipv4_pool", + "aws_ec2_public_ipv4_pools", + "aws_ec2_serial_console_access", + "aws_ec2_spot_price", + "aws_ec2_transit_gateway", + "aws_ec2_transit_gateway_attachment", + "aws_ec2_transit_gateway_attachments", + "aws_ec2_transit_gateway_connect", + "aws_ec2_transit_gateway_connect_peer", + "aws_ec2_transit_gateway_dx_gateway_attachment", + "aws_ec2_transit_gateway_multicast_domain", + "aws_ec2_transit_gateway_peering_attachment", + "aws_ec2_transit_gateway_peering_attachments", + "aws_ec2_transit_gateway_route_table", + "aws_ec2_transit_gateway_route_table_associations", + "aws_ec2_transit_gateway_route_table_routes", + "aws_ec2_transit_gateway_route_tables", + "aws_ec2_transit_gateway_vpc_attachment", + "aws_ec2_transit_gateway_vpc_attachments", + "aws_ec2_transit_gateway_vpn_attachment", + "aws_ec2_transitgateway_route_table_propagations", + "aws_ecr_authorization_token", + "aws_ecr_image", + "aws_ecr_lifecycle_policy_document", + "aws_ecr_pull_through_cache_rule", + "aws_ecr_repositories", + "aws_ecr_repository", + "aws_ecr_repository_creation_template", + "aws_ecrpublic_authorization_token", + "aws_ecs_cluster", + "aws_ecs_clusters", + "aws_ecs_container_definition", + "aws_ecs_service", + "aws_ecs_task_definition", + "aws_ecs_task_execution", + "aws_efs_access_point", + "aws_efs_access_points", + "aws_efs_file_system", + "aws_efs_mount_target", + "aws_eip", + "aws_eips", + "aws_eks_access_entry", + "aws_eks_addon", + "aws_eks_addon_version", + "aws_eks_cluster", + "aws_eks_cluster_auth", + "aws_eks_clusters", + "aws_eks_node_group", + "aws_eks_node_groups", + "aws_elastic_beanstalk_application", + "aws_elastic_beanstalk_hosted_zone", + "aws_elastic_beanstalk_solution_stack", + "aws_elasticache_cluster", + "aws_elasticache_replication_group", + "aws_elasticache_reserved_cache_node_offering", + "aws_elasticache_serverless_cache", + "aws_elasticache_user", + "aws_elasticsearch_domain", + "aws_elb_hosted_zone_id", + "aws_elb_service_account", + "aws_emr_release_labels", + "aws_emr_supported_instance_types", + "aws_emrcontainers_virtual_cluster", + "aws_fsx_ontap_file_system", + "aws_fsx_ontap_storage_virtual_machine", + "aws_fsx_ontap_storage_virtual_machines", + "aws_fsx_openzfs_snapshot", + "aws_fsx_windows_file_system", + "aws_globalaccelerator_accelerator", + "aws_globalaccelerator_custom_routing_accelerator", + "aws_glue_catalog_table", + "aws_glue_connection", + "aws_glue_data_catalog_encryption_settings", + "aws_glue_registry", + "aws_glue_script", + "aws_grafana_workspace", + "aws_guardduty_detector", + "aws_guardduty_finding_ids", + "aws_iam_access_keys", + "aws_iam_account_alias", + "aws_iam_group", + "aws_iam_instance_profile", + "aws_iam_instance_profiles", + "aws_iam_openid_connect_provider", + "aws_iam_policy", + "aws_iam_policy_document", + "aws_iam_principal_policy_simulation", + "aws_iam_role", + "aws_iam_roles", + "aws_iam_server_certificate", + "aws_iam_session_context", + "aws_iam_user", + "aws_iam_user_ssh_key", + "aws_iam_users", + "aws_identitystore_group", + "aws_identitystore_groups", + "aws_identitystore_user", + "aws_imagebuilder_component", + "aws_imagebuilder_components", + "aws_imagebuilder_container_recipe", + "aws_imagebuilder_container_recipes", + "aws_imagebuilder_distribution_configuration", + "aws_imagebuilder_distribution_configurations", + "aws_imagebuilder_image", + "aws_imagebuilder_image_pipeline", + "aws_imagebuilder_image_pipelines", + "aws_imagebuilder_image_recipe", + "aws_imagebuilder_image_recipes", + "aws_imagebuilder_infrastructure_configuration", + "aws_imagebuilder_infrastructure_configurations", + "aws_inspector_rules_packages", + "aws_instance", + "aws_instances", + "aws_internet_gateway", + "aws_iot_endpoint", + "aws_iot_registration_code", + "aws_ip_ranges", + "aws_ivs_stream_key", + "aws_kendra_experience", + "aws_kendra_faq", + "aws_kendra_index", + "aws_kendra_query_suggestions_block_list", + "aws_kendra_thesaurus", + "aws_key_pair", + "aws_kinesis_firehose_delivery_stream", + "aws_kinesis_stream", + "aws_kinesis_stream_consumer", + "aws_kms_alias", + "aws_kms_ciphertext", + "aws_kms_custom_key_store", + "aws_kms_secret", + "aws_kms_secrets", + "aws_lakeformation_data_lake_settings", + "aws_lakeformation_permissions", + "aws_lakeformation_resource", + "aws_lambda_alias", + "aws_lambda_code_signing_config", + "aws_lambda_function", + "aws_lambda_invocation", + "aws_launch_configuration", + "aws_launch_template", + "aws_lb", + "aws_lb_hosted_zone_id", + "aws_lb_listener", + "aws_lb_listener_rule", + "aws_lb_target_group", + "aws_lb_trust_store", + "aws_lbs", + "aws_lex_bot", + "aws_lex_bot_alias", + "aws_lex_intent", + "aws_lex_slot_type", + "aws_licensemanager_grants", + "aws_licensemanager_received_license", + "aws_licensemanager_received_licenses", + "aws_location_geofence_collection", + "aws_location_map", + "aws_location_place_index", + "aws_location_route_calculator", + "aws_location_tracker", + "aws_location_tracker_association", + "aws_location_tracker_associations", + "aws_medialive_input", + "aws_mq_broker", + "aws_mq_broker_engine_types", + "aws_mq_broker_instance_type_offerings", + "aws_msk_bootstrap_brokers", + "aws_msk_broker_nodes", + "aws_msk_cluster", + "aws_msk_configuration", + "aws_msk_vpc_connection", + "aws_mskconnect_connector", + "aws_mskconnect_custom_plugin", + "aws_mskconnect_worker_configuration", + "aws_nat_gateway", + "aws_nat_gateways", + "aws_neptune_engine_version", + "aws_neptune_orderable_db_instance", + "aws_network_acls", + "aws_network_interfaces", + "aws_networkfirewall_firewall", + "aws_networkfirewall_firewall_policy", + "aws_networkfirewall_resource_policy", + "aws_networkmanager_connection", + "aws_networkmanager_connections", + "aws_networkmanager_core_network_policy_document", + "aws_networkmanager_device", + "aws_networkmanager_devices", + "aws_networkmanager_global_network", + "aws_networkmanager_global_networks", + "aws_networkmanager_link", + "aws_networkmanager_links", + "aws_networkmanager_site", + "aws_networkmanager_sites", + "aws_oam_link", + "aws_oam_links", + "aws_oam_sink", + "aws_oam_sinks", + "aws_opensearch_domain", + "aws_opensearchserverless_access_policy", + "aws_opensearchserverless_collection", + "aws_opensearchserverless_lifecycle_policy", + "aws_opensearchserverless_security_config", + "aws_opensearchserverless_security_policy", + "aws_opensearchserverless_vpc_endpoint", + "aws_organizations_delegated_administrators", + "aws_organizations_delegated_services", + "aws_organizations_organization", + "aws_organizations_organizational_unit", + "aws_organizations_organizational_unit_child_accounts", + "aws_organizations_organizational_unit_descendant_accounts", + "aws_organizations_organizational_unit_descendant_organizational_units", + "aws_organizations_organizational_units", + "aws_organizations_policies", + "aws_organizations_policies_for_target", + "aws_organizations_policy", + "aws_organizations_resource_tags", + "aws_outposts_asset", + "aws_outposts_assets", + "aws_outposts_outpost", + "aws_outposts_outpost_instance_type", + "aws_outposts_outpost_instance_types", + "aws_outposts_outposts", + "aws_outposts_site", + "aws_outposts_sites", + "aws_partition", + "aws_polly_voices", + "aws_prefix_list", + "aws_pricing_product", + "aws_prometheus_default_scraper_configuration", + "aws_prometheus_workspace", + "aws_prometheus_workspaces", + "aws_qldb_ledger", + "aws_quicksight_analysis", + "aws_quicksight_data_set", + "aws_quicksight_group", + "aws_quicksight_theme", + "aws_quicksight_user", + "aws_ram_resource_share", + "aws_rds_certificate", + "aws_rds_cluster", + "aws_rds_cluster_parameter_group", + "aws_rds_clusters", + "aws_rds_engine_version", + "aws_rds_orderable_db_instance", + "aws_rds_reserved_instance_offering", + "aws_redshift_cluster", + "aws_redshift_cluster_credentials", + "aws_redshift_data_shares", + "aws_redshift_orderable_cluster", + "aws_redshift_producer_data_shares", + "aws_redshift_service_account", + "aws_redshift_subnet_group", + "aws_redshiftserverless_credentials", + "aws_redshiftserverless_namespace", + "aws_redshiftserverless_workgroup", + "aws_region", + "aws_regions", + "aws_resourceexplorer2_search", + "aws_resourcegroupstaggingapi_resources", + "aws_route", + "aws_route53_delegation_set", + "aws_route53_records", + "aws_route53_resolver_endpoint", + "aws_route53_resolver_firewall_config", + "aws_route53_resolver_firewall_domain_list", + "aws_route53_resolver_firewall_rule_group", + "aws_route53_resolver_firewall_rule_group_association", + "aws_route53_resolver_firewall_rules", + "aws_route53_resolver_query_log_config", + "aws_route53_resolver_rule", + "aws_route53_resolver_rules", + "aws_route53_traffic_policy_document", + "aws_route53_zone", + "aws_route53_zones", + "aws_route53profiles_profiles", + "aws_route_table", + "aws_route_tables", + "aws_s3_account_public_access_block", + "aws_s3_bucket", + "aws_s3_bucket_object", + "aws_s3_bucket_objects", + "aws_s3_bucket_policy", + "aws_s3_directory_buckets", + "aws_s3_object", + "aws_s3_objects", + "aws_s3control_multi_region_access_point", + "aws_sagemaker_prebuilt_ecr_image", + "aws_saml_provider", + "aws_secretsmanager_random_password", + "aws_secretsmanager_secret", + "aws_secretsmanager_secret_rotation", + "aws_secretsmanager_secret_version", + "aws_secretsmanager_secret_versions", + "aws_secretsmanager_secrets", + "aws_security_group", + "aws_security_groups", + "aws_serverlessapplicationrepository_application", + "aws_service", + "aws_service_discovery_dns_namespace", + "aws_service_discovery_http_namespace", + "aws_service_discovery_service", + "aws_service_principal", + "aws_servicecatalog_constraint", + "aws_servicecatalog_launch_paths", + "aws_servicecatalog_portfolio", + "aws_servicecatalog_portfolio_constraints", + "aws_servicecatalog_product", + "aws_servicecatalog_provisioning_artifacts", + "aws_servicecatalogappregistry_application", + "aws_servicecatalogappregistry_attribute_group", + "aws_servicecatalogappregistry_attribute_group_associations", + "aws_servicequotas_service", + "aws_servicequotas_service_quota", + "aws_servicequotas_templates", + "aws_ses_active_receipt_rule_set", + "aws_ses_domain_identity", + "aws_ses_email_identity", + "aws_sesv2_configuration_set", + "aws_sesv2_dedicated_ip_pool", + "aws_sesv2_email_identity", + "aws_sesv2_email_identity_mail_from_attributes", + "aws_sfn_activity", + "aws_sfn_alias", + "aws_sfn_state_machine", + "aws_sfn_state_machine_versions", + "aws_shield_protection", + "aws_signer_signing_job", + "aws_signer_signing_profile", + "aws_sns_topic", + "aws_spot_datafeed_subscription", + "aws_sqs_queue", + "aws_sqs_queues", + "aws_ssm_document", + "aws_ssm_instances", + "aws_ssm_parameter", + "aws_ssm_parameters_by_path", + "aws_ssm_patch_baseline", + "aws_ssm_patch_baselines", + "aws_ssmcontacts_contact", + "aws_ssmcontacts_contact_channel", + "aws_ssmcontacts_plan", + "aws_ssmcontacts_rotation", + "aws_ssmincidents_replication_set", + "aws_ssmincidents_response_plan", + "aws_ssoadmin_application", + "aws_ssoadmin_application_assignments", + "aws_ssoadmin_application_providers", + "aws_ssoadmin_instances", + "aws_ssoadmin_permission_set", + "aws_ssoadmin_permission_sets", + "aws_ssoadmin_principal_application_assignments", + "aws_storagegateway_local_disk", + "aws_subnet", + "aws_subnet_ids", + "aws_subnets", + "aws_synthetics_runtime_version", + "aws_synthetics_runtime_versions", + "aws_timestreamwrite_database", + "aws_timestreamwrite_table", + "aws_transfer_connector", + "aws_transfer_server", + "aws_verifiedpermissions_policy_store", + "aws_vpc", + "aws_vpc_dhcp_options", + "aws_vpc_endpoint", + "aws_vpc_endpoint_service", + "aws_vpc_ipam_pool", + "aws_vpc_ipam_pool_cidrs", + "aws_vpc_ipam_pools", + "aws_vpc_ipam_preview_next_cidr", + "aws_vpc_peering_connection", + "aws_vpc_peering_connections", + "aws_vpc_security_group_rule", + "aws_vpc_security_group_rules", + "aws_vpclattice_auth_policy", + "aws_vpclattice_listener", + "aws_vpclattice_resource_policy", + "aws_vpclattice_service", + "aws_vpclattice_service_network", + "aws_vpcs", + "aws_vpn_gateway", + "aws_waf_ipset", + "aws_waf_rate_based_rule", + "aws_waf_rule", + "aws_waf_web_acl", + "aws_wafregional_ipset", + "aws_wafregional_rate_based_rule", + "aws_wafregional_rule", + "aws_wafregional_web_acl", + "aws_wafv2_ip_set", + "aws_wafv2_regex_pattern_set", + "aws_wafv2_rule_group", + "aws_wafv2_web_acl", + "aws_workspaces_bundle", + "aws_workspaces_directory", + "aws_workspaces_image", + "ssm_maintenance_windows" + ], + "resources": [ + "aws_accessanalyzer_analyzer", + "aws_accessanalyzer_archive_rule", + "aws_account_alternate_contact", + "aws_account_primary_contact", + "aws_account_region", + "aws_acm_certificate", + "aws_acm_certificate_validation", + "aws_acmpca_certificate", + "aws_acmpca_certificate_authority", + "aws_acmpca_certificate_authority_certificate", + "aws_acmpca_permission", + "aws_acmpca_policy", + "aws_alb", + "aws_ami", + "aws_ami_copy", + "aws_ami_from_instance", + "aws_ami_launch_permission", + "aws_amplify_app", + "aws_amplify_backend_environment", + "aws_amplify_branch", + "aws_amplify_domain_association", + "aws_amplify_webhook", + "aws_api_gateway_account", + "aws_api_gateway_api_key", + "aws_api_gateway_authorizer", + "aws_api_gateway_base_path_mapping", + "aws_api_gateway_client_certificate", + "aws_api_gateway_deployment", + "aws_api_gateway_documentation_part", + "aws_api_gateway_documentation_version", + "aws_api_gateway_domain_name", + "aws_api_gateway_domain_name_access_association", + "aws_api_gateway_gateway_response", + "aws_api_gateway_integration", + "aws_api_gateway_integration_response", + "aws_api_gateway_method", + "aws_api_gateway_method_response", + "aws_api_gateway_method_settings", + "aws_api_gateway_model", + "aws_api_gateway_request_validator", + "aws_api_gateway_resource", + "aws_api_gateway_rest_api", + "aws_api_gateway_rest_api_policy", + "aws_api_gateway_stage", + "aws_api_gateway_usage_plan", + "aws_api_gateway_usage_plan_key", + "aws_api_gateway_vpc_link", + "aws_apigatewayv2_api", + "aws_apigatewayv2_api_mapping", + "aws_apigatewayv2_authorizer", + "aws_apigatewayv2_deployment", + "aws_apigatewayv2_domain_name", + "aws_apigatewayv2_integration", + "aws_apigatewayv2_integration_response", + "aws_apigatewayv2_model", + "aws_apigatewayv2_route", + "aws_apigatewayv2_route_response", + "aws_apigatewayv2_stage", + "aws_apigatewayv2_vpc_link", + "aws_app_cookie_stickiness_policy", + "aws_appautoscaling_policy", + "aws_appautoscaling_scheduled_action", + "aws_appautoscaling_target", + "aws_appconfig_application", + "aws_appconfig_configuration_profile", + "aws_appconfig_deployment", + "aws_appconfig_deployment_strategy", + "aws_appconfig_environment", + "aws_appconfig_extension", + "aws_appconfig_extension_association", + "aws_appconfig_hosted_configuration_version", + "aws_appfabric_app_authorization", + "aws_appfabric_app_authorization_connection", + "aws_appfabric_app_bundle", + "aws_appfabric_ingestion", + "aws_appfabric_ingestion_destination", + "aws_appflow_connector_profile", + "aws_appflow_flow", + "aws_appintegrations_data_integration", + "aws_appintegrations_event_integration", + "aws_applicationinsights_application", + "aws_appmesh_gateway_route", + "aws_appmesh_mesh", + "aws_appmesh_route", + "aws_appmesh_virtual_gateway", + "aws_appmesh_virtual_node", + "aws_appmesh_virtual_router", + "aws_appmesh_virtual_service", + "aws_apprunner_auto_scaling_configuration_version", + "aws_apprunner_connection", + "aws_apprunner_custom_domain_association", + "aws_apprunner_default_auto_scaling_configuration_version", + "aws_apprunner_deployment", + "aws_apprunner_observability_configuration", + "aws_apprunner_service", + "aws_apprunner_vpc_connector", + "aws_apprunner_vpc_ingress_connection", + "aws_appstream_directory_config", + "aws_appstream_fleet", + "aws_appstream_fleet_stack_association", + "aws_appstream_image_builder", + "aws_appstream_stack", + "aws_appstream_user", + "aws_appstream_user_stack_association", + "aws_appsync_api_cache", + "aws_appsync_api_key", + "aws_appsync_datasource", + "aws_appsync_domain_name", + "aws_appsync_domain_name_api_association", + "aws_appsync_function", + "aws_appsync_graphql_api", + "aws_appsync_resolver", + "aws_appsync_source_api_association", + "aws_appsync_type", + "aws_athena_data_catalog", + "aws_athena_database", + "aws_athena_named_query", + "aws_athena_prepared_statement", + "aws_athena_workgroup", + "aws_auditmanager_account_registration", + "aws_auditmanager_assessment", + "aws_auditmanager_assessment_delegation", + "aws_auditmanager_assessment_report", + "aws_auditmanager_control", + "aws_auditmanager_framework", + "aws_auditmanager_framework_share", + "aws_auditmanager_organization_admin_account_registration", + "aws_autoscaling_attachment", + "aws_autoscaling_group", + "aws_autoscaling_group_tag", + "aws_autoscaling_lifecycle_hook", + "aws_autoscaling_notification", + "aws_autoscaling_policy", + "aws_autoscaling_schedule", + "aws_autoscaling_traffic_source_attachment", + "aws_autoscalingplans_scaling_plan", + "aws_backup_framework", + "aws_backup_global_settings", + "aws_backup_logically_air_gapped_vault", + "aws_backup_plan", + "aws_backup_region_settings", + "aws_backup_report_plan", + "aws_backup_selection", + "aws_backup_vault", + "aws_backup_vault_lock_configuration", + "aws_backup_vault_notifications", + "aws_backup_vault_policy", + "aws_batch_compute_environment", + "aws_batch_job_definition", + "aws_batch_job_queue", + "aws_batch_scheduling_policy", + "aws_bcmdataexports_export", + "aws_bedrock_custom_model", + "aws_bedrock_guardrail", + "aws_bedrock_guardrail_version", + "aws_bedrock_inference_profile", + "aws_bedrock_model_invocation_logging_configuration", + "aws_bedrock_provisioned_model_throughput", + "aws_bedrockagent_agent", + "aws_bedrockagent_agent_action_group", + "aws_bedrockagent_agent_alias", + "aws_bedrockagent_agent_collaborator", + "aws_bedrockagent_agent_knowledge_base_association", + "aws_bedrockagent_data_source", + "aws_bedrockagent_knowledge_base", + "aws_budgets_budget", + "aws_budgets_budget_action", + "aws_ce_anomaly_monitor", + "aws_ce_anomaly_subscription", + "aws_ce_cost_allocation_tag", + "aws_ce_cost_category", + "aws_chatbot_slack_channel_configuration", + "aws_chatbot_teams_channel_configuration", + "aws_chime_voice_connector", + "aws_chime_voice_connector_group", + "aws_chime_voice_connector_logging", + "aws_chime_voice_connector_origination", + "aws_chime_voice_connector_streaming", + "aws_chime_voice_connector_termination", + "aws_chime_voice_connector_termination_credentials", + "aws_chimesdkmediapipelines_media_insights_pipeline_configuration", + "aws_chimesdkvoice_global_settings", + "aws_chimesdkvoice_sip_media_application", + "aws_chimesdkvoice_sip_rule", + "aws_chimesdkvoice_voice_profile_domain", + "aws_cleanrooms_collaboration", + "aws_cleanrooms_configured_table", + "aws_cleanrooms_membership", + "aws_cloud9_environment_ec2", + "aws_cloud9_environment_membership", + "aws_cloudcontrolapi_resource", + "aws_cloudformation_stack", + "aws_cloudformation_stack_instances", + "aws_cloudformation_stack_set", + "aws_cloudformation_stack_set_instance", + "aws_cloudformation_type", + "aws_cloudfront_cache_policy", + "aws_cloudfront_continuous_deployment_policy", + "aws_cloudfront_distribution", + "aws_cloudfront_field_level_encryption_config", + "aws_cloudfront_field_level_encryption_profile", + "aws_cloudfront_function", + "aws_cloudfront_key_group", + "aws_cloudfront_key_value_store", + "aws_cloudfront_monitoring_subscription", + "aws_cloudfront_origin_access_control", + "aws_cloudfront_origin_access_identity", + "aws_cloudfront_origin_request_policy", + "aws_cloudfront_public_key", + "aws_cloudfront_realtime_log_config", + "aws_cloudfront_response_headers_policy", + "aws_cloudfront_vpc_origin", + "aws_cloudfrontkeyvaluestore_key", + "aws_cloudhsm_v2_cluster", + "aws_cloudhsm_v2_hsm", + "aws_cloudsearch_domain", + "aws_cloudsearch_domain_service_access_policy", + "aws_cloudtrail", + "aws_cloudtrail_event_data_store", + "aws_cloudtrail_organization_delegated_admin_account", + "aws_cloudwatch_composite_alarm", + "aws_cloudwatch_dashboard", + "aws_cloudwatch_event_api_destination", + "aws_cloudwatch_event_archive", + "aws_cloudwatch_event_bus", + "aws_cloudwatch_event_bus_policy", + "aws_cloudwatch_event_connection", + "aws_cloudwatch_event_endpoint", + "aws_cloudwatch_event_permission", + "aws_cloudwatch_event_rule", + "aws_cloudwatch_event_target", + "aws_cloudwatch_log_account_policy", + "aws_cloudwatch_log_anomaly_detector", + "aws_cloudwatch_log_data_protection_policy", + "aws_cloudwatch_log_delivery", + "aws_cloudwatch_log_delivery_destination", + "aws_cloudwatch_log_delivery_destination_policy", + "aws_cloudwatch_log_delivery_source", + "aws_cloudwatch_log_destination", + "aws_cloudwatch_log_destination_policy", + "aws_cloudwatch_log_group", + "aws_cloudwatch_log_index_policy", + "aws_cloudwatch_log_metric_filter", + "aws_cloudwatch_log_resource_policy", + "aws_cloudwatch_log_stream", + "aws_cloudwatch_log_subscription_filter", + "aws_cloudwatch_metric_alarm", + "aws_cloudwatch_metric_stream", + "aws_cloudwatch_query_definition", + "aws_codeartifact_domain", + "aws_codeartifact_domain_permissions_policy", + "aws_codeartifact_repository", + "aws_codeartifact_repository_permissions_policy", + "aws_codebuild_fleet", + "aws_codebuild_project", + "aws_codebuild_report_group", + "aws_codebuild_resource_policy", + "aws_codebuild_source_credential", + "aws_codebuild_webhook", + "aws_codecatalyst_dev_environment", + "aws_codecatalyst_project", + "aws_codecatalyst_source_repository", + "aws_codecommit_approval_rule_template", + "aws_codecommit_approval_rule_template_association", + "aws_codecommit_repository", + "aws_codecommit_trigger", + "aws_codeconnections_connection", + "aws_codeconnections_host", + "aws_codedeploy_app", + "aws_codedeploy_deployment_config", + "aws_codedeploy_deployment_group", + "aws_codeguruprofiler_profiling_group", + "aws_codegurureviewer_repository_association", + "aws_codepipeline", + "aws_codepipeline_custom_action_type", + "aws_codepipeline_webhook", + "aws_codestarconnections_connection", + "aws_codestarconnections_host", + "aws_codestarnotifications_notification_rule", + "aws_cognito_identity_pool", + "aws_cognito_identity_pool_provider_principal_tag", + "aws_cognito_identity_pool_roles_attachment", + "aws_cognito_identity_provider", + "aws_cognito_managed_user_pool_client", + "aws_cognito_resource_server", + "aws_cognito_risk_configuration", + "aws_cognito_user", + "aws_cognito_user_group", + "aws_cognito_user_in_group", + "aws_cognito_user_pool", + "aws_cognito_user_pool_client", + "aws_cognito_user_pool_domain", + "aws_cognito_user_pool_ui_customization", + "aws_comprehend_document_classifier", + "aws_comprehend_entity_recognizer", + "aws_computeoptimizer_enrollment_status", + "aws_computeoptimizer_recommendation_preferences", + "aws_config_aggregate_authorization", + "aws_config_config_rule", + "aws_config_configuration_aggregator", + "aws_config_configuration_recorder", + "aws_config_configuration_recorder_status", + "aws_config_conformance_pack", + "aws_config_delivery_channel", + "aws_config_organization_conformance_pack", + "aws_config_organization_custom_policy_rule", + "aws_config_organization_custom_rule", + "aws_config_organization_managed_rule", + "aws_config_remediation_configuration", + "aws_config_retention_configuration", + "aws_connect_bot_association", + "aws_connect_contact_flow", + "aws_connect_contact_flow_module", + "aws_connect_hours_of_operation", + "aws_connect_instance", + "aws_connect_instance_storage_config", + "aws_connect_lambda_function_association", + "aws_connect_phone_number", + "aws_connect_queue", + "aws_connect_quick_connect", + "aws_connect_routing_profile", + "aws_connect_security_profile", + "aws_connect_user", + "aws_connect_user_hierarchy_group", + "aws_connect_user_hierarchy_structure", + "aws_connect_vocabulary", + "aws_controltower_control", + "aws_controltower_landing_zone", + "aws_costoptimizationhub_enrollment_status", + "aws_costoptimizationhub_preferences", + "aws_cur_report_definition", + "aws_customer_gateway", + "aws_customerprofiles_domain", + "aws_customerprofiles_profile", + "aws_dataexchange_data_set", + "aws_dataexchange_revision", + "aws_datapipeline_pipeline", + "aws_datapipeline_pipeline_definition", + "aws_datasync_agent", + "aws_datasync_location_azure_blob", + "aws_datasync_location_efs", + "aws_datasync_location_fsx_lustre_file_system", + "aws_datasync_location_fsx_ontap_file_system", + "aws_datasync_location_fsx_openzfs_file_system", + "aws_datasync_location_fsx_windows_file_system", + "aws_datasync_location_hdfs", + "aws_datasync_location_nfs", + "aws_datasync_location_object_storage", + "aws_datasync_location_s3", + "aws_datasync_location_smb", + "aws_datasync_task", + "aws_datazone_asset_type", + "aws_datazone_domain", + "aws_datazone_environment", + "aws_datazone_environment_blueprint_configuration", + "aws_datazone_environment_profile", + "aws_datazone_form_type", + "aws_datazone_glossary", + "aws_datazone_glossary_term", + "aws_datazone_project", + "aws_datazone_user_profile", + "aws_dax_cluster", + "aws_dax_parameter_group", + "aws_dax_subnet_group", + "aws_db_cluster_snapshot", + "aws_db_event_subscription", + "aws_db_instance", + "aws_db_instance_automated_backups_replication", + "aws_db_instance_role_association", + "aws_db_option_group", + "aws_db_parameter_group", + "aws_db_proxy", + "aws_db_proxy_default_target_group", + "aws_db_proxy_endpoint", + "aws_db_proxy_target", + "aws_db_snapshot", + "aws_db_snapshot_copy", + "aws_db_subnet_group", + "aws_default_network_acl", + "aws_default_route_table", + "aws_default_security_group", + "aws_default_subnet", + "aws_default_vpc", + "aws_default_vpc_dhcp_options", + "aws_detective_graph", + "aws_detective_invitation_accepter", + "aws_detective_member", + "aws_detective_organization_admin_account", + "aws_detective_organization_configuration", + "aws_devicefarm_device_pool", + "aws_devicefarm_instance_profile", + "aws_devicefarm_network_profile", + "aws_devicefarm_project", + "aws_devicefarm_upload", + "aws_devopsguru_event_sources_config", + "aws_devopsguru_notification_channel", + "aws_devopsguru_resource_collection", + "aws_devopsguru_service_integration", + "aws_directory_service_conditional_forwarder", + "aws_directory_service_directory", + "aws_directory_service_log_subscription", + "aws_directory_service_radius_settings", + "aws_directory_service_region", + "aws_directory_service_shared_directory", + "aws_directory_service_shared_directory_accepter", + "aws_directory_service_trust", + "aws_dlm_lifecycle_policy", + "aws_dms_certificate", + "aws_dms_endpoint", + "aws_dms_event_subscription", + "aws_dms_replication_config", + "aws_dms_replication_instance", + "aws_dms_replication_subnet_group", + "aws_dms_replication_task", + "aws_dms_s3_endpoint", + "aws_docdb_cluster", + "aws_docdb_cluster_instance", + "aws_docdb_cluster_parameter_group", + "aws_docdb_cluster_snapshot", + "aws_docdb_event_subscription", + "aws_docdb_global_cluster", + "aws_docdb_subnet_group", + "aws_docdbelastic_cluster", + "aws_drs_replication_configuration_template", + "aws_dx_bgp_peer", + "aws_dx_connection", + "aws_dx_connection_association", + "aws_dx_connection_confirmation", + "aws_dx_gateway", + "aws_dx_gateway_association", + "aws_dx_gateway_association_proposal", + "aws_dx_hosted_connection", + "aws_dx_hosted_private_virtual_interface", + "aws_dx_hosted_private_virtual_interface_accepter", + "aws_dx_hosted_public_virtual_interface", + "aws_dx_hosted_public_virtual_interface_accepter", + "aws_dx_hosted_transit_virtual_interface", + "aws_dx_hosted_transit_virtual_interface_accepter", + "aws_dx_lag", + "aws_dx_macsec_key_association", + "aws_dx_private_virtual_interface", + "aws_dx_public_virtual_interface", + "aws_dx_transit_virtual_interface", + "aws_dynamodb_contributor_insights", + "aws_dynamodb_global_table", + "aws_dynamodb_kinesis_streaming_destination", + "aws_dynamodb_resource_policy", + "aws_dynamodb_table", + "aws_dynamodb_table_export", + "aws_dynamodb_table_item", + "aws_dynamodb_table_replica", + "aws_dynamodb_tag", + "aws_ebs_default_kms_key", + "aws_ebs_encryption_by_default", + "aws_ebs_fast_snapshot_restore", + "aws_ebs_snapshot", + "aws_ebs_snapshot_block_public_access", + "aws_ebs_snapshot_copy", + "aws_ebs_snapshot_import", + "aws_ebs_volume", + "aws_ec2_availability_zone_group", + "aws_ec2_capacity_block_reservation", + "aws_ec2_capacity_reservation", + "aws_ec2_carrier_gateway", + "aws_ec2_client_vpn_authorization_rule", + "aws_ec2_client_vpn_endpoint", + "aws_ec2_client_vpn_network_association", + "aws_ec2_client_vpn_route", + "aws_ec2_fleet", + "aws_ec2_host", + "aws_ec2_image_block_public_access", + "aws_ec2_instance", + "aws_ec2_instance_connect_endpoint", + "aws_ec2_instance_metadata_defaults", + "aws_ec2_instance_state", + "aws_ec2_local_gateway_route", + "aws_ec2_local_gateway_route_table_vpc_association", + "aws_ec2_managed_prefix_list", + "aws_ec2_managed_prefix_list_entry", + "aws_ec2_network_insights_analysis", + "aws_ec2_network_insights_path", + "aws_ec2_serial_console_access", + "aws_ec2_subnet_cidr_reservation", + "aws_ec2_tag", + "aws_ec2_traffic_mirror_filter", + "aws_ec2_traffic_mirror_filter_rule", + "aws_ec2_traffic_mirror_session", + "aws_ec2_traffic_mirror_target", + "aws_ec2_transit_gateway", + "aws_ec2_transit_gateway_connect", + "aws_ec2_transit_gateway_connect_peer", + "aws_ec2_transit_gateway_default_route_table_association", + "aws_ec2_transit_gateway_default_route_table_propagation", + "aws_ec2_transit_gateway_multicast_domain", + "aws_ec2_transit_gateway_multicast_domain_association", + "aws_ec2_transit_gateway_multicast_group_member", + "aws_ec2_transit_gateway_multicast_group_source", + "aws_ec2_transit_gateway_peering_attachment", + "aws_ec2_transit_gateway_peering_attachment_accepter", + "aws_ec2_transit_gateway_policy_table", + "aws_ec2_transit_gateway_policy_table_association", + "aws_ec2_transit_gateway_prefix_list_reference", + "aws_ec2_transit_gateway_route", + "aws_ec2_transit_gateway_route_table", + "aws_ec2_transit_gateway_route_table_association", + "aws_ec2_transit_gateway_route_table_propagation", + "aws_ec2_transit_gateway_vpc_attachment", + "aws_ec2_transit_gateway_vpc_attachment_accepter", + "aws_ecr_account_setting", + "aws_ecr_lifecycle_policy", + "aws_ecr_pull_through_cache_rule", + "aws_ecr_registry_policy", + "aws_ecr_registry_scanning_configuration", + "aws_ecr_replication_configuration", + "aws_ecr_repository", + "aws_ecr_repository_creation_template", + "aws_ecr_repository_policy", + "aws_ecrpublic_repository", + "aws_ecrpublic_repository_policy", + "aws_ecs_account_setting_default", + "aws_ecs_capacity_provider", + "aws_ecs_cluster", + "aws_ecs_cluster_capacity_providers", + "aws_ecs_service", + "aws_ecs_tag", + "aws_ecs_task_definition", + "aws_ecs_task_set", + "aws_efs_access_point", + "aws_efs_backup_policy", + "aws_efs_file_system", + "aws_efs_file_system_policy", + "aws_efs_mount_target", + "aws_efs_replication_configuration", + "aws_egress_only_internet_gateway", + "aws_eip", + "aws_eip_association", + "aws_eip_domain_name", + "aws_eks_access_entry", + "aws_eks_access_policy_association", + "aws_eks_addon", + "aws_eks_cluster", + "aws_eks_fargate_profile", + "aws_eks_identity_provider_config", + "aws_eks_node_group", + "aws_eks_pod_identity_association", + "aws_elastic_beanstalk_application", + "aws_elastic_beanstalk_application_version", + "aws_elastic_beanstalk_configuration_template", + "aws_elastic_beanstalk_environment", + "aws_elasticache_cluster", + "aws_elasticache_global_replication_group", + "aws_elasticache_parameter_group", + "aws_elasticache_replication_group", + "aws_elasticache_reserved_cache_node", + "aws_elasticache_serverless_cache", + "aws_elasticache_subnet_group", + "aws_elasticache_user", + "aws_elasticache_user_group", + "aws_elasticache_user_group_association", + "aws_elasticsearch_domain", + "aws_elasticsearch_domain_policy", + "aws_elasticsearch_domain_saml_options", + "aws_elasticsearch_vpc_endpoint", + "aws_elastictranscoder_pipeline", + "aws_elastictranscoder_preset", + "aws_elb", + "aws_elb_attachment", + "aws_emr_block_public_access_configuration", + "aws_emr_cluster", + "aws_emr_instance_fleet", + "aws_emr_instance_group", + "aws_emr_managed_scaling_policy", + "aws_emr_security_configuration", + "aws_emr_studio", + "aws_emr_studio_session_mapping", + "aws_emrcontainers_job_template", + "aws_emrcontainers_virtual_cluster", + "aws_emrserverless_application", + "aws_evidently_feature", + "aws_evidently_launch", + "aws_evidently_project", + "aws_evidently_segment", + "aws_finspace_kx_cluster", + "aws_finspace_kx_database", + "aws_finspace_kx_dataview", + "aws_finspace_kx_environment", + "aws_finspace_kx_scaling_group", + "aws_finspace_kx_user", + "aws_finspace_kx_volume", + "aws_fis_experiment_template", + "aws_flow_log", + "aws_fms_admin_account", + "aws_fms_policy", + "aws_fms_resource_set", + "aws_fsx_backup", + "aws_fsx_data_repository_association", + "aws_fsx_file_cache", + "aws_fsx_lustre_file_system", + "aws_fsx_ontap_file_system", + "aws_fsx_ontap_storage_virtual_machine", + "aws_fsx_ontap_volume", + "aws_fsx_openzfs_file_system", + "aws_fsx_openzfs_snapshot", + "aws_fsx_openzfs_volume", + "aws_fsx_windows_file_system", + "aws_gamelift_alias", + "aws_gamelift_build", + "aws_gamelift_fleet", + "aws_gamelift_game_server_group", + "aws_gamelift_game_session_queue", + "aws_gamelift_script", + "aws_glacier_vault", + "aws_glacier_vault_lock", + "aws_globalaccelerator_accelerator", + "aws_globalaccelerator_cross_account_attachment", + "aws_globalaccelerator_custom_routing_accelerator", + "aws_globalaccelerator_custom_routing_endpoint_group", + "aws_globalaccelerator_custom_routing_listener", + "aws_globalaccelerator_endpoint_group", + "aws_globalaccelerator_listener", + "aws_glue_catalog_database", + "aws_glue_catalog_table", + "aws_glue_catalog_table_optimizer", + "aws_glue_classifier", + "aws_glue_connection", + "aws_glue_crawler", + "aws_glue_data_catalog_encryption_settings", + "aws_glue_data_quality_ruleset", + "aws_glue_dev_endpoint", + "aws_glue_job", + "aws_glue_ml_transform", + "aws_glue_partition", + "aws_glue_partition_index", + "aws_glue_registry", + "aws_glue_resource_policy", + "aws_glue_schema", + "aws_glue_security_configuration", + "aws_glue_trigger", + "aws_glue_user_defined_function", + "aws_glue_workflow", + "aws_grafana_license_association", + "aws_grafana_role_association", + "aws_grafana_workspace", + "aws_grafana_workspace_api_key", + "aws_grafana_workspace_saml_configuration", + "aws_grafana_workspace_service_account", + "aws_grafana_workspace_service_account_token", + "aws_guardduty_detector", + "aws_guardduty_detector_feature", + "aws_guardduty_filter", + "aws_guardduty_invite_accepter", + "aws_guardduty_ipset", + "aws_guardduty_malware_protection_plan", + "aws_guardduty_member", + "aws_guardduty_member_detector_feature", + "aws_guardduty_organization_admin_account", + "aws_guardduty_organization_configuration", + "aws_guardduty_organization_configuration_feature", + "aws_guardduty_publishing_destination", + "aws_guardduty_threatintelset", + "aws_iam_access_key", + "aws_iam_account_alias", + "aws_iam_account_password_policy", + "aws_iam_group", + "aws_iam_group_membership", + "aws_iam_group_policies_exclusive", + "aws_iam_group_policy", + "aws_iam_group_policy_attachment", + "aws_iam_group_policy_attachments_exclusive", + "aws_iam_instance_profile", + "aws_iam_openid_connect_provider", + "aws_iam_organizations_features", + "aws_iam_policy", + "aws_iam_policy_attachment", + "aws_iam_role", + "aws_iam_role_policies_exclusive", + "aws_iam_role_policy", + "aws_iam_role_policy_attachment", + "aws_iam_role_policy_attachments_exclusive", + "aws_iam_saml_provider", + "aws_iam_security_token_service_preferences", + "aws_iam_server_certificate", + "aws_iam_service_linked_role", + "aws_iam_service_specific_credential", + "aws_iam_signing_certificate", + "aws_iam_user", + "aws_iam_user_group_membership", + "aws_iam_user_login_profile", + "aws_iam_user_policies_exclusive", + "aws_iam_user_policy", + "aws_iam_user_policy_attachment", + "aws_iam_user_policy_attachments_exclusive", + "aws_iam_user_ssh_key", + "aws_iam_virtual_mfa_device", + "aws_identitystore_group", + "aws_identitystore_group_membership", + "aws_identitystore_user", + "aws_imagebuilder_component", + "aws_imagebuilder_container_recipe", + "aws_imagebuilder_distribution_configuration", + "aws_imagebuilder_image", + "aws_imagebuilder_image_pipeline", + "aws_imagebuilder_image_recipe", + "aws_imagebuilder_infrastructure_configuration", + "aws_imagebuilder_lifecycle_policy", + "aws_imagebuilder_workflow", + "aws_inspector2_delegated_admin_account", + "aws_inspector2_enabler", + "aws_inspector2_member_association", + "aws_inspector2_organization_configuration", + "aws_inspector_assessment_target", + "aws_inspector_assessment_template", + "aws_inspector_resource_group", + "aws_instance", + "aws_internet_gateway", + "aws_internet_gateway_attachment", + "aws_internetmonitor_monitor", + "aws_iot_authorizer", + "aws_iot_billing_group", + "aws_iot_ca_certificate", + "aws_iot_certificate", + "aws_iot_domain_configuration", + "aws_iot_event_configurations", + "aws_iot_indexing_configuration", + "aws_iot_logging_options", + "aws_iot_policy", + "aws_iot_policy_attachment", + "aws_iot_provisioning_template", + "aws_iot_role_alias", + "aws_iot_thing", + "aws_iot_thing_group", + "aws_iot_thing_group_membership", + "aws_iot_thing_principal_attachment", + "aws_iot_thing_type", + "aws_iot_topic_rule", + "aws_iot_topic_rule_destination", + "aws_ivs_channel", + "aws_ivs_playback_key_pair", + "aws_ivs_recording_configuration", + "aws_ivschat_logging_configuration", + "aws_ivschat_room", + "aws_kendra_data_source", + "aws_kendra_experience", + "aws_kendra_faq", + "aws_kendra_index", + "aws_kendra_query_suggestions_block_list", + "aws_kendra_thesaurus", + "aws_key_pair", + "aws_keyspaces_keyspace", + "aws_keyspaces_table", + "aws_kinesis_analytics_application", + "aws_kinesis_firehose_delivery_stream", + "aws_kinesis_resource_policy", + "aws_kinesis_stream", + "aws_kinesis_stream_consumer", + "aws_kinesis_video_stream", + "aws_kinesisanalyticsv2_application", + "aws_kinesisanalyticsv2_application_snapshot", + "aws_kms_alias", + "aws_kms_ciphertext", + "aws_kms_custom_key_store", + "aws_kms_external_key", + "aws_kms_grant", + "aws_kms_key", + "aws_kms_key_policy", + "aws_kms_replica_external_key", + "aws_kms_replica_key", + "aws_lakeformation_data_cells_filter", + "aws_lakeformation_data_lake_settings", + "aws_lakeformation_lf_tag", + "aws_lakeformation_permissions", + "aws_lakeformation_resource", + "aws_lakeformation_resource_lf_tag", + "aws_lakeformation_resource_lf_tags", + "aws_lambda_alias", + "aws_lambda_code_signing_config", + "aws_lambda_event_source_mapping", + "aws_lambda_function", + "aws_lambda_function_event_invoke_config", + "aws_lambda_function_recursion_config", + "aws_lambda_function_url", + "aws_lambda_invocation", + "aws_lambda_layer_version", + "aws_lambda_layer_version_permission", + "aws_lambda_permission", + "aws_lambda_provisioned_concurrency_config", + "aws_lambda_runtime_management_config", + "aws_launch_configuration", + "aws_launch_template", + "aws_lb", + "aws_lb_cookie_stickiness_policy", + "aws_lb_listener", + "aws_lb_listener_certificate", + "aws_lb_listener_rule", + "aws_lb_ssl_negotiation_policy", + "aws_lb_target_group", + "aws_lb_target_group_attachment", + "aws_lb_trust_store", + "aws_lb_trust_store_revocation", + "aws_lex_bot", + "aws_lex_bot_alias", + "aws_lex_intent", + "aws_lex_slot_type", + "aws_lexv2models_bot", + "aws_lexv2models_bot_locale", + "aws_lexv2models_bot_version", + "aws_lexv2models_intent", + "aws_lexv2models_slot", + "aws_lexv2models_slot_type", + "aws_licensemanager_association", + "aws_licensemanager_grant", + "aws_licensemanager_grant_accepter", + "aws_licensemanager_license_configuration", + "aws_lightsail_bucket", + "aws_lightsail_bucket_access_key_access_key", + "aws_lightsail_bucket_resource_access", + "aws_lightsail_certificate", + "aws_lightsail_container_service", + "aws_lightsail_container_service_deployment_version", + "aws_lightsail_database", + "aws_lightsail_disk", + "aws_lightsail_disk_attachment", + "aws_lightsail_distribution", + "aws_lightsail_domain", + "aws_lightsail_domain_entry", + "aws_lightsail_instance", + "aws_lightsail_instance_public_ports", + "aws_lightsail_key_pair", + "aws_lightsail_lb", + "aws_lightsail_lb_attachment", + "aws_lightsail_lb_certificate", + "aws_lightsail_lb_certificate_attachment", + "aws_lightsail_lb_https_redirection_policy", + "aws_lightsail_lb_stickiness_policy", + "aws_lightsail_static_ip", + "aws_lightsail_static_ip_attachment", + "aws_load_balancer_backend_server_policy", + "aws_load_balancer_listener_policy", + "aws_load_balancer_policy", + "aws_location_geofence_collection", + "aws_location_map", + "aws_location_place_index", + "aws_location_route_calculator", + "aws_location_tracker", + "aws_location_tracker_association", + "aws_m2_application", + "aws_m2_deployment", + "aws_m2_environment", + "aws_macie2_account", + "aws_macie2_classification_export_configuration", + "aws_macie2_classification_job", + "aws_macie2_custom_data_identifier", + "aws_macie2_findings_filter", + "aws_macie2_invitation_accepter", + "aws_macie2_member", + "aws_macie2_organization_admin_account", + "aws_main_route_table_association", + "aws_media_convert_queue", + "aws_media_package_channel", + "aws_media_packagev2_channel_group", + "aws_media_store_container", + "aws_media_store_container_policy", + "aws_medialive_channel", + "aws_medialive_input", + "aws_medialive_input_security_group", + "aws_medialive_multiplex", + "aws_medialive_multiplex_program", + "aws_memorydb_acl", + "aws_memorydb_cluster", + "aws_memorydb_multi_region_cluster", + "aws_memorydb_parameter_group", + "aws_memorydb_snapshot", + "aws_memorydb_subnet_group", + "aws_memorydb_user", + "aws_mq_broker", + "aws_mq_configuration", + "aws_msk_cluster", + "aws_msk_cluster_policy", + "aws_msk_configuration", + "aws_msk_replicator", + "aws_msk_scram_secret_association", + "aws_msk_serverless_cluster", + "aws_msk_single_scram_secret_association", + "aws_msk_vpc_connection", + "aws_mskconnect_connector", + "aws_mskconnect_custom_plugin", + "aws_mskconnect_worker_configuration", + "aws_mwaa_environment", + "aws_nat_gateway", + "aws_neptune_cluster", + "aws_neptune_cluster_endpoint", + "aws_neptune_cluster_instance", + "aws_neptune_cluster_parameter_group", + "aws_neptune_cluster_snapshot", + "aws_neptune_event_subscription", + "aws_neptune_global_cluster", + "aws_neptune_parameter_group", + "aws_neptune_subnet_group", + "aws_network_acl", + "aws_network_acl_association", + "aws_network_acl_rule", + "aws_network_interface", + "aws_network_interface_attachment", + "aws_network_interface_sg_attachment", + "aws_networkfirewall_firewall", + "aws_networkfirewall_firewall_policy", + "aws_networkfirewall_logging_configuration", + "aws_networkfirewall_resource_policy", + "aws_networkfirewall_rule_group", + "aws_networkfirewall_tls_inspection_configuration", + "aws_networkmanager_attachment_accepter", + "aws_networkmanager_connect_attachment", + "aws_networkmanager_connect_peer", + "aws_networkmanager_connection", + "aws_networkmanager_core_network", + "aws_networkmanager_core_network_policy_attachment", + "aws_networkmanager_customer_gateway_association", + "aws_networkmanager_device", + "aws_networkmanager_dx_gateway_attachment", + "aws_networkmanager_global_network", + "aws_networkmanager_link", + "aws_networkmanager_link_association", + "aws_networkmanager_site", + "aws_networkmanager_site_to_site_vpn_attachment", + "aws_networkmanager_transit_gateway_connect_peer_association", + "aws_networkmanager_transit_gateway_peering", + "aws_networkmanager_transit_gateway_registration", + "aws_networkmanager_transit_gateway_route_table_attachment", + "aws_networkmanager_vpc_attachment", + "aws_networkmonitor_monitor", + "aws_networkmonitor_probe", + "aws_oam_link", + "aws_oam_sink", + "aws_oam_sink_policy", + "aws_opensearch_authorize_vpc_endpoint_access", + "aws_opensearch_domain", + "aws_opensearch_domain_policy", + "aws_opensearch_domain_saml_options", + "aws_opensearch_inbound_connection_accepter", + "aws_opensearch_outbound_connection", + "aws_opensearch_package", + "aws_opensearch_package_association", + "aws_opensearch_vpc_endpoint", + "aws_opensearchserverless_access_policy", + "aws_opensearchserverless_collection", + "aws_opensearchserverless_lifecycle_policy", + "aws_opensearchserverless_security_config", + "aws_opensearchserverless_security_policy", + "aws_opensearchserverless_vpc_endpoint", + "aws_opsworks_application", + "aws_opsworks_custom_layer", + "aws_opsworks_ecs_cluster_layer", + "aws_opsworks_ganglia_layer", + "aws_opsworks_haproxy_layer", + "aws_opsworks_instance", + "aws_opsworks_java_app_layer", + "aws_opsworks_memcached_layer", + "aws_opsworks_mysql_layer", + "aws_opsworks_nodejs_app_layer", + "aws_opsworks_permission", + "aws_opsworks_php_app_layer", + "aws_opsworks_rails_app_layer", + "aws_opsworks_rds_db_instance", + "aws_opsworks_stack", + "aws_opsworks_static_web_layer", + "aws_opsworks_user_profile", + "aws_organizations_account", + "aws_organizations_delegated_administrator", + "aws_organizations_organization", + "aws_organizations_organizational_unit", + "aws_organizations_policy", + "aws_organizations_policy_attachment", + "aws_organizations_resource_policy", + "aws_osis_pipeline", + "aws_paymentcryptography_key", + "aws_paymentcryptography_key_alias", + "aws_pinpoint_adm_channel", + "aws_pinpoint_apns_channel", + "aws_pinpoint_apns_sandbox_channel", + "aws_pinpoint_apns_voip_channel", + "aws_pinpoint_apns_voip_sandbox_channel", + "aws_pinpoint_app", + "aws_pinpoint_baidu_channel", + "aws_pinpoint_email_channel", + "aws_pinpoint_email_template", + "aws_pinpoint_event_stream", + "aws_pinpoint_gcm_channel", + "aws_pinpoint_sms_channel", + "aws_pinpointsmsvoicev2_configuration_set", + "aws_pinpointsmsvoicev2_opt_out_list", + "aws_pinpointsmsvoicev2_phone_number", + "aws_pipes_pipe", + "aws_placement_group", + "aws_prometheus_alert_manager_definition", + "aws_prometheus_rule_group_namespace", + "aws_prometheus_scraper", + "aws_prometheus_workspace", + "aws_proxy_protocol_policy", + "aws_qldb_ledger", + "aws_qldb_stream", + "aws_quicksight_account_subscription", + "aws_quicksight_analysis", + "aws_quicksight_dashboard", + "aws_quicksight_data_set", + "aws_quicksight_data_source", + "aws_quicksight_folder", + "aws_quicksight_folder_membership", + "aws_quicksight_group", + "aws_quicksight_group_membership", + "aws_quicksight_iam_policy_assignment", + "aws_quicksight_ingestion", + "aws_quicksight_namespace", + "aws_quicksight_refresh_schedule", + "aws_quicksight_template", + "aws_quicksight_template_alias", + "aws_quicksight_theme", + "aws_quicksight_user", + "aws_quicksight_vpc_connection", + "aws_ram_principal_association", + "aws_ram_resource_association", + "aws_ram_resource_share", + "aws_ram_resource_share_accepter", + "aws_ram_sharing_with_organization", + "aws_rbin_rule", + "aws_rds_certificate", + "aws_rds_cluster", + "aws_rds_cluster_activity_stream", + "aws_rds_cluster_endpoint", + "aws_rds_cluster_instance", + "aws_rds_cluster_parameter_group", + "aws_rds_cluster_role_association", + "aws_rds_cluster_snapshot_copy", + "aws_rds_custom_db_engine_version", + "aws_rds_export_task", + "aws_rds_global_cluster", + "aws_rds_instance_state", + "aws_rds_integration", + "aws_rds_reserved_instance", + "aws_redshift_authentication_profile", + "aws_redshift_cluster", + "aws_redshift_cluster_iam_roles", + "aws_redshift_cluster_snapshot", + "aws_redshift_data_share_authorization", + "aws_redshift_data_share_consumer_association", + "aws_redshift_endpoint_access", + "aws_redshift_endpoint_authorization", + "aws_redshift_event_subscription", + "aws_redshift_hsm_client_certificate", + "aws_redshift_hsm_configuration", + "aws_redshift_logging", + "aws_redshift_parameter_group", + "aws_redshift_partner", + "aws_redshift_resource_policy", + "aws_redshift_scheduled_action", + "aws_redshift_snapshot_copy", + "aws_redshift_snapshot_copy_grant", + "aws_redshift_snapshot_schedule", + "aws_redshift_snapshot_schedule_association", + "aws_redshift_subnet_group", + "aws_redshift_usage_limit", + "aws_redshiftdata_statement", + "aws_redshiftserverless_custom_domain_association", + "aws_redshiftserverless_endpoint_access", + "aws_redshiftserverless_namespace", + "aws_redshiftserverless_resource_policy", + "aws_redshiftserverless_snapshot", + "aws_redshiftserverless_usage_limit", + "aws_redshiftserverless_workgroup", + "aws_rekognition_collection", + "aws_rekognition_project", + "aws_rekognition_stream_processor", + "aws_resiliencehub_resiliency_policy", + "aws_resourceexplorer2_index", + "aws_resourceexplorer2_view", + "aws_resourcegroups_group", + "aws_resourcegroups_resource", + "aws_rolesanywhere_profile", + "aws_rolesanywhere_trust_anchor", + "aws_route", + "aws_route53_cidr_collection", + "aws_route53_cidr_location", + "aws_route53_delegation_set", + "aws_route53_health_check", + "aws_route53_hosted_zone_dnssec", + "aws_route53_key_signing_key", + "aws_route53_query_log", + "aws_route53_record", + "aws_route53_resolver_config", + "aws_route53_resolver_dnssec_config", + "aws_route53_resolver_endpoint", + "aws_route53_resolver_firewall_config", + "aws_route53_resolver_firewall_domain_list", + "aws_route53_resolver_firewall_rule", + "aws_route53_resolver_firewall_rule_group", + "aws_route53_resolver_firewall_rule_group_association", + "aws_route53_resolver_query_log_config", + "aws_route53_resolver_query_log_config_association", + "aws_route53_resolver_rule", + "aws_route53_resolver_rule_association", + "aws_route53_traffic_policy", + "aws_route53_traffic_policy_instance", + "aws_route53_vpc_association_authorization", + "aws_route53_zone", + "aws_route53_zone_association", + "aws_route53domains_delegation_signer_record", + "aws_route53domains_domain", + "aws_route53domains_registered_domain", + "aws_route53profiles_association", + "aws_route53profiles_profile", + "aws_route53profiles_resource_association", + "aws_route53recoverycontrolconfig_cluster", + "aws_route53recoverycontrolconfig_control_panel", + "aws_route53recoverycontrolconfig_routing_control", + "aws_route53recoverycontrolconfig_safety_rule", + "aws_route53recoveryreadiness_cell", + "aws_route53recoveryreadiness_readiness_check", + "aws_route53recoveryreadiness_recovery_group", + "aws_route53recoveryreadiness_resource_set", + "aws_route_table", + "aws_route_table_association", + "aws_rum_app_monitor", + "aws_rum_metrics_destination", + "aws_s3_access_point", + "aws_s3_account_public_access_block", + "aws_s3_bucket", + "aws_s3_bucket_accelerate_configuration", + "aws_s3_bucket_acl", + "aws_s3_bucket_analytics_configuration", + "aws_s3_bucket_cors_configuration", + "aws_s3_bucket_intelligent_tiering_configuration", + "aws_s3_bucket_inventory", + "aws_s3_bucket_lifecycle_configuration", + "aws_s3_bucket_logging", + "aws_s3_bucket_metric", + "aws_s3_bucket_notification", + "aws_s3_bucket_object", + "aws_s3_bucket_object_lock_configuration", + "aws_s3_bucket_ownership_controls", + "aws_s3_bucket_policy", + "aws_s3_bucket_public_access_block", + "aws_s3_bucket_replication_configuration", + "aws_s3_bucket_request_payment_configuration", + "aws_s3_bucket_server_side_encryption_configuration", + "aws_s3_bucket_versioning", + "aws_s3_bucket_website_configuration", + "aws_s3_directory_bucket", + "aws_s3_object", + "aws_s3_object_copy", + "aws_s3control_access_grant", + "aws_s3control_access_grants_instance", + "aws_s3control_access_grants_instance_resource_policy", + "aws_s3control_access_grants_location", + "aws_s3control_access_point_policy", + "aws_s3control_bucket", + "aws_s3control_bucket_lifecycle_configuration", + "aws_s3control_bucket_policy", + "aws_s3control_multi_region_access_point", + "aws_s3control_multi_region_access_point_policy", + "aws_s3control_object_lambda_access_point", + "aws_s3control_object_lambda_access_point_policy", + "aws_s3control_storage_lens_configuration", + "aws_s3outposts_endpoint", + "aws_s3tables_namespace", + "aws_s3tables_table", + "aws_s3tables_table_bucket", + "aws_s3tables_table_bucket_policy", + "aws_s3tables_table_policy", + "aws_sagemaker_app", + "aws_sagemaker_app_image_config", + "aws_sagemaker_code_repository", + "aws_sagemaker_data_quality_job_definition", + "aws_sagemaker_device", + "aws_sagemaker_device_fleet", + "aws_sagemaker_domain", + "aws_sagemaker_endpoint", + "aws_sagemaker_endpoint_configuration", + "aws_sagemaker_feature_group", + "aws_sagemaker_flow_definition", + "aws_sagemaker_hub", + "aws_sagemaker_human_task_ui", + "aws_sagemaker_image", + "aws_sagemaker_image_version", + "aws_sagemaker_mlflow_tracking_server", + "aws_sagemaker_model", + "aws_sagemaker_model_package_group", + "aws_sagemaker_model_package_group_policy", + "aws_sagemaker_monitoring_schedule", + "aws_sagemaker_notebook_instance", + "aws_sagemaker_notebook_instance_lifecycle_configuration", + "aws_sagemaker_pipeline", + "aws_sagemaker_project", + "aws_sagemaker_servicecatalog_portfolio_status", + "aws_sagemaker_space", + "aws_sagemaker_studio_lifecycle_config", + "aws_sagemaker_user_profile", + "aws_sagemaker_workforce", + "aws_sagemaker_workteam", + "aws_scheduler_schedule", + "aws_scheduler_schedule_group", + "aws_schemas_discoverer", + "aws_schemas_registry", + "aws_schemas_registry_policy", + "aws_schemas_schema", + "aws_secretsmanager_secret", + "aws_secretsmanager_secret_policy", + "aws_secretsmanager_secret_rotation", + "aws_secretsmanager_secret_version", + "aws_security_group", + "aws_security_group_rule", + "aws_securityhub_account", + "aws_securityhub_action_target", + "aws_securityhub_automation_rule", + "aws_securityhub_configuration_policy", + "aws_securityhub_configuration_policy_association", + "aws_securityhub_finding_aggregator", + "aws_securityhub_insight", + "aws_securityhub_invite_accepter", + "aws_securityhub_member", + "aws_securityhub_organization_admin_account", + "aws_securityhub_organization_configuration", + "aws_securityhub_product_subscription", + "aws_securityhub_standards_control", + "aws_securityhub_standards_control_association", + "aws_securityhub_standards_subscription", + "aws_securitylake_aws_log_source", + "aws_securitylake_custom_log_source", + "aws_securitylake_data_lake", + "aws_securitylake_subscriber", + "aws_securitylake_subscriber_notification", + "aws_serverlessapplicationrepository_cloudformation_stack", + "aws_service_discovery_http_namespace", + "aws_service_discovery_instance", + "aws_service_discovery_private_dns_namespace", + "aws_service_discovery_public_dns_namespace", + "aws_service_discovery_service", + "aws_servicecatalog_budget_resource_association", + "aws_servicecatalog_constraint", + "aws_servicecatalog_organizations_access", + "aws_servicecatalog_portfolio", + "aws_servicecatalog_portfolio_share", + "aws_servicecatalog_principal_portfolio_association", + "aws_servicecatalog_product", + "aws_servicecatalog_product_portfolio_association", + "aws_servicecatalog_provisioned_product", + "aws_servicecatalog_provisioning_artifact", + "aws_servicecatalog_service_action", + "aws_servicecatalog_tag_option", + "aws_servicecatalog_tag_option_resource_association", + "aws_servicecatalogappregistry_application", + "aws_servicecatalogappregistry_attribute_group", + "aws_servicecatalogappregistry_attribute_group_association", + "aws_servicequotas_service_quota", + "aws_servicequotas_template", + "aws_servicequotas_template_association", + "aws_ses_active_receipt_rule_set", + "aws_ses_configuration_set", + "aws_ses_domain_dkim", + "aws_ses_domain_identity", + "aws_ses_domain_identity_verification", + "aws_ses_domain_mail_from", + "aws_ses_email_identity", + "aws_ses_event_destination", + "aws_ses_identity_notification_topic", + "aws_ses_identity_policy", + "aws_ses_receipt_filter", + "aws_ses_receipt_rule", + "aws_ses_receipt_rule_set", + "aws_ses_template", + "aws_sesv2_account_suppression_attributes", + "aws_sesv2_account_vdm_attributes", + "aws_sesv2_configuration_set", + "aws_sesv2_configuration_set_event_destination", + "aws_sesv2_contact_list", + "aws_sesv2_dedicated_ip_assignment", + "aws_sesv2_dedicated_ip_pool", + "aws_sesv2_email_identity", + "aws_sesv2_email_identity_feedback_attributes", + "aws_sesv2_email_identity_mail_from_attributes", + "aws_sesv2_email_identity_policy", + "aws_sfn_activity", + "aws_sfn_alias", + "aws_sfn_state_machine", + "aws_shield_application_layer_automatic_response", + "aws_shield_drt_access_log_bucket_association", + "aws_shield_drt_access_role_arn_association", + "aws_shield_proactive_engagement", + "aws_shield_protection", + "aws_shield_protection_group", + "aws_shield_protection_health_check_association", + "aws_shield_subscription", + "aws_signer_signing_job", + "aws_signer_signing_profile", + "aws_signer_signing_profile_permission", + "aws_simpledb_domain", + "aws_snapshot_create_volume_permission", + "aws_sns_platform_application", + "aws_sns_sms_preferences", + "aws_sns_topic", + "aws_sns_topic_data_protection_policy", + "aws_sns_topic_policy", + "aws_sns_topic_subscription", + "aws_spot_datafeed_subscription", + "aws_spot_fleet_request", + "aws_spot_instance_request", + "aws_sqs_queue", + "aws_sqs_queue_policy", + "aws_sqs_queue_redrive_allow_policy", + "aws_sqs_queue_redrive_policy", + "aws_ssm_activation", + "aws_ssm_association", + "aws_ssm_default_patch_baseline", + "aws_ssm_document", + "aws_ssm_maintenance_window", + "aws_ssm_maintenance_window_target", + "aws_ssm_maintenance_window_task", + "aws_ssm_parameter", + "aws_ssm_patch_baseline", + "aws_ssm_patch_group", + "aws_ssm_resource_data_sync", + "aws_ssm_service_setting", + "aws_ssmcontacts_contact", + "aws_ssmcontacts_contact_channel", + "aws_ssmcontacts_plan", + "aws_ssmcontacts_rotation", + "aws_ssmincidents_replication_set", + "aws_ssmincidents_response_plan", + "aws_ssmquicksetup_configuration_manager", + "aws_ssoadmin_account_assignment", + "aws_ssoadmin_application", + "aws_ssoadmin_application_access_scope", + "aws_ssoadmin_application_assignment", + "aws_ssoadmin_application_assignment_configuration", + "aws_ssoadmin_customer_managed_policy_attachment", + "aws_ssoadmin_instance_access_control_attributes", + "aws_ssoadmin_managed_policy_attachment", + "aws_ssoadmin_permission_set", + "aws_ssoadmin_permission_set_inline_policy", + "aws_ssoadmin_permissions_boundary_attachment", + "aws_ssoadmin_trusted_token_issuer", + "aws_storagegateway_cache", + "aws_storagegateway_cached_iscsi_volume", + "aws_storagegateway_file_system_association", + "aws_storagegateway_gateway", + "aws_storagegateway_nfs_file_share", + "aws_storagegateway_smb_file_share", + "aws_storagegateway_stored_iscsi_volume", + "aws_storagegateway_tape_pool", + "aws_storagegateway_upload_buffer", + "aws_storagegateway_working_storage", + "aws_subnet", + "aws_swf_domain", + "aws_synthetics_canary", + "aws_synthetics_group", + "aws_synthetics_group_association", + "aws_timestreaminfluxdb_db_instance", + "aws_timestreamquery_scheduled_query", + "aws_timestreamwrite_database", + "aws_timestreamwrite_table", + "aws_transcribe_language_model", + "aws_transcribe_medical_vocabulary", + "aws_transcribe_vocabulary", + "aws_transcribe_vocabulary_filter", + "aws_transfer_access", + "aws_transfer_agreement", + "aws_transfer_certificate", + "aws_transfer_connector", + "aws_transfer_profile", + "aws_transfer_server", + "aws_transfer_ssh_key", + "aws_transfer_tag", + "aws_transfer_user", + "aws_transfer_workflow", + "aws_verifiedaccess_endpoint", + "aws_verifiedaccess_group", + "aws_verifiedaccess_instance", + "aws_verifiedaccess_instance_logging_configuration", + "aws_verifiedaccess_instance_trust_provider_attachment", + "aws_verifiedaccess_trust_provider", + "aws_verifiedpermissions_identity_source", + "aws_verifiedpermissions_policy", + "aws_verifiedpermissions_policy_store", + "aws_verifiedpermissions_policy_template", + "aws_verifiedpermissions_schema", + "aws_volume_attachment", + "aws_vpc", + "aws_vpc_block_public_access_exclusion", + "aws_vpc_block_public_access_options", + "aws_vpc_dhcp_options", + "aws_vpc_dhcp_options_association", + "aws_vpc_endpoint", + "aws_vpc_endpoint_connection_accepter", + "aws_vpc_endpoint_connection_notification", + "aws_vpc_endpoint_policy", + "aws_vpc_endpoint_private_dns", + "aws_vpc_endpoint_route_table_association", + "aws_vpc_endpoint_security_group_association", + "aws_vpc_endpoint_service", + "aws_vpc_endpoint_service_allowed_principal", + "aws_vpc_endpoint_service_private_dns_verification", + "aws_vpc_endpoint_subnet_association", + "aws_vpc_ipam", + "aws_vpc_ipam_organization_admin_account", + "aws_vpc_ipam_pool", + "aws_vpc_ipam_pool_cidr", + "aws_vpc_ipam_pool_cidr_allocation", + "aws_vpc_ipam_preview_next_cidr", + "aws_vpc_ipam_resource_discovery", + "aws_vpc_ipam_resource_discovery_association", + "aws_vpc_ipam_scope", + "aws_vpc_ipv4_cidr_block_association", + "aws_vpc_ipv6_cidr_block_association", + "aws_vpc_network_performance_metric_subscription", + "aws_vpc_peering_connection", + "aws_vpc_peering_connection_accepter", + "aws_vpc_peering_connection_options", + "aws_vpc_security_group_egress_rule", + "aws_vpc_security_group_ingress_rule", + "aws_vpc_security_group_vpc_association", + "aws_vpclattice_access_log_subscription", + "aws_vpclattice_auth_policy", + "aws_vpclattice_listener", + "aws_vpclattice_listener_rule", + "aws_vpclattice_resource_configuration", + "aws_vpclattice_resource_gateway", + "aws_vpclattice_resource_policy", + "aws_vpclattice_service", + "aws_vpclattice_service_network", + "aws_vpclattice_service_network_resource_association", + "aws_vpclattice_service_network_service_association", + "aws_vpclattice_service_network_vpc_association", + "aws_vpclattice_target_group", + "aws_vpclattice_target_group_attachment", + "aws_vpn_connection", + "aws_vpn_connection_route", + "aws_vpn_gateway", + "aws_vpn_gateway_attachment", + "aws_vpn_gateway_route_propagation", + "aws_waf_byte_match_set", + "aws_waf_geo_match_set", + "aws_waf_ipset", + "aws_waf_rate_based_rule", + "aws_waf_regex_match_set", + "aws_waf_regex_pattern_set", + "aws_waf_rule", + "aws_waf_rule_group", + "aws_waf_size_constraint_set", + "aws_waf_sql_injection_match_set", + "aws_waf_web_acl", + "aws_waf_xss_match_set", + "aws_wafregional_byte_match_set", + "aws_wafregional_geo_match_set", + "aws_wafregional_ipset", + "aws_wafregional_rate_based_rule", + "aws_wafregional_regex_match_set", + "aws_wafregional_regex_pattern_set", + "aws_wafregional_rule", + "aws_wafregional_rule_group", + "aws_wafregional_size_constraint_set", + "aws_wafregional_sql_injection_match_set", + "aws_wafregional_web_acl", + "aws_wafregional_web_acl_association", + "aws_wafregional_xss_match_set", + "aws_wafv2_ip_set", + "aws_wafv2_regex_pattern_set", + "aws_wafv2_rule_group", + "aws_wafv2_web_acl", + "aws_wafv2_web_acl_association", + "aws_wafv2_web_acl_logging_configuration", + "aws_worklink_fleet", + "aws_worklink_website_certificate_authority_association", + "aws_workspaces_connection_alias", + "aws_workspaces_directory", + "aws_workspaces_ip_group", + "aws_workspaces_workspace", + "aws_xray_encryption_config", + "aws_xray_group", + "aws_xray_sampling_rule" + ] +} diff --git a/src/parse/azurerm-members.json b/src/parse/azurerm-members.json index ee752f46..0ded5ab2 100755 --- a/src/parse/azurerm-members.json +++ b/src/parse/azurerm-members.json @@ -1,1422 +1,1422 @@ -{ - "resources": [ - "azurerm_aadb2c_directory", - "azurerm_active_directory_domain_service", - "azurerm_active_directory_domain_service_replica_set", - "azurerm_active_directory_domain_service_trust", - "azurerm_advanced_threat_protection", - "azurerm_advisor_suppression", - "azurerm_ai_services", - "azurerm_analysis_services_server", - "azurerm_api_connection", - "azurerm_api_management", - "azurerm_api_management_api", - "azurerm_api_management_api_diagnostic", - "azurerm_api_management_api_operation", - "azurerm_api_management_api_operation_policy", - "azurerm_api_management_api_operation_tag", - "azurerm_api_management_api_policy", - "azurerm_api_management_api_release", - "azurerm_api_management_api_schema", - "azurerm_api_management_api_tag", - "azurerm_api_management_api_tag_description", - "azurerm_api_management_api_version_set", - "azurerm_api_management_authorization_server", - "azurerm_api_management_backend", - "azurerm_api_management_certificate", - "azurerm_api_management_custom_domain", - "azurerm_api_management_diagnostic", - "azurerm_api_management_email_template", - "azurerm_api_management_gateway", - "azurerm_api_management_gateway_api", - "azurerm_api_management_gateway_certificate_authority", - "azurerm_api_management_gateway_host_name_configuration", - "azurerm_api_management_global_schema", - "azurerm_api_management_group", - "azurerm_api_management_group_user", - "azurerm_api_management_identity_provider_aad", - "azurerm_api_management_identity_provider_aadb2c", - "azurerm_api_management_identity_provider_facebook", - "azurerm_api_management_identity_provider_google", - "azurerm_api_management_identity_provider_microsoft", - "azurerm_api_management_identity_provider_twitter", - "azurerm_api_management_logger", - "azurerm_api_management_named_value", - "azurerm_api_management_notification_recipient_email", - "azurerm_api_management_notification_recipient_user", - "azurerm_api_management_openid_connect_provider", - "azurerm_api_management_policy", - "azurerm_api_management_policy_fragment", - "azurerm_api_management_product", - "azurerm_api_management_product_api", - "azurerm_api_management_product_group", - "azurerm_api_management_product_policy", - "azurerm_api_management_product_tag", - "azurerm_api_management_redis_cache", - "azurerm_api_management_subscription", - "azurerm_api_management_tag", - "azurerm_api_management_user", - "azurerm_app_configuration", - "azurerm_app_configuration_feature", - "azurerm_app_configuration_key", - "azurerm_app_service", - "azurerm_app_service_active_slot", - "azurerm_app_service_certificate", - "azurerm_app_service_certificate_binding", - "azurerm_app_service_certificate_order", - "azurerm_app_service_connection", - "azurerm_app_service_custom_hostname_binding", - "azurerm_app_service_environment_v3", - "azurerm_app_service_hybrid_connection", - "azurerm_app_service_managed_certificate", - "azurerm_app_service_plan", - "azurerm_app_service_public_certificate", - "azurerm_app_service_slot", - "azurerm_app_service_slot_custom_hostname_binding", - "azurerm_app_service_slot_virtual_network_swift_connection", - "azurerm_app_service_source_control", - "azurerm_app_service_source_control_slot", - "azurerm_app_service_source_control_token", - "azurerm_app_service_virtual_network_swift_connection", - "azurerm_application_gateway", - "azurerm_application_insights", - "azurerm_application_insights_analytics_item", - "azurerm_application_insights_api_key", - "azurerm_application_insights_smart_detection_rule", - "azurerm_application_insights_workbook", - "azurerm_application_insights_workbook_template", - "azurerm_application_load_balancer", - "azurerm_application_load_balancer_frontend", - "azurerm_application_load_balancer_subnet_association", - "azurerm_application_security_group", - "azurerm_arc_kubernetes_cluster", - "azurerm_arc_kubernetes_cluster_extension", - "azurerm_arc_kubernetes_flux_configuration", - "azurerm_arc_kubernetes_provisioned_cluster", - "azurerm_arc_machine", - "azurerm_arc_machine_automanage_configuration_assignment", - "azurerm_arc_machine_extension", - "azurerm_arc_private_link_scope", - "azurerm_arc_resource_bridge_appliance", - "azurerm_attestation_provider", - "azurerm_automanage_configuration", - "azurerm_automation_account", - "azurerm_automation_certificate", - "azurerm_automation_connection", - "azurerm_automation_connection_certificate", - "azurerm_automation_connection_classic_certificate", - "azurerm_automation_connection_service_principal", - "azurerm_automation_connection_type", - "azurerm_automation_credential", - "azurerm_automation_dsc_configuration", - "azurerm_automation_dsc_nodeconfiguration", - "azurerm_automation_hybrid_runbook_worker", - "azurerm_automation_hybrid_runbook_worker_group", - "azurerm_automation_job_schedule", - "azurerm_automation_module", - "azurerm_automation_powershell72_module", - "azurerm_automation_python3_package", - "azurerm_automation_runbook", - "azurerm_automation_schedule", - "azurerm_automation_software_update_configuration", - "azurerm_automation_source_control", - "azurerm_automation_variable_bool", - "azurerm_automation_variable_datetime", - "azurerm_automation_variable_int", - "azurerm_automation_variable_object", - "azurerm_automation_variable_string", - "azurerm_automation_watcher", - "azurerm_automation_webhook", - "azurerm_availability_set", - "azurerm_backup_container_storage_account", - "azurerm_backup_policy_file_share", - "azurerm_backup_policy_vm", - "azurerm_backup_policy_vm_workload", - "azurerm_backup_protected_file_share", - "azurerm_backup_protected_vm", - "azurerm_bastion_host", - "azurerm_batch_account", - "azurerm_batch_application", - "azurerm_batch_certificate", - "azurerm_batch_job", - "azurerm_batch_pool", - "azurerm_billing_account_cost_management_export", - "azurerm_blueprint_assignment", - "azurerm_bot_channel_alexa", - "azurerm_bot_channel_direct_line_speech", - "azurerm_bot_channel_directline", - "azurerm_bot_channel_email", - "azurerm_bot_channel_facebook", - "azurerm_bot_channel_line", - "azurerm_bot_channel_ms_teams", - "azurerm_bot_channel_slack", - "azurerm_bot_channel_sms", - "azurerm_bot_channel_web_chat", - "azurerm_bot_channels_registration", - "azurerm_bot_connection", - "azurerm_bot_service_azure_bot", - "azurerm_bot_web_app", - "azurerm_capacity_reservation", - "azurerm_capacity_reservation_group", - "azurerm_cdn_endpoint", - "azurerm_cdn_endpoint_custom_domain", - "azurerm_cdn_frontdoor_custom_domain", - "azurerm_cdn_frontdoor_custom_domain_association", - "azurerm_cdn_frontdoor_endpoint", - "azurerm_cdn_frontdoor_firewall_policy", - "azurerm_cdn_frontdoor_origin", - "azurerm_cdn_frontdoor_origin_group", - "azurerm_cdn_frontdoor_profile", - "azurerm_cdn_frontdoor_route", - "azurerm_cdn_frontdoor_rule", - "azurerm_cdn_frontdoor_rule_set", - "azurerm_cdn_frontdoor_secret", - "azurerm_cdn_frontdoor_security_policy", - "azurerm_cdn_profile", - "azurerm_chaos_studio_capability", - "azurerm_chaos_studio_experiment", - "azurerm_chaos_studio_target", - "azurerm_cognitive_account", - "azurerm_cognitive_account_customer_managed_key", - "azurerm_cognitive_account_rai_blocklist", - "azurerm_cognitive_account_rai_policy", - "azurerm_cognitive_deployment", - "azurerm_communication_service", - "azurerm_communication_service_email_domain_association", - "azurerm_confidential_ledger", - "azurerm_consumption_budget_management_group", - "azurerm_consumption_budget_resource_group", - "azurerm_consumption_budget_subscription", - "azurerm_container_app", - "azurerm_container_app_custom_domain", - "azurerm_container_app_environment", - "azurerm_container_app_environment_certificate", - "azurerm_container_app_environment_custom_domain", - "azurerm_container_app_environment_dapr_component", - "azurerm_container_app_environment_storage", - "azurerm_container_app_job", - "azurerm_container_connected_registry", - "azurerm_container_group", - "azurerm_container_registry", - "azurerm_container_registry_agent_pool", - "azurerm_container_registry_cache_rule", - "azurerm_container_registry_credential_set", - "azurerm_container_registry_scope_map", - "azurerm_container_registry_task", - "azurerm_container_registry_task_schedule_run_now", - "azurerm_container_registry_token", - "azurerm_container_registry_token_password", - "azurerm_container_registry_webhook", - "azurerm_cosmosdb_account", - "azurerm_cosmosdb_cassandra_cluster", - "azurerm_cosmosdb_cassandra_datacenter", - "azurerm_cosmosdb_cassandra_keyspace", - "azurerm_cosmosdb_cassandra_table", - "azurerm_cosmosdb_gremlin_database", - "azurerm_cosmosdb_gremlin_graph", - "azurerm_cosmosdb_mongo_collection", - "azurerm_cosmosdb_mongo_database", - "azurerm_cosmosdb_mongo_role_definition", - "azurerm_cosmosdb_mongo_user_definition", - "azurerm_cosmosdb_postgresql_cluster", - "azurerm_cosmosdb_postgresql_coordinator_configuration", - "azurerm_cosmosdb_postgresql_firewall_rule", - "azurerm_cosmosdb_postgresql_node_configuration", - "azurerm_cosmosdb_postgresql_role", - "azurerm_cosmosdb_sql_container", - "azurerm_cosmosdb_sql_database", - "azurerm_cosmosdb_sql_dedicated_gateway", - "azurerm_cosmosdb_sql_function", - "azurerm_cosmosdb_sql_role_assignment", - "azurerm_cosmosdb_sql_role_definition", - "azurerm_cosmosdb_sql_stored_procedure", - "azurerm_cosmosdb_sql_trigger", - "azurerm_cosmosdb_table", - "azurerm_cost_anomaly_alert", - "azurerm_cost_management_scheduled_action", - "azurerm_custom_ip_prefix", - "azurerm_custom_provider", - "azurerm_dashboard", - "azurerm_dashboard_grafana", - "azurerm_dashboard_grafana_managed_private_endpoint", - "azurerm_data_factory", - "azurerm_data_factory_credential_service_principal", - "azurerm_data_factory_credential_user_managed_identity", - "azurerm_data_factory_custom_dataset", - "azurerm_data_factory_data_flow", - "azurerm_data_factory_dataset_azure_blob", - "azurerm_data_factory_dataset_azure_sql_table", - "azurerm_data_factory_dataset_binary", - "azurerm_data_factory_dataset_cosmosdb_sqlapi", - "azurerm_data_factory_dataset_delimited_text", - "azurerm_data_factory_dataset_http", - "azurerm_data_factory_dataset_json", - "azurerm_data_factory_dataset_mysql", - "azurerm_data_factory_dataset_parquet", - "azurerm_data_factory_dataset_postgresql", - "azurerm_data_factory_dataset_snowflake", - "azurerm_data_factory_dataset_sql_server_table", - "azurerm_data_factory_flowlet_data_flow", - "azurerm_data_factory_integration_runtime_azure", - "azurerm_data_factory_integration_runtime_azure_ssis", - "azurerm_data_factory_integration_runtime_self_hosted", - "azurerm_data_factory_linked_custom_service", - "azurerm_data_factory_linked_service_azure_blob_storage", - "azurerm_data_factory_linked_service_azure_databricks", - "azurerm_data_factory_linked_service_azure_file_storage", - "azurerm_data_factory_linked_service_azure_function", - "azurerm_data_factory_linked_service_azure_search", - "azurerm_data_factory_linked_service_azure_sql_database", - "azurerm_data_factory_linked_service_azure_table_storage", - "azurerm_data_factory_linked_service_cosmosdb", - "azurerm_data_factory_linked_service_cosmosdb_mongoapi", - "azurerm_data_factory_linked_service_data_lake_storage_gen2", - "azurerm_data_factory_linked_service_key_vault", - "azurerm_data_factory_linked_service_kusto", - "azurerm_data_factory_linked_service_mysql", - "azurerm_data_factory_linked_service_odata", - "azurerm_data_factory_linked_service_odbc", - "azurerm_data_factory_linked_service_postgresql", - "azurerm_data_factory_linked_service_sftp", - "azurerm_data_factory_linked_service_snowflake", - "azurerm_data_factory_linked_service_sql_server", - "azurerm_data_factory_linked_service_synapse", - "azurerm_data_factory_linked_service_web", - "azurerm_data_factory_managed_private_endpoint", - "azurerm_data_factory_pipeline", - "azurerm_data_factory_trigger_blob_event", - "azurerm_data_factory_trigger_custom_event", - "azurerm_data_factory_trigger_schedule", - "azurerm_data_factory_trigger_tumbling_window", - "azurerm_data_protection_backup_instance_blob_storage", - "azurerm_data_protection_backup_instance_disk", - "azurerm_data_protection_backup_instance_kubernetes_cluster", - "azurerm_data_protection_backup_instance_mysql_flexible_server", - "azurerm_data_protection_backup_instance_postgresql", - "azurerm_data_protection_backup_instance_postgresql_flexible_server", - "azurerm_data_protection_backup_policy_blob_storage", - "azurerm_data_protection_backup_policy_disk", - "azurerm_data_protection_backup_policy_kubernetes_cluster", - "azurerm_data_protection_backup_policy_mysql_flexible_server", - "azurerm_data_protection_backup_policy_postgresql", - "azurerm_data_protection_backup_policy_postgresql_flexible_server", - "azurerm_data_protection_backup_vault", - "azurerm_data_protection_resource_guard", - "azurerm_data_share", - "azurerm_data_share_account", - "azurerm_data_share_dataset_blob_storage", - "azurerm_data_share_dataset_data_lake_gen2", - "azurerm_data_share_dataset_kusto_cluster", - "azurerm_data_share_dataset_kusto_database", - "azurerm_database_migration_project", - "azurerm_database_migration_service", - "azurerm_databox_edge_device", - "azurerm_databricks_access_connector", - "azurerm_databricks_virtual_network_peering", - "azurerm_databricks_workspace", - "azurerm_databricks_workspace_root_dbfs_customer_managed_key", - "azurerm_datadog_monitor", - "azurerm_datadog_monitor_sso_configuration", - "azurerm_datadog_monitor_tag_rule", - "azurerm_dedicated_hardware_security_module", - "azurerm_dedicated_host", - "azurerm_dedicated_host_group", - "azurerm_dev_center", - "azurerm_dev_center_attached_network", - "azurerm_dev_center_catalog", - "azurerm_dev_center_dev_box_definition", - "azurerm_dev_center_environment_type", - "azurerm_dev_center_gallery", - "azurerm_dev_center_network_connection", - "azurerm_dev_center_project", - "azurerm_dev_center_project_environment_type", - "azurerm_dev_center_project_pool", - "azurerm_digital_twins_endpoint_eventgrid", - "azurerm_digital_twins_endpoint_eventhub", - "azurerm_digital_twins_endpoint_servicebus", - "azurerm_digital_twins_instance", - "azurerm_digital_twins_time_series_database_connection", - "azurerm_disk_access", - "azurerm_disk_encryption_set", - "azurerm_dns_a_record", - "azurerm_dns_aaaa_record", - "azurerm_dns_caa_record", - "azurerm_dns_cname_record", - "azurerm_dns_mx_record", - "azurerm_dns_ns_record", - "azurerm_dns_ptr_record", - "azurerm_dns_srv_record", - "azurerm_dns_txt_record", - "azurerm_dns_zone", - "azurerm_dynatrace_monitor", - "azurerm_dynatrace_tag_rules", - "azurerm_elastic_cloud_elasticsearch", - "azurerm_elastic_san", - "azurerm_elastic_san_volume", - "azurerm_elastic_san_volume_group", - "azurerm_email_communication_service", - "azurerm_email_communication_service_domain", - "azurerm_eventgrid_domain", - "azurerm_eventgrid_domain_topic", - "azurerm_eventgrid_event_subscription", - "azurerm_eventgrid_namespace", - "azurerm_eventgrid_system_topic", - "azurerm_eventgrid_system_topic_event_subscription", - "azurerm_eventgrid_topic", - "azurerm_eventhub", - "azurerm_eventhub_authorization_rule", - "azurerm_eventhub_cluster", - "azurerm_eventhub_consumer_group", - "azurerm_eventhub_namespace", - "azurerm_eventhub_namespace_authorization_rule", - "azurerm_eventhub_namespace_customer_managed_key", - "azurerm_eventhub_namespace_disaster_recovery_config", - "azurerm_eventhub_namespace_schema_group", - "azurerm_express_route_circuit", - "azurerm_express_route_circuit_authorization", - "azurerm_express_route_circuit_connection", - "azurerm_express_route_circuit_peering", - "azurerm_express_route_connection", - "azurerm_express_route_gateway", - "azurerm_express_route_port", - "azurerm_express_route_port_authorization", - "azurerm_extended_location_custom_location", - "azurerm_fabric_capacity", - "azurerm_federated_identity_credential", - "azurerm_firewall", - "azurerm_firewall_application_rule_collection", - "azurerm_firewall_nat_rule_collection", - "azurerm_firewall_network_rule_collection", - "azurerm_firewall_policy", - "azurerm_firewall_policy_rule_collection_group", - "azurerm_fluid_relay_server", - "azurerm_frontdoor", - "azurerm_frontdoor_custom_https_configuration", - "azurerm_frontdoor_firewall_policy", - "azurerm_frontdoor_rules_engine", - "azurerm_function_app", - "azurerm_function_app_active_slot", - "azurerm_function_app_connection", - "azurerm_function_app_function", - "azurerm_function_app_hybrid_connection", - "azurerm_function_app_slot", - "azurerm_gallery_application", - "azurerm_gallery_application_version", - "azurerm_graph_services_account", - "azurerm_hdinsight_hadoop_cluster", - "azurerm_hdinsight_hbase_cluster", - "azurerm_hdinsight_interactive_query_cluster", - "azurerm_hdinsight_kafka_cluster", - "azurerm_hdinsight_spark_cluster", - "azurerm_healthbot", - "azurerm_healthcare_dicom_service", - "azurerm_healthcare_fhir_service", - "azurerm_healthcare_medtech_service", - "azurerm_healthcare_medtech_service_fhir_destination", - "azurerm_healthcare_service", - "azurerm_healthcare_workspace", - "azurerm_hpc_cache", - "azurerm_hpc_cache_access_policy", - "azurerm_hpc_cache_blob_nfs_target", - "azurerm_hpc_cache_blob_target", - "azurerm_hpc_cache_nfs_target", - "azurerm_image", - "azurerm_iot_security_device_group", - "azurerm_iot_security_solution", - "azurerm_iotcentral_application", - "azurerm_iotcentral_application_network_rule_set", - "azurerm_iotcentral_organization", - "azurerm_iothub", - "azurerm_iothub_certificate", - "azurerm_iothub_consumer_group", - "azurerm_iothub_device_update_account", - "azurerm_iothub_device_update_instance", - "azurerm_iothub_dps", - "azurerm_iothub_dps_certificate", - "azurerm_iothub_dps_shared_access_policy", - "azurerm_iothub_endpoint_cosmosdb_account", - "azurerm_iothub_endpoint_eventhub", - "azurerm_iothub_endpoint_servicebus_queue", - "azurerm_iothub_endpoint_servicebus_topic", - "azurerm_iothub_endpoint_storage_container", - "azurerm_iothub_enrichment", - "azurerm_iothub_fallback_route", - "azurerm_iothub_file_upload", - "azurerm_iothub_route", - "azurerm_iothub_shared_access_policy", - "azurerm_ip_group", - "azurerm_ip_group_cidr", - "azurerm_key_vault", - "azurerm_key_vault_access_policy", - "azurerm_key_vault_certificate", - "azurerm_key_vault_certificate_contacts", - "azurerm_key_vault_certificate_issuer", - "azurerm_key_vault_key", - "azurerm_key_vault_managed_hardware_security_module", - "azurerm_key_vault_managed_hardware_security_module_key", - "azurerm_key_vault_managed_hardware_security_module_key_rotation_policy", - "azurerm_key_vault_managed_hardware_security_module_role_assignment", - "azurerm_key_vault_managed_hardware_security_module_role_definition", - "azurerm_key_vault_managed_storage_account", - "azurerm_key_vault_managed_storage_account_sas_token_definition", - "azurerm_key_vault_secret", - "azurerm_kubernetes_cluster", - "azurerm_kubernetes_cluster_extension", - "azurerm_kubernetes_cluster_node_pool", - "azurerm_kubernetes_cluster_trusted_access_role_binding", - "azurerm_kubernetes_fleet_manager", - "azurerm_kubernetes_fleet_member", - "azurerm_kubernetes_fleet_update_run", - "azurerm_kubernetes_fleet_update_strategy", - "azurerm_kubernetes_flux_configuration", - "azurerm_kusto_attached_database_configuration", - "azurerm_kusto_cluster", - "azurerm_kusto_cluster_customer_managed_key", - "azurerm_kusto_cluster_managed_private_endpoint", - "azurerm_kusto_cluster_principal_assignment", - "azurerm_kusto_cosmosdb_data_connection", - "azurerm_kusto_database", - "azurerm_kusto_database_principal_assignment", - "azurerm_kusto_eventgrid_data_connection", - "azurerm_kusto_eventhub_data_connection", - "azurerm_kusto_iothub_data_connection", - "azurerm_kusto_script", - "azurerm_lb", - "azurerm_lb_backend_address_pool", - "azurerm_lb_backend_address_pool_address", - "azurerm_lb_nat_pool", - "azurerm_lb_nat_rule", - "azurerm_lb_outbound_rule", - "azurerm_lb_probe", - "azurerm_lb_rule", - "azurerm_lighthouse_assignment", - "azurerm_lighthouse_definition", - "azurerm_linux_function_app", - "azurerm_linux_function_app_slot", - "azurerm_linux_virtual_machine", - "azurerm_linux_virtual_machine_scale_set", - "azurerm_linux_web_app", - "azurerm_linux_web_app_slot", - "azurerm_local_network_gateway", - "azurerm_log_analytics_cluster", - "azurerm_log_analytics_cluster_customer_managed_key", - "azurerm_log_analytics_data_export_rule", - "azurerm_log_analytics_datasource_windows_event", - "azurerm_log_analytics_datasource_windows_performance_counter", - "azurerm_log_analytics_linked_service", - "azurerm_log_analytics_linked_storage_account", - "azurerm_log_analytics_query_pack", - "azurerm_log_analytics_query_pack_query", - "azurerm_log_analytics_saved_search", - "azurerm_log_analytics_solution", - "azurerm_log_analytics_storage_insights", - "azurerm_log_analytics_workspace", - "azurerm_log_analytics_workspace_table", - "azurerm_logic_app_action_custom", - "azurerm_logic_app_action_http", - "azurerm_logic_app_integration_account", - "azurerm_logic_app_integration_account_agreement", - "azurerm_logic_app_integration_account_assembly", - "azurerm_logic_app_integration_account_batch_configuration", - "azurerm_logic_app_integration_account_certificate", - "azurerm_logic_app_integration_account_map", - "azurerm_logic_app_integration_account_partner", - "azurerm_logic_app_integration_account_schema", - "azurerm_logic_app_integration_account_session", - "azurerm_logic_app_standard", - "azurerm_logic_app_trigger_custom", - "azurerm_logic_app_trigger_http_request", - "azurerm_logic_app_trigger_recurrence", - "azurerm_logic_app_workflow", - "azurerm_machine_learning_compute_cluster", - "azurerm_machine_learning_compute_instance", - "azurerm_machine_learning_datastore_blobstorage", - "azurerm_machine_learning_datastore_datalake_gen2", - "azurerm_machine_learning_datastore_fileshare", - "azurerm_machine_learning_inference_cluster", - "azurerm_machine_learning_synapse_spark", - "azurerm_machine_learning_workspace", - "azurerm_machine_learning_workspace_network_outbound_rule_fqdn", - "azurerm_machine_learning_workspace_network_outbound_rule_private_endpoint", - "azurerm_machine_learning_workspace_network_outbound_rule_service_tag", - "azurerm_maintenance_assignment_dedicated_host", - "azurerm_maintenance_assignment_dynamic_scope", - "azurerm_maintenance_assignment_virtual_machine", - "azurerm_maintenance_assignment_virtual_machine_scale_set", - "azurerm_maintenance_configuration", - "azurerm_managed_application", - "azurerm_managed_application_definition", - "azurerm_managed_disk", - "azurerm_managed_disk_sas_token", - "azurerm_managed_lustre_file_system", - "azurerm_management_group", - "azurerm_management_group_policy_assignment", - "azurerm_management_group_policy_exemption", - "azurerm_management_group_policy_remediation", - "azurerm_management_group_subscription_association", - "azurerm_management_group_template_deployment", - "azurerm_management_lock", - "azurerm_maps_account", - "azurerm_maps_creator", - "azurerm_marketplace_agreement", - "azurerm_marketplace_role_assignment", - "azurerm_media_services_account", - "azurerm_media_transform", - "azurerm_mobile_network", - "azurerm_mobile_network_attached_data_network", - "azurerm_mobile_network_data_network", - "azurerm_mobile_network_packet_core_control_plane", - "azurerm_mobile_network_packet_core_data_plane", - "azurerm_mobile_network_service", - "azurerm_mobile_network_sim", - "azurerm_mobile_network_sim_group", - "azurerm_mobile_network_sim_policy", - "azurerm_mobile_network_site", - "azurerm_mobile_network_slice", - "azurerm_mongo_cluster", - "azurerm_monitor_aad_diagnostic_setting", - "azurerm_monitor_action_group", - "azurerm_monitor_activity_log_alert", - "azurerm_monitor_alert_processing_rule_action_group", - "azurerm_monitor_alert_processing_rule_suppression", - "azurerm_monitor_alert_prometheus_rule_group", - "azurerm_monitor_autoscale_setting", - "azurerm_monitor_data_collection_endpoint", - "azurerm_monitor_data_collection_rule", - "azurerm_monitor_data_collection_rule_association", - "azurerm_monitor_diagnostic_setting", - "azurerm_monitor_metric_alert", - "azurerm_monitor_private_link_scope", - "azurerm_monitor_private_link_scoped_service", - "azurerm_monitor_scheduled_query_rules_alert", - "azurerm_monitor_scheduled_query_rules_alert_v2", - "azurerm_monitor_scheduled_query_rules_log", - "azurerm_monitor_smart_detector_alert_rule", - "azurerm_monitor_workspace", - "azurerm_mssql_database", - "azurerm_mssql_database_extended_auditing_policy", - "azurerm_mssql_database_vulnerability_assessment_rule_baseline", - "azurerm_mssql_elasticpool", - "azurerm_mssql_failover_group", - "azurerm_mssql_firewall_rule", - "azurerm_mssql_job", - "azurerm_mssql_job_agent", - "azurerm_mssql_job_credential", - "azurerm_mssql_job_schedule", - "azurerm_mssql_job_target_group", - "azurerm_mssql_managed_database", - "azurerm_mssql_managed_instance", - "azurerm_mssql_managed_instance_active_directory_administrator", - "azurerm_mssql_managed_instance_failover_group", - "azurerm_mssql_managed_instance_security_alert_policy", - "azurerm_mssql_managed_instance_transparent_data_encryption", - "azurerm_mssql_managed_instance_vulnerability_assessment", - "azurerm_mssql_outbound_firewall_rule", - "azurerm_mssql_server", - "azurerm_mssql_server_dns_alias", - "azurerm_mssql_server_extended_auditing_policy", - "azurerm_mssql_server_microsoft_support_auditing_policy", - "azurerm_mssql_server_security_alert_policy", - "azurerm_mssql_server_transparent_data_encryption", - "azurerm_mssql_server_vulnerability_assessment", - "azurerm_mssql_virtual_machine", - "azurerm_mssql_virtual_machine_availability_group_listener", - "azurerm_mssql_virtual_machine_group", - "azurerm_mssql_virtual_network_rule", - "azurerm_mysql_flexible_database", - "azurerm_mysql_flexible_server", - "azurerm_mysql_flexible_server_active_directory_administrator", - "azurerm_mysql_flexible_server_configuration", - "azurerm_mysql_flexible_server_firewall_rule", - "azurerm_nat_gateway", - "azurerm_nat_gateway_public_ip_association", - "azurerm_nat_gateway_public_ip_prefix_association", - "azurerm_netapp_account", - "azurerm_netapp_account_encryption", - "azurerm_netapp_backup_policy", - "azurerm_netapp_backup_vault", - "azurerm_netapp_pool", - "azurerm_netapp_snapshot", - "azurerm_netapp_snapshot_policy", - "azurerm_netapp_volume", - "azurerm_netapp_volume_group_sap_hana", - "azurerm_netapp_volume_quota_rule", - "azurerm_network_connection_monitor", - "azurerm_network_ddos_protection_plan", - "azurerm_network_function_azure_traffic_collector", - "azurerm_network_function_collector_policy", - "azurerm_network_interface", - "azurerm_network_interface_application_gateway_backend_address_pool_association", - "azurerm_network_interface_application_security_group_association", - "azurerm_network_interface_backend_address_pool_association", - "azurerm_network_interface_nat_rule_association", - "azurerm_network_interface_security_group_association", - "azurerm_network_manager", - "azurerm_network_manager_admin_rule", - "azurerm_network_manager_admin_rule_collection", - "azurerm_network_manager_connectivity_configuration", - "azurerm_network_manager_deployment", - "azurerm_network_manager_management_group_connection", - "azurerm_network_manager_network_group", - "azurerm_network_manager_scope_connection", - "azurerm_network_manager_security_admin_configuration", - "azurerm_network_manager_static_member", - "azurerm_network_manager_subscription_connection", - "azurerm_network_profile", - "azurerm_network_security_group", - "azurerm_network_security_rule", - "azurerm_network_watcher", - "azurerm_network_watcher_flow_log", - "azurerm_new_relic_monitor", - "azurerm_new_relic_tag_rule", - "azurerm_nginx_certificate", - "azurerm_nginx_configuration", - "azurerm_nginx_deployment", - "azurerm_notification_hub", - "azurerm_notification_hub_authorization_rule", - "azurerm_notification_hub_namespace", - "azurerm_oracle_autonomous_database", - "azurerm_oracle_cloud_vm_cluster", - "azurerm_oracle_exadata_infrastructure", - "azurerm_orbital_contact", - "azurerm_orbital_contact_profile", - "azurerm_orbital_spacecraft", - "azurerm_orchestrated_virtual_machine_scale_set", - "azurerm_palo_alto_local_rulestack", - "azurerm_palo_alto_local_rulestack_certificate", - "azurerm_palo_alto_local_rulestack_fqdn_list", - "azurerm_palo_alto_local_rulestack_outbound_trust_certificate_association", - "azurerm_palo_alto_local_rulestack_outbound_untrust_certificate_association", - "azurerm_palo_alto_local_rulestack_prefix_list", - "azurerm_palo_alto_local_rulestack_rule", - "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", - "azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama", - "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", - "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama", - "azurerm_palo_alto_virtual_network_appliance", - "azurerm_pim_active_role_assignment", - "azurerm_pim_eligible_role_assignment", - "azurerm_point_to_site_vpn_gateway", - "azurerm_policy_definition", - "azurerm_policy_set_definition", - "azurerm_policy_virtual_machine_configuration_assignment", - "azurerm_portal_dashboard", - "azurerm_portal_tenant_configuration", - "azurerm_postgresql_active_directory_administrator", - "azurerm_postgresql_configuration", - "azurerm_postgresql_database", - "azurerm_postgresql_firewall_rule", - "azurerm_postgresql_flexible_server", - "azurerm_postgresql_flexible_server_active_directory_administrator", - "azurerm_postgresql_flexible_server_configuration", - "azurerm_postgresql_flexible_server_database", - "azurerm_postgresql_flexible_server_firewall_rule", - "azurerm_postgresql_flexible_server_virtual_endpoint", - "azurerm_postgresql_server", - "azurerm_postgresql_server_key", - "azurerm_postgresql_virtual_network_rule", - "azurerm_powerbi_embedded", - "azurerm_private_dns_a_record", - "azurerm_private_dns_aaaa_record", - "azurerm_private_dns_cname_record", - "azurerm_private_dns_mx_record", - "azurerm_private_dns_ptr_record", - "azurerm_private_dns_resolver", - "azurerm_private_dns_resolver_dns_forwarding_ruleset", - "azurerm_private_dns_resolver_forwarding_rule", - "azurerm_private_dns_resolver_inbound_endpoint", - "azurerm_private_dns_resolver_outbound_endpoint", - "azurerm_private_dns_resolver_virtual_network_link", - "azurerm_private_dns_soa_record", - "azurerm_private_dns_srv_record", - "azurerm_private_dns_txt_record", - "azurerm_private_dns_zone", - "azurerm_private_dns_zone_virtual_network_link", - "azurerm_private_endpoint", - "azurerm_private_endpoint_application_security_group_association", - "azurerm_private_link_service", - "azurerm_proximity_placement_group", - "azurerm_public_ip", - "azurerm_public_ip_prefix", - "azurerm_purview_account", - "azurerm_recovery_services_vault", - "azurerm_recovery_services_vault_resource_guard_association", - "azurerm_redhat_openshift_cluster", - "azurerm_redis_cache", - "azurerm_redis_cache_access_policy", - "azurerm_redis_cache_access_policy_assignment", - "azurerm_redis_enterprise_cluster", - "azurerm_redis_enterprise_database", - "azurerm_redis_firewall_rule", - "azurerm_redis_linked_server", - "azurerm_relay_hybrid_connection", - "azurerm_relay_hybrid_connection_authorization_rule", - "azurerm_relay_namespace", - "azurerm_relay_namespace_authorization_rule", - "azurerm_resource_deployment_script_azure_cli", - "azurerm_resource_deployment_script_azure_power_shell", - "azurerm_resource_group", - "azurerm_resource_group_cost_management_export", - "azurerm_resource_group_cost_management_view", - "azurerm_resource_group_policy_assignment", - "azurerm_resource_group_policy_exemption", - "azurerm_resource_group_policy_remediation", - "azurerm_resource_group_template_deployment", - "azurerm_resource_management_private_link", - "azurerm_resource_management_private_link_association", - "azurerm_resource_policy_assignment", - "azurerm_resource_policy_exemption", - "azurerm_resource_policy_remediation", - "azurerm_resource_provider_registration", - "azurerm_role_assignment", - "azurerm_role_definition", - "azurerm_role_management_policy", - "azurerm_route", - "azurerm_route_filter", - "azurerm_route_map", - "azurerm_route_server", - "azurerm_route_server_bgp_connection", - "azurerm_route_table", - "azurerm_search_service", - "azurerm_search_shared_private_link_service", - "azurerm_security_center_assessment", - "azurerm_security_center_assessment_policy", - "azurerm_security_center_auto_provisioning", - "azurerm_security_center_automation", - "azurerm_security_center_contact", - "azurerm_security_center_server_vulnerability_assessment_virtual_machine", - "azurerm_security_center_server_vulnerability_assessments_setting", - "azurerm_security_center_setting", - "azurerm_security_center_storage_defender", - "azurerm_security_center_subscription_pricing", - "azurerm_security_center_workspace", - "azurerm_sentinel_alert_rule_anomaly_built_in", - "azurerm_sentinel_alert_rule_anomaly_duplicate", - "azurerm_sentinel_alert_rule_fusion", - "azurerm_sentinel_alert_rule_machine_learning_behavior_analytics", - "azurerm_sentinel_alert_rule_ms_security_incident", - "azurerm_sentinel_alert_rule_nrt", - "azurerm_sentinel_alert_rule_scheduled", - "azurerm_sentinel_alert_rule_threat_intelligence", - "azurerm_sentinel_automation_rule", - "azurerm_sentinel_data_connector_aws_cloud_trail", - "azurerm_sentinel_data_connector_aws_s3", - "azurerm_sentinel_data_connector_azure_active_directory", - "azurerm_sentinel_data_connector_azure_advanced_threat_protection", - "azurerm_sentinel_data_connector_azure_security_center", - "azurerm_sentinel_data_connector_dynamics_365", - "azurerm_sentinel_data_connector_iot", - "azurerm_sentinel_data_connector_microsoft_cloud_app_security", - "azurerm_sentinel_data_connector_microsoft_defender_advanced_threat_protection", - "azurerm_sentinel_data_connector_microsoft_threat_intelligence", - "azurerm_sentinel_data_connector_microsoft_threat_protection", - "azurerm_sentinel_data_connector_office_365", - "azurerm_sentinel_data_connector_office_365_project", - "azurerm_sentinel_data_connector_office_atp", - "azurerm_sentinel_data_connector_office_irm", - "azurerm_sentinel_data_connector_office_power_bi", - "azurerm_sentinel_data_connector_threat_intelligence", - "azurerm_sentinel_data_connector_threat_intelligence_taxii", - "azurerm_sentinel_log_analytics_workspace_onboarding", - "azurerm_sentinel_metadata", - "azurerm_sentinel_threat_intelligence_indicator", - "azurerm_sentinel_watchlist", - "azurerm_sentinel_watchlist_item", - "azurerm_service_fabric_cluster", - "azurerm_service_fabric_managed_cluster", - "azurerm_service_plan", - "azurerm_servicebus_namespace", - "azurerm_servicebus_namespace_authorization_rule", - "azurerm_servicebus_namespace_disaster_recovery_config", - "azurerm_servicebus_queue", - "azurerm_servicebus_queue_authorization_rule", - "azurerm_servicebus_subscription", - "azurerm_servicebus_subscription_rule", - "azurerm_servicebus_topic", - "azurerm_servicebus_topic_authorization_rule", - "azurerm_shared_image", - "azurerm_shared_image_gallery", - "azurerm_shared_image_version", - "azurerm_signalr_service", - "azurerm_signalr_service_custom_certificate", - "azurerm_signalr_service_custom_domain", - "azurerm_signalr_service_network_acl", - "azurerm_signalr_shared_private_link_resource", - "azurerm_site_recovery_fabric", - "azurerm_site_recovery_hyperv_network_mapping", - "azurerm_site_recovery_hyperv_replication_policy", - "azurerm_site_recovery_hyperv_replication_policy_association", - "azurerm_site_recovery_network_mapping", - "azurerm_site_recovery_protection_container", - "azurerm_site_recovery_protection_container_mapping", - "azurerm_site_recovery_replicated_vm", - "azurerm_site_recovery_replication_policy", - "azurerm_site_recovery_replication_recovery_plan", - "azurerm_site_recovery_services_vault_hyperv_site", - "azurerm_site_recovery_vmware_replicated_vm", - "azurerm_site_recovery_vmware_replication_policy", - "azurerm_site_recovery_vmware_replication_policy_association", - "azurerm_snapshot", - "azurerm_source_control_token", - "azurerm_spatial_anchors_account", - "azurerm_spring_cloud_accelerator", - "azurerm_spring_cloud_active_deployment", - "azurerm_spring_cloud_api_portal", - "azurerm_spring_cloud_api_portal_custom_domain", - "azurerm_spring_cloud_app", - "azurerm_spring_cloud_app_cosmosdb_association", - "azurerm_spring_cloud_app_dynamics_application_performance_monitoring", - "azurerm_spring_cloud_app_mysql_association", - "azurerm_spring_cloud_app_redis_association", - "azurerm_spring_cloud_application_insights_application_performance_monitoring", - "azurerm_spring_cloud_application_live_view", - "azurerm_spring_cloud_build_deployment", - "azurerm_spring_cloud_build_pack_binding", - "azurerm_spring_cloud_builder", - "azurerm_spring_cloud_certificate", - "azurerm_spring_cloud_configuration_service", - "azurerm_spring_cloud_connection", - "azurerm_spring_cloud_container_deployment", - "azurerm_spring_cloud_custom_domain", - "azurerm_spring_cloud_customized_accelerator", - "azurerm_spring_cloud_dev_tool_portal", - "azurerm_spring_cloud_dynatrace_application_performance_monitoring", - "azurerm_spring_cloud_elastic_application_performance_monitoring", - "azurerm_spring_cloud_gateway", - "azurerm_spring_cloud_gateway_custom_domain", - "azurerm_spring_cloud_gateway_route_config", - "azurerm_spring_cloud_java_deployment", - "azurerm_spring_cloud_new_relic_application_performance_monitoring", - "azurerm_spring_cloud_service", - "azurerm_spring_cloud_storage", - "azurerm_sql_database", - "azurerm_sql_firewall_rule", - "azurerm_sql_server", - "azurerm_sql_virtual_network_rule", - "azurerm_ssh_public_key", - "azurerm_stack_hci_cluster", - "azurerm_stack_hci_deployment_setting", - "azurerm_stack_hci_extension", - "azurerm_stack_hci_logical_network", - "azurerm_stack_hci_marketplace_gallery_image", - "azurerm_stack_hci_network_interface", - "azurerm_stack_hci_storage_path", - "azurerm_stack_hci_virtual_hard_disk", - "azurerm_static_site", - "azurerm_static_site_custom_domain", - "azurerm_static_web_app", - "azurerm_static_web_app_custom_domain", - "azurerm_static_web_app_function_app_registration", - "azurerm_storage_account", - "azurerm_storage_account_customer_managed_key", - "azurerm_storage_account_local_user", - "azurerm_storage_account_network_rules", - "azurerm_storage_account_queue_properties", - "azurerm_storage_account_static_website", - "azurerm_storage_blob", - "azurerm_storage_blob_inventory_policy", - "azurerm_storage_container", - "azurerm_storage_container_immutability_policy", - "azurerm_storage_data_lake_gen2_filesystem", - "azurerm_storage_data_lake_gen2_path", - "azurerm_storage_encryption_scope", - "azurerm_storage_management_policy", - "azurerm_storage_mover", - "azurerm_storage_mover_agent", - "azurerm_storage_mover_job_definition", - "azurerm_storage_mover_project", - "azurerm_storage_mover_source_endpoint", - "azurerm_storage_mover_target_endpoint", - "azurerm_storage_object_replication", - "azurerm_storage_queue", - "azurerm_storage_share", - "azurerm_storage_share_directory", - "azurerm_storage_share_file", - "azurerm_storage_sync", - "azurerm_storage_sync_cloud_endpoint", - "azurerm_storage_sync_group", - "azurerm_storage_sync_server_endpoint", - "azurerm_storage_table", - "azurerm_storage_table_entity", - "azurerm_stream_analytics_cluster", - "azurerm_stream_analytics_function_javascript_uda", - "azurerm_stream_analytics_function_javascript_udf", - "azurerm_stream_analytics_job", - "azurerm_stream_analytics_job_schedule", - "azurerm_stream_analytics_managed_private_endpoint", - "azurerm_stream_analytics_output_blob", - "azurerm_stream_analytics_output_cosmosdb", - "azurerm_stream_analytics_output_eventhub", - "azurerm_stream_analytics_output_function", - "azurerm_stream_analytics_output_mssql", - "azurerm_stream_analytics_output_powerbi", - "azurerm_stream_analytics_output_servicebus_queue", - "azurerm_stream_analytics_output_servicebus_topic", - "azurerm_stream_analytics_output_synapse", - "azurerm_stream_analytics_output_table", - "azurerm_stream_analytics_reference_input_blob", - "azurerm_stream_analytics_reference_input_mssql", - "azurerm_stream_analytics_stream_input_blob", - "azurerm_stream_analytics_stream_input_eventhub", - "azurerm_stream_analytics_stream_input_eventhub_v2", - "azurerm_stream_analytics_stream_input_iothub", - "azurerm_subnet", - "azurerm_subnet_nat_gateway_association", - "azurerm_subnet_network_security_group_association", - "azurerm_subnet_route_table_association", - "azurerm_subnet_service_endpoint_storage_policy", - "azurerm_subscription", - "azurerm_subscription_cost_management_export", - "azurerm_subscription_cost_management_view", - "azurerm_subscription_policy_assignment", - "azurerm_subscription_policy_exemption", - "azurerm_subscription_policy_remediation", - "azurerm_subscription_template_deployment", - "azurerm_synapse_firewall_rule", - "azurerm_synapse_integration_runtime_azure", - "azurerm_synapse_integration_runtime_self_hosted", - "azurerm_synapse_linked_service", - "azurerm_synapse_managed_private_endpoint", - "azurerm_synapse_private_link_hub", - "azurerm_synapse_role_assignment", - "azurerm_synapse_spark_pool", - "azurerm_synapse_sql_pool", - "azurerm_synapse_sql_pool_extended_auditing_policy", - "azurerm_synapse_sql_pool_security_alert_policy", - "azurerm_synapse_sql_pool_vulnerability_assessment", - "azurerm_synapse_sql_pool_vulnerability_assessment_baseline", - "azurerm_synapse_sql_pool_workload_classifier", - "azurerm_synapse_sql_pool_workload_group", - "azurerm_synapse_workspace", - "azurerm_synapse_workspace_aad_admin", - "azurerm_synapse_workspace_extended_auditing_policy", - "azurerm_synapse_workspace_key", - "azurerm_synapse_workspace_security_alert_policy", - "azurerm_synapse_workspace_sql_aad_admin", - "azurerm_synapse_workspace_vulnerability_assessment", - "azurerm_system_center_virtual_machine_manager_availability_set", - "azurerm_system_center_virtual_machine_manager_cloud", - "azurerm_system_center_virtual_machine_manager_server", - "azurerm_system_center_virtual_machine_manager_virtual_machine_template", - "azurerm_system_center_virtual_machine_manager_virtual_network", - "azurerm_tenant_template_deployment", - "azurerm_traffic_manager_azure_endpoint", - "azurerm_traffic_manager_external_endpoint", - "azurerm_traffic_manager_nested_endpoint", - "azurerm_traffic_manager_profile", - "azurerm_trusted_signing_account", - "azurerm_user_assigned_identity", - "azurerm_video_indexer_account", - "azurerm_virtual_desktop_application", - "azurerm_virtual_desktop_application_group", - "azurerm_virtual_desktop_host_pool", - "azurerm_virtual_desktop_host_pool_registration_info", - "azurerm_virtual_desktop_scaling_plan", - "azurerm_virtual_desktop_scaling_plan_host_pool_association", - "azurerm_virtual_desktop_workspace", - "azurerm_virtual_desktop_workspace_application_group_association", - "azurerm_virtual_hub", - "azurerm_virtual_hub_bgp_connection", - "azurerm_virtual_hub_connection", - "azurerm_virtual_hub_ip", - "azurerm_virtual_hub_route_table", - "azurerm_virtual_hub_route_table_route", - "azurerm_virtual_hub_routing_intent", - "azurerm_virtual_hub_security_partner_provider", - "azurerm_virtual_machine", - "azurerm_virtual_machine_automanage_configuration_assignment", - "azurerm_virtual_machine_data_disk_attachment", - "azurerm_virtual_machine_extension", - "azurerm_virtual_machine_gallery_application_assignment", - "azurerm_virtual_machine_implicit_data_disk_from_source", - "azurerm_virtual_machine_packet_capture", - "azurerm_virtual_machine_restore_point", - "azurerm_virtual_machine_restore_point_collection", - "azurerm_virtual_machine_run_command", - "azurerm_virtual_machine_scale_set", - "azurerm_virtual_machine_scale_set_extension", - "azurerm_virtual_machine_scale_set_packet_capture", - "azurerm_virtual_network", - "azurerm_virtual_network_dns_servers", - "azurerm_virtual_network_gateway", - "azurerm_virtual_network_gateway_connection", - "azurerm_virtual_network_gateway_nat_rule", - "azurerm_virtual_network_peering", - "azurerm_virtual_wan", - "azurerm_vmware_cluster", - "azurerm_vmware_express_route_authorization", - "azurerm_vmware_netapp_volume_attachment", - "azurerm_vmware_private_cloud", - "azurerm_voice_services_communications_gateway", - "azurerm_vpn_gateway", - "azurerm_vpn_gateway_connection", - "azurerm_vpn_gateway_nat_rule", - "azurerm_vpn_server_configuration", - "azurerm_vpn_server_configuration_policy_group", - "azurerm_vpn_site", - "azurerm_web_app_active_slot", - "azurerm_web_app_hybrid_connection", - "azurerm_web_application_firewall_policy", - "azurerm_web_pubsub", - "azurerm_web_pubsub_custom_certificate", - "azurerm_web_pubsub_custom_domain", - "azurerm_web_pubsub_hub", - "azurerm_web_pubsub_network_acl", - "azurerm_web_pubsub_service", - "azurerm_web_pubsub_shared_private_link_resource", - "azurerm_windows_function_app", - "azurerm_windows_function_app_slot", - "azurerm_windows_virtual_machine", - "azurerm_windows_virtual_machine_scale_set", - "azurerm_windows_web_app", - "azurerm_windows_web_app_slot", - "azurerm_workloads_sap_discovery_virtual_instance", - "azurerm_workloads_sap_single_node_virtual_instance", - "azurerm_workloads_sap_three_tier_virtual_instance" - ], - "dataSources": [ - "azurerm_aadb2c_directory", - "azurerm_active_directory_domain_service", - "azurerm_advisor_recommendations", - "azurerm_api_management", - "azurerm_api_management_api", - "azurerm_api_management_api_version_set", - "azurerm_api_management_gateway", - "azurerm_api_management_gateway_host_name_configuration", - "azurerm_api_management_group", - "azurerm_api_management_product", - "azurerm_api_management_subscription", - "azurerm_api_management_user", - "azurerm_app_configuration", - "azurerm_app_configuration_key", - "azurerm_app_configuration_keys", - "azurerm_app_service", - "azurerm_app_service_certificate", - "azurerm_app_service_certificate_order", - "azurerm_app_service_environment_v3", - "azurerm_app_service_plan", - "azurerm_application_gateway", - "azurerm_application_insights", - "azurerm_application_security_group", - "azurerm_arc_machine", - "azurerm_arc_resource_bridge_appliance", - "azurerm_attestation", - "azurerm_automation_account", - "azurerm_automation_runbook", - "azurerm_automation_variable_bool", - "azurerm_automation_variable_datetime", - "azurerm_automation_variable_int", - "azurerm_automation_variable_object", - "azurerm_automation_variable_string", - "azurerm_automation_variables", - "azurerm_availability_set", - "azurerm_backup_policy_file_share", - "azurerm_backup_policy_vm", - "azurerm_bastion_host", - "azurerm_batch_account", - "azurerm_batch_application", - "azurerm_batch_certificate", - "azurerm_batch_pool", - "azurerm_billing_enrollment_account_scope", - "azurerm_billing_mca_account_scope", - "azurerm_billing_mpa_account_scope", - "azurerm_blueprint_definition", - "azurerm_blueprint_published_version", - "azurerm_cdn_frontdoor_custom_domain", - "azurerm_cdn_frontdoor_endpoint", - "azurerm_cdn_frontdoor_firewall_policy", - "azurerm_cdn_frontdoor_origin_group", - "azurerm_cdn_frontdoor_profile", - "azurerm_cdn_frontdoor_rule_set", - "azurerm_cdn_frontdoor_secret", - "azurerm_cdn_profile", - "azurerm_client_config", - "azurerm_cognitive_account", - "azurerm_communication_service", - "azurerm_confidential_ledger", - "azurerm_consumption_budget_resource_group", - "azurerm_consumption_budget_subscription", - "azurerm_container_app", - "azurerm_container_app_environment.", - "azurerm_container_app_environment_certificate.", - "azurerm_container_app_environment_dapr_component.", - "azurerm_container_group", - "azurerm_container_registry", - "azurerm_container_registry_cache_rule", - "azurerm_container_registry_scope_map", - "azurerm_container_registry_token", - "azurerm_cosmosdb_account", - "azurerm_cosmosdb_mongo_database", - "azurerm_cosmosdb_restorable_database_accounts", - "azurerm_cosmosdb_sql_database", - "azurerm_dashboard_grafana", - "azurerm_data_factory", - "azurerm_data_factory_trigger_schedule", - "azurerm_data_factory_trigger_schedules", - "azurerm_data_lake_store", - "azurerm_data_protection_backup_vault", - "azurerm_data_share", - "azurerm_data_share_account", - "azurerm_data_share_dataset_blob_storage", - "azurerm_data_share_dataset_data_lake_gen1", - "azurerm_data_share_dataset_data_lake_gen2", - "azurerm_data_share_dataset_kusto_cluster", - "azurerm_data_share_dataset_kusto_database", - "azurerm_database_migration_project", - "azurerm_database_migration_service", - "azurerm_databricks_access_connector", - "azurerm_databricks_workspace", - "azurerm_databricks_workspace_private_endpoint_connection", - "azurerm_dedicated_host", - "azurerm_dedicated_host_group", - "azurerm_digital_twins_instance", - "azurerm_disk_access", - "azurerm_disk_encryption_set", - "azurerm_dns_a_record", - "azurerm_dns_aaaa_record", - "azurerm_dns_caa_record", - "azurerm_dns_cname_record", - "azurerm_dns_mx_record", - "azurerm_dns_ns_record", - "azurerm_dns_ptr_record", - "azurerm_dns_soa_record", - "azurerm_dns_srv_record", - "azurerm_dns_txt_record", - "azurerm_dns_zone", - "azurerm_elastic_cloud_elasticsearch", - "azurerm_elastic_san", - "azurerm_elastic_san_volume_group", - "azurerm_elastic_san_volume_snapshot", - "azurerm_eventgrid_domain", - "azurerm_eventgrid_domain_topic", - "azurerm_eventgrid_system_topic", - "azurerm_eventgrid_topic", - "azurerm_eventhub", - "azurerm_eventhub_cluster", - "azurerm_eventhub_consumer_group", - "azurerm_eventhub_namespace", - "azurerm_eventhub_namespace_authorization_rule", - "azurerm_eventhub_sas", - "azurerm_express_route_circuit", - "azurerm_express_route_circuit_peering", - "azurerm_extended_locations", - "azurerm_firewall", - "azurerm_firewall_policy", - "azurerm_function_app", - "azurerm_function_app_host_keys", - "azurerm_hdinsight_cluster", - "azurerm_healthcare_dicom_service", - "azurerm_healthcare_fhir_service", - "azurerm_healthcare_medtech_service", - "azurerm_healthcare_service", - "azurerm_healthcare_workspace", - "azurerm_image", - "azurerm_images", - "azurerm_iothub", - "azurerm_iothub_dps", - "azurerm_iothub_dps_shared_access_policy", - "azurerm_iothub_shared_access_policy", - "azurerm_ip_group", - "azurerm_ip_groups", - "azurerm_key_vault", - "azurerm_key_vault_access_policy", - "azurerm_key_vault_certificate", - "azurerm_key_vault_certificate_data", - "azurerm_key_vault_certificate_issuer", - "azurerm_key_vault_certificates", - "azurerm_key_vault_encrypted_value", - "azurerm_key_vault_key", - "azurerm_key_vault_managed_hardware_security_module", - "azurerm_key_vault_managed_hardware_security_module_key", - "azurerm_key_vault_managed_hardware_security_module_role_definition", - "azurerm_key_vault_secret", - "azurerm_key_vault_secrets", - "azurerm_kubernetes_cluster", - "azurerm_kubernetes_cluster_node_pool", - "azurerm_kubernetes_fleet_manager", - "azurerm_kubernetes_node_pool_snapshot", - "azurerm_kubernetes_service_versions", - "azurerm_kusto_cluster", - "azurerm_kusto_database", - "azurerm_lb", - "azurerm_lb_backend_address_pool", - "azurerm_lb_outbound_rule", - "azurerm_lb_rule", - "azurerm_linux_function_app", - "azurerm_linux_web_app", - "azurerm_local_network_gateway", - "azurerm_location", - "azurerm_log_analytics_workspace", - "azurerm_logic_app_integration_account", - "azurerm_logic_app_standard", - "azurerm_logic_app_workflow", - "azurerm_machine_learning_workspace", - "azurerm_maintenance_configuration", - "azurerm_managed_api", - "azurerm_managed_application_definition", - "azurerm_managed_disk", - "azurerm_management_group", - "azurerm_management_group_template_deployment", - "azurerm_maps_account", - "azurerm_monitor_action_group", - "azurerm_monitor_data_collection_endpoint", - "azurerm_monitor_data_collection_rule", - "azurerm_monitor_diagnostic_categories", - "azurerm_monitor_scheduled_query_rules_alert", - "azurerm_monitor_scheduled_query_rules_log", - "azurerm_monitor_workspace", - "azurerm_mssql_database", - "azurerm_mssql_elasticpool", - "azurerm_mssql_managed_database", - "azurerm_mssql_managed_instance", - "azurerm_mssql_server", - "azurerm_nat_gateway", - "azurerm_netapp_account", - "azurerm_netapp_account_encryption", - "azurerm_netapp_pool", - "azurerm_netapp_snapshot", - "azurerm_netapp_snapshot_policy", - "azurerm_netapp_volume", - "azurerm_netapp_volume_group_sap_hana", - "azurerm_netapp_volume_quota_rule", - "azurerm_network_ddos_protection_plan", - "azurerm_network_interface", - "azurerm_network_manager_connectivity_configuration", - "azurerm_network_security_group", - "azurerm_network_service_tags", - "azurerm_network_watcher", - "azurerm_nginx_certificate", - "azurerm_nginx_configuration", - "azurerm_nginx_deployment", - "azurerm_notification_hub", - "azurerm_notification_hub_namespace", - "azurerm_oracle_adbs_character_sets", - "azurerm_oracle_adbs_national_character_sets", - "azurerm_oracle_autonomous_database", - "azurerm_oracle_cloud_vm_cluster", - "azurerm_oracle_db_nodes", - "azurerm_oracle_db_servers", - "azurerm_oracle_db_system_shapes", - "azurerm_oracle_exadata_infrastructure", - "azurerm_oracle_gi_versions", - "azurerm_orchestrated_virtual_machine_scale_set", - "azurerm_platform_image", - "azurerm_policy_assignment", - "azurerm_policy_definition", - "azurerm_policy_definition_built_in", - "azurerm_policy_set_definition", - "azurerm_policy_virtual_machine_configuration_assignment", - "azurerm_portal_dashboard", - "azurerm_postgresql_flexible_server", - "azurerm_postgresql_server", - "azurerm_private_dns_a_record", - "azurerm_private_dns_aaaa_record", - "azurerm_private_dns_cname_record", - "azurerm_private_dns_mx_record", - "azurerm_private_dns_ptr_record", - "azurerm_private_dns_resolver", - "azurerm_private_dns_resolver_dns_forwarding_ruleset", - "azurerm_private_dns_resolver_forwarding_rule", - "azurerm_private_dns_resolver_inbound_endpoint", - "azurerm_private_dns_resolver_outbound_endpoint", - "azurerm_private_dns_resolver_virtual_network_link", - "azurerm_private_dns_soa_record", - "azurerm_private_dns_srv_record", - "azurerm_private_dns_txt_record", - "azurerm_private_dns_zone", - "azurerm_private_dns_zone_virtual_network_link", - "azurerm_private_endpoint_connection", - "azurerm_private_link_service", - "azurerm_private_link_service_endpoint_connections", - "azurerm_proximity_placement_group", - "azurerm_public_ip", - "azurerm_public_ip_prefix", - "azurerm_public_ips", - "azurerm_public_maintenance_configurations", - "azurerm_recovery_services_vault", - "azurerm_redis_cache", - "azurerm_redis_enterprise_database", - "azurerm_resource_group", - "azurerm_resource_group_template_deployment", - "azurerm_resources", - "azurerm_role_definition", - "azurerm_role_management_policy", - "azurerm_route_filter", - "azurerm_route_table", - "azurerm_sentinel_alert_rule", - "azurerm_sentinel_alert_rule_anomaly", - "azurerm_sentinel_alert_rule_template", - "azurerm_service_plan", - "azurerm_servicebus_namespace", - "azurerm_servicebus_namespace_authorization_rule", - "azurerm_servicebus_queue", - "azurerm_servicebus_queue_authorization_rule", - "azurerm_servicebus_subscription", - "azurerm_servicebus_topic", - "azurerm_servicebus_topic_authorization_rule", - "azurerm_shared_image", - "azurerm_shared_image_gallery", - "azurerm_shared_image_version", - "azurerm_shared_image_versions", - "azurerm_signalr_service", - "azurerm_site_recovery_fabric", - "azurerm_site_recovery_protection_container", - "azurerm_site_recovery_replication_policy", - "azurerm_snapshot", - "azurerm_source_control_token", - "azurerm_spring_cloud_app", - "azurerm_spring_cloud_service", - "azurerm_ssh_public_key", - "azurerm_stack_hci_cluster", - "azurerm_static_web_app", - "azurerm_storage_account", - "azurerm_storage_account_blob_container_sas", - "azurerm_storage_account_sas", - "azurerm_storage_blob", - "azurerm_storage_container", - "azurerm_storage_containers", - "azurerm_storage_encryption_scope", - "azurerm_storage_management_policy", - "azurerm_storage_queue", - "azurerm_storage_share", - "azurerm_storage_sync", - "azurerm_storage_sync_group", - "azurerm_storage_table", - "azurerm_storage_table_entity", - "azurerm_stream_analytics_job", - "azurerm_subnet", - "azurerm_subscription", - "azurerm_subscription_template_deployment", - "azurerm_subscriptions", - "azurerm_synapse_workspace", - "azurerm_system_center_virtual_machine_manager_inventory_items", - "azurerm_template_spec_version", - "azurerm_tenant_template_deployment", - "azurerm_traffic_manager_geographical_location", - "azurerm_traffic_manager_profile", - "azurerm_user_assigned_identity", - "azurerm_virtual_desktop_application_group", - "azurerm_virtual_desktop_host_pool", - "azurerm_virtual_desktop_workspace", - "azurerm_virtual_hub", - "azurerm_virtual_hub_connection", - "azurerm_virtual_hub_route_table", - "azurerm_virtual_machine", - "azurerm_virtual_machine_scale_set", - "azurerm_virtual_network", - "azurerm_virtual_network_gateway", - "azurerm_virtual_network_gateway_connection", - "azurerm_virtual_network_peering", - "azurerm_virtual_wan", - "azurerm_vmware_private_cloud", - "azurerm_vpn_gateway", - "azurerm_vpn_server_configuration", - "azurerm_web_application_firewall_policy", - "azurerm_web_pubsub", - "azurerm_web_pubsub_private_link_resource", - "azurerm_windows_function_app", - "azurerm_windows_web_app", - "netapp_backup_policy", - "netapp_backup_vault" - ] -} \ No newline at end of file +{ + "dataSources": [ + "azurerm_aadb2c_directory", + "azurerm_active_directory_domain_service", + "azurerm_advisor_recommendations", + "azurerm_api_management", + "azurerm_api_management_api", + "azurerm_api_management_api_version_set", + "azurerm_api_management_gateway", + "azurerm_api_management_gateway_host_name_configuration", + "azurerm_api_management_group", + "azurerm_api_management_product", + "azurerm_api_management_subscription", + "azurerm_api_management_user", + "azurerm_app_configuration", + "azurerm_app_configuration_key", + "azurerm_app_configuration_keys", + "azurerm_app_service", + "azurerm_app_service_certificate", + "azurerm_app_service_certificate_order", + "azurerm_app_service_environment_v3", + "azurerm_app_service_plan", + "azurerm_application_gateway", + "azurerm_application_insights", + "azurerm_application_security_group", + "azurerm_arc_machine", + "azurerm_arc_resource_bridge_appliance", + "azurerm_attestation", + "azurerm_automation_account", + "azurerm_automation_runbook", + "azurerm_automation_variable_bool", + "azurerm_automation_variable_datetime", + "azurerm_automation_variable_int", + "azurerm_automation_variable_object", + "azurerm_automation_variable_string", + "azurerm_automation_variables", + "azurerm_availability_set", + "azurerm_backup_policy_file_share", + "azurerm_backup_policy_vm", + "azurerm_bastion_host", + "azurerm_batch_account", + "azurerm_batch_application", + "azurerm_batch_certificate", + "azurerm_batch_pool", + "azurerm_billing_enrollment_account_scope", + "azurerm_billing_mca_account_scope", + "azurerm_billing_mpa_account_scope", + "azurerm_blueprint_definition", + "azurerm_blueprint_published_version", + "azurerm_cdn_frontdoor_custom_domain", + "azurerm_cdn_frontdoor_endpoint", + "azurerm_cdn_frontdoor_firewall_policy", + "azurerm_cdn_frontdoor_origin_group", + "azurerm_cdn_frontdoor_profile", + "azurerm_cdn_frontdoor_rule_set", + "azurerm_cdn_frontdoor_secret", + "azurerm_cdn_profile", + "azurerm_client_config", + "azurerm_cognitive_account", + "azurerm_communication_service", + "azurerm_confidential_ledger", + "azurerm_consumption_budget_resource_group", + "azurerm_consumption_budget_subscription", + "azurerm_container_app", + "azurerm_container_app_environment.", + "azurerm_container_app_environment_certificate.", + "azurerm_container_app_environment_dapr_component.", + "azurerm_container_group", + "azurerm_container_registry", + "azurerm_container_registry_cache_rule", + "azurerm_container_registry_scope_map", + "azurerm_container_registry_token", + "azurerm_cosmosdb_account", + "azurerm_cosmosdb_mongo_database", + "azurerm_cosmosdb_restorable_database_accounts", + "azurerm_cosmosdb_sql_database", + "azurerm_dashboard_grafana", + "azurerm_data_factory", + "azurerm_data_factory_trigger_schedule", + "azurerm_data_factory_trigger_schedules", + "azurerm_data_lake_store", + "azurerm_data_protection_backup_vault", + "azurerm_data_share", + "azurerm_data_share_account", + "azurerm_data_share_dataset_blob_storage", + "azurerm_data_share_dataset_data_lake_gen1", + "azurerm_data_share_dataset_data_lake_gen2", + "azurerm_data_share_dataset_kusto_cluster", + "azurerm_data_share_dataset_kusto_database", + "azurerm_database_migration_project", + "azurerm_database_migration_service", + "azurerm_databricks_access_connector", + "azurerm_databricks_workspace", + "azurerm_databricks_workspace_private_endpoint_connection", + "azurerm_dedicated_host", + "azurerm_dedicated_host_group", + "azurerm_digital_twins_instance", + "azurerm_disk_access", + "azurerm_disk_encryption_set", + "azurerm_dns_a_record", + "azurerm_dns_aaaa_record", + "azurerm_dns_caa_record", + "azurerm_dns_cname_record", + "azurerm_dns_mx_record", + "azurerm_dns_ns_record", + "azurerm_dns_ptr_record", + "azurerm_dns_soa_record", + "azurerm_dns_srv_record", + "azurerm_dns_txt_record", + "azurerm_dns_zone", + "azurerm_elastic_cloud_elasticsearch", + "azurerm_elastic_san", + "azurerm_elastic_san_volume_group", + "azurerm_elastic_san_volume_snapshot", + "azurerm_eventgrid_domain", + "azurerm_eventgrid_domain_topic", + "azurerm_eventgrid_system_topic", + "azurerm_eventgrid_topic", + "azurerm_eventhub", + "azurerm_eventhub_cluster", + "azurerm_eventhub_consumer_group", + "azurerm_eventhub_namespace", + "azurerm_eventhub_namespace_authorization_rule", + "azurerm_eventhub_sas", + "azurerm_express_route_circuit", + "azurerm_express_route_circuit_peering", + "azurerm_extended_locations", + "azurerm_firewall", + "azurerm_firewall_policy", + "azurerm_function_app", + "azurerm_function_app_host_keys", + "azurerm_hdinsight_cluster", + "azurerm_healthcare_dicom_service", + "azurerm_healthcare_fhir_service", + "azurerm_healthcare_medtech_service", + "azurerm_healthcare_service", + "azurerm_healthcare_workspace", + "azurerm_image", + "azurerm_images", + "azurerm_iothub", + "azurerm_iothub_dps", + "azurerm_iothub_dps_shared_access_policy", + "azurerm_iothub_shared_access_policy", + "azurerm_ip_group", + "azurerm_ip_groups", + "azurerm_key_vault", + "azurerm_key_vault_access_policy", + "azurerm_key_vault_certificate", + "azurerm_key_vault_certificate_data", + "azurerm_key_vault_certificate_issuer", + "azurerm_key_vault_certificates", + "azurerm_key_vault_encrypted_value", + "azurerm_key_vault_key", + "azurerm_key_vault_managed_hardware_security_module", + "azurerm_key_vault_managed_hardware_security_module_key", + "azurerm_key_vault_managed_hardware_security_module_role_definition", + "azurerm_key_vault_secret", + "azurerm_key_vault_secrets", + "azurerm_kubernetes_cluster", + "azurerm_kubernetes_cluster_node_pool", + "azurerm_kubernetes_fleet_manager", + "azurerm_kubernetes_node_pool_snapshot", + "azurerm_kubernetes_service_versions", + "azurerm_kusto_cluster", + "azurerm_kusto_database", + "azurerm_lb", + "azurerm_lb_backend_address_pool", + "azurerm_lb_outbound_rule", + "azurerm_lb_rule", + "azurerm_linux_function_app", + "azurerm_linux_web_app", + "azurerm_local_network_gateway", + "azurerm_location", + "azurerm_log_analytics_workspace", + "azurerm_logic_app_integration_account", + "azurerm_logic_app_standard", + "azurerm_logic_app_workflow", + "azurerm_machine_learning_workspace", + "azurerm_maintenance_configuration", + "azurerm_managed_api", + "azurerm_managed_application_definition", + "azurerm_managed_disk", + "azurerm_management_group", + "azurerm_management_group_template_deployment", + "azurerm_maps_account", + "azurerm_monitor_action_group", + "azurerm_monitor_data_collection_endpoint", + "azurerm_monitor_data_collection_rule", + "azurerm_monitor_diagnostic_categories", + "azurerm_monitor_scheduled_query_rules_alert", + "azurerm_monitor_scheduled_query_rules_log", + "azurerm_monitor_workspace", + "azurerm_mssql_database", + "azurerm_mssql_elasticpool", + "azurerm_mssql_managed_database", + "azurerm_mssql_managed_instance", + "azurerm_mssql_server", + "azurerm_nat_gateway", + "azurerm_netapp_account", + "azurerm_netapp_account_encryption", + "azurerm_netapp_pool", + "azurerm_netapp_snapshot", + "azurerm_netapp_snapshot_policy", + "azurerm_netapp_volume", + "azurerm_netapp_volume_group_sap_hana", + "azurerm_netapp_volume_quota_rule", + "azurerm_network_ddos_protection_plan", + "azurerm_network_interface", + "azurerm_network_manager_connectivity_configuration", + "azurerm_network_security_group", + "azurerm_network_service_tags", + "azurerm_network_watcher", + "azurerm_nginx_certificate", + "azurerm_nginx_configuration", + "azurerm_nginx_deployment", + "azurerm_notification_hub", + "azurerm_notification_hub_namespace", + "azurerm_oracle_adbs_character_sets", + "azurerm_oracle_adbs_national_character_sets", + "azurerm_oracle_autonomous_database", + "azurerm_oracle_cloud_vm_cluster", + "azurerm_oracle_db_nodes", + "azurerm_oracle_db_servers", + "azurerm_oracle_db_system_shapes", + "azurerm_oracle_exadata_infrastructure", + "azurerm_oracle_gi_versions", + "azurerm_orchestrated_virtual_machine_scale_set", + "azurerm_platform_image", + "azurerm_policy_assignment", + "azurerm_policy_definition", + "azurerm_policy_definition_built_in", + "azurerm_policy_set_definition", + "azurerm_policy_virtual_machine_configuration_assignment", + "azurerm_portal_dashboard", + "azurerm_postgresql_flexible_server", + "azurerm_postgresql_server", + "azurerm_private_dns_a_record", + "azurerm_private_dns_aaaa_record", + "azurerm_private_dns_cname_record", + "azurerm_private_dns_mx_record", + "azurerm_private_dns_ptr_record", + "azurerm_private_dns_resolver", + "azurerm_private_dns_resolver_dns_forwarding_ruleset", + "azurerm_private_dns_resolver_forwarding_rule", + "azurerm_private_dns_resolver_inbound_endpoint", + "azurerm_private_dns_resolver_outbound_endpoint", + "azurerm_private_dns_resolver_virtual_network_link", + "azurerm_private_dns_soa_record", + "azurerm_private_dns_srv_record", + "azurerm_private_dns_txt_record", + "azurerm_private_dns_zone", + "azurerm_private_dns_zone_virtual_network_link", + "azurerm_private_endpoint_connection", + "azurerm_private_link_service", + "azurerm_private_link_service_endpoint_connections", + "azurerm_proximity_placement_group", + "azurerm_public_ip", + "azurerm_public_ip_prefix", + "azurerm_public_ips", + "azurerm_public_maintenance_configurations", + "azurerm_recovery_services_vault", + "azurerm_redis_cache", + "azurerm_redis_enterprise_database", + "azurerm_resource_group", + "azurerm_resource_group_template_deployment", + "azurerm_resources", + "azurerm_role_definition", + "azurerm_role_management_policy", + "azurerm_route_filter", + "azurerm_route_table", + "azurerm_sentinel_alert_rule", + "azurerm_sentinel_alert_rule_anomaly", + "azurerm_sentinel_alert_rule_template", + "azurerm_service_plan", + "azurerm_servicebus_namespace", + "azurerm_servicebus_namespace_authorization_rule", + "azurerm_servicebus_queue", + "azurerm_servicebus_queue_authorization_rule", + "azurerm_servicebus_subscription", + "azurerm_servicebus_topic", + "azurerm_servicebus_topic_authorization_rule", + "azurerm_shared_image", + "azurerm_shared_image_gallery", + "azurerm_shared_image_version", + "azurerm_shared_image_versions", + "azurerm_signalr_service", + "azurerm_site_recovery_fabric", + "azurerm_site_recovery_protection_container", + "azurerm_site_recovery_replication_policy", + "azurerm_snapshot", + "azurerm_source_control_token", + "azurerm_spring_cloud_app", + "azurerm_spring_cloud_service", + "azurerm_ssh_public_key", + "azurerm_stack_hci_cluster", + "azurerm_static_web_app", + "azurerm_storage_account", + "azurerm_storage_account_blob_container_sas", + "azurerm_storage_account_sas", + "azurerm_storage_blob", + "azurerm_storage_container", + "azurerm_storage_containers", + "azurerm_storage_encryption_scope", + "azurerm_storage_management_policy", + "azurerm_storage_queue", + "azurerm_storage_share", + "azurerm_storage_sync", + "azurerm_storage_sync_group", + "azurerm_storage_table", + "azurerm_storage_table_entity", + "azurerm_stream_analytics_job", + "azurerm_subnet", + "azurerm_subscription", + "azurerm_subscription_template_deployment", + "azurerm_subscriptions", + "azurerm_synapse_workspace", + "azurerm_system_center_virtual_machine_manager_inventory_items", + "azurerm_template_spec_version", + "azurerm_tenant_template_deployment", + "azurerm_traffic_manager_geographical_location", + "azurerm_traffic_manager_profile", + "azurerm_user_assigned_identity", + "azurerm_virtual_desktop_application_group", + "azurerm_virtual_desktop_host_pool", + "azurerm_virtual_desktop_workspace", + "azurerm_virtual_hub", + "azurerm_virtual_hub_connection", + "azurerm_virtual_hub_route_table", + "azurerm_virtual_machine", + "azurerm_virtual_machine_scale_set", + "azurerm_virtual_network", + "azurerm_virtual_network_gateway", + "azurerm_virtual_network_gateway_connection", + "azurerm_virtual_network_peering", + "azurerm_virtual_wan", + "azurerm_vmware_private_cloud", + "azurerm_vpn_gateway", + "azurerm_vpn_server_configuration", + "azurerm_web_application_firewall_policy", + "azurerm_web_pubsub", + "azurerm_web_pubsub_private_link_resource", + "azurerm_windows_function_app", + "azurerm_windows_web_app", + "netapp_backup_policy", + "netapp_backup_vault" + ], + "resources": [ + "azurerm_aadb2c_directory", + "azurerm_active_directory_domain_service", + "azurerm_active_directory_domain_service_replica_set", + "azurerm_active_directory_domain_service_trust", + "azurerm_advanced_threat_protection", + "azurerm_advisor_suppression", + "azurerm_ai_services", + "azurerm_analysis_services_server", + "azurerm_api_connection", + "azurerm_api_management", + "azurerm_api_management_api", + "azurerm_api_management_api_diagnostic", + "azurerm_api_management_api_operation", + "azurerm_api_management_api_operation_policy", + "azurerm_api_management_api_operation_tag", + "azurerm_api_management_api_policy", + "azurerm_api_management_api_release", + "azurerm_api_management_api_schema", + "azurerm_api_management_api_tag", + "azurerm_api_management_api_tag_description", + "azurerm_api_management_api_version_set", + "azurerm_api_management_authorization_server", + "azurerm_api_management_backend", + "azurerm_api_management_certificate", + "azurerm_api_management_custom_domain", + "azurerm_api_management_diagnostic", + "azurerm_api_management_email_template", + "azurerm_api_management_gateway", + "azurerm_api_management_gateway_api", + "azurerm_api_management_gateway_certificate_authority", + "azurerm_api_management_gateway_host_name_configuration", + "azurerm_api_management_global_schema", + "azurerm_api_management_group", + "azurerm_api_management_group_user", + "azurerm_api_management_identity_provider_aad", + "azurerm_api_management_identity_provider_aadb2c", + "azurerm_api_management_identity_provider_facebook", + "azurerm_api_management_identity_provider_google", + "azurerm_api_management_identity_provider_microsoft", + "azurerm_api_management_identity_provider_twitter", + "azurerm_api_management_logger", + "azurerm_api_management_named_value", + "azurerm_api_management_notification_recipient_email", + "azurerm_api_management_notification_recipient_user", + "azurerm_api_management_openid_connect_provider", + "azurerm_api_management_policy", + "azurerm_api_management_policy_fragment", + "azurerm_api_management_product", + "azurerm_api_management_product_api", + "azurerm_api_management_product_group", + "azurerm_api_management_product_policy", + "azurerm_api_management_product_tag", + "azurerm_api_management_redis_cache", + "azurerm_api_management_subscription", + "azurerm_api_management_tag", + "azurerm_api_management_user", + "azurerm_app_configuration", + "azurerm_app_configuration_feature", + "azurerm_app_configuration_key", + "azurerm_app_service", + "azurerm_app_service_active_slot", + "azurerm_app_service_certificate", + "azurerm_app_service_certificate_binding", + "azurerm_app_service_certificate_order", + "azurerm_app_service_connection", + "azurerm_app_service_custom_hostname_binding", + "azurerm_app_service_environment_v3", + "azurerm_app_service_hybrid_connection", + "azurerm_app_service_managed_certificate", + "azurerm_app_service_plan", + "azurerm_app_service_public_certificate", + "azurerm_app_service_slot", + "azurerm_app_service_slot_custom_hostname_binding", + "azurerm_app_service_slot_virtual_network_swift_connection", + "azurerm_app_service_source_control", + "azurerm_app_service_source_control_slot", + "azurerm_app_service_source_control_token", + "azurerm_app_service_virtual_network_swift_connection", + "azurerm_application_gateway", + "azurerm_application_insights", + "azurerm_application_insights_analytics_item", + "azurerm_application_insights_api_key", + "azurerm_application_insights_smart_detection_rule", + "azurerm_application_insights_workbook", + "azurerm_application_insights_workbook_template", + "azurerm_application_load_balancer", + "azurerm_application_load_balancer_frontend", + "azurerm_application_load_balancer_subnet_association", + "azurerm_application_security_group", + "azurerm_arc_kubernetes_cluster", + "azurerm_arc_kubernetes_cluster_extension", + "azurerm_arc_kubernetes_flux_configuration", + "azurerm_arc_kubernetes_provisioned_cluster", + "azurerm_arc_machine", + "azurerm_arc_machine_automanage_configuration_assignment", + "azurerm_arc_machine_extension", + "azurerm_arc_private_link_scope", + "azurerm_arc_resource_bridge_appliance", + "azurerm_attestation_provider", + "azurerm_automanage_configuration", + "azurerm_automation_account", + "azurerm_automation_certificate", + "azurerm_automation_connection", + "azurerm_automation_connection_certificate", + "azurerm_automation_connection_classic_certificate", + "azurerm_automation_connection_service_principal", + "azurerm_automation_connection_type", + "azurerm_automation_credential", + "azurerm_automation_dsc_configuration", + "azurerm_automation_dsc_nodeconfiguration", + "azurerm_automation_hybrid_runbook_worker", + "azurerm_automation_hybrid_runbook_worker_group", + "azurerm_automation_job_schedule", + "azurerm_automation_module", + "azurerm_automation_powershell72_module", + "azurerm_automation_python3_package", + "azurerm_automation_runbook", + "azurerm_automation_schedule", + "azurerm_automation_software_update_configuration", + "azurerm_automation_source_control", + "azurerm_automation_variable_bool", + "azurerm_automation_variable_datetime", + "azurerm_automation_variable_int", + "azurerm_automation_variable_object", + "azurerm_automation_variable_string", + "azurerm_automation_watcher", + "azurerm_automation_webhook", + "azurerm_availability_set", + "azurerm_backup_container_storage_account", + "azurerm_backup_policy_file_share", + "azurerm_backup_policy_vm", + "azurerm_backup_policy_vm_workload", + "azurerm_backup_protected_file_share", + "azurerm_backup_protected_vm", + "azurerm_bastion_host", + "azurerm_batch_account", + "azurerm_batch_application", + "azurerm_batch_certificate", + "azurerm_batch_job", + "azurerm_batch_pool", + "azurerm_billing_account_cost_management_export", + "azurerm_blueprint_assignment", + "azurerm_bot_channel_alexa", + "azurerm_bot_channel_direct_line_speech", + "azurerm_bot_channel_directline", + "azurerm_bot_channel_email", + "azurerm_bot_channel_facebook", + "azurerm_bot_channel_line", + "azurerm_bot_channel_ms_teams", + "azurerm_bot_channel_slack", + "azurerm_bot_channel_sms", + "azurerm_bot_channel_web_chat", + "azurerm_bot_channels_registration", + "azurerm_bot_connection", + "azurerm_bot_service_azure_bot", + "azurerm_bot_web_app", + "azurerm_capacity_reservation", + "azurerm_capacity_reservation_group", + "azurerm_cdn_endpoint", + "azurerm_cdn_endpoint_custom_domain", + "azurerm_cdn_frontdoor_custom_domain", + "azurerm_cdn_frontdoor_custom_domain_association", + "azurerm_cdn_frontdoor_endpoint", + "azurerm_cdn_frontdoor_firewall_policy", + "azurerm_cdn_frontdoor_origin", + "azurerm_cdn_frontdoor_origin_group", + "azurerm_cdn_frontdoor_profile", + "azurerm_cdn_frontdoor_route", + "azurerm_cdn_frontdoor_rule", + "azurerm_cdn_frontdoor_rule_set", + "azurerm_cdn_frontdoor_secret", + "azurerm_cdn_frontdoor_security_policy", + "azurerm_cdn_profile", + "azurerm_chaos_studio_capability", + "azurerm_chaos_studio_experiment", + "azurerm_chaos_studio_target", + "azurerm_cognitive_account", + "azurerm_cognitive_account_customer_managed_key", + "azurerm_cognitive_account_rai_blocklist", + "azurerm_cognitive_account_rai_policy", + "azurerm_cognitive_deployment", + "azurerm_communication_service", + "azurerm_communication_service_email_domain_association", + "azurerm_confidential_ledger", + "azurerm_consumption_budget_management_group", + "azurerm_consumption_budget_resource_group", + "azurerm_consumption_budget_subscription", + "azurerm_container_app", + "azurerm_container_app_custom_domain", + "azurerm_container_app_environment", + "azurerm_container_app_environment_certificate", + "azurerm_container_app_environment_custom_domain", + "azurerm_container_app_environment_dapr_component", + "azurerm_container_app_environment_storage", + "azurerm_container_app_job", + "azurerm_container_connected_registry", + "azurerm_container_group", + "azurerm_container_registry", + "azurerm_container_registry_agent_pool", + "azurerm_container_registry_cache_rule", + "azurerm_container_registry_credential_set", + "azurerm_container_registry_scope_map", + "azurerm_container_registry_task", + "azurerm_container_registry_task_schedule_run_now", + "azurerm_container_registry_token", + "azurerm_container_registry_token_password", + "azurerm_container_registry_webhook", + "azurerm_cosmosdb_account", + "azurerm_cosmosdb_cassandra_cluster", + "azurerm_cosmosdb_cassandra_datacenter", + "azurerm_cosmosdb_cassandra_keyspace", + "azurerm_cosmosdb_cassandra_table", + "azurerm_cosmosdb_gremlin_database", + "azurerm_cosmosdb_gremlin_graph", + "azurerm_cosmosdb_mongo_collection", + "azurerm_cosmosdb_mongo_database", + "azurerm_cosmosdb_mongo_role_definition", + "azurerm_cosmosdb_mongo_user_definition", + "azurerm_cosmosdb_postgresql_cluster", + "azurerm_cosmosdb_postgresql_coordinator_configuration", + "azurerm_cosmosdb_postgresql_firewall_rule", + "azurerm_cosmosdb_postgresql_node_configuration", + "azurerm_cosmosdb_postgresql_role", + "azurerm_cosmosdb_sql_container", + "azurerm_cosmosdb_sql_database", + "azurerm_cosmosdb_sql_dedicated_gateway", + "azurerm_cosmosdb_sql_function", + "azurerm_cosmosdb_sql_role_assignment", + "azurerm_cosmosdb_sql_role_definition", + "azurerm_cosmosdb_sql_stored_procedure", + "azurerm_cosmosdb_sql_trigger", + "azurerm_cosmosdb_table", + "azurerm_cost_anomaly_alert", + "azurerm_cost_management_scheduled_action", + "azurerm_custom_ip_prefix", + "azurerm_custom_provider", + "azurerm_dashboard", + "azurerm_dashboard_grafana", + "azurerm_dashboard_grafana_managed_private_endpoint", + "azurerm_data_factory", + "azurerm_data_factory_credential_service_principal", + "azurerm_data_factory_credential_user_managed_identity", + "azurerm_data_factory_custom_dataset", + "azurerm_data_factory_data_flow", + "azurerm_data_factory_dataset_azure_blob", + "azurerm_data_factory_dataset_azure_sql_table", + "azurerm_data_factory_dataset_binary", + "azurerm_data_factory_dataset_cosmosdb_sqlapi", + "azurerm_data_factory_dataset_delimited_text", + "azurerm_data_factory_dataset_http", + "azurerm_data_factory_dataset_json", + "azurerm_data_factory_dataset_mysql", + "azurerm_data_factory_dataset_parquet", + "azurerm_data_factory_dataset_postgresql", + "azurerm_data_factory_dataset_snowflake", + "azurerm_data_factory_dataset_sql_server_table", + "azurerm_data_factory_flowlet_data_flow", + "azurerm_data_factory_integration_runtime_azure", + "azurerm_data_factory_integration_runtime_azure_ssis", + "azurerm_data_factory_integration_runtime_self_hosted", + "azurerm_data_factory_linked_custom_service", + "azurerm_data_factory_linked_service_azure_blob_storage", + "azurerm_data_factory_linked_service_azure_databricks", + "azurerm_data_factory_linked_service_azure_file_storage", + "azurerm_data_factory_linked_service_azure_function", + "azurerm_data_factory_linked_service_azure_search", + "azurerm_data_factory_linked_service_azure_sql_database", + "azurerm_data_factory_linked_service_azure_table_storage", + "azurerm_data_factory_linked_service_cosmosdb", + "azurerm_data_factory_linked_service_cosmosdb_mongoapi", + "azurerm_data_factory_linked_service_data_lake_storage_gen2", + "azurerm_data_factory_linked_service_key_vault", + "azurerm_data_factory_linked_service_kusto", + "azurerm_data_factory_linked_service_mysql", + "azurerm_data_factory_linked_service_odata", + "azurerm_data_factory_linked_service_odbc", + "azurerm_data_factory_linked_service_postgresql", + "azurerm_data_factory_linked_service_sftp", + "azurerm_data_factory_linked_service_snowflake", + "azurerm_data_factory_linked_service_sql_server", + "azurerm_data_factory_linked_service_synapse", + "azurerm_data_factory_linked_service_web", + "azurerm_data_factory_managed_private_endpoint", + "azurerm_data_factory_pipeline", + "azurerm_data_factory_trigger_blob_event", + "azurerm_data_factory_trigger_custom_event", + "azurerm_data_factory_trigger_schedule", + "azurerm_data_factory_trigger_tumbling_window", + "azurerm_data_protection_backup_instance_blob_storage", + "azurerm_data_protection_backup_instance_disk", + "azurerm_data_protection_backup_instance_kubernetes_cluster", + "azurerm_data_protection_backup_instance_mysql_flexible_server", + "azurerm_data_protection_backup_instance_postgresql", + "azurerm_data_protection_backup_instance_postgresql_flexible_server", + "azurerm_data_protection_backup_policy_blob_storage", + "azurerm_data_protection_backup_policy_disk", + "azurerm_data_protection_backup_policy_kubernetes_cluster", + "azurerm_data_protection_backup_policy_mysql_flexible_server", + "azurerm_data_protection_backup_policy_postgresql", + "azurerm_data_protection_backup_policy_postgresql_flexible_server", + "azurerm_data_protection_backup_vault", + "azurerm_data_protection_resource_guard", + "azurerm_data_share", + "azurerm_data_share_account", + "azurerm_data_share_dataset_blob_storage", + "azurerm_data_share_dataset_data_lake_gen2", + "azurerm_data_share_dataset_kusto_cluster", + "azurerm_data_share_dataset_kusto_database", + "azurerm_database_migration_project", + "azurerm_database_migration_service", + "azurerm_databox_edge_device", + "azurerm_databricks_access_connector", + "azurerm_databricks_virtual_network_peering", + "azurerm_databricks_workspace", + "azurerm_databricks_workspace_root_dbfs_customer_managed_key", + "azurerm_datadog_monitor", + "azurerm_datadog_monitor_sso_configuration", + "azurerm_datadog_monitor_tag_rule", + "azurerm_dedicated_hardware_security_module", + "azurerm_dedicated_host", + "azurerm_dedicated_host_group", + "azurerm_dev_center", + "azurerm_dev_center_attached_network", + "azurerm_dev_center_catalog", + "azurerm_dev_center_dev_box_definition", + "azurerm_dev_center_environment_type", + "azurerm_dev_center_gallery", + "azurerm_dev_center_network_connection", + "azurerm_dev_center_project", + "azurerm_dev_center_project_environment_type", + "azurerm_dev_center_project_pool", + "azurerm_digital_twins_endpoint_eventgrid", + "azurerm_digital_twins_endpoint_eventhub", + "azurerm_digital_twins_endpoint_servicebus", + "azurerm_digital_twins_instance", + "azurerm_digital_twins_time_series_database_connection", + "azurerm_disk_access", + "azurerm_disk_encryption_set", + "azurerm_dns_a_record", + "azurerm_dns_aaaa_record", + "azurerm_dns_caa_record", + "azurerm_dns_cname_record", + "azurerm_dns_mx_record", + "azurerm_dns_ns_record", + "azurerm_dns_ptr_record", + "azurerm_dns_srv_record", + "azurerm_dns_txt_record", + "azurerm_dns_zone", + "azurerm_dynatrace_monitor", + "azurerm_dynatrace_tag_rules", + "azurerm_elastic_cloud_elasticsearch", + "azurerm_elastic_san", + "azurerm_elastic_san_volume", + "azurerm_elastic_san_volume_group", + "azurerm_email_communication_service", + "azurerm_email_communication_service_domain", + "azurerm_eventgrid_domain", + "azurerm_eventgrid_domain_topic", + "azurerm_eventgrid_event_subscription", + "azurerm_eventgrid_namespace", + "azurerm_eventgrid_system_topic", + "azurerm_eventgrid_system_topic_event_subscription", + "azurerm_eventgrid_topic", + "azurerm_eventhub", + "azurerm_eventhub_authorization_rule", + "azurerm_eventhub_cluster", + "azurerm_eventhub_consumer_group", + "azurerm_eventhub_namespace", + "azurerm_eventhub_namespace_authorization_rule", + "azurerm_eventhub_namespace_customer_managed_key", + "azurerm_eventhub_namespace_disaster_recovery_config", + "azurerm_eventhub_namespace_schema_group", + "azurerm_express_route_circuit", + "azurerm_express_route_circuit_authorization", + "azurerm_express_route_circuit_connection", + "azurerm_express_route_circuit_peering", + "azurerm_express_route_connection", + "azurerm_express_route_gateway", + "azurerm_express_route_port", + "azurerm_express_route_port_authorization", + "azurerm_extended_location_custom_location", + "azurerm_fabric_capacity", + "azurerm_federated_identity_credential", + "azurerm_firewall", + "azurerm_firewall_application_rule_collection", + "azurerm_firewall_nat_rule_collection", + "azurerm_firewall_network_rule_collection", + "azurerm_firewall_policy", + "azurerm_firewall_policy_rule_collection_group", + "azurerm_fluid_relay_server", + "azurerm_frontdoor", + "azurerm_frontdoor_custom_https_configuration", + "azurerm_frontdoor_firewall_policy", + "azurerm_frontdoor_rules_engine", + "azurerm_function_app", + "azurerm_function_app_active_slot", + "azurerm_function_app_connection", + "azurerm_function_app_function", + "azurerm_function_app_hybrid_connection", + "azurerm_function_app_slot", + "azurerm_gallery_application", + "azurerm_gallery_application_version", + "azurerm_graph_services_account", + "azurerm_hdinsight_hadoop_cluster", + "azurerm_hdinsight_hbase_cluster", + "azurerm_hdinsight_interactive_query_cluster", + "azurerm_hdinsight_kafka_cluster", + "azurerm_hdinsight_spark_cluster", + "azurerm_healthbot", + "azurerm_healthcare_dicom_service", + "azurerm_healthcare_fhir_service", + "azurerm_healthcare_medtech_service", + "azurerm_healthcare_medtech_service_fhir_destination", + "azurerm_healthcare_service", + "azurerm_healthcare_workspace", + "azurerm_hpc_cache", + "azurerm_hpc_cache_access_policy", + "azurerm_hpc_cache_blob_nfs_target", + "azurerm_hpc_cache_blob_target", + "azurerm_hpc_cache_nfs_target", + "azurerm_image", + "azurerm_iot_security_device_group", + "azurerm_iot_security_solution", + "azurerm_iotcentral_application", + "azurerm_iotcentral_application_network_rule_set", + "azurerm_iotcentral_organization", + "azurerm_iothub", + "azurerm_iothub_certificate", + "azurerm_iothub_consumer_group", + "azurerm_iothub_device_update_account", + "azurerm_iothub_device_update_instance", + "azurerm_iothub_dps", + "azurerm_iothub_dps_certificate", + "azurerm_iothub_dps_shared_access_policy", + "azurerm_iothub_endpoint_cosmosdb_account", + "azurerm_iothub_endpoint_eventhub", + "azurerm_iothub_endpoint_servicebus_queue", + "azurerm_iothub_endpoint_servicebus_topic", + "azurerm_iothub_endpoint_storage_container", + "azurerm_iothub_enrichment", + "azurerm_iothub_fallback_route", + "azurerm_iothub_file_upload", + "azurerm_iothub_route", + "azurerm_iothub_shared_access_policy", + "azurerm_ip_group", + "azurerm_ip_group_cidr", + "azurerm_key_vault", + "azurerm_key_vault_access_policy", + "azurerm_key_vault_certificate", + "azurerm_key_vault_certificate_contacts", + "azurerm_key_vault_certificate_issuer", + "azurerm_key_vault_key", + "azurerm_key_vault_managed_hardware_security_module", + "azurerm_key_vault_managed_hardware_security_module_key", + "azurerm_key_vault_managed_hardware_security_module_key_rotation_policy", + "azurerm_key_vault_managed_hardware_security_module_role_assignment", + "azurerm_key_vault_managed_hardware_security_module_role_definition", + "azurerm_key_vault_managed_storage_account", + "azurerm_key_vault_managed_storage_account_sas_token_definition", + "azurerm_key_vault_secret", + "azurerm_kubernetes_cluster", + "azurerm_kubernetes_cluster_extension", + "azurerm_kubernetes_cluster_node_pool", + "azurerm_kubernetes_cluster_trusted_access_role_binding", + "azurerm_kubernetes_fleet_manager", + "azurerm_kubernetes_fleet_member", + "azurerm_kubernetes_fleet_update_run", + "azurerm_kubernetes_fleet_update_strategy", + "azurerm_kubernetes_flux_configuration", + "azurerm_kusto_attached_database_configuration", + "azurerm_kusto_cluster", + "azurerm_kusto_cluster_customer_managed_key", + "azurerm_kusto_cluster_managed_private_endpoint", + "azurerm_kusto_cluster_principal_assignment", + "azurerm_kusto_cosmosdb_data_connection", + "azurerm_kusto_database", + "azurerm_kusto_database_principal_assignment", + "azurerm_kusto_eventgrid_data_connection", + "azurerm_kusto_eventhub_data_connection", + "azurerm_kusto_iothub_data_connection", + "azurerm_kusto_script", + "azurerm_lb", + "azurerm_lb_backend_address_pool", + "azurerm_lb_backend_address_pool_address", + "azurerm_lb_nat_pool", + "azurerm_lb_nat_rule", + "azurerm_lb_outbound_rule", + "azurerm_lb_probe", + "azurerm_lb_rule", + "azurerm_lighthouse_assignment", + "azurerm_lighthouse_definition", + "azurerm_linux_function_app", + "azurerm_linux_function_app_slot", + "azurerm_linux_virtual_machine", + "azurerm_linux_virtual_machine_scale_set", + "azurerm_linux_web_app", + "azurerm_linux_web_app_slot", + "azurerm_local_network_gateway", + "azurerm_log_analytics_cluster", + "azurerm_log_analytics_cluster_customer_managed_key", + "azurerm_log_analytics_data_export_rule", + "azurerm_log_analytics_datasource_windows_event", + "azurerm_log_analytics_datasource_windows_performance_counter", + "azurerm_log_analytics_linked_service", + "azurerm_log_analytics_linked_storage_account", + "azurerm_log_analytics_query_pack", + "azurerm_log_analytics_query_pack_query", + "azurerm_log_analytics_saved_search", + "azurerm_log_analytics_solution", + "azurerm_log_analytics_storage_insights", + "azurerm_log_analytics_workspace", + "azurerm_log_analytics_workspace_table", + "azurerm_logic_app_action_custom", + "azurerm_logic_app_action_http", + "azurerm_logic_app_integration_account", + "azurerm_logic_app_integration_account_agreement", + "azurerm_logic_app_integration_account_assembly", + "azurerm_logic_app_integration_account_batch_configuration", + "azurerm_logic_app_integration_account_certificate", + "azurerm_logic_app_integration_account_map", + "azurerm_logic_app_integration_account_partner", + "azurerm_logic_app_integration_account_schema", + "azurerm_logic_app_integration_account_session", + "azurerm_logic_app_standard", + "azurerm_logic_app_trigger_custom", + "azurerm_logic_app_trigger_http_request", + "azurerm_logic_app_trigger_recurrence", + "azurerm_logic_app_workflow", + "azurerm_machine_learning_compute_cluster", + "azurerm_machine_learning_compute_instance", + "azurerm_machine_learning_datastore_blobstorage", + "azurerm_machine_learning_datastore_datalake_gen2", + "azurerm_machine_learning_datastore_fileshare", + "azurerm_machine_learning_inference_cluster", + "azurerm_machine_learning_synapse_spark", + "azurerm_machine_learning_workspace", + "azurerm_machine_learning_workspace_network_outbound_rule_fqdn", + "azurerm_machine_learning_workspace_network_outbound_rule_private_endpoint", + "azurerm_machine_learning_workspace_network_outbound_rule_service_tag", + "azurerm_maintenance_assignment_dedicated_host", + "azurerm_maintenance_assignment_dynamic_scope", + "azurerm_maintenance_assignment_virtual_machine", + "azurerm_maintenance_assignment_virtual_machine_scale_set", + "azurerm_maintenance_configuration", + "azurerm_managed_application", + "azurerm_managed_application_definition", + "azurerm_managed_disk", + "azurerm_managed_disk_sas_token", + "azurerm_managed_lustre_file_system", + "azurerm_management_group", + "azurerm_management_group_policy_assignment", + "azurerm_management_group_policy_exemption", + "azurerm_management_group_policy_remediation", + "azurerm_management_group_subscription_association", + "azurerm_management_group_template_deployment", + "azurerm_management_lock", + "azurerm_maps_account", + "azurerm_maps_creator", + "azurerm_marketplace_agreement", + "azurerm_marketplace_role_assignment", + "azurerm_media_services_account", + "azurerm_media_transform", + "azurerm_mobile_network", + "azurerm_mobile_network_attached_data_network", + "azurerm_mobile_network_data_network", + "azurerm_mobile_network_packet_core_control_plane", + "azurerm_mobile_network_packet_core_data_plane", + "azurerm_mobile_network_service", + "azurerm_mobile_network_sim", + "azurerm_mobile_network_sim_group", + "azurerm_mobile_network_sim_policy", + "azurerm_mobile_network_site", + "azurerm_mobile_network_slice", + "azurerm_mongo_cluster", + "azurerm_monitor_aad_diagnostic_setting", + "azurerm_monitor_action_group", + "azurerm_monitor_activity_log_alert", + "azurerm_monitor_alert_processing_rule_action_group", + "azurerm_monitor_alert_processing_rule_suppression", + "azurerm_monitor_alert_prometheus_rule_group", + "azurerm_monitor_autoscale_setting", + "azurerm_monitor_data_collection_endpoint", + "azurerm_monitor_data_collection_rule", + "azurerm_monitor_data_collection_rule_association", + "azurerm_monitor_diagnostic_setting", + "azurerm_monitor_metric_alert", + "azurerm_monitor_private_link_scope", + "azurerm_monitor_private_link_scoped_service", + "azurerm_monitor_scheduled_query_rules_alert", + "azurerm_monitor_scheduled_query_rules_alert_v2", + "azurerm_monitor_scheduled_query_rules_log", + "azurerm_monitor_smart_detector_alert_rule", + "azurerm_monitor_workspace", + "azurerm_mssql_database", + "azurerm_mssql_database_extended_auditing_policy", + "azurerm_mssql_database_vulnerability_assessment_rule_baseline", + "azurerm_mssql_elasticpool", + "azurerm_mssql_failover_group", + "azurerm_mssql_firewall_rule", + "azurerm_mssql_job", + "azurerm_mssql_job_agent", + "azurerm_mssql_job_credential", + "azurerm_mssql_job_schedule", + "azurerm_mssql_job_target_group", + "azurerm_mssql_managed_database", + "azurerm_mssql_managed_instance", + "azurerm_mssql_managed_instance_active_directory_administrator", + "azurerm_mssql_managed_instance_failover_group", + "azurerm_mssql_managed_instance_security_alert_policy", + "azurerm_mssql_managed_instance_transparent_data_encryption", + "azurerm_mssql_managed_instance_vulnerability_assessment", + "azurerm_mssql_outbound_firewall_rule", + "azurerm_mssql_server", + "azurerm_mssql_server_dns_alias", + "azurerm_mssql_server_extended_auditing_policy", + "azurerm_mssql_server_microsoft_support_auditing_policy", + "azurerm_mssql_server_security_alert_policy", + "azurerm_mssql_server_transparent_data_encryption", + "azurerm_mssql_server_vulnerability_assessment", + "azurerm_mssql_virtual_machine", + "azurerm_mssql_virtual_machine_availability_group_listener", + "azurerm_mssql_virtual_machine_group", + "azurerm_mssql_virtual_network_rule", + "azurerm_mysql_flexible_database", + "azurerm_mysql_flexible_server", + "azurerm_mysql_flexible_server_active_directory_administrator", + "azurerm_mysql_flexible_server_configuration", + "azurerm_mysql_flexible_server_firewall_rule", + "azurerm_nat_gateway", + "azurerm_nat_gateway_public_ip_association", + "azurerm_nat_gateway_public_ip_prefix_association", + "azurerm_netapp_account", + "azurerm_netapp_account_encryption", + "azurerm_netapp_backup_policy", + "azurerm_netapp_backup_vault", + "azurerm_netapp_pool", + "azurerm_netapp_snapshot", + "azurerm_netapp_snapshot_policy", + "azurerm_netapp_volume", + "azurerm_netapp_volume_group_sap_hana", + "azurerm_netapp_volume_quota_rule", + "azurerm_network_connection_monitor", + "azurerm_network_ddos_protection_plan", + "azurerm_network_function_azure_traffic_collector", + "azurerm_network_function_collector_policy", + "azurerm_network_interface", + "azurerm_network_interface_application_gateway_backend_address_pool_association", + "azurerm_network_interface_application_security_group_association", + "azurerm_network_interface_backend_address_pool_association", + "azurerm_network_interface_nat_rule_association", + "azurerm_network_interface_security_group_association", + "azurerm_network_manager", + "azurerm_network_manager_admin_rule", + "azurerm_network_manager_admin_rule_collection", + "azurerm_network_manager_connectivity_configuration", + "azurerm_network_manager_deployment", + "azurerm_network_manager_management_group_connection", + "azurerm_network_manager_network_group", + "azurerm_network_manager_scope_connection", + "azurerm_network_manager_security_admin_configuration", + "azurerm_network_manager_static_member", + "azurerm_network_manager_subscription_connection", + "azurerm_network_profile", + "azurerm_network_security_group", + "azurerm_network_security_rule", + "azurerm_network_watcher", + "azurerm_network_watcher_flow_log", + "azurerm_new_relic_monitor", + "azurerm_new_relic_tag_rule", + "azurerm_nginx_certificate", + "azurerm_nginx_configuration", + "azurerm_nginx_deployment", + "azurerm_notification_hub", + "azurerm_notification_hub_authorization_rule", + "azurerm_notification_hub_namespace", + "azurerm_oracle_autonomous_database", + "azurerm_oracle_cloud_vm_cluster", + "azurerm_oracle_exadata_infrastructure", + "azurerm_orbital_contact", + "azurerm_orbital_contact_profile", + "azurerm_orbital_spacecraft", + "azurerm_orchestrated_virtual_machine_scale_set", + "azurerm_palo_alto_local_rulestack", + "azurerm_palo_alto_local_rulestack_certificate", + "azurerm_palo_alto_local_rulestack_fqdn_list", + "azurerm_palo_alto_local_rulestack_outbound_trust_certificate_association", + "azurerm_palo_alto_local_rulestack_outbound_untrust_certificate_association", + "azurerm_palo_alto_local_rulestack_prefix_list", + "azurerm_palo_alto_local_rulestack_rule", + "azurerm_palo_alto_next_generation_firewall_virtual_hub_local_rulestack", + "azurerm_palo_alto_next_generation_firewall_virtual_hub_panorama", + "azurerm_palo_alto_next_generation_firewall_virtual_network_local_rulestack", + "azurerm_palo_alto_next_generation_firewall_virtual_network_panorama", + "azurerm_palo_alto_virtual_network_appliance", + "azurerm_pim_active_role_assignment", + "azurerm_pim_eligible_role_assignment", + "azurerm_point_to_site_vpn_gateway", + "azurerm_policy_definition", + "azurerm_policy_set_definition", + "azurerm_policy_virtual_machine_configuration_assignment", + "azurerm_portal_dashboard", + "azurerm_portal_tenant_configuration", + "azurerm_postgresql_active_directory_administrator", + "azurerm_postgresql_configuration", + "azurerm_postgresql_database", + "azurerm_postgresql_firewall_rule", + "azurerm_postgresql_flexible_server", + "azurerm_postgresql_flexible_server_active_directory_administrator", + "azurerm_postgresql_flexible_server_configuration", + "azurerm_postgresql_flexible_server_database", + "azurerm_postgresql_flexible_server_firewall_rule", + "azurerm_postgresql_flexible_server_virtual_endpoint", + "azurerm_postgresql_server", + "azurerm_postgresql_server_key", + "azurerm_postgresql_virtual_network_rule", + "azurerm_powerbi_embedded", + "azurerm_private_dns_a_record", + "azurerm_private_dns_aaaa_record", + "azurerm_private_dns_cname_record", + "azurerm_private_dns_mx_record", + "azurerm_private_dns_ptr_record", + "azurerm_private_dns_resolver", + "azurerm_private_dns_resolver_dns_forwarding_ruleset", + "azurerm_private_dns_resolver_forwarding_rule", + "azurerm_private_dns_resolver_inbound_endpoint", + "azurerm_private_dns_resolver_outbound_endpoint", + "azurerm_private_dns_resolver_virtual_network_link", + "azurerm_private_dns_soa_record", + "azurerm_private_dns_srv_record", + "azurerm_private_dns_txt_record", + "azurerm_private_dns_zone", + "azurerm_private_dns_zone_virtual_network_link", + "azurerm_private_endpoint", + "azurerm_private_endpoint_application_security_group_association", + "azurerm_private_link_service", + "azurerm_proximity_placement_group", + "azurerm_public_ip", + "azurerm_public_ip_prefix", + "azurerm_purview_account", + "azurerm_recovery_services_vault", + "azurerm_recovery_services_vault_resource_guard_association", + "azurerm_redhat_openshift_cluster", + "azurerm_redis_cache", + "azurerm_redis_cache_access_policy", + "azurerm_redis_cache_access_policy_assignment", + "azurerm_redis_enterprise_cluster", + "azurerm_redis_enterprise_database", + "azurerm_redis_firewall_rule", + "azurerm_redis_linked_server", + "azurerm_relay_hybrid_connection", + "azurerm_relay_hybrid_connection_authorization_rule", + "azurerm_relay_namespace", + "azurerm_relay_namespace_authorization_rule", + "azurerm_resource_deployment_script_azure_cli", + "azurerm_resource_deployment_script_azure_power_shell", + "azurerm_resource_group", + "azurerm_resource_group_cost_management_export", + "azurerm_resource_group_cost_management_view", + "azurerm_resource_group_policy_assignment", + "azurerm_resource_group_policy_exemption", + "azurerm_resource_group_policy_remediation", + "azurerm_resource_group_template_deployment", + "azurerm_resource_management_private_link", + "azurerm_resource_management_private_link_association", + "azurerm_resource_policy_assignment", + "azurerm_resource_policy_exemption", + "azurerm_resource_policy_remediation", + "azurerm_resource_provider_registration", + "azurerm_role_assignment", + "azurerm_role_definition", + "azurerm_role_management_policy", + "azurerm_route", + "azurerm_route_filter", + "azurerm_route_map", + "azurerm_route_server", + "azurerm_route_server_bgp_connection", + "azurerm_route_table", + "azurerm_search_service", + "azurerm_search_shared_private_link_service", + "azurerm_security_center_assessment", + "azurerm_security_center_assessment_policy", + "azurerm_security_center_auto_provisioning", + "azurerm_security_center_automation", + "azurerm_security_center_contact", + "azurerm_security_center_server_vulnerability_assessment_virtual_machine", + "azurerm_security_center_server_vulnerability_assessments_setting", + "azurerm_security_center_setting", + "azurerm_security_center_storage_defender", + "azurerm_security_center_subscription_pricing", + "azurerm_security_center_workspace", + "azurerm_sentinel_alert_rule_anomaly_built_in", + "azurerm_sentinel_alert_rule_anomaly_duplicate", + "azurerm_sentinel_alert_rule_fusion", + "azurerm_sentinel_alert_rule_machine_learning_behavior_analytics", + "azurerm_sentinel_alert_rule_ms_security_incident", + "azurerm_sentinel_alert_rule_nrt", + "azurerm_sentinel_alert_rule_scheduled", + "azurerm_sentinel_alert_rule_threat_intelligence", + "azurerm_sentinel_automation_rule", + "azurerm_sentinel_data_connector_aws_cloud_trail", + "azurerm_sentinel_data_connector_aws_s3", + "azurerm_sentinel_data_connector_azure_active_directory", + "azurerm_sentinel_data_connector_azure_advanced_threat_protection", + "azurerm_sentinel_data_connector_azure_security_center", + "azurerm_sentinel_data_connector_dynamics_365", + "azurerm_sentinel_data_connector_iot", + "azurerm_sentinel_data_connector_microsoft_cloud_app_security", + "azurerm_sentinel_data_connector_microsoft_defender_advanced_threat_protection", + "azurerm_sentinel_data_connector_microsoft_threat_intelligence", + "azurerm_sentinel_data_connector_microsoft_threat_protection", + "azurerm_sentinel_data_connector_office_365", + "azurerm_sentinel_data_connector_office_365_project", + "azurerm_sentinel_data_connector_office_atp", + "azurerm_sentinel_data_connector_office_irm", + "azurerm_sentinel_data_connector_office_power_bi", + "azurerm_sentinel_data_connector_threat_intelligence", + "azurerm_sentinel_data_connector_threat_intelligence_taxii", + "azurerm_sentinel_log_analytics_workspace_onboarding", + "azurerm_sentinel_metadata", + "azurerm_sentinel_threat_intelligence_indicator", + "azurerm_sentinel_watchlist", + "azurerm_sentinel_watchlist_item", + "azurerm_service_fabric_cluster", + "azurerm_service_fabric_managed_cluster", + "azurerm_service_plan", + "azurerm_servicebus_namespace", + "azurerm_servicebus_namespace_authorization_rule", + "azurerm_servicebus_namespace_disaster_recovery_config", + "azurerm_servicebus_queue", + "azurerm_servicebus_queue_authorization_rule", + "azurerm_servicebus_subscription", + "azurerm_servicebus_subscription_rule", + "azurerm_servicebus_topic", + "azurerm_servicebus_topic_authorization_rule", + "azurerm_shared_image", + "azurerm_shared_image_gallery", + "azurerm_shared_image_version", + "azurerm_signalr_service", + "azurerm_signalr_service_custom_certificate", + "azurerm_signalr_service_custom_domain", + "azurerm_signalr_service_network_acl", + "azurerm_signalr_shared_private_link_resource", + "azurerm_site_recovery_fabric", + "azurerm_site_recovery_hyperv_network_mapping", + "azurerm_site_recovery_hyperv_replication_policy", + "azurerm_site_recovery_hyperv_replication_policy_association", + "azurerm_site_recovery_network_mapping", + "azurerm_site_recovery_protection_container", + "azurerm_site_recovery_protection_container_mapping", + "azurerm_site_recovery_replicated_vm", + "azurerm_site_recovery_replication_policy", + "azurerm_site_recovery_replication_recovery_plan", + "azurerm_site_recovery_services_vault_hyperv_site", + "azurerm_site_recovery_vmware_replicated_vm", + "azurerm_site_recovery_vmware_replication_policy", + "azurerm_site_recovery_vmware_replication_policy_association", + "azurerm_snapshot", + "azurerm_source_control_token", + "azurerm_spatial_anchors_account", + "azurerm_spring_cloud_accelerator", + "azurerm_spring_cloud_active_deployment", + "azurerm_spring_cloud_api_portal", + "azurerm_spring_cloud_api_portal_custom_domain", + "azurerm_spring_cloud_app", + "azurerm_spring_cloud_app_cosmosdb_association", + "azurerm_spring_cloud_app_dynamics_application_performance_monitoring", + "azurerm_spring_cloud_app_mysql_association", + "azurerm_spring_cloud_app_redis_association", + "azurerm_spring_cloud_application_insights_application_performance_monitoring", + "azurerm_spring_cloud_application_live_view", + "azurerm_spring_cloud_build_deployment", + "azurerm_spring_cloud_build_pack_binding", + "azurerm_spring_cloud_builder", + "azurerm_spring_cloud_certificate", + "azurerm_spring_cloud_configuration_service", + "azurerm_spring_cloud_connection", + "azurerm_spring_cloud_container_deployment", + "azurerm_spring_cloud_custom_domain", + "azurerm_spring_cloud_customized_accelerator", + "azurerm_spring_cloud_dev_tool_portal", + "azurerm_spring_cloud_dynatrace_application_performance_monitoring", + "azurerm_spring_cloud_elastic_application_performance_monitoring", + "azurerm_spring_cloud_gateway", + "azurerm_spring_cloud_gateway_custom_domain", + "azurerm_spring_cloud_gateway_route_config", + "azurerm_spring_cloud_java_deployment", + "azurerm_spring_cloud_new_relic_application_performance_monitoring", + "azurerm_spring_cloud_service", + "azurerm_spring_cloud_storage", + "azurerm_sql_database", + "azurerm_sql_firewall_rule", + "azurerm_sql_server", + "azurerm_sql_virtual_network_rule", + "azurerm_ssh_public_key", + "azurerm_stack_hci_cluster", + "azurerm_stack_hci_deployment_setting", + "azurerm_stack_hci_extension", + "azurerm_stack_hci_logical_network", + "azurerm_stack_hci_marketplace_gallery_image", + "azurerm_stack_hci_network_interface", + "azurerm_stack_hci_storage_path", + "azurerm_stack_hci_virtual_hard_disk", + "azurerm_static_site", + "azurerm_static_site_custom_domain", + "azurerm_static_web_app", + "azurerm_static_web_app_custom_domain", + "azurerm_static_web_app_function_app_registration", + "azurerm_storage_account", + "azurerm_storage_account_customer_managed_key", + "azurerm_storage_account_local_user", + "azurerm_storage_account_network_rules", + "azurerm_storage_account_queue_properties", + "azurerm_storage_account_static_website", + "azurerm_storage_blob", + "azurerm_storage_blob_inventory_policy", + "azurerm_storage_container", + "azurerm_storage_container_immutability_policy", + "azurerm_storage_data_lake_gen2_filesystem", + "azurerm_storage_data_lake_gen2_path", + "azurerm_storage_encryption_scope", + "azurerm_storage_management_policy", + "azurerm_storage_mover", + "azurerm_storage_mover_agent", + "azurerm_storage_mover_job_definition", + "azurerm_storage_mover_project", + "azurerm_storage_mover_source_endpoint", + "azurerm_storage_mover_target_endpoint", + "azurerm_storage_object_replication", + "azurerm_storage_queue", + "azurerm_storage_share", + "azurerm_storage_share_directory", + "azurerm_storage_share_file", + "azurerm_storage_sync", + "azurerm_storage_sync_cloud_endpoint", + "azurerm_storage_sync_group", + "azurerm_storage_sync_server_endpoint", + "azurerm_storage_table", + "azurerm_storage_table_entity", + "azurerm_stream_analytics_cluster", + "azurerm_stream_analytics_function_javascript_uda", + "azurerm_stream_analytics_function_javascript_udf", + "azurerm_stream_analytics_job", + "azurerm_stream_analytics_job_schedule", + "azurerm_stream_analytics_managed_private_endpoint", + "azurerm_stream_analytics_output_blob", + "azurerm_stream_analytics_output_cosmosdb", + "azurerm_stream_analytics_output_eventhub", + "azurerm_stream_analytics_output_function", + "azurerm_stream_analytics_output_mssql", + "azurerm_stream_analytics_output_powerbi", + "azurerm_stream_analytics_output_servicebus_queue", + "azurerm_stream_analytics_output_servicebus_topic", + "azurerm_stream_analytics_output_synapse", + "azurerm_stream_analytics_output_table", + "azurerm_stream_analytics_reference_input_blob", + "azurerm_stream_analytics_reference_input_mssql", + "azurerm_stream_analytics_stream_input_blob", + "azurerm_stream_analytics_stream_input_eventhub", + "azurerm_stream_analytics_stream_input_eventhub_v2", + "azurerm_stream_analytics_stream_input_iothub", + "azurerm_subnet", + "azurerm_subnet_nat_gateway_association", + "azurerm_subnet_network_security_group_association", + "azurerm_subnet_route_table_association", + "azurerm_subnet_service_endpoint_storage_policy", + "azurerm_subscription", + "azurerm_subscription_cost_management_export", + "azurerm_subscription_cost_management_view", + "azurerm_subscription_policy_assignment", + "azurerm_subscription_policy_exemption", + "azurerm_subscription_policy_remediation", + "azurerm_subscription_template_deployment", + "azurerm_synapse_firewall_rule", + "azurerm_synapse_integration_runtime_azure", + "azurerm_synapse_integration_runtime_self_hosted", + "azurerm_synapse_linked_service", + "azurerm_synapse_managed_private_endpoint", + "azurerm_synapse_private_link_hub", + "azurerm_synapse_role_assignment", + "azurerm_synapse_spark_pool", + "azurerm_synapse_sql_pool", + "azurerm_synapse_sql_pool_extended_auditing_policy", + "azurerm_synapse_sql_pool_security_alert_policy", + "azurerm_synapse_sql_pool_vulnerability_assessment", + "azurerm_synapse_sql_pool_vulnerability_assessment_baseline", + "azurerm_synapse_sql_pool_workload_classifier", + "azurerm_synapse_sql_pool_workload_group", + "azurerm_synapse_workspace", + "azurerm_synapse_workspace_aad_admin", + "azurerm_synapse_workspace_extended_auditing_policy", + "azurerm_synapse_workspace_key", + "azurerm_synapse_workspace_security_alert_policy", + "azurerm_synapse_workspace_sql_aad_admin", + "azurerm_synapse_workspace_vulnerability_assessment", + "azurerm_system_center_virtual_machine_manager_availability_set", + "azurerm_system_center_virtual_machine_manager_cloud", + "azurerm_system_center_virtual_machine_manager_server", + "azurerm_system_center_virtual_machine_manager_virtual_machine_template", + "azurerm_system_center_virtual_machine_manager_virtual_network", + "azurerm_tenant_template_deployment", + "azurerm_traffic_manager_azure_endpoint", + "azurerm_traffic_manager_external_endpoint", + "azurerm_traffic_manager_nested_endpoint", + "azurerm_traffic_manager_profile", + "azurerm_trusted_signing_account", + "azurerm_user_assigned_identity", + "azurerm_video_indexer_account", + "azurerm_virtual_desktop_application", + "azurerm_virtual_desktop_application_group", + "azurerm_virtual_desktop_host_pool", + "azurerm_virtual_desktop_host_pool_registration_info", + "azurerm_virtual_desktop_scaling_plan", + "azurerm_virtual_desktop_scaling_plan_host_pool_association", + "azurerm_virtual_desktop_workspace", + "azurerm_virtual_desktop_workspace_application_group_association", + "azurerm_virtual_hub", + "azurerm_virtual_hub_bgp_connection", + "azurerm_virtual_hub_connection", + "azurerm_virtual_hub_ip", + "azurerm_virtual_hub_route_table", + "azurerm_virtual_hub_route_table_route", + "azurerm_virtual_hub_routing_intent", + "azurerm_virtual_hub_security_partner_provider", + "azurerm_virtual_machine", + "azurerm_virtual_machine_automanage_configuration_assignment", + "azurerm_virtual_machine_data_disk_attachment", + "azurerm_virtual_machine_extension", + "azurerm_virtual_machine_gallery_application_assignment", + "azurerm_virtual_machine_implicit_data_disk_from_source", + "azurerm_virtual_machine_packet_capture", + "azurerm_virtual_machine_restore_point", + "azurerm_virtual_machine_restore_point_collection", + "azurerm_virtual_machine_run_command", + "azurerm_virtual_machine_scale_set", + "azurerm_virtual_machine_scale_set_extension", + "azurerm_virtual_machine_scale_set_packet_capture", + "azurerm_virtual_network", + "azurerm_virtual_network_dns_servers", + "azurerm_virtual_network_gateway", + "azurerm_virtual_network_gateway_connection", + "azurerm_virtual_network_gateway_nat_rule", + "azurerm_virtual_network_peering", + "azurerm_virtual_wan", + "azurerm_vmware_cluster", + "azurerm_vmware_express_route_authorization", + "azurerm_vmware_netapp_volume_attachment", + "azurerm_vmware_private_cloud", + "azurerm_voice_services_communications_gateway", + "azurerm_vpn_gateway", + "azurerm_vpn_gateway_connection", + "azurerm_vpn_gateway_nat_rule", + "azurerm_vpn_server_configuration", + "azurerm_vpn_server_configuration_policy_group", + "azurerm_vpn_site", + "azurerm_web_app_active_slot", + "azurerm_web_app_hybrid_connection", + "azurerm_web_application_firewall_policy", + "azurerm_web_pubsub", + "azurerm_web_pubsub_custom_certificate", + "azurerm_web_pubsub_custom_domain", + "azurerm_web_pubsub_hub", + "azurerm_web_pubsub_network_acl", + "azurerm_web_pubsub_service", + "azurerm_web_pubsub_shared_private_link_resource", + "azurerm_windows_function_app", + "azurerm_windows_function_app_slot", + "azurerm_windows_virtual_machine", + "azurerm_windows_virtual_machine_scale_set", + "azurerm_windows_web_app", + "azurerm_windows_web_app_slot", + "azurerm_workloads_sap_discovery_virtual_instance", + "azurerm_workloads_sap_single_node_virtual_instance", + "azurerm_workloads_sap_three_tier_virtual_instance" + ] +} diff --git a/src/parse/google-members.json b/src/parse/google-members.json index acb863f0..bd382984 100755 --- a/src/parse/google-members.json +++ b/src/parse/google-members.json @@ -1,1404 +1,1404 @@ -{ - "resources": [ - "google_access_context_manager_access_level", - "google_access_context_manager_access_level_condition", - "google_access_context_manager_access_levels", - "google_access_context_manager_access_policy", - "google_access_context_manager_access_policy_iam_binding", - "google_access_context_manager_access_policy_iam_member", - "google_access_context_manager_access_policy_iam_policy", - "google_access_context_manager_authorized_orgs_desc", - "google_access_context_manager_gcp_user_access_binding", - "google_access_context_manager_service_perimeter", - "google_access_context_manager_service_perimeter_dry_run_egress_policy", - "google_access_context_manager_service_perimeter_dry_run_ingress_policy", - "google_access_context_manager_service_perimeter_dry_run_resource", - "google_access_context_manager_service_perimeter_egress_policy", - "google_access_context_manager_service_perimeter_ingress_policy", - "google_access_context_manager_service_perimeter_resource", - "google_access_context_manager_service_perimeters", - "google_active_directory_domain", - "google_active_directory_domain_trust", - "google_active_directory_peering", - "google_alloydb_backup", - "google_alloydb_cluster", - "google_alloydb_instance", - "google_alloydb_user", - "google_api_gateway_api", - "google_api_gateway_api_config", - "google_api_gateway_api_config_iam_binding", - "google_api_gateway_api_config_iam_member", - "google_api_gateway_api_config_iam_policy", - "google_api_gateway_api_iam_binding", - "google_api_gateway_api_iam_member", - "google_api_gateway_api_iam_policy", - "google_api_gateway_gateway", - "google_api_gateway_gateway_iam_binding", - "google_api_gateway_gateway_iam_member", - "google_api_gateway_gateway_iam_policy", - "google_apigee_addons_config", - "google_apigee_app_group", - "google_apigee_developer", - "google_apigee_env_keystore", - "google_apigee_envgroup", - "google_apigee_envgroup_attachment", - "google_apigee_environment", - "google_apigee_environment_addons_config", - "google_apigee_environment_iam_binding", - "google_apigee_environment_iam_member", - "google_apigee_environment_iam_policy", - "google_apigee_environment_keyvaluemaps", - "google_apigee_environment_keyvaluemaps_entries", - "google_apigee_instance", - "google_apigee_instance_attachment", - "google_apigee_keystores_aliases_self_signed_cert", - "google_apigee_nat_address", - "google_apigee_organization", - "google_apigee_sharedflow", - "google_apigee_sync_authorization", - "google_apigee_target_server", - "google_apihub_api_hub_instance", - "google_apikeys_key", - "google_app_engine_application", - "google_app_engine_application_url_dispatch_rules", - "google_app_engine_domain_mapping", - "google_app_engine_firewall_rule", - "google_app_engine_flexible_app_version", - "google_app_engine_service_network_settings", - "google_app_engine_service_split_traffic", - "google_app_engine_standard_app_version", - "google_apphub_application", - "google_apphub_service", - "google_apphub_service_project_attachment", - "google_apphub_workload", - "google_artifact_registry_repository", - "google_artifact_registry_repository_iam_binding", - "google_artifact_registry_repository_iam_member", - "google_artifact_registry_repository_iam_policy", - "google_artifact_registry_vpcsc_config", - "google_assured_workloads_workload", - "google_backup_dr_backup_plan", - "google_backup_dr_backup_plan_association", - "google_backup_dr_backup_vault", - "google_backup_dr_management_server", - "google_beyondcorp_app_connection", - "google_beyondcorp_app_connector", - "google_beyondcorp_app_gateway", - "google_beyondcorp_security_gateway", - "google_beyondcorp_security_gateway_iam_binding", - "google_beyondcorp_security_gateway_iam_member", - "google_beyondcorp_security_gateway_iam_policy", - "google_biglake_catalog", - "google_biglake_database", - "google_biglake_table", - "google_bigquery_analytics_hub_data_exchange", - "google_bigquery_analytics_hub_data_exchange_iam_binding", - "google_bigquery_analytics_hub_data_exchange_iam_member", - "google_bigquery_analytics_hub_data_exchange_iam_policy", - "google_bigquery_analytics_hub_listing", - "google_bigquery_analytics_hub_listing_iam_binding", - "google_bigquery_analytics_hub_listing_iam_member", - "google_bigquery_analytics_hub_listing_iam_policy", - "google_bigquery_bi_reservation", - "google_bigquery_capacity_commitment", - "google_bigquery_connection", - "google_bigquery_connection_iam_binding", - "google_bigquery_connection_iam_member", - "google_bigquery_connection_iam_policy", - "google_bigquery_data_transfer_config", - "google_bigquery_datapolicy_data_policy", - "google_bigquery_datapolicy_data_policy_iam_binding", - "google_bigquery_datapolicy_data_policy_iam_member", - "google_bigquery_datapolicy_data_policy_iam_policy", - "google_bigquery_dataset", - "google_bigquery_dataset_access", - "google_bigquery_dataset_iam_binding", - "google_bigquery_dataset_iam_member", - "google_bigquery_dataset_iam_policy", - "google_bigquery_job", - "google_bigquery_reservation", - "google_bigquery_reservation_assignment", - "google_bigquery_routine", - "google_bigquery_table", - "google_bigquery_table_iam_binding", - "google_bigquery_table_iam_member", - "google_bigquery_table_iam_policy", - "google_bigtable_app_profile", - "google_bigtable_authorized_view", - "google_bigtable_gc_policy", - "google_bigtable_instance", - "google_bigtable_instance_iam_binding", - "google_bigtable_instance_iam_member", - "google_bigtable_instance_iam_policy", - "google_bigtable_table", - "google_bigtable_table_iam_binding", - "google_bigtable_table_iam_member", - "google_bigtable_table_iam_policy", - "google_billing_account_iam_binding", - "google_billing_account_iam_member", - "google_billing_account_iam_policy", - "google_billing_budget", - "google_billing_project_info", - "google_billing_subaccount", - "google_binary_authorization_attestor", - "google_binary_authorization_attestor_iam_binding", - "google_binary_authorization_attestor_iam_member", - "google_binary_authorization_attestor_iam_policy", - "google_binary_authorization_policy", - "google_blockchain_node_engine_blockchain_nodes", - "google_certificate_manager_certificate", - "google_certificate_manager_certificate_issuance_config", - "google_certificate_manager_certificate_map", - "google_certificate_manager_certificate_map_entry", - "google_certificate_manager_dns_authorization", - "google_certificate_manager_trust_config", - "google_chronicle_data_access_label", - "google_chronicle_data_access_scope", - "google_chronicle_reference_list", - "google_chronicle_retrohunt", - "google_chronicle_rule", - "google_chronicle_rule_deployment", - "google_chronicle_watchlist", - "google_cloud_asset_folder_feed", - "google_cloud_asset_organization_feed", - "google_cloud_asset_project_feed", - "google_cloud_identity_group", - "google_cloud_identity_group_membership", - "google_cloud_ids_endpoint", - "google_cloud_quotas_quota_adjuster_settings", - "google_cloud_quotas_quota_preference", - "google_cloud_run_domain_mapping", - "google_cloud_run_service", - "google_cloud_run_service_iam_binding", - "google_cloud_run_service_iam_member", - "google_cloud_run_service_iam_policy", - "google_cloud_run_v2_job", - "google_cloud_run_v2_job_iam_binding", - "google_cloud_run_v2_job_iam_member", - "google_cloud_run_v2_job_iam_policy", - "google_cloud_run_v2_service", - "google_cloud_run_v2_service_iam_binding", - "google_cloud_run_v2_service_iam_member", - "google_cloud_run_v2_service_iam_policy", - "google_cloud_scheduler_job", - "google_cloud_tasks_queue", - "google_cloud_tasks_queue_iam_binding", - "google_cloud_tasks_queue_iam_member", - "google_cloud_tasks_queue_iam_policy", - "google_cloudbuild_bitbucket_server_config", - "google_cloudbuild_trigger", - "google_cloudbuild_worker_pool", - "google_cloudbuildv2_connection", - "google_cloudbuildv2_connection_iam_binding", - "google_cloudbuildv2_connection_iam_member", - "google_cloudbuildv2_connection_iam_policy", - "google_cloudbuildv2_repository", - "google_clouddeploy_automation", - "google_clouddeploy_custom_target_type", - "google_clouddeploy_custom_target_type_iam_binding", - "google_clouddeploy_custom_target_type_iam_member", - "google_clouddeploy_custom_target_type_iam_policy", - "google_clouddeploy_delivery_pipeline", - "google_clouddeploy_delivery_pipeline_iam_binding", - "google_clouddeploy_delivery_pipeline_iam_member", - "google_clouddeploy_delivery_pipeline_iam_policy", - "google_clouddeploy_target", - "google_clouddeploy_target_iam_binding", - "google_clouddeploy_target_iam_member", - "google_clouddeploy_target_iam_policy", - "google_clouddomains_registration", - "google_cloudfunctions2_function", - "google_cloudfunctions2_function_iam_binding", - "google_cloudfunctions2_function_iam_member", - "google_cloudfunctions2_function_iam_policy", - "google_cloudfunctions_function", - "google_cloudfunctions_function_iam_binding", - "google_cloudfunctions_function_iam_member", - "google_cloudfunctions_function_iam_policy", - "google_cloudiot_registry", - "google_colab_notebook_execution", - "google_colab_runtime", - "google_colab_runtime_template", - "google_colab_runtime_template_iam_binding", - "google_colab_runtime_template_iam_member", - "google_colab_runtime_template_iam_policy", - "google_composer_environment", - "google_composer_user_workloads_config_map", - "google_composer_user_workloads_secret", - "google_compute_address", - "google_compute_attached_disk", - "google_compute_autoscaler", - "google_compute_backend_bucket", - "google_compute_backend_bucket_iam_binding", - "google_compute_backend_bucket_iam_member", - "google_compute_backend_bucket_iam_policy", - "google_compute_backend_bucket_signed_url_key", - "google_compute_backend_service", - "google_compute_backend_service_iam_binding", - "google_compute_backend_service_iam_member", - "google_compute_backend_service_iam_policy", - "google_compute_backend_service_signed_url_key", - "google_compute_disk", - "google_compute_disk_async_replication", - "google_compute_disk_iam_binding", - "google_compute_disk_iam_member", - "google_compute_disk_iam_policy", - "google_compute_disk_resource_policy_attachment", - "google_compute_external_vpn_gateway", - "google_compute_firewall", - "google_compute_firewall_policy", - "google_compute_firewall_policy_association", - "google_compute_firewall_policy_rule", - "google_compute_firewall_policy_with_rules", - "google_compute_forwarding_rule", - "google_compute_global_address", - "google_compute_global_forwarding_rule", - "google_compute_global_network_endpoint", - "google_compute_global_network_endpoint_group", - "google_compute_ha_vpn_gateway", - "google_compute_health_check", - "google_compute_http_health_check", - "google_compute_https_health_check", - "google_compute_image", - "google_compute_image_iam_binding", - "google_compute_image_iam_member", - "google_compute_image_iam_policy", - "google_compute_instance", - "google_compute_instance_from_machine_image", - "google_compute_instance_from_template", - "google_compute_instance_group", - "google_compute_instance_group_manager", - "google_compute_instance_group_membership", - "google_compute_instance_group_named_port", - "google_compute_instance_iam_binding", - "google_compute_instance_iam_member", - "google_compute_instance_iam_policy", - "google_compute_instance_settings", - "google_compute_instance_template", - "google_compute_instance_template_iam_binding", - "google_compute_instance_template_iam_member", - "google_compute_instance_template_iam_policy", - "google_compute_interconnect", - "google_compute_interconnect_attachment", - "google_compute_machine_image", - "google_compute_machine_image_iam_binding", - "google_compute_machine_image_iam_member", - "google_compute_machine_image_iam_policy", - "google_compute_managed_ssl_certificate", - "google_compute_network", - "google_compute_network_attachment", - "google_compute_network_edge_security_service", - "google_compute_network_endpoint", - "google_compute_network_endpoint_group", - "google_compute_network_endpoints", - "google_compute_network_firewall_policy", - "google_compute_network_firewall_policy_association", - "google_compute_network_firewall_policy_rule", - "google_compute_network_firewall_policy_with_rules", - "google_compute_network_peering", - "google_compute_network_peering_routes_config", - "google_compute_node_group", - "google_compute_node_template", - "google_compute_organization_security_policy", - "google_compute_organization_security_policy_association", - "google_compute_organization_security_policy_rule", - "google_compute_packet_mirroring", - "google_compute_per_instance_config", - "google_compute_project_cloud_armor_tier", - "google_compute_project_default_network_tier", - "google_compute_project_metadata", - "google_compute_project_metadata_item", - "google_compute_public_advertised_prefix", - "google_compute_public_delegated_prefix", - "google_compute_region_autoscaler", - "google_compute_region_backend_service", - "google_compute_region_backend_service_iam_binding", - "google_compute_region_backend_service_iam_member", - "google_compute_region_backend_service_iam_policy", - "google_compute_region_commitment", - "google_compute_region_disk", - "google_compute_region_disk_iam_binding", - "google_compute_region_disk_iam_member", - "google_compute_region_disk_iam_policy", - "google_compute_region_disk_resource_policy_attachment", - "google_compute_region_health_check", - "google_compute_region_instance_group_manager", - "google_compute_region_instance_template", - "google_compute_region_network_endpoint", - "google_compute_region_network_endpoint_group", - "google_compute_region_network_firewall_policy", - "google_compute_region_network_firewall_policy_association", - "google_compute_region_network_firewall_policy_rule", - "google_compute_region_network_firewall_policy_with_rules", - "google_compute_region_per_instance_config", - "google_compute_region_resize_request", - "google_compute_region_security_policy", - "google_compute_region_security_policy_rule", - "google_compute_region_ssl_certificate", - "google_compute_region_target_http_proxy", - "google_compute_region_target_https_proxy", - "google_compute_region_target_tcp_proxy", - "google_compute_region_url_map", - "google_compute_reservation", - "google_compute_resize_request", - "google_compute_resource_policy", - "google_compute_route", - "google_compute_router", - "google_compute_router_interface", - "google_compute_router_nat", - "google_compute_router_nat_address", - "google_compute_router_peer", - "google_compute_router_route_policy", - "google_compute_security_policy", - "google_compute_security_policy_rule", - "google_compute_service_attachment", - "google_compute_shared_vpc_host_project", - "google_compute_shared_vpc_service_project", - "google_compute_snapshot", - "google_compute_snapshot_iam_binding", - "google_compute_snapshot_iam_member", - "google_compute_snapshot_iam_policy", - "google_compute_ssl_certificate", - "google_compute_ssl_policy", - "google_compute_subnetwork", - "google_compute_subnetwork_iam_binding", - "google_compute_subnetwork_iam_member", - "google_compute_subnetwork_iam_policy", - "google_compute_target_grpc_proxy", - "google_compute_target_http_proxy", - "google_compute_target_https_proxy", - "google_compute_target_instance", - "google_compute_target_pool", - "google_compute_target_ssl_proxy", - "google_compute_target_tcp_proxy", - "google_compute_url_map", - "google_compute_vpn_gateway", - "google_compute_vpn_tunnel", - "google_container_analysis_note", - "google_container_analysis_note_iam_binding", - "google_container_analysis_note_iam_member", - "google_container_analysis_note_iam_policy", - "google_container_analysis_occurrence", - "google_container_attached_cluster", - "google_container_aws_cluster", - "google_container_aws_node_pool", - "google_container_azure_client", - "google_container_azure_cluster", - "google_container_azure_node_pool", - "google_container_cluster", - "google_container_node_pool", - "google_container_registry", - "google_data_catalog_entry", - "google_data_catalog_entry_group", - "google_data_catalog_entry_group_iam_binding", - "google_data_catalog_entry_group_iam_member", - "google_data_catalog_entry_group_iam_policy", - "google_data_catalog_policy_tag", - "google_data_catalog_policy_tag_iam_binding", - "google_data_catalog_policy_tag_iam_member", - "google_data_catalog_policy_tag_iam_policy", - "google_data_catalog_tag", - "google_data_catalog_tag_template", - "google_data_catalog_tag_template_iam_binding", - "google_data_catalog_tag_template_iam_member", - "google_data_catalog_tag_template_iam_policy", - "google_data_catalog_taxonomy", - "google_data_catalog_taxonomy_iam_binding", - "google_data_catalog_taxonomy_iam_member", - "google_data_catalog_taxonomy_iam_policy", - "google_data_fusion_instance", - "google_data_fusion_instance_iam_binding", - "google_data_fusion_instance_iam_member", - "google_data_fusion_instance_iam_policy", - "google_data_loss_prevention_deidentify_template", - "google_data_loss_prevention_discovery_config", - "google_data_loss_prevention_inspect_template", - "google_data_loss_prevention_job_trigger", - "google_data_loss_prevention_stored_info_type", - "google_data_pipeline_pipeline", - "google_database_migration_service_connection_profile", - "google_database_migration_service_migration_job", - "google_database_migration_service_private_connection", - "google_dataflow_flex_template_job", - "google_dataflow_job", - "google_dataform_repository", - "google_dataform_repository_iam_binding", - "google_dataform_repository_iam_member", - "google_dataform_repository_iam_policy", - "google_dataform_repository_release_config", - "google_dataform_repository_workflow_config", - "google_dataplex_aspect_type", - "google_dataplex_aspect_type_iam_binding", - "google_dataplex_aspect_type_iam_member", - "google_dataplex_aspect_type_iam_policy", - "google_dataplex_asset", - "google_dataplex_asset_iam_binding", - "google_dataplex_asset_iam_member", - "google_dataplex_asset_iam_policy", - "google_dataplex_datascan", - "google_dataplex_datascan_iam_binding", - "google_dataplex_datascan_iam_member", - "google_dataplex_datascan_iam_policy", - "google_dataplex_entry_group", - "google_dataplex_entry_group_iam_binding", - "google_dataplex_entry_group_iam_member", - "google_dataplex_entry_group_iam_policy", - "google_dataplex_entry_type", - "google_dataplex_entry_type_iam_binding", - "google_dataplex_entry_type_iam_member", - "google_dataplex_entry_type_iam_policy", - "google_dataplex_lake", - "google_dataplex_lake_iam_binding", - "google_dataplex_lake_iam_member", - "google_dataplex_lake_iam_policy", - "google_dataplex_task", - "google_dataplex_task_iam_binding", - "google_dataplex_task_iam_member", - "google_dataplex_task_iam_policy", - "google_dataplex_zone", - "google_dataplex_zone_iam_binding", - "google_dataplex_zone_iam_member", - "google_dataplex_zone_iam_policy", - "google_dataproc_autoscaling_policy", - "google_dataproc_autoscaling_policy_iam_binding", - "google_dataproc_autoscaling_policy_iam_member", - "google_dataproc_autoscaling_policy_iam_policy", - "google_dataproc_batch", - "google_dataproc_cluster", - "google_dataproc_cluster_iam_binding", - "google_dataproc_cluster_iam_member", - "google_dataproc_cluster_iam_policy", - "google_dataproc_gdc_application_environment", - "google_dataproc_gdc_service_instance", - "google_dataproc_gdc_spark_application", - "google_dataproc_job", - "google_dataproc_job_iam_binding", - "google_dataproc_job_iam_member", - "google_dataproc_job_iam_policy", - "google_dataproc_metastore_federation", - "google_dataproc_metastore_federation_iam_binding", - "google_dataproc_metastore_federation_iam_member", - "google_dataproc_metastore_federation_iam_policy", - "google_dataproc_metastore_service", - "google_dataproc_metastore_service_iam_binding", - "google_dataproc_metastore_service_iam_member", - "google_dataproc_metastore_service_iam_policy", - "google_dataproc_workflow_template", - "google_datastream_connection_profile", - "google_datastream_private_connection", - "google_datastream_stream", - "google_deployment_manager_deployment", - "google_developer_connect_connection", - "google_developer_connect_git_repository_link", - "google_dialogflow_agent", - "google_dialogflow_cx_agent", - "google_dialogflow_cx_entity_type", - "google_dialogflow_cx_environment", - "google_dialogflow_cx_flow", - "google_dialogflow_cx_intent", - "google_dialogflow_cx_page", - "google_dialogflow_cx_security_settings", - "google_dialogflow_cx_version", - "google_dialogflow_cx_webhook", - "google_dialogflow_entity_type", - "google_dialogflow_fulfillment", - "google_dialogflow_intent", - "google_discovery_engine_chat_engine", - "google_discovery_engine_data_store", - "google_discovery_engine_schema", - "google_discovery_engine_search_engine", - "google_discovery_engine_target_site", - "google_dns_managed_zone", - "google_dns_managed_zone_iam_binding", - "google_dns_managed_zone_iam_member", - "google_dns_managed_zone_iam_policy", - "google_dns_policy", - "google_dns_record_set", - "google_dns_response_policy", - "google_dns_response_policy_rule", - "google_document_ai_processor", - "google_document_ai_processor_default_version", - "google_document_ai_warehouse_document_schema", - "google_document_ai_warehouse_location", - "google_edgecontainer_cluster", - "google_edgecontainer_node_pool", - "google_edgecontainer_vpn_connection", - "google_edgenetwork_interconnect_attachment", - "google_edgenetwork_network", - "google_edgenetwork_subnet", - "google_endpoints_service", - "google_endpoints_service_consumers_iam_binding", - "google_endpoints_service_consumers_iam_member", - "google_endpoints_service_consumers_iam_policy", - "google_endpoints_service_iam_binding", - "google_endpoints_service_iam_member", - "google_endpoints_service_iam_policy", - "google_essential_contacts_contact", - "google_eventarc_channel", - "google_eventarc_google_channel_config", - "google_eventarc_trigger", - "google_filestore_backup", - "google_filestore_instance", - "google_filestore_snapshot", - "google_firebase_android_app", - "google_firebase_app_check_app_attest_config", - "google_firebase_app_check_debug_token", - "google_firebase_app_check_device_check_config", - "google_firebase_app_check_play_integrity_config", - "google_firebase_app_check_recaptcha_enterprise_config", - "google_firebase_app_check_recaptcha_v3_config", - "google_firebase_app_check_service_config", - "google_firebase_apple_app", - "google_firebase_database_instance", - "google_firebase_extensions_instance", - "google_firebase_hosting_channel", - "google_firebase_hosting_custom_domain", - "google_firebase_hosting_release", - "google_firebase_hosting_site", - "google_firebase_hosting_version", - "google_firebase_project", - "google_firebase_project_location", - "google_firebase_storage_bucket", - "google_firebase_web_app", - "google_firebaserules_release", - "google_firebaserules_ruleset", - "google_firestore_backup_schedule", - "google_firestore_database", - "google_firestore_document", - "google_firestore_field", - "google_firestore_index", - "google_folder", - "google_folder_access_approval_settings", - "google_folder_iam_audit_config", - "google_folder_iam_binding", - "google_folder_iam_member", - "google_folder_iam_policy", - "google_folder_organization_policy", - "google_gemini_code_repository_index", - "google_gemini_repository_group", - "google_gemini_repository_group_iam_binding", - "google_gemini_repository_group_iam_member", - "google_gemini_repository_group_iam_policy", - "google_gke_backup_backup_plan", - "google_gke_backup_backup_plan_iam_binding", - "google_gke_backup_backup_plan_iam_member", - "google_gke_backup_backup_plan_iam_policy", - "google_gke_backup_restore_plan", - "google_gke_backup_restore_plan_iam_binding", - "google_gke_backup_restore_plan_iam_member", - "google_gke_backup_restore_plan_iam_policy", - "google_gke_hub_feature", - "google_gke_hub_feature_iam_binding", - "google_gke_hub_feature_iam_member", - "google_gke_hub_feature_iam_policy", - "google_gke_hub_feature_membership", - "google_gke_hub_fleet", - "google_gke_hub_membership", - "google_gke_hub_membership_binding", - "google_gke_hub_membership_iam_binding", - "google_gke_hub_membership_iam_member", - "google_gke_hub_membership_iam_policy", - "google_gke_hub_membership_rbac_role_binding", - "google_gke_hub_namespace", - "google_gke_hub_scope", - "google_gke_hub_scope_iam_binding", - "google_gke_hub_scope_iam_member", - "google_gke_hub_scope_iam_policy", - "google_gke_hub_scope_rbac_role_binding", - "google_gkeonprem_bare_metal_admin_cluster", - "google_gkeonprem_bare_metal_cluster", - "google_gkeonprem_bare_metal_node_pool", - "google_gkeonprem_vmware_admin_cluster", - "google_gkeonprem_vmware_cluster", - "google_gkeonprem_vmware_node_pool", - "google_healthcare_consent_store", - "google_healthcare_consent_store_iam_binding", - "google_healthcare_consent_store_iam_member", - "google_healthcare_consent_store_iam_policy", - "google_healthcare_dataset", - "google_healthcare_dataset_iam_binding", - "google_healthcare_dataset_iam_member", - "google_healthcare_dataset_iam_policy", - "google_healthcare_dicom_store", - "google_healthcare_dicom_store_iam_binding", - "google_healthcare_dicom_store_iam_member", - "google_healthcare_dicom_store_iam_policy", - "google_healthcare_fhir_store", - "google_healthcare_fhir_store_iam_binding", - "google_healthcare_fhir_store_iam_member", - "google_healthcare_fhir_store_iam_policy", - "google_healthcare_hl7_v2_store", - "google_healthcare_hl7_v2_store_iam_binding", - "google_healthcare_hl7_v2_store_iam_member", - "google_healthcare_hl7_v2_store_iam_policy", - "google_healthcare_pipeline_job", - "google_healthcare_workspace", - "google_iam_access_boundary_policy", - "google_iam_deny_policy", - "google_iam_folders_policy_binding", - "google_iam_organizations_policy_binding", - "google_iam_principal_access_boundary_policy", - "google_iam_projects_policy_binding", - "google_iam_workforce_pool", - "google_iam_workforce_pool_provider", - "google_iam_workload_identity_pool", - "google_iam_workload_identity_pool_provider", - "google_iap_app_engine_service_iam_binding", - "google_iap_app_engine_service_iam_member", - "google_iap_app_engine_service_iam_policy", - "google_iap_app_engine_version_iam_binding", - "google_iap_app_engine_version_iam_member", - "google_iap_app_engine_version_iam_policy", - "google_iap_brand", - "google_iap_client", - "google_iap_settings", - "google_iap_tunnel_dest_group", - "google_iap_tunnel_dest_group_iam_binding", - "google_iap_tunnel_dest_group_iam_member", - "google_iap_tunnel_dest_group_iam_policy", - "google_iap_tunnel_iam_binding", - "google_iap_tunnel_iam_member", - "google_iap_tunnel_iam_policy", - "google_iap_tunnel_instance_iam_binding", - "google_iap_tunnel_instance_iam_member", - "google_iap_tunnel_instance_iam_policy", - "google_iap_web_backend_service_iam_binding", - "google_iap_web_backend_service_iam_member", - "google_iap_web_backend_service_iam_policy", - "google_iap_web_iam_binding", - "google_iap_web_iam_member", - "google_iap_web_iam_policy", - "google_iap_web_region_backend_service_iam_binding", - "google_iap_web_region_backend_service_iam_member", - "google_iap_web_region_backend_service_iam_policy", - "google_iap_web_type_app_engine_iam_binding", - "google_iap_web_type_app_engine_iam_member", - "google_iap_web_type_app_engine_iam_policy", - "google_iap_web_type_compute_iam_binding", - "google_iap_web_type_compute_iam_member", - "google_iap_web_type_compute_iam_policy", - "google_identity_platform_config", - "google_identity_platform_default_supported_idp_config", - "google_identity_platform_inbound_saml_config", - "google_identity_platform_oauth_idp_config", - "google_identity_platform_tenant", - "google_identity_platform_tenant_default_supported_idp_config", - "google_identity_platform_tenant_inbound_saml_config", - "google_identity_platform_tenant_oauth_idp_config", - "google_integration_connectors_connection", - "google_integration_connectors_endpoint_attachment", - "google_integration_connectors_managed_zone", - "google_integrations_auth_config", - "google_integrations_client", - "google_kms_autokey_config", - "google_kms_crypto_key", - "google_kms_crypto_key_iam_binding", - "google_kms_crypto_key_iam_member", - "google_kms_crypto_key_iam_policy", - "google_kms_crypto_key_version", - "google_kms_ekm_connection", - "google_kms_ekm_connection_iam_binding", - "google_kms_ekm_connection_iam_member", - "google_kms_ekm_connection_iam_policy", - "google_kms_key_handle", - "google_kms_key_ring", - "google_kms_key_ring_iam_binding", - "google_kms_key_ring_iam_member", - "google_kms_key_ring_iam_policy", - "google_kms_key_ring_import_job", - "google_kms_secret_ciphertext", - "google_logging_billing_account_bucket_config", - "google_logging_billing_account_exclusion", - "google_logging_billing_account_sink", - "google_logging_folder_bucket_config", - "google_logging_folder_exclusion", - "google_logging_folder_settings", - "google_logging_folder_sink", - "google_logging_linked_dataset", - "google_logging_log_scope", - "google_logging_log_view", - "google_logging_log_view_iam_binding", - "google_logging_log_view_iam_member", - "google_logging_log_view_iam_policy", - "google_logging_metric", - "google_logging_organization_bucket_config", - "google_logging_organization_exclusion", - "google_logging_organization_settings", - "google_logging_organization_sink", - "google_logging_project_bucket_config", - "google_logging_project_exclusion", - "google_logging_project_sink", - "google_looker_instance", - "google_managed_kafka_cluster", - "google_managed_kafka_topic", - "google_memcache_instance", - "google_memorystore_instance", - "google_migration_center_group", - "google_migration_center_preference_set", - "google_ml_engine_model", - "google_monitoring_alert_policy", - "google_monitoring_custom_service", - "google_monitoring_dashboard", - "google_monitoring_group", - "google_monitoring_metric_descriptor", - "google_monitoring_monitored_project", - "google_monitoring_notification_channel", - "google_monitoring_service", - "google_monitoring_slo", - "google_monitoring_uptime_check_config", - "google_netapp_active_directory", - "google_netapp_backup", - "google_netapp_backup_policy", - "google_netapp_backup_vault", - "google_netapp_kmsconfig", - "google_netapp_storage_pool", - "google_netapp_volume", - "google_netapp_volume_replication", - "google_netapp_volume_snapshot", - "google_network_connectivity_group", - "google_network_connectivity_hub", - "google_network_connectivity_internal_range", - "google_network_connectivity_policy_based_route", - "google_network_connectivity_regional_endpoint", - "google_network_connectivity_service_connection_policy", - "google_network_connectivity_spoke", - "google_network_management_vpc_flow_logs_config", - "google_network_security_address_group", - "google_network_security_address_group_iam_binding", - "google_network_security_address_group_iam_member", - "google_network_security_address_group_iam_policy", - "google_network_security_authorization_policy", - "google_network_security_authz_policy", - "google_network_security_client_tls_policy", - "google_network_security_firewall_endpoint", - "google_network_security_firewall_endpoint_association", - "google_network_security_gateway_security_policy", - "google_network_security_gateway_security_policy_rule", - "google_network_security_intercept_deployment", - "google_network_security_intercept_deployment_group", - "google_network_security_intercept_endpoint_group", - "google_network_security_intercept_endpoint_group_association", - "google_network_security_mirroring_deployment", - "google_network_security_mirroring_deployment_group", - "google_network_security_mirroring_endpoint_group", - "google_network_security_mirroring_endpoint_group_association", - "google_network_security_security_profile", - "google_network_security_security_profile_group", - "google_network_security_server_tls_policy", - "google_network_security_tls_inspection_policy", - "google_network_security_url_lists", - "google_network_services_authz_extension", - "google_network_services_edge_cache_keyset", - "google_network_services_edge_cache_origin", - "google_network_services_edge_cache_service", - "google_network_services_endpoint_policy", - "google_network_services_gateway", - "google_network_services_grpc_route", - "google_network_services_http_route", - "google_network_services_lb_route_extension", - "google_network_services_lb_traffic_extension", - "google_network_services_mesh", - "google_network_services_service_binding", - "google_network_services_service_lb_policies", - "google_network_services_tcp_route", - "google_network_services_tls_route", - "google_notebooks_environment", - "google_notebooks_instance", - "google_notebooks_instance_iam_binding", - "google_notebooks_instance_iam_member", - "google_notebooks_instance_iam_policy", - "google_notebooks_runtime", - "google_notebooks_runtime_iam_binding", - "google_notebooks_runtime_iam_member", - "google_notebooks_runtime_iam_policy", - "google_oracle_database_autonomous_database", - "google_oracle_database_cloud_exadata_infrastructure", - "google_oracle_database_cloud_vm_cluster", - "google_org_policy_custom_constraint", - "google_org_policy_policy", - "google_organization_access_approval_settings", - "google_organization_iam_audit_config", - "google_organization_iam_binding", - "google_organization_iam_custom_role", - "google_organization_iam_member", - "google_organization_iam_policy", - "google_organization_policy", - "google_os_config_guest_policies", - "google_os_config_os_policy_assignment", - "google_os_config_patch_deployment", - "google_os_login_ssh_public_key", - "google_parallelstore_instance", - "google_parameter_manager_parameter", - "google_parameter_manager_parameter_version", - "google_parameter_manager_regional_parameter", - "google_parameter_manager_regional_parameter_version", - "google_privateca_ca_pool", - "google_privateca_ca_pool_iam_binding", - "google_privateca_ca_pool_iam_member", - "google_privateca_ca_pool_iam_policy", - "google_privateca_certificate", - "google_privateca_certificate_authority", - "google_privateca_certificate_template", - "google_privateca_certificate_template_iam_binding", - "google_privateca_certificate_template_iam_member", - "google_privateca_certificate_template_iam_policy", - "google_privileged_access_manager_entitlement", - "google_project", - "google_project_access_approval_settings", - "google_project_default_service_accounts", - "google_project_iam_audit_config", - "google_project_iam_binding", - "google_project_iam_custom_role", - "google_project_iam_member", - "google_project_iam_member_remove", - "google_project_iam_policy", - "google_project_organization_policy", - "google_project_service", - "google_project_service_identity", - "google_project_services", - "google_project_usage_export_bucket", - "google_public_ca_external_account_key", - "google_pubsub_lite_reservation", - "google_pubsub_lite_subscription", - "google_pubsub_lite_topic", - "google_pubsub_schema", - "google_pubsub_schema_iam_binding", - "google_pubsub_schema_iam_member", - "google_pubsub_schema_iam_policy", - "google_pubsub_subscription", - "google_pubsub_subscription_iam_binding", - "google_pubsub_subscription_iam_member", - "google_pubsub_subscription_iam_policy", - "google_pubsub_topic", - "google_pubsub_topic_iam_binding", - "google_pubsub_topic_iam_member", - "google_pubsub_topic_iam_policy", - "google_recaptcha_enterprise_key", - "google_redis_cluster", - "google_redis_cluster_user_created_connections", - "google_redis_instance", - "google_resource_manager_lien", - "google_runtimeconfig_config", - "google_runtimeconfig_config_iam_binding", - "google_runtimeconfig_config_iam_member", - "google_runtimeconfig_config_iam_policy", - "google_runtimeconfig_variable", - "google_scc_event_threat_detection_custom_module", - "google_scc_folder_custom_module", - "google_scc_folder_notification_config", - "google_scc_folder_scc_big_query_export", - "google_scc_management_folder_security_health_analytics_custom_module", - "google_scc_management_organization_event_threat_detection_custom_module", - "google_scc_management_organization_security_health_analytics_custom_module", - "google_scc_management_project_security_health_analytics_custom_module", - "google_scc_mute_config", - "google_scc_notification_config", - "google_scc_organization_custom_module", - "google_scc_organization_scc_big_query_export", - "google_scc_project_custom_module", - "google_scc_project_notification_config", - "google_scc_project_scc_big_query_export", - "google_scc_source", - "google_scc_source_iam_binding", - "google_scc_source_iam_member", - "google_scc_source_iam_policy", - "google_scc_v2_folder_mute_config", - "google_scc_v2_folder_notification_config", - "google_scc_v2_folder_scc_big_query_export", - "google_scc_v2_organization_mute_config", - "google_scc_v2_organization_notification_config", - "google_scc_v2_organization_scc_big_query_export", - "google_scc_v2_organization_scc_big_query_exports", - "google_scc_v2_organization_source_iam_binding", - "google_scc_v2_organization_source_iam_member", - "google_scc_v2_organization_source_iam_policy", - "google_scc_v2_project_mute_config", - "google_scc_v2_project_notification_config", - "google_scc_v2_project_scc_big_query_export", - "google_secret_manager_regional_secret", - "google_secret_manager_regional_secret_iam_binding", - "google_secret_manager_regional_secret_iam_member", - "google_secret_manager_regional_secret_iam_policy", - "google_secret_manager_regional_secret_version", - "google_secret_manager_secret", - "google_secret_manager_secret_iam_binding", - "google_secret_manager_secret_iam_member", - "google_secret_manager_secret_iam_policy", - "google_secret_manager_secret_version", - "google_secure_source_manager_branch_rule", - "google_secure_source_manager_instance", - "google_secure_source_manager_instance_iam_binding", - "google_secure_source_manager_instance_iam_member", - "google_secure_source_manager_instance_iam_policy", - "google_secure_source_manager_repository", - "google_secure_source_manager_repository_iam_binding", - "google_secure_source_manager_repository_iam_member", - "google_secure_source_manager_repository_iam_policy", - "google_security_scanner_scan_config", - "google_securityposture_posture", - "google_service_account", - "google_service_account_iam_binding", - "google_service_account_iam_member", - "google_service_account_iam_policy", - "google_service_account_key", - "google_service_directory_endpoint", - "google_service_directory_namespace", - "google_service_directory_namespace_iam_binding", - "google_service_directory_namespace_iam_member", - "google_service_directory_namespace_iam_policy", - "google_service_directory_service", - "google_service_directory_service_iam_binding", - "google_service_directory_service_iam_member", - "google_service_directory_service_iam_policy", - "google_service_networking_connection", - "google_service_networking_peered_dns_domain", - "google_service_networking_vpc_service_controls", - "google_service_usage_consumer_quota_override", - "google_site_verification_owner", - "google_site_verification_web_resource", - "google_sourcerepo_repository", - "google_sourcerepo_repository_iam_binding", - "google_sourcerepo_repository_iam_member", - "google_sourcerepo_repository_iam_policy", - "google_spanner_backup_schedule", - "google_spanner_database", - "google_spanner_database_iam_binding", - "google_spanner_database_iam_member", - "google_spanner_database_iam_policy", - "google_spanner_instance", - "google_spanner_instance_config", - "google_spanner_instance_iam_binding", - "google_spanner_instance_iam_member", - "google_spanner_instance_iam_policy", - "google_sql_database", - "google_sql_database_instance", - "google_sql_source_representation_instance", - "google_sql_ssl_cert", - "google_sql_user", - "google_storage_bucket", - "google_storage_bucket_access_control", - "google_storage_bucket_acl", - "google_storage_bucket_iam_binding", - "google_storage_bucket_iam_member", - "google_storage_bucket_iam_policy", - "google_storage_bucket_object", - "google_storage_default_object_access_control", - "google_storage_default_object_acl", - "google_storage_folder", - "google_storage_hmac_key", - "google_storage_insights_report_config", - "google_storage_managed_folder", - "google_storage_managed_folder_iam_binding", - "google_storage_managed_folder_iam_member", - "google_storage_managed_folder_iam_policy", - "google_storage_notification", - "google_storage_object_access_control", - "google_storage_object_acl", - "google_storage_transfer_agent_pool", - "google_storage_transfer_job", - "google_tags_location_tag_binding", - "google_tags_tag_binding", - "google_tags_tag_key", - "google_tags_tag_key_iam_binding", - "google_tags_tag_key_iam_member", - "google_tags_tag_key_iam_policy", - "google_tags_tag_value", - "google_tags_tag_value_iam_binding", - "google_tags_tag_value_iam_member", - "google_tags_tag_value_iam_policy", - "google_tpu_node", - "google_tpu_v2_queued_resource", - "google_tpu_v2_vm", - "google_transcoder_job", - "google_transcoder_job_template", - "google_vertex_ai_dataset", - "google_vertex_ai_deployment_resource_pool", - "google_vertex_ai_endpoint", - "google_vertex_ai_endpoint_iam_binding", - "google_vertex_ai_endpoint_iam_member", - "google_vertex_ai_endpoint_iam_policy", - "google_vertex_ai_feature_group", - "google_vertex_ai_feature_group_feature", - "google_vertex_ai_feature_online_store", - "google_vertex_ai_feature_online_store_featureview", - "google_vertex_ai_featurestore", - "google_vertex_ai_featurestore_entitytype", - "google_vertex_ai_featurestore_entitytype_feature", - "google_vertex_ai_featurestore_entitytype_iam_binding", - "google_vertex_ai_featurestore_entitytype_iam_member", - "google_vertex_ai_featurestore_entitytype_iam_policy", - "google_vertex_ai_featurestore_iam_binding", - "google_vertex_ai_featurestore_iam_member", - "google_vertex_ai_featurestore_iam_policy", - "google_vertex_ai_index", - "google_vertex_ai_index_endpoint", - "google_vertex_ai_index_endpoint_deployed_index", - "google_vertex_ai_metadata_store", - "google_vertex_ai_tensorboard", - "google_vmwareengine_cluster", - "google_vmwareengine_external_access_rule", - "google_vmwareengine_external_address", - "google_vmwareengine_network", - "google_vmwareengine_network_peering", - "google_vmwareengine_network_policy", - "google_vmwareengine_private_cloud", - "google_vmwareengine_subnet", - "google_vpc_access_connector", - "google_workbench_instance", - "google_workbench_instance_iam_binding", - "google_workbench_instance_iam_member", - "google_workbench_instance_iam_policy", - "google_workflows_workflow", - "google_workstations_workstation", - "google_workstations_workstation_cluster", - "google_workstations_workstation_config", - "google_workstations_workstation_config_iam_binding", - "google_workstations_workstation_config_iam_member", - "google_workstations_workstation_config_iam_policy", - "google_workstations_workstation_iam_binding", - "google_workstations_workstation_iam_member", - "google_workstations_workstation_iam_policy" - ], - "dataSources": [ - "google_access_approval_folder_service_account", - "google_access_approval_organization_service_account", - "google_access_approval_project_service_account", - "google_access_context_manager_access_policy", - "google_access_context_manager_access_policy_iam_policy", - "google_active_folder", - "google_alloydb_locations", - "google_alloydb_supported_database_flags", - "google_api_gateway_api_config_iam_policy", - "google_api_gateway_api_iam_policy", - "google_api_gateway_gateway_iam_policy", - "google_apigee_environment_iam_policy", - "google_app_engine_default_service_account", - "google_apphub_application", - "google_apphub_discovered_service", - "google_apphub_discovered_workload", - "google_artifact_registry_docker_image", - "google_artifact_registry_locations", - "google_artifact_registry_repository", - "google_artifact_registry_repository_iam_policy", - "google_backup_dr_backup", - "google_backup_dr_backup_plan_association", - "google_backup_dr_backup_vault", - "google_backup_dr_data_source", - "google_beyondcorp_app_connection", - "google_beyondcorp_app_connector", - "google_beyondcorp_app_gateway", - "google_beyondcorp_security_gateway_iam_policy", - "google_bigquery_analytics_hub_data_exchange_iam_policy", - "google_bigquery_analytics_hub_listing_iam_policy", - "google_bigquery_connection_iam_policy", - "google_bigquery_datapolicy_data_policy_iam_policy", - "google_bigquery_dataset", - "google_bigquery_dataset_iam_policy", - "google_bigquery_default_service_account", - "google_bigquery_table_iam_policy", - "google_bigquery_tables", - "google_bigtable_instance_iam_policy", - "google_bigtable_table_iam_policy", - "google_billing_account", - "google_billing_account_iam_policy", - "google_binary_authorization_attestor_iam_policy", - "google_certificate_manager_certificate_map", - "google_certificate_manager_certificates", - "google_client_config", - "google_client_openid_userinfo", - "google_cloud_identity_group_lookup", - "google_cloud_identity_group_memberships", - "google_cloud_identity_group_transitive_memberships", - "google_cloud_identity_groups", - "google_cloud_quotas_quota_info", - "google_cloud_quotas_quota_infos", - "google_cloud_run_locations", - "google_cloud_run_service", - "google_cloud_run_service_iam_policy", - "google_cloud_run_v2_job", - "google_cloud_run_v2_job_iam_policy", - "google_cloud_run_v2_service", - "google_cloud_run_v2_service_iam_policy", - "google_cloud_tasks_queue_iam_policy", - "google_cloudbuild_trigger", - "google_cloudbuildv2_connection_iam_policy", - "google_clouddeploy_custom_target_type_iam_policy", - "google_clouddeploy_delivery_pipeline_iam_policy", - "google_clouddeploy_target_iam_policy", - "google_cloudfunctions2_function", - "google_cloudfunctions2_function_iam_policy", - "google_cloudfunctions_function", - "google_cloudfunctions_function_iam_policy", - "google_colab_runtime_template_iam_policy", - "google_composer_environment", - "google_composer_image_versions", - "google_composer_user_workloads_config_map", - "google_composer_user_workloads_secret", - "google_compute_address", - "google_compute_addresses", - "google_compute_backend_bucket", - "google_compute_backend_bucket_iam_policy", - "google_compute_backend_service", - "google_compute_backend_service_iam_policy", - "google_compute_default_service_account", - "google_compute_disk", - "google_compute_disk_iam_policy", - "google_compute_forwarding_rule", - "google_compute_forwarding_rules", - "google_compute_global_address", - "google_compute_global_forwarding_rule", - "google_compute_ha_vpn_gateway", - "google_compute_health_check", - "google_compute_image", - "google_compute_image_iam_policy", - "google_compute_instance", - "google_compute_instance_group", - "google_compute_instance_group_manager", - "google_compute_instance_guest_attributes", - "google_compute_instance_iam_policy", - "google_compute_instance_serial_port", - "google_compute_instance_template", - "google_compute_instance_template_iam_policy", - "google_compute_lb_ip_ranges", - "google_compute_machine_image_iam_policy", - "google_compute_machine_types", - "google_compute_network", - "google_compute_network_endpoint_group", - "google_compute_network_peering", - "google_compute_networks", - "google_compute_node_types", - "google_compute_region_backend_service_iam_policy", - "google_compute_region_disk", - "google_compute_region_disk_iam_policy", - "google_compute_region_instance_group", - "google_compute_region_instance_group_manager", - "google_compute_region_instance_template", - "google_compute_region_network_endpoint_group", - "google_compute_region_ssl_certificate", - "google_compute_regions", - "google_compute_reservation", - "google_compute_resource_policy", - "google_compute_router", - "google_compute_router_nat", - "google_compute_router_status", - "google_compute_security_policy", - "google_compute_snapshot", - "google_compute_snapshot_iam_policy", - "google_compute_ssl_certificate", - "google_compute_ssl_policy", - "google_compute_subnetwork", - "google_compute_subnetwork_iam_policy", - "google_compute_subnetworks", - "google_compute_vpn_gateway", - "google_compute_zones", - "google_container_analysis_note_iam_policy", - "google_container_attached_install_manifest", - "google_container_attached_versions", - "google_container_aws_versions", - "google_container_azure_versions", - "google_container_cluster", - "google_container_engine_versions", - "google_container_registry_image", - "google_container_registry_repository", - "google_data_catalog_entry_group_iam_policy", - "google_data_catalog_policy_tag_iam_policy", - "google_data_catalog_tag_template_iam_policy", - "google_data_catalog_taxonomy_iam_policy", - "google_data_fusion_instance_iam_policy", - "google_dataform_repository_iam_policy", - "google_dataplex_aspect_type_iam_policy", - "google_dataplex_asset_iam_policy", - "google_dataplex_datascan_iam_policy", - "google_dataplex_entry_group_iam_policy", - "google_dataplex_entry_type_iam_policy", - "google_dataplex_lake_iam_policy", - "google_dataplex_task_iam_policy", - "google_dataplex_zone_iam_policy", - "google_dataproc_autoscaling_policy_iam_policy", - "google_dataproc_cluster_iam_policy", - "google_dataproc_job_iam_policy", - "google_dataproc_metastore_federation_iam_policy", - "google_dataproc_metastore_service", - "google_dataproc_metastore_service_iam_policy", - "google_datastream_static_ips", - "google_dns_keys", - "google_dns_managed_zone", - "google_dns_managed_zone_iam_policy", - "google_dns_managed_zones", - "google_dns_record_set", - "google_endpoints_service_consumers_iam_policy", - "google_endpoints_service_iam_policy", - "google_filestore_instance", - "google_firebase_web_app_config", - "google_folder", - "google_folder_iam_policy", - "google_folder_organization_policy", - "google_folders", - "google_gemini_repository_group_iam_policy", - "google_gke_backup_backup_plan_iam_policy", - "google_gke_backup_restore_plan_iam_policy", - "google_gke_hub_feature_iam_policy", - "google_gke_hub_membership_iam_policy", - "google_gke_hub_scope_iam_policy", - "google_healthcare_consent_store_iam_policy", - "google_healthcare_dataset_iam_policy", - "google_healthcare_dicom_store_iam_policy", - "google_healthcare_fhir_store_iam_policy", - "google_healthcare_hl7_v2_store_iam_policy", - "google_iam_policy", - "google_iam_role", - "google_iam_workload_identity_pool", - "google_iam_workload_identity_pool_provider", - "google_iap_app_engine_service_iam_policy", - "google_iap_app_engine_version_iam_policy", - "google_iap_client", - "google_iap_tunnel_dest_group_iam_policy", - "google_iap_tunnel_iam_policy", - "google_iap_tunnel_instance_iam_policy", - "google_iap_web_backend_service_iam_policy", - "google_iap_web_iam_policy", - "google_iap_web_region_backend_service_iam_policy", - "google_iap_web_type_app_engine_iam_policy", - "google_iap_web_type_compute_iam_policy", - "google_kms_autokey_config", - "google_kms_crypto_key", - "google_kms_crypto_key_iam_policy", - "google_kms_crypto_key_latest_version", - "google_kms_crypto_key_version", - "google_kms_crypto_key_versions", - "google_kms_crypto_keys", - "google_kms_ekm_connection_iam_policy", - "google_kms_key_handle", - "google_kms_key_handles", - "google_kms_key_ring", - "google_kms_key_ring_iam_policy", - "google_kms_key_rings", - "google_kms_secret", - "google_kms_secret_asymmetric", - "google_kms_secret_ciphertext", - "google_logging_folder_settings", - "google_logging_log_view_iam_policy", - "google_logging_organization_settings", - "google_logging_project_cmek_settings", - "google_logging_project_settings", - "google_monitoring_app_engine_service", - "google_monitoring_cluster_istio_service", - "google_monitoring_istio_canonical_service", - "google_monitoring_mesh_istio_service", - "google_monitoring_notification_channel", - "google_monitoring_uptime_check_ips", - "google_netblock_ip_ranges", - "google_network_security_address_group_iam_policy", - "google_notebooks_instance_iam_policy", - "google_notebooks_runtime_iam_policy", - "google_oracle_database_autonomous_database", - "google_oracle_database_autonomous_databases", - "google_oracle_database_cloud_exadata_infrastructure", - "google_oracle_database_cloud_exadata_infrastructures", - "google_oracle_database_cloud_vm_cluster", - "google_oracle_database_cloud_vm_clusters", - "google_oracle_database_db_nodes", - "google_oracle_database_db_servers", - "google_organization", - "google_organization_iam_policy", - "google_organizations", - "google_parameter_manager_parameter", - "google_parameter_manager_parameter_version", - "google_parameter_manager_parameter_version_render", - "google_parameter_manager_parameters", - "google_parameter_manager_regional_parameter", - "google_parameter_manager_regional_parameter_version", - "google_parameter_manager_regional_parameters", - "google_privateca_ca_pool_iam_policy", - "google_privateca_certificate_authority", - "google_privateca_certificate_template_iam_policy", - "google_privileged_access_manager_entitlement", - "google_project", - "google_project_iam_policy", - "google_project_organization_policy", - "google_project_service", - "google_projects", - "google_pubsub_schema_iam_policy", - "google_pubsub_subscription", - "google_pubsub_subscription_iam_policy", - "google_pubsub_topic", - "google_pubsub_topic_iam_policy", - "google_redis_instance", - "google_runtimeconfig_config", - "google_runtimeconfig_config_iam_policy", - "google_runtimeconfig_variable", - "google_scc_source_iam_policy", - "google_scc_v2_organization_source_iam_policy", - "google_secret_manager_regional_secret", - "google_secret_manager_regional_secret_iam_policy", - "google_secret_manager_regional_secret_version", - "google_secret_manager_regional_secret_version_access", - "google_secret_manager_regional_secrets", - "google_secret_manager_secret", - "google_secret_manager_secret_iam_policy", - "google_secret_manager_secret_version", - "google_secret_manager_secret_version_access", - "google_secret_manager_secrets", - "google_secure_source_manager_instance_iam_policy", - "google_secure_source_manager_repository_iam_policy", - "google_service_account", - "google_service_account_access_token", - "google_service_account_iam_policy", - "google_service_account_id_token", - "google_service_account_jwt", - "google_service_account_key", - "google_service_accounts", - "google_service_directory_namespace_iam_policy", - "google_service_directory_service_iam_policy", - "google_site_verification_token", - "google_sourcerepo_repository", - "google_sourcerepo_repository_iam_policy", - "google_spanner_database", - "google_spanner_database_iam_policy", - "google_spanner_instance", - "google_spanner_instance_iam_policy", - "google_sql_backup_run", - "google_sql_ca_certs", - "google_sql_database", - "google_sql_database_instance", - "google_sql_database_instance_latest_recovery_time", - "google_sql_database_instances", - "google_sql_databases", - "google_sql_tiers", - "google_storage_bucket", - "google_storage_bucket_iam_policy", - "google_storage_bucket_object", - "google_storage_bucket_object_content", - "google_storage_bucket_objects", - "google_storage_buckets", - "google_storage_object_signed_url", - "google_storage_project_service_account", - "google_storage_transfer_project_service_account", - "google_tags_tag_key", - "google_tags_tag_key_iam_policy", - "google_tags_tag_keys", - "google_tags_tag_value", - "google_tags_tag_value_iam_policy", - "google_tags_tag_values", - "google_tpu_tensorflow_versions", - "google_tpu_v2_accelerator_types", - "google_tpu_v2_runtime_versions", - "google_vertex_ai_endpoint_iam_policy", - "google_vertex_ai_featurestore_entitytype_iam_policy", - "google_vertex_ai_featurestore_iam_policy", - "google_vmwareengine_cluster", - "google_vmwareengine_external_access_rule", - "google_vmwareengine_external_address", - "google_vmwareengine_network", - "google_vmwareengine_network_peering", - "google_vmwareengine_network_policy", - "google_vmwareengine_nsx_credentials", - "google_vmwareengine_private_cloud", - "google_vmwareengine_subnet", - "google_vmwareengine_vcenter_credentials", - "google_vpc_access_connector", - "google_workbench_instance_iam_policy", - "google_workstations_workstation_config_iam_policy", - "google_workstations_workstation_iam_policy" - ] -} \ No newline at end of file +{ + "dataSources": [ + "google_access_approval_folder_service_account", + "google_access_approval_organization_service_account", + "google_access_approval_project_service_account", + "google_access_context_manager_access_policy", + "google_access_context_manager_access_policy_iam_policy", + "google_active_folder", + "google_alloydb_locations", + "google_alloydb_supported_database_flags", + "google_api_gateway_api_config_iam_policy", + "google_api_gateway_api_iam_policy", + "google_api_gateway_gateway_iam_policy", + "google_apigee_environment_iam_policy", + "google_app_engine_default_service_account", + "google_apphub_application", + "google_apphub_discovered_service", + "google_apphub_discovered_workload", + "google_artifact_registry_docker_image", + "google_artifact_registry_locations", + "google_artifact_registry_repository", + "google_artifact_registry_repository_iam_policy", + "google_backup_dr_backup", + "google_backup_dr_backup_plan_association", + "google_backup_dr_backup_vault", + "google_backup_dr_data_source", + "google_beyondcorp_app_connection", + "google_beyondcorp_app_connector", + "google_beyondcorp_app_gateway", + "google_beyondcorp_security_gateway_iam_policy", + "google_bigquery_analytics_hub_data_exchange_iam_policy", + "google_bigquery_analytics_hub_listing_iam_policy", + "google_bigquery_connection_iam_policy", + "google_bigquery_datapolicy_data_policy_iam_policy", + "google_bigquery_dataset", + "google_bigquery_dataset_iam_policy", + "google_bigquery_default_service_account", + "google_bigquery_table_iam_policy", + "google_bigquery_tables", + "google_bigtable_instance_iam_policy", + "google_bigtable_table_iam_policy", + "google_billing_account", + "google_billing_account_iam_policy", + "google_binary_authorization_attestor_iam_policy", + "google_certificate_manager_certificate_map", + "google_certificate_manager_certificates", + "google_client_config", + "google_client_openid_userinfo", + "google_cloud_identity_group_lookup", + "google_cloud_identity_group_memberships", + "google_cloud_identity_group_transitive_memberships", + "google_cloud_identity_groups", + "google_cloud_quotas_quota_info", + "google_cloud_quotas_quota_infos", + "google_cloud_run_locations", + "google_cloud_run_service", + "google_cloud_run_service_iam_policy", + "google_cloud_run_v2_job", + "google_cloud_run_v2_job_iam_policy", + "google_cloud_run_v2_service", + "google_cloud_run_v2_service_iam_policy", + "google_cloud_tasks_queue_iam_policy", + "google_cloudbuild_trigger", + "google_cloudbuildv2_connection_iam_policy", + "google_clouddeploy_custom_target_type_iam_policy", + "google_clouddeploy_delivery_pipeline_iam_policy", + "google_clouddeploy_target_iam_policy", + "google_cloudfunctions2_function", + "google_cloudfunctions2_function_iam_policy", + "google_cloudfunctions_function", + "google_cloudfunctions_function_iam_policy", + "google_colab_runtime_template_iam_policy", + "google_composer_environment", + "google_composer_image_versions", + "google_composer_user_workloads_config_map", + "google_composer_user_workloads_secret", + "google_compute_address", + "google_compute_addresses", + "google_compute_backend_bucket", + "google_compute_backend_bucket_iam_policy", + "google_compute_backend_service", + "google_compute_backend_service_iam_policy", + "google_compute_default_service_account", + "google_compute_disk", + "google_compute_disk_iam_policy", + "google_compute_forwarding_rule", + "google_compute_forwarding_rules", + "google_compute_global_address", + "google_compute_global_forwarding_rule", + "google_compute_ha_vpn_gateway", + "google_compute_health_check", + "google_compute_image", + "google_compute_image_iam_policy", + "google_compute_instance", + "google_compute_instance_group", + "google_compute_instance_group_manager", + "google_compute_instance_guest_attributes", + "google_compute_instance_iam_policy", + "google_compute_instance_serial_port", + "google_compute_instance_template", + "google_compute_instance_template_iam_policy", + "google_compute_lb_ip_ranges", + "google_compute_machine_image_iam_policy", + "google_compute_machine_types", + "google_compute_network", + "google_compute_network_endpoint_group", + "google_compute_network_peering", + "google_compute_networks", + "google_compute_node_types", + "google_compute_region_backend_service_iam_policy", + "google_compute_region_disk", + "google_compute_region_disk_iam_policy", + "google_compute_region_instance_group", + "google_compute_region_instance_group_manager", + "google_compute_region_instance_template", + "google_compute_region_network_endpoint_group", + "google_compute_region_ssl_certificate", + "google_compute_regions", + "google_compute_reservation", + "google_compute_resource_policy", + "google_compute_router", + "google_compute_router_nat", + "google_compute_router_status", + "google_compute_security_policy", + "google_compute_snapshot", + "google_compute_snapshot_iam_policy", + "google_compute_ssl_certificate", + "google_compute_ssl_policy", + "google_compute_subnetwork", + "google_compute_subnetwork_iam_policy", + "google_compute_subnetworks", + "google_compute_vpn_gateway", + "google_compute_zones", + "google_container_analysis_note_iam_policy", + "google_container_attached_install_manifest", + "google_container_attached_versions", + "google_container_aws_versions", + "google_container_azure_versions", + "google_container_cluster", + "google_container_engine_versions", + "google_container_registry_image", + "google_container_registry_repository", + "google_data_catalog_entry_group_iam_policy", + "google_data_catalog_policy_tag_iam_policy", + "google_data_catalog_tag_template_iam_policy", + "google_data_catalog_taxonomy_iam_policy", + "google_data_fusion_instance_iam_policy", + "google_dataform_repository_iam_policy", + "google_dataplex_aspect_type_iam_policy", + "google_dataplex_asset_iam_policy", + "google_dataplex_datascan_iam_policy", + "google_dataplex_entry_group_iam_policy", + "google_dataplex_entry_type_iam_policy", + "google_dataplex_lake_iam_policy", + "google_dataplex_task_iam_policy", + "google_dataplex_zone_iam_policy", + "google_dataproc_autoscaling_policy_iam_policy", + "google_dataproc_cluster_iam_policy", + "google_dataproc_job_iam_policy", + "google_dataproc_metastore_federation_iam_policy", + "google_dataproc_metastore_service", + "google_dataproc_metastore_service_iam_policy", + "google_datastream_static_ips", + "google_dns_keys", + "google_dns_managed_zone", + "google_dns_managed_zone_iam_policy", + "google_dns_managed_zones", + "google_dns_record_set", + "google_endpoints_service_consumers_iam_policy", + "google_endpoints_service_iam_policy", + "google_filestore_instance", + "google_firebase_web_app_config", + "google_folder", + "google_folder_iam_policy", + "google_folder_organization_policy", + "google_folders", + "google_gemini_repository_group_iam_policy", + "google_gke_backup_backup_plan_iam_policy", + "google_gke_backup_restore_plan_iam_policy", + "google_gke_hub_feature_iam_policy", + "google_gke_hub_membership_iam_policy", + "google_gke_hub_scope_iam_policy", + "google_healthcare_consent_store_iam_policy", + "google_healthcare_dataset_iam_policy", + "google_healthcare_dicom_store_iam_policy", + "google_healthcare_fhir_store_iam_policy", + "google_healthcare_hl7_v2_store_iam_policy", + "google_iam_policy", + "google_iam_role", + "google_iam_workload_identity_pool", + "google_iam_workload_identity_pool_provider", + "google_iap_app_engine_service_iam_policy", + "google_iap_app_engine_version_iam_policy", + "google_iap_client", + "google_iap_tunnel_dest_group_iam_policy", + "google_iap_tunnel_iam_policy", + "google_iap_tunnel_instance_iam_policy", + "google_iap_web_backend_service_iam_policy", + "google_iap_web_iam_policy", + "google_iap_web_region_backend_service_iam_policy", + "google_iap_web_type_app_engine_iam_policy", + "google_iap_web_type_compute_iam_policy", + "google_kms_autokey_config", + "google_kms_crypto_key", + "google_kms_crypto_key_iam_policy", + "google_kms_crypto_key_latest_version", + "google_kms_crypto_key_version", + "google_kms_crypto_key_versions", + "google_kms_crypto_keys", + "google_kms_ekm_connection_iam_policy", + "google_kms_key_handle", + "google_kms_key_handles", + "google_kms_key_ring", + "google_kms_key_ring_iam_policy", + "google_kms_key_rings", + "google_kms_secret", + "google_kms_secret_asymmetric", + "google_kms_secret_ciphertext", + "google_logging_folder_settings", + "google_logging_log_view_iam_policy", + "google_logging_organization_settings", + "google_logging_project_cmek_settings", + "google_logging_project_settings", + "google_monitoring_app_engine_service", + "google_monitoring_cluster_istio_service", + "google_monitoring_istio_canonical_service", + "google_monitoring_mesh_istio_service", + "google_monitoring_notification_channel", + "google_monitoring_uptime_check_ips", + "google_netblock_ip_ranges", + "google_network_security_address_group_iam_policy", + "google_notebooks_instance_iam_policy", + "google_notebooks_runtime_iam_policy", + "google_oracle_database_autonomous_database", + "google_oracle_database_autonomous_databases", + "google_oracle_database_cloud_exadata_infrastructure", + "google_oracle_database_cloud_exadata_infrastructures", + "google_oracle_database_cloud_vm_cluster", + "google_oracle_database_cloud_vm_clusters", + "google_oracle_database_db_nodes", + "google_oracle_database_db_servers", + "google_organization", + "google_organization_iam_policy", + "google_organizations", + "google_parameter_manager_parameter", + "google_parameter_manager_parameter_version", + "google_parameter_manager_parameter_version_render", + "google_parameter_manager_parameters", + "google_parameter_manager_regional_parameter", + "google_parameter_manager_regional_parameter_version", + "google_parameter_manager_regional_parameters", + "google_privateca_ca_pool_iam_policy", + "google_privateca_certificate_authority", + "google_privateca_certificate_template_iam_policy", + "google_privileged_access_manager_entitlement", + "google_project", + "google_project_iam_policy", + "google_project_organization_policy", + "google_project_service", + "google_projects", + "google_pubsub_schema_iam_policy", + "google_pubsub_subscription", + "google_pubsub_subscription_iam_policy", + "google_pubsub_topic", + "google_pubsub_topic_iam_policy", + "google_redis_instance", + "google_runtimeconfig_config", + "google_runtimeconfig_config_iam_policy", + "google_runtimeconfig_variable", + "google_scc_source_iam_policy", + "google_scc_v2_organization_source_iam_policy", + "google_secret_manager_regional_secret", + "google_secret_manager_regional_secret_iam_policy", + "google_secret_manager_regional_secret_version", + "google_secret_manager_regional_secret_version_access", + "google_secret_manager_regional_secrets", + "google_secret_manager_secret", + "google_secret_manager_secret_iam_policy", + "google_secret_manager_secret_version", + "google_secret_manager_secret_version_access", + "google_secret_manager_secrets", + "google_secure_source_manager_instance_iam_policy", + "google_secure_source_manager_repository_iam_policy", + "google_service_account", + "google_service_account_access_token", + "google_service_account_iam_policy", + "google_service_account_id_token", + "google_service_account_jwt", + "google_service_account_key", + "google_service_accounts", + "google_service_directory_namespace_iam_policy", + "google_service_directory_service_iam_policy", + "google_site_verification_token", + "google_sourcerepo_repository", + "google_sourcerepo_repository_iam_policy", + "google_spanner_database", + "google_spanner_database_iam_policy", + "google_spanner_instance", + "google_spanner_instance_iam_policy", + "google_sql_backup_run", + "google_sql_ca_certs", + "google_sql_database", + "google_sql_database_instance", + "google_sql_database_instance_latest_recovery_time", + "google_sql_database_instances", + "google_sql_databases", + "google_sql_tiers", + "google_storage_bucket", + "google_storage_bucket_iam_policy", + "google_storage_bucket_object", + "google_storage_bucket_object_content", + "google_storage_bucket_objects", + "google_storage_buckets", + "google_storage_object_signed_url", + "google_storage_project_service_account", + "google_storage_transfer_project_service_account", + "google_tags_tag_key", + "google_tags_tag_key_iam_policy", + "google_tags_tag_keys", + "google_tags_tag_value", + "google_tags_tag_value_iam_policy", + "google_tags_tag_values", + "google_tpu_tensorflow_versions", + "google_tpu_v2_accelerator_types", + "google_tpu_v2_runtime_versions", + "google_vertex_ai_endpoint_iam_policy", + "google_vertex_ai_featurestore_entitytype_iam_policy", + "google_vertex_ai_featurestore_iam_policy", + "google_vmwareengine_cluster", + "google_vmwareengine_external_access_rule", + "google_vmwareengine_external_address", + "google_vmwareengine_network", + "google_vmwareengine_network_peering", + "google_vmwareengine_network_policy", + "google_vmwareengine_nsx_credentials", + "google_vmwareengine_private_cloud", + "google_vmwareengine_subnet", + "google_vmwareengine_vcenter_credentials", + "google_vpc_access_connector", + "google_workbench_instance_iam_policy", + "google_workstations_workstation_config_iam_policy", + "google_workstations_workstation_iam_policy" + ], + "resources": [ + "google_access_context_manager_access_level", + "google_access_context_manager_access_level_condition", + "google_access_context_manager_access_levels", + "google_access_context_manager_access_policy", + "google_access_context_manager_access_policy_iam_binding", + "google_access_context_manager_access_policy_iam_member", + "google_access_context_manager_access_policy_iam_policy", + "google_access_context_manager_authorized_orgs_desc", + "google_access_context_manager_gcp_user_access_binding", + "google_access_context_manager_service_perimeter", + "google_access_context_manager_service_perimeter_dry_run_egress_policy", + "google_access_context_manager_service_perimeter_dry_run_ingress_policy", + "google_access_context_manager_service_perimeter_dry_run_resource", + "google_access_context_manager_service_perimeter_egress_policy", + "google_access_context_manager_service_perimeter_ingress_policy", + "google_access_context_manager_service_perimeter_resource", + "google_access_context_manager_service_perimeters", + "google_active_directory_domain", + "google_active_directory_domain_trust", + "google_active_directory_peering", + "google_alloydb_backup", + "google_alloydb_cluster", + "google_alloydb_instance", + "google_alloydb_user", + "google_api_gateway_api", + "google_api_gateway_api_config", + "google_api_gateway_api_config_iam_binding", + "google_api_gateway_api_config_iam_member", + "google_api_gateway_api_config_iam_policy", + "google_api_gateway_api_iam_binding", + "google_api_gateway_api_iam_member", + "google_api_gateway_api_iam_policy", + "google_api_gateway_gateway", + "google_api_gateway_gateway_iam_binding", + "google_api_gateway_gateway_iam_member", + "google_api_gateway_gateway_iam_policy", + "google_apigee_addons_config", + "google_apigee_app_group", + "google_apigee_developer", + "google_apigee_env_keystore", + "google_apigee_envgroup", + "google_apigee_envgroup_attachment", + "google_apigee_environment", + "google_apigee_environment_addons_config", + "google_apigee_environment_iam_binding", + "google_apigee_environment_iam_member", + "google_apigee_environment_iam_policy", + "google_apigee_environment_keyvaluemaps", + "google_apigee_environment_keyvaluemaps_entries", + "google_apigee_instance", + "google_apigee_instance_attachment", + "google_apigee_keystores_aliases_self_signed_cert", + "google_apigee_nat_address", + "google_apigee_organization", + "google_apigee_sharedflow", + "google_apigee_sync_authorization", + "google_apigee_target_server", + "google_apihub_api_hub_instance", + "google_apikeys_key", + "google_app_engine_application", + "google_app_engine_application_url_dispatch_rules", + "google_app_engine_domain_mapping", + "google_app_engine_firewall_rule", + "google_app_engine_flexible_app_version", + "google_app_engine_service_network_settings", + "google_app_engine_service_split_traffic", + "google_app_engine_standard_app_version", + "google_apphub_application", + "google_apphub_service", + "google_apphub_service_project_attachment", + "google_apphub_workload", + "google_artifact_registry_repository", + "google_artifact_registry_repository_iam_binding", + "google_artifact_registry_repository_iam_member", + "google_artifact_registry_repository_iam_policy", + "google_artifact_registry_vpcsc_config", + "google_assured_workloads_workload", + "google_backup_dr_backup_plan", + "google_backup_dr_backup_plan_association", + "google_backup_dr_backup_vault", + "google_backup_dr_management_server", + "google_beyondcorp_app_connection", + "google_beyondcorp_app_connector", + "google_beyondcorp_app_gateway", + "google_beyondcorp_security_gateway", + "google_beyondcorp_security_gateway_iam_binding", + "google_beyondcorp_security_gateway_iam_member", + "google_beyondcorp_security_gateway_iam_policy", + "google_biglake_catalog", + "google_biglake_database", + "google_biglake_table", + "google_bigquery_analytics_hub_data_exchange", + "google_bigquery_analytics_hub_data_exchange_iam_binding", + "google_bigquery_analytics_hub_data_exchange_iam_member", + "google_bigquery_analytics_hub_data_exchange_iam_policy", + "google_bigquery_analytics_hub_listing", + "google_bigquery_analytics_hub_listing_iam_binding", + "google_bigquery_analytics_hub_listing_iam_member", + "google_bigquery_analytics_hub_listing_iam_policy", + "google_bigquery_bi_reservation", + "google_bigquery_capacity_commitment", + "google_bigquery_connection", + "google_bigquery_connection_iam_binding", + "google_bigquery_connection_iam_member", + "google_bigquery_connection_iam_policy", + "google_bigquery_data_transfer_config", + "google_bigquery_datapolicy_data_policy", + "google_bigquery_datapolicy_data_policy_iam_binding", + "google_bigquery_datapolicy_data_policy_iam_member", + "google_bigquery_datapolicy_data_policy_iam_policy", + "google_bigquery_dataset", + "google_bigquery_dataset_access", + "google_bigquery_dataset_iam_binding", + "google_bigquery_dataset_iam_member", + "google_bigquery_dataset_iam_policy", + "google_bigquery_job", + "google_bigquery_reservation", + "google_bigquery_reservation_assignment", + "google_bigquery_routine", + "google_bigquery_table", + "google_bigquery_table_iam_binding", + "google_bigquery_table_iam_member", + "google_bigquery_table_iam_policy", + "google_bigtable_app_profile", + "google_bigtable_authorized_view", + "google_bigtable_gc_policy", + "google_bigtable_instance", + "google_bigtable_instance_iam_binding", + "google_bigtable_instance_iam_member", + "google_bigtable_instance_iam_policy", + "google_bigtable_table", + "google_bigtable_table_iam_binding", + "google_bigtable_table_iam_member", + "google_bigtable_table_iam_policy", + "google_billing_account_iam_binding", + "google_billing_account_iam_member", + "google_billing_account_iam_policy", + "google_billing_budget", + "google_billing_project_info", + "google_billing_subaccount", + "google_binary_authorization_attestor", + "google_binary_authorization_attestor_iam_binding", + "google_binary_authorization_attestor_iam_member", + "google_binary_authorization_attestor_iam_policy", + "google_binary_authorization_policy", + "google_blockchain_node_engine_blockchain_nodes", + "google_certificate_manager_certificate", + "google_certificate_manager_certificate_issuance_config", + "google_certificate_manager_certificate_map", + "google_certificate_manager_certificate_map_entry", + "google_certificate_manager_dns_authorization", + "google_certificate_manager_trust_config", + "google_chronicle_data_access_label", + "google_chronicle_data_access_scope", + "google_chronicle_reference_list", + "google_chronicle_retrohunt", + "google_chronicle_rule", + "google_chronicle_rule_deployment", + "google_chronicle_watchlist", + "google_cloud_asset_folder_feed", + "google_cloud_asset_organization_feed", + "google_cloud_asset_project_feed", + "google_cloud_identity_group", + "google_cloud_identity_group_membership", + "google_cloud_ids_endpoint", + "google_cloud_quotas_quota_adjuster_settings", + "google_cloud_quotas_quota_preference", + "google_cloud_run_domain_mapping", + "google_cloud_run_service", + "google_cloud_run_service_iam_binding", + "google_cloud_run_service_iam_member", + "google_cloud_run_service_iam_policy", + "google_cloud_run_v2_job", + "google_cloud_run_v2_job_iam_binding", + "google_cloud_run_v2_job_iam_member", + "google_cloud_run_v2_job_iam_policy", + "google_cloud_run_v2_service", + "google_cloud_run_v2_service_iam_binding", + "google_cloud_run_v2_service_iam_member", + "google_cloud_run_v2_service_iam_policy", + "google_cloud_scheduler_job", + "google_cloud_tasks_queue", + "google_cloud_tasks_queue_iam_binding", + "google_cloud_tasks_queue_iam_member", + "google_cloud_tasks_queue_iam_policy", + "google_cloudbuild_bitbucket_server_config", + "google_cloudbuild_trigger", + "google_cloudbuild_worker_pool", + "google_cloudbuildv2_connection", + "google_cloudbuildv2_connection_iam_binding", + "google_cloudbuildv2_connection_iam_member", + "google_cloudbuildv2_connection_iam_policy", + "google_cloudbuildv2_repository", + "google_clouddeploy_automation", + "google_clouddeploy_custom_target_type", + "google_clouddeploy_custom_target_type_iam_binding", + "google_clouddeploy_custom_target_type_iam_member", + "google_clouddeploy_custom_target_type_iam_policy", + "google_clouddeploy_delivery_pipeline", + "google_clouddeploy_delivery_pipeline_iam_binding", + "google_clouddeploy_delivery_pipeline_iam_member", + "google_clouddeploy_delivery_pipeline_iam_policy", + "google_clouddeploy_target", + "google_clouddeploy_target_iam_binding", + "google_clouddeploy_target_iam_member", + "google_clouddeploy_target_iam_policy", + "google_clouddomains_registration", + "google_cloudfunctions2_function", + "google_cloudfunctions2_function_iam_binding", + "google_cloudfunctions2_function_iam_member", + "google_cloudfunctions2_function_iam_policy", + "google_cloudfunctions_function", + "google_cloudfunctions_function_iam_binding", + "google_cloudfunctions_function_iam_member", + "google_cloudfunctions_function_iam_policy", + "google_cloudiot_registry", + "google_colab_notebook_execution", + "google_colab_runtime", + "google_colab_runtime_template", + "google_colab_runtime_template_iam_binding", + "google_colab_runtime_template_iam_member", + "google_colab_runtime_template_iam_policy", + "google_composer_environment", + "google_composer_user_workloads_config_map", + "google_composer_user_workloads_secret", + "google_compute_address", + "google_compute_attached_disk", + "google_compute_autoscaler", + "google_compute_backend_bucket", + "google_compute_backend_bucket_iam_binding", + "google_compute_backend_bucket_iam_member", + "google_compute_backend_bucket_iam_policy", + "google_compute_backend_bucket_signed_url_key", + "google_compute_backend_service", + "google_compute_backend_service_iam_binding", + "google_compute_backend_service_iam_member", + "google_compute_backend_service_iam_policy", + "google_compute_backend_service_signed_url_key", + "google_compute_disk", + "google_compute_disk_async_replication", + "google_compute_disk_iam_binding", + "google_compute_disk_iam_member", + "google_compute_disk_iam_policy", + "google_compute_disk_resource_policy_attachment", + "google_compute_external_vpn_gateway", + "google_compute_firewall", + "google_compute_firewall_policy", + "google_compute_firewall_policy_association", + "google_compute_firewall_policy_rule", + "google_compute_firewall_policy_with_rules", + "google_compute_forwarding_rule", + "google_compute_global_address", + "google_compute_global_forwarding_rule", + "google_compute_global_network_endpoint", + "google_compute_global_network_endpoint_group", + "google_compute_ha_vpn_gateway", + "google_compute_health_check", + "google_compute_http_health_check", + "google_compute_https_health_check", + "google_compute_image", + "google_compute_image_iam_binding", + "google_compute_image_iam_member", + "google_compute_image_iam_policy", + "google_compute_instance", + "google_compute_instance_from_machine_image", + "google_compute_instance_from_template", + "google_compute_instance_group", + "google_compute_instance_group_manager", + "google_compute_instance_group_membership", + "google_compute_instance_group_named_port", + "google_compute_instance_iam_binding", + "google_compute_instance_iam_member", + "google_compute_instance_iam_policy", + "google_compute_instance_settings", + "google_compute_instance_template", + "google_compute_instance_template_iam_binding", + "google_compute_instance_template_iam_member", + "google_compute_instance_template_iam_policy", + "google_compute_interconnect", + "google_compute_interconnect_attachment", + "google_compute_machine_image", + "google_compute_machine_image_iam_binding", + "google_compute_machine_image_iam_member", + "google_compute_machine_image_iam_policy", + "google_compute_managed_ssl_certificate", + "google_compute_network", + "google_compute_network_attachment", + "google_compute_network_edge_security_service", + "google_compute_network_endpoint", + "google_compute_network_endpoint_group", + "google_compute_network_endpoints", + "google_compute_network_firewall_policy", + "google_compute_network_firewall_policy_association", + "google_compute_network_firewall_policy_rule", + "google_compute_network_firewall_policy_with_rules", + "google_compute_network_peering", + "google_compute_network_peering_routes_config", + "google_compute_node_group", + "google_compute_node_template", + "google_compute_organization_security_policy", + "google_compute_organization_security_policy_association", + "google_compute_organization_security_policy_rule", + "google_compute_packet_mirroring", + "google_compute_per_instance_config", + "google_compute_project_cloud_armor_tier", + "google_compute_project_default_network_tier", + "google_compute_project_metadata", + "google_compute_project_metadata_item", + "google_compute_public_advertised_prefix", + "google_compute_public_delegated_prefix", + "google_compute_region_autoscaler", + "google_compute_region_backend_service", + "google_compute_region_backend_service_iam_binding", + "google_compute_region_backend_service_iam_member", + "google_compute_region_backend_service_iam_policy", + "google_compute_region_commitment", + "google_compute_region_disk", + "google_compute_region_disk_iam_binding", + "google_compute_region_disk_iam_member", + "google_compute_region_disk_iam_policy", + "google_compute_region_disk_resource_policy_attachment", + "google_compute_region_health_check", + "google_compute_region_instance_group_manager", + "google_compute_region_instance_template", + "google_compute_region_network_endpoint", + "google_compute_region_network_endpoint_group", + "google_compute_region_network_firewall_policy", + "google_compute_region_network_firewall_policy_association", + "google_compute_region_network_firewall_policy_rule", + "google_compute_region_network_firewall_policy_with_rules", + "google_compute_region_per_instance_config", + "google_compute_region_resize_request", + "google_compute_region_security_policy", + "google_compute_region_security_policy_rule", + "google_compute_region_ssl_certificate", + "google_compute_region_target_http_proxy", + "google_compute_region_target_https_proxy", + "google_compute_region_target_tcp_proxy", + "google_compute_region_url_map", + "google_compute_reservation", + "google_compute_resize_request", + "google_compute_resource_policy", + "google_compute_route", + "google_compute_router", + "google_compute_router_interface", + "google_compute_router_nat", + "google_compute_router_nat_address", + "google_compute_router_peer", + "google_compute_router_route_policy", + "google_compute_security_policy", + "google_compute_security_policy_rule", + "google_compute_service_attachment", + "google_compute_shared_vpc_host_project", + "google_compute_shared_vpc_service_project", + "google_compute_snapshot", + "google_compute_snapshot_iam_binding", + "google_compute_snapshot_iam_member", + "google_compute_snapshot_iam_policy", + "google_compute_ssl_certificate", + "google_compute_ssl_policy", + "google_compute_subnetwork", + "google_compute_subnetwork_iam_binding", + "google_compute_subnetwork_iam_member", + "google_compute_subnetwork_iam_policy", + "google_compute_target_grpc_proxy", + "google_compute_target_http_proxy", + "google_compute_target_https_proxy", + "google_compute_target_instance", + "google_compute_target_pool", + "google_compute_target_ssl_proxy", + "google_compute_target_tcp_proxy", + "google_compute_url_map", + "google_compute_vpn_gateway", + "google_compute_vpn_tunnel", + "google_container_analysis_note", + "google_container_analysis_note_iam_binding", + "google_container_analysis_note_iam_member", + "google_container_analysis_note_iam_policy", + "google_container_analysis_occurrence", + "google_container_attached_cluster", + "google_container_aws_cluster", + "google_container_aws_node_pool", + "google_container_azure_client", + "google_container_azure_cluster", + "google_container_azure_node_pool", + "google_container_cluster", + "google_container_node_pool", + "google_container_registry", + "google_data_catalog_entry", + "google_data_catalog_entry_group", + "google_data_catalog_entry_group_iam_binding", + "google_data_catalog_entry_group_iam_member", + "google_data_catalog_entry_group_iam_policy", + "google_data_catalog_policy_tag", + "google_data_catalog_policy_tag_iam_binding", + "google_data_catalog_policy_tag_iam_member", + "google_data_catalog_policy_tag_iam_policy", + "google_data_catalog_tag", + "google_data_catalog_tag_template", + "google_data_catalog_tag_template_iam_binding", + "google_data_catalog_tag_template_iam_member", + "google_data_catalog_tag_template_iam_policy", + "google_data_catalog_taxonomy", + "google_data_catalog_taxonomy_iam_binding", + "google_data_catalog_taxonomy_iam_member", + "google_data_catalog_taxonomy_iam_policy", + "google_data_fusion_instance", + "google_data_fusion_instance_iam_binding", + "google_data_fusion_instance_iam_member", + "google_data_fusion_instance_iam_policy", + "google_data_loss_prevention_deidentify_template", + "google_data_loss_prevention_discovery_config", + "google_data_loss_prevention_inspect_template", + "google_data_loss_prevention_job_trigger", + "google_data_loss_prevention_stored_info_type", + "google_data_pipeline_pipeline", + "google_database_migration_service_connection_profile", + "google_database_migration_service_migration_job", + "google_database_migration_service_private_connection", + "google_dataflow_flex_template_job", + "google_dataflow_job", + "google_dataform_repository", + "google_dataform_repository_iam_binding", + "google_dataform_repository_iam_member", + "google_dataform_repository_iam_policy", + "google_dataform_repository_release_config", + "google_dataform_repository_workflow_config", + "google_dataplex_aspect_type", + "google_dataplex_aspect_type_iam_binding", + "google_dataplex_aspect_type_iam_member", + "google_dataplex_aspect_type_iam_policy", + "google_dataplex_asset", + "google_dataplex_asset_iam_binding", + "google_dataplex_asset_iam_member", + "google_dataplex_asset_iam_policy", + "google_dataplex_datascan", + "google_dataplex_datascan_iam_binding", + "google_dataplex_datascan_iam_member", + "google_dataplex_datascan_iam_policy", + "google_dataplex_entry_group", + "google_dataplex_entry_group_iam_binding", + "google_dataplex_entry_group_iam_member", + "google_dataplex_entry_group_iam_policy", + "google_dataplex_entry_type", + "google_dataplex_entry_type_iam_binding", + "google_dataplex_entry_type_iam_member", + "google_dataplex_entry_type_iam_policy", + "google_dataplex_lake", + "google_dataplex_lake_iam_binding", + "google_dataplex_lake_iam_member", + "google_dataplex_lake_iam_policy", + "google_dataplex_task", + "google_dataplex_task_iam_binding", + "google_dataplex_task_iam_member", + "google_dataplex_task_iam_policy", + "google_dataplex_zone", + "google_dataplex_zone_iam_binding", + "google_dataplex_zone_iam_member", + "google_dataplex_zone_iam_policy", + "google_dataproc_autoscaling_policy", + "google_dataproc_autoscaling_policy_iam_binding", + "google_dataproc_autoscaling_policy_iam_member", + "google_dataproc_autoscaling_policy_iam_policy", + "google_dataproc_batch", + "google_dataproc_cluster", + "google_dataproc_cluster_iam_binding", + "google_dataproc_cluster_iam_member", + "google_dataproc_cluster_iam_policy", + "google_dataproc_gdc_application_environment", + "google_dataproc_gdc_service_instance", + "google_dataproc_gdc_spark_application", + "google_dataproc_job", + "google_dataproc_job_iam_binding", + "google_dataproc_job_iam_member", + "google_dataproc_job_iam_policy", + "google_dataproc_metastore_federation", + "google_dataproc_metastore_federation_iam_binding", + "google_dataproc_metastore_federation_iam_member", + "google_dataproc_metastore_federation_iam_policy", + "google_dataproc_metastore_service", + "google_dataproc_metastore_service_iam_binding", + "google_dataproc_metastore_service_iam_member", + "google_dataproc_metastore_service_iam_policy", + "google_dataproc_workflow_template", + "google_datastream_connection_profile", + "google_datastream_private_connection", + "google_datastream_stream", + "google_deployment_manager_deployment", + "google_developer_connect_connection", + "google_developer_connect_git_repository_link", + "google_dialogflow_agent", + "google_dialogflow_cx_agent", + "google_dialogflow_cx_entity_type", + "google_dialogflow_cx_environment", + "google_dialogflow_cx_flow", + "google_dialogflow_cx_intent", + "google_dialogflow_cx_page", + "google_dialogflow_cx_security_settings", + "google_dialogflow_cx_version", + "google_dialogflow_cx_webhook", + "google_dialogflow_entity_type", + "google_dialogflow_fulfillment", + "google_dialogflow_intent", + "google_discovery_engine_chat_engine", + "google_discovery_engine_data_store", + "google_discovery_engine_schema", + "google_discovery_engine_search_engine", + "google_discovery_engine_target_site", + "google_dns_managed_zone", + "google_dns_managed_zone_iam_binding", + "google_dns_managed_zone_iam_member", + "google_dns_managed_zone_iam_policy", + "google_dns_policy", + "google_dns_record_set", + "google_dns_response_policy", + "google_dns_response_policy_rule", + "google_document_ai_processor", + "google_document_ai_processor_default_version", + "google_document_ai_warehouse_document_schema", + "google_document_ai_warehouse_location", + "google_edgecontainer_cluster", + "google_edgecontainer_node_pool", + "google_edgecontainer_vpn_connection", + "google_edgenetwork_interconnect_attachment", + "google_edgenetwork_network", + "google_edgenetwork_subnet", + "google_endpoints_service", + "google_endpoints_service_consumers_iam_binding", + "google_endpoints_service_consumers_iam_member", + "google_endpoints_service_consumers_iam_policy", + "google_endpoints_service_iam_binding", + "google_endpoints_service_iam_member", + "google_endpoints_service_iam_policy", + "google_essential_contacts_contact", + "google_eventarc_channel", + "google_eventarc_google_channel_config", + "google_eventarc_trigger", + "google_filestore_backup", + "google_filestore_instance", + "google_filestore_snapshot", + "google_firebase_android_app", + "google_firebase_app_check_app_attest_config", + "google_firebase_app_check_debug_token", + "google_firebase_app_check_device_check_config", + "google_firebase_app_check_play_integrity_config", + "google_firebase_app_check_recaptcha_enterprise_config", + "google_firebase_app_check_recaptcha_v3_config", + "google_firebase_app_check_service_config", + "google_firebase_apple_app", + "google_firebase_database_instance", + "google_firebase_extensions_instance", + "google_firebase_hosting_channel", + "google_firebase_hosting_custom_domain", + "google_firebase_hosting_release", + "google_firebase_hosting_site", + "google_firebase_hosting_version", + "google_firebase_project", + "google_firebase_project_location", + "google_firebase_storage_bucket", + "google_firebase_web_app", + "google_firebaserules_release", + "google_firebaserules_ruleset", + "google_firestore_backup_schedule", + "google_firestore_database", + "google_firestore_document", + "google_firestore_field", + "google_firestore_index", + "google_folder", + "google_folder_access_approval_settings", + "google_folder_iam_audit_config", + "google_folder_iam_binding", + "google_folder_iam_member", + "google_folder_iam_policy", + "google_folder_organization_policy", + "google_gemini_code_repository_index", + "google_gemini_repository_group", + "google_gemini_repository_group_iam_binding", + "google_gemini_repository_group_iam_member", + "google_gemini_repository_group_iam_policy", + "google_gke_backup_backup_plan", + "google_gke_backup_backup_plan_iam_binding", + "google_gke_backup_backup_plan_iam_member", + "google_gke_backup_backup_plan_iam_policy", + "google_gke_backup_restore_plan", + "google_gke_backup_restore_plan_iam_binding", + "google_gke_backup_restore_plan_iam_member", + "google_gke_backup_restore_plan_iam_policy", + "google_gke_hub_feature", + "google_gke_hub_feature_iam_binding", + "google_gke_hub_feature_iam_member", + "google_gke_hub_feature_iam_policy", + "google_gke_hub_feature_membership", + "google_gke_hub_fleet", + "google_gke_hub_membership", + "google_gke_hub_membership_binding", + "google_gke_hub_membership_iam_binding", + "google_gke_hub_membership_iam_member", + "google_gke_hub_membership_iam_policy", + "google_gke_hub_membership_rbac_role_binding", + "google_gke_hub_namespace", + "google_gke_hub_scope", + "google_gke_hub_scope_iam_binding", + "google_gke_hub_scope_iam_member", + "google_gke_hub_scope_iam_policy", + "google_gke_hub_scope_rbac_role_binding", + "google_gkeonprem_bare_metal_admin_cluster", + "google_gkeonprem_bare_metal_cluster", + "google_gkeonprem_bare_metal_node_pool", + "google_gkeonprem_vmware_admin_cluster", + "google_gkeonprem_vmware_cluster", + "google_gkeonprem_vmware_node_pool", + "google_healthcare_consent_store", + "google_healthcare_consent_store_iam_binding", + "google_healthcare_consent_store_iam_member", + "google_healthcare_consent_store_iam_policy", + "google_healthcare_dataset", + "google_healthcare_dataset_iam_binding", + "google_healthcare_dataset_iam_member", + "google_healthcare_dataset_iam_policy", + "google_healthcare_dicom_store", + "google_healthcare_dicom_store_iam_binding", + "google_healthcare_dicom_store_iam_member", + "google_healthcare_dicom_store_iam_policy", + "google_healthcare_fhir_store", + "google_healthcare_fhir_store_iam_binding", + "google_healthcare_fhir_store_iam_member", + "google_healthcare_fhir_store_iam_policy", + "google_healthcare_hl7_v2_store", + "google_healthcare_hl7_v2_store_iam_binding", + "google_healthcare_hl7_v2_store_iam_member", + "google_healthcare_hl7_v2_store_iam_policy", + "google_healthcare_pipeline_job", + "google_healthcare_workspace", + "google_iam_access_boundary_policy", + "google_iam_deny_policy", + "google_iam_folders_policy_binding", + "google_iam_organizations_policy_binding", + "google_iam_principal_access_boundary_policy", + "google_iam_projects_policy_binding", + "google_iam_workforce_pool", + "google_iam_workforce_pool_provider", + "google_iam_workload_identity_pool", + "google_iam_workload_identity_pool_provider", + "google_iap_app_engine_service_iam_binding", + "google_iap_app_engine_service_iam_member", + "google_iap_app_engine_service_iam_policy", + "google_iap_app_engine_version_iam_binding", + "google_iap_app_engine_version_iam_member", + "google_iap_app_engine_version_iam_policy", + "google_iap_brand", + "google_iap_client", + "google_iap_settings", + "google_iap_tunnel_dest_group", + "google_iap_tunnel_dest_group_iam_binding", + "google_iap_tunnel_dest_group_iam_member", + "google_iap_tunnel_dest_group_iam_policy", + "google_iap_tunnel_iam_binding", + "google_iap_tunnel_iam_member", + "google_iap_tunnel_iam_policy", + "google_iap_tunnel_instance_iam_binding", + "google_iap_tunnel_instance_iam_member", + "google_iap_tunnel_instance_iam_policy", + "google_iap_web_backend_service_iam_binding", + "google_iap_web_backend_service_iam_member", + "google_iap_web_backend_service_iam_policy", + "google_iap_web_iam_binding", + "google_iap_web_iam_member", + "google_iap_web_iam_policy", + "google_iap_web_region_backend_service_iam_binding", + "google_iap_web_region_backend_service_iam_member", + "google_iap_web_region_backend_service_iam_policy", + "google_iap_web_type_app_engine_iam_binding", + "google_iap_web_type_app_engine_iam_member", + "google_iap_web_type_app_engine_iam_policy", + "google_iap_web_type_compute_iam_binding", + "google_iap_web_type_compute_iam_member", + "google_iap_web_type_compute_iam_policy", + "google_identity_platform_config", + "google_identity_platform_default_supported_idp_config", + "google_identity_platform_inbound_saml_config", + "google_identity_platform_oauth_idp_config", + "google_identity_platform_tenant", + "google_identity_platform_tenant_default_supported_idp_config", + "google_identity_platform_tenant_inbound_saml_config", + "google_identity_platform_tenant_oauth_idp_config", + "google_integration_connectors_connection", + "google_integration_connectors_endpoint_attachment", + "google_integration_connectors_managed_zone", + "google_integrations_auth_config", + "google_integrations_client", + "google_kms_autokey_config", + "google_kms_crypto_key", + "google_kms_crypto_key_iam_binding", + "google_kms_crypto_key_iam_member", + "google_kms_crypto_key_iam_policy", + "google_kms_crypto_key_version", + "google_kms_ekm_connection", + "google_kms_ekm_connection_iam_binding", + "google_kms_ekm_connection_iam_member", + "google_kms_ekm_connection_iam_policy", + "google_kms_key_handle", + "google_kms_key_ring", + "google_kms_key_ring_iam_binding", + "google_kms_key_ring_iam_member", + "google_kms_key_ring_iam_policy", + "google_kms_key_ring_import_job", + "google_kms_secret_ciphertext", + "google_logging_billing_account_bucket_config", + "google_logging_billing_account_exclusion", + "google_logging_billing_account_sink", + "google_logging_folder_bucket_config", + "google_logging_folder_exclusion", + "google_logging_folder_settings", + "google_logging_folder_sink", + "google_logging_linked_dataset", + "google_logging_log_scope", + "google_logging_log_view", + "google_logging_log_view_iam_binding", + "google_logging_log_view_iam_member", + "google_logging_log_view_iam_policy", + "google_logging_metric", + "google_logging_organization_bucket_config", + "google_logging_organization_exclusion", + "google_logging_organization_settings", + "google_logging_organization_sink", + "google_logging_project_bucket_config", + "google_logging_project_exclusion", + "google_logging_project_sink", + "google_looker_instance", + "google_managed_kafka_cluster", + "google_managed_kafka_topic", + "google_memcache_instance", + "google_memorystore_instance", + "google_migration_center_group", + "google_migration_center_preference_set", + "google_ml_engine_model", + "google_monitoring_alert_policy", + "google_monitoring_custom_service", + "google_monitoring_dashboard", + "google_monitoring_group", + "google_monitoring_metric_descriptor", + "google_monitoring_monitored_project", + "google_monitoring_notification_channel", + "google_monitoring_service", + "google_monitoring_slo", + "google_monitoring_uptime_check_config", + "google_netapp_active_directory", + "google_netapp_backup", + "google_netapp_backup_policy", + "google_netapp_backup_vault", + "google_netapp_kmsconfig", + "google_netapp_storage_pool", + "google_netapp_volume", + "google_netapp_volume_replication", + "google_netapp_volume_snapshot", + "google_network_connectivity_group", + "google_network_connectivity_hub", + "google_network_connectivity_internal_range", + "google_network_connectivity_policy_based_route", + "google_network_connectivity_regional_endpoint", + "google_network_connectivity_service_connection_policy", + "google_network_connectivity_spoke", + "google_network_management_vpc_flow_logs_config", + "google_network_security_address_group", + "google_network_security_address_group_iam_binding", + "google_network_security_address_group_iam_member", + "google_network_security_address_group_iam_policy", + "google_network_security_authorization_policy", + "google_network_security_authz_policy", + "google_network_security_client_tls_policy", + "google_network_security_firewall_endpoint", + "google_network_security_firewall_endpoint_association", + "google_network_security_gateway_security_policy", + "google_network_security_gateway_security_policy_rule", + "google_network_security_intercept_deployment", + "google_network_security_intercept_deployment_group", + "google_network_security_intercept_endpoint_group", + "google_network_security_intercept_endpoint_group_association", + "google_network_security_mirroring_deployment", + "google_network_security_mirroring_deployment_group", + "google_network_security_mirroring_endpoint_group", + "google_network_security_mirroring_endpoint_group_association", + "google_network_security_security_profile", + "google_network_security_security_profile_group", + "google_network_security_server_tls_policy", + "google_network_security_tls_inspection_policy", + "google_network_security_url_lists", + "google_network_services_authz_extension", + "google_network_services_edge_cache_keyset", + "google_network_services_edge_cache_origin", + "google_network_services_edge_cache_service", + "google_network_services_endpoint_policy", + "google_network_services_gateway", + "google_network_services_grpc_route", + "google_network_services_http_route", + "google_network_services_lb_route_extension", + "google_network_services_lb_traffic_extension", + "google_network_services_mesh", + "google_network_services_service_binding", + "google_network_services_service_lb_policies", + "google_network_services_tcp_route", + "google_network_services_tls_route", + "google_notebooks_environment", + "google_notebooks_instance", + "google_notebooks_instance_iam_binding", + "google_notebooks_instance_iam_member", + "google_notebooks_instance_iam_policy", + "google_notebooks_runtime", + "google_notebooks_runtime_iam_binding", + "google_notebooks_runtime_iam_member", + "google_notebooks_runtime_iam_policy", + "google_oracle_database_autonomous_database", + "google_oracle_database_cloud_exadata_infrastructure", + "google_oracle_database_cloud_vm_cluster", + "google_org_policy_custom_constraint", + "google_org_policy_policy", + "google_organization_access_approval_settings", + "google_organization_iam_audit_config", + "google_organization_iam_binding", + "google_organization_iam_custom_role", + "google_organization_iam_member", + "google_organization_iam_policy", + "google_organization_policy", + "google_os_config_guest_policies", + "google_os_config_os_policy_assignment", + "google_os_config_patch_deployment", + "google_os_login_ssh_public_key", + "google_parallelstore_instance", + "google_parameter_manager_parameter", + "google_parameter_manager_parameter_version", + "google_parameter_manager_regional_parameter", + "google_parameter_manager_regional_parameter_version", + "google_privateca_ca_pool", + "google_privateca_ca_pool_iam_binding", + "google_privateca_ca_pool_iam_member", + "google_privateca_ca_pool_iam_policy", + "google_privateca_certificate", + "google_privateca_certificate_authority", + "google_privateca_certificate_template", + "google_privateca_certificate_template_iam_binding", + "google_privateca_certificate_template_iam_member", + "google_privateca_certificate_template_iam_policy", + "google_privileged_access_manager_entitlement", + "google_project", + "google_project_access_approval_settings", + "google_project_default_service_accounts", + "google_project_iam_audit_config", + "google_project_iam_binding", + "google_project_iam_custom_role", + "google_project_iam_member", + "google_project_iam_member_remove", + "google_project_iam_policy", + "google_project_organization_policy", + "google_project_service", + "google_project_service_identity", + "google_project_services", + "google_project_usage_export_bucket", + "google_public_ca_external_account_key", + "google_pubsub_lite_reservation", + "google_pubsub_lite_subscription", + "google_pubsub_lite_topic", + "google_pubsub_schema", + "google_pubsub_schema_iam_binding", + "google_pubsub_schema_iam_member", + "google_pubsub_schema_iam_policy", + "google_pubsub_subscription", + "google_pubsub_subscription_iam_binding", + "google_pubsub_subscription_iam_member", + "google_pubsub_subscription_iam_policy", + "google_pubsub_topic", + "google_pubsub_topic_iam_binding", + "google_pubsub_topic_iam_member", + "google_pubsub_topic_iam_policy", + "google_recaptcha_enterprise_key", + "google_redis_cluster", + "google_redis_cluster_user_created_connections", + "google_redis_instance", + "google_resource_manager_lien", + "google_runtimeconfig_config", + "google_runtimeconfig_config_iam_binding", + "google_runtimeconfig_config_iam_member", + "google_runtimeconfig_config_iam_policy", + "google_runtimeconfig_variable", + "google_scc_event_threat_detection_custom_module", + "google_scc_folder_custom_module", + "google_scc_folder_notification_config", + "google_scc_folder_scc_big_query_export", + "google_scc_management_folder_security_health_analytics_custom_module", + "google_scc_management_organization_event_threat_detection_custom_module", + "google_scc_management_organization_security_health_analytics_custom_module", + "google_scc_management_project_security_health_analytics_custom_module", + "google_scc_mute_config", + "google_scc_notification_config", + "google_scc_organization_custom_module", + "google_scc_organization_scc_big_query_export", + "google_scc_project_custom_module", + "google_scc_project_notification_config", + "google_scc_project_scc_big_query_export", + "google_scc_source", + "google_scc_source_iam_binding", + "google_scc_source_iam_member", + "google_scc_source_iam_policy", + "google_scc_v2_folder_mute_config", + "google_scc_v2_folder_notification_config", + "google_scc_v2_folder_scc_big_query_export", + "google_scc_v2_organization_mute_config", + "google_scc_v2_organization_notification_config", + "google_scc_v2_organization_scc_big_query_export", + "google_scc_v2_organization_scc_big_query_exports", + "google_scc_v2_organization_source_iam_binding", + "google_scc_v2_organization_source_iam_member", + "google_scc_v2_organization_source_iam_policy", + "google_scc_v2_project_mute_config", + "google_scc_v2_project_notification_config", + "google_scc_v2_project_scc_big_query_export", + "google_secret_manager_regional_secret", + "google_secret_manager_regional_secret_iam_binding", + "google_secret_manager_regional_secret_iam_member", + "google_secret_manager_regional_secret_iam_policy", + "google_secret_manager_regional_secret_version", + "google_secret_manager_secret", + "google_secret_manager_secret_iam_binding", + "google_secret_manager_secret_iam_member", + "google_secret_manager_secret_iam_policy", + "google_secret_manager_secret_version", + "google_secure_source_manager_branch_rule", + "google_secure_source_manager_instance", + "google_secure_source_manager_instance_iam_binding", + "google_secure_source_manager_instance_iam_member", + "google_secure_source_manager_instance_iam_policy", + "google_secure_source_manager_repository", + "google_secure_source_manager_repository_iam_binding", + "google_secure_source_manager_repository_iam_member", + "google_secure_source_manager_repository_iam_policy", + "google_security_scanner_scan_config", + "google_securityposture_posture", + "google_service_account", + "google_service_account_iam_binding", + "google_service_account_iam_member", + "google_service_account_iam_policy", + "google_service_account_key", + "google_service_directory_endpoint", + "google_service_directory_namespace", + "google_service_directory_namespace_iam_binding", + "google_service_directory_namespace_iam_member", + "google_service_directory_namespace_iam_policy", + "google_service_directory_service", + "google_service_directory_service_iam_binding", + "google_service_directory_service_iam_member", + "google_service_directory_service_iam_policy", + "google_service_networking_connection", + "google_service_networking_peered_dns_domain", + "google_service_networking_vpc_service_controls", + "google_service_usage_consumer_quota_override", + "google_site_verification_owner", + "google_site_verification_web_resource", + "google_sourcerepo_repository", + "google_sourcerepo_repository_iam_binding", + "google_sourcerepo_repository_iam_member", + "google_sourcerepo_repository_iam_policy", + "google_spanner_backup_schedule", + "google_spanner_database", + "google_spanner_database_iam_binding", + "google_spanner_database_iam_member", + "google_spanner_database_iam_policy", + "google_spanner_instance", + "google_spanner_instance_config", + "google_spanner_instance_iam_binding", + "google_spanner_instance_iam_member", + "google_spanner_instance_iam_policy", + "google_sql_database", + "google_sql_database_instance", + "google_sql_source_representation_instance", + "google_sql_ssl_cert", + "google_sql_user", + "google_storage_bucket", + "google_storage_bucket_access_control", + "google_storage_bucket_acl", + "google_storage_bucket_iam_binding", + "google_storage_bucket_iam_member", + "google_storage_bucket_iam_policy", + "google_storage_bucket_object", + "google_storage_default_object_access_control", + "google_storage_default_object_acl", + "google_storage_folder", + "google_storage_hmac_key", + "google_storage_insights_report_config", + "google_storage_managed_folder", + "google_storage_managed_folder_iam_binding", + "google_storage_managed_folder_iam_member", + "google_storage_managed_folder_iam_policy", + "google_storage_notification", + "google_storage_object_access_control", + "google_storage_object_acl", + "google_storage_transfer_agent_pool", + "google_storage_transfer_job", + "google_tags_location_tag_binding", + "google_tags_tag_binding", + "google_tags_tag_key", + "google_tags_tag_key_iam_binding", + "google_tags_tag_key_iam_member", + "google_tags_tag_key_iam_policy", + "google_tags_tag_value", + "google_tags_tag_value_iam_binding", + "google_tags_tag_value_iam_member", + "google_tags_tag_value_iam_policy", + "google_tpu_node", + "google_tpu_v2_queued_resource", + "google_tpu_v2_vm", + "google_transcoder_job", + "google_transcoder_job_template", + "google_vertex_ai_dataset", + "google_vertex_ai_deployment_resource_pool", + "google_vertex_ai_endpoint", + "google_vertex_ai_endpoint_iam_binding", + "google_vertex_ai_endpoint_iam_member", + "google_vertex_ai_endpoint_iam_policy", + "google_vertex_ai_feature_group", + "google_vertex_ai_feature_group_feature", + "google_vertex_ai_feature_online_store", + "google_vertex_ai_feature_online_store_featureview", + "google_vertex_ai_featurestore", + "google_vertex_ai_featurestore_entitytype", + "google_vertex_ai_featurestore_entitytype_feature", + "google_vertex_ai_featurestore_entitytype_iam_binding", + "google_vertex_ai_featurestore_entitytype_iam_member", + "google_vertex_ai_featurestore_entitytype_iam_policy", + "google_vertex_ai_featurestore_iam_binding", + "google_vertex_ai_featurestore_iam_member", + "google_vertex_ai_featurestore_iam_policy", + "google_vertex_ai_index", + "google_vertex_ai_index_endpoint", + "google_vertex_ai_index_endpoint_deployed_index", + "google_vertex_ai_metadata_store", + "google_vertex_ai_tensorboard", + "google_vmwareengine_cluster", + "google_vmwareengine_external_access_rule", + "google_vmwareengine_external_address", + "google_vmwareengine_network", + "google_vmwareengine_network_peering", + "google_vmwareengine_network_policy", + "google_vmwareengine_private_cloud", + "google_vmwareengine_subnet", + "google_vpc_access_connector", + "google_workbench_instance", + "google_workbench_instance_iam_binding", + "google_workbench_instance_iam_member", + "google_workbench_instance_iam_policy", + "google_workflows_workflow", + "google_workstations_workstation", + "google_workstations_workstation_cluster", + "google_workstations_workstation_config", + "google_workstations_workstation_config_iam_binding", + "google_workstations_workstation_config_iam_member", + "google_workstations_workstation_config_iam_policy", + "google_workstations_workstation_iam_binding", + "google_workstations_workstation_iam_member", + "google_workstations_workstation_iam_policy" + ] +} diff --git a/src/parse/parse.go b/src/parse/parse.go index ca82bc2a..afc9f60a 100644 --- a/src/parse/parse.go +++ b/src/parse/parse.go @@ -36,6 +36,7 @@ func Parse(codebase string, name string) error { { match := `resource "(` + name + `_.*?)"` myProvider.Resources, err = getMatches(codebase, match, "markdown") + if err != nil { return err } @@ -48,6 +49,7 @@ func Parse(codebase string, name string) error { default: match := `resource "(` + name + `_.*?)"` myProvider.Resources, err = getMatches(codebase, match, "markdown") + if err != nil { return err } @@ -65,6 +67,7 @@ func Parse(codebase string, name string) error { log.Info().Msgf("creating %s-members.json", name) err = os.WriteFile(name+"-members.json", jsonOut, 0o700) + if err != nil { return err } diff --git a/src/parse/parse_test.go b/src/parse/parse_test.go index 355463ec..ae16107b 100644 --- a/src/parse/parse_test.go +++ b/src/parse/parse_test.go @@ -79,6 +79,7 @@ func TestGetKeys(t *testing.T) { nothing := map[string]bool{} var bumpkis []string + myKeys := []string{"first"} tests := []struct { @@ -169,6 +170,7 @@ func TestGetMatches(t *testing.T) { t.Errorf("GetMatches() error = %v, wantErr %v", err, tt.wantErr) return } + if !reflect.DeepEqual(got, tt.want) { t.Errorf("GetMatches() got = %v, want %v", got, tt.want) } @@ -240,9 +242,11 @@ func TestParse(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() setup(tt.args.name) + if err := Parse(tt.args.codebase, tt.args.name); (err != nil) != tt.wantErr { t.Errorf("Parse() error = %v, wantErr %v", err, tt.wantErr) } + teardown(tt.args.name) }) } @@ -289,9 +293,11 @@ func Test_add(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() got, got1 := add(tt.args.s, tt.args.m, tt.args.a) + if !reflect.DeepEqual(got, tt.want) { t.Errorf("add() got = %v, want %v", got, tt.want) } + if !reflect.DeepEqual(got1, tt.want1) { t.Errorf("add() got1 = %v, want %v", got1, tt.want1) } @@ -329,9 +335,11 @@ func TestAdd(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { gotSlice, gotMap := add(tt.s, tt.m, tt.a) + if !reflect.DeepEqual(gotSlice, tt.wantSlice) { t.Errorf("add() gotSlice = %v, want %v", gotSlice, tt.wantSlice) } + if !reflect.DeepEqual(gotMap, tt.wantMap) { t.Errorf("add() gotMap = %v, want %v", gotMap, tt.wantMap) } diff --git a/src/policy.go b/src/policy.go index 1b4611e4..645eefe7 100644 --- a/src/policy.go +++ b/src/policy.go @@ -120,6 +120,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) { // dedupe AWSPermissions := Unique(actions.AWS) OutPolicy.AWS, err = AWSPolicy(AWSPermissions, resources) + if err != nil { log.Error().Err(err) @@ -135,6 +136,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) { // dedupe GCPPermissions := Unique(actions.GCP) OutPolicy.GCP, err = GCPPolicy(GCPPermissions) + if err != nil { log.Error().Err(err) @@ -150,6 +152,7 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) { // dedupe AZUREPermissions := Unique(actions.AZURE) OutPolicy.AZURE, err = AZUREPolicy(AZUREPermissions, DefaultPolicyName) + if err != nil { log.Error().Err(err) diff --git a/src/policy_test.go b/src/policy_test.go index f4d21695..eee2da24 100644 --- a/src/policy_test.go +++ b/src/policy_test.go @@ -292,6 +292,7 @@ func Test_unique(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + if got := pike.Unique(tt.args.s); !reflect.DeepEqual(got, tt.want) { t.Errorf("Unique() = %v, want %v", got, tt.want) } diff --git a/src/readme.go b/src/readme.go index 5903bbc7..ae8acf6f 100644 --- a/src/readme.go +++ b/src/readme.go @@ -14,6 +14,15 @@ type replaceSectionError struct { err error } +type fileDoesNotExistError struct { + file string + err error +} + +func (e fileDoesNotExistError) Error() string { + return fmt.Sprintf("file %s does not exist %v", e.file, e.err) +} + func (m *replaceSectionError) Error() string { return fmt.Sprintf("failed to replace section %v", m.err) } @@ -23,7 +32,7 @@ func Readme(dirName string, output string, init bool, autoAppend bool) error { file := path.Join(dirName, "README.md") if _, err := os.Stat(file); errors.Is(err, os.ErrNotExist) { - return err + return &fileDoesNotExistError{file, err} } OutPolicy, err := MakePolicy(dirName, nil, init, false, "") diff --git a/src/scan.go b/src/scan.go index 1ccf3827..972dae15 100644 --- a/src/scan.go +++ b/src/scan.go @@ -139,6 +139,7 @@ func WriteOutput(outPolicy OutputPolicy, output, location string) error { newPath, _ := filepath.Abs(location + "/.pike") err := os.MkdirAll(newPath, os.ModePerm) + if err != nil { return &makeDirectoryError{directory: newPath, err: err} } @@ -154,6 +155,7 @@ func WriteOutput(outPolicy OutputPolicy, output, location string) error { if outPolicy.AWS.Terraform != "" { roleFile := path.Join(newPath, "aws_iam_role.terraform_pike.tf") err = os.WriteFile(roleFile, roleTemplate, 0o644) + if err != nil { return &writeFileError{file: roleFile, err: err} } @@ -194,6 +196,7 @@ func Init(dirName string) (*string, []string, error) { modulesDir := path.Join(dirName, dotTfModules) modules, err := os.ReadDir(modulesDir) + if err != nil { return &tfPath, nil, &readDirectoryError{directory: modulesDir, err: err} } @@ -338,8 +341,9 @@ func MakePolicy(dirName string, file *string, init bool, EnableResources bool, p // GetTF return tf files in a directory. func GetTF(dirName string) ([]string, error) { files, err := GetTFFiles(dirName) + if err != nil { - return nil, fmt.Errorf("folder %s can't be found, may not be local path", dirName) + return nil, &directoryNotFoundError{dirName} } modulePath := path.Join(dirName, dotTfModules) diff --git a/src/scan_test.go b/src/scan_test.go index d597f80c..3660b127 100644 --- a/src/scan_test.go +++ b/src/scan_test.go @@ -37,7 +37,13 @@ func TestScan(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - if err := pike.Scan(tt.args.dirname, tt.args.output, nil, false, tt.args.write, false, ""); (err != nil) != tt.wantErr { + if err := pike.Scan( + tt.args.dirname, + tt.args.output, + nil, false, + tt.args.write, + false, + ""); (err != nil) != tt.wantErr { t.Errorf("Scan() error = %v, wantErr %v", err, tt.wantErr) } }) @@ -110,6 +116,7 @@ func Test_stringInSlice(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + if got := pike.StringInSlice(tt.args.a, tt.args.list); got != tt.want { t.Errorf("StringInSlice() = %v, want %v", got, tt.want) } @@ -617,7 +624,8 @@ func TestWriteOutput(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - if err := pike.WriteOutput(tt.args.OutPolicy, tt.args.output, tt.args.location); (err != nil) != tt.wantErr { + if err := pike.WriteOutput( + tt.args.OutPolicy, tt.args.output, tt.args.location); (err != nil) != tt.wantErr { t.Errorf("WriteOutput() error = %v, wantErr %v", err, tt.wantErr) } }) @@ -643,15 +651,19 @@ func TestLocateTerraform(t *testing.T) { if tt.os == runtime.GOOS { t.Run(tt.name, func(t *testing.T) { t.Parallel() + got, err := pike.LocateTerraform() + if (err != nil) != tt.wantErr { t.Errorf("LocateTerraform() error = %v, wantErr %v", err, tt.wantErr) return } + if got == "" { t.Errorf("LocateTerraform() = %v, expected %v", got, tt.want) } + log.Info().Msgf("terraform is at %s", got) }) } @@ -698,7 +710,9 @@ func TestInitWithInvalidTerraformConfig(t *testing.T) { bad config } `) + err = os.WriteFile(filepath.Join(tempDir, "main.tf"), invalidConfig, 0o644) + if err != nil { t.Fatal(err) } @@ -707,6 +721,7 @@ func TestInitWithInvalidTerraformConfig(t *testing.T) { if err == nil { t.Error("Expected error for invalid terraform config, got nil") } + if modules != nil { t.Errorf("Expected nil modules for invalid config, got %v", modules) } @@ -725,6 +740,7 @@ func TestInitWithModulesJsonOnly(t *testing.T) { // Create .terraform/modules directory with only modules.json modulesDir := filepath.Join(tempDir, ".terraform", "modules") err = os.MkdirAll(modulesDir, 0o755) + if err != nil { t.Fatal(err) } @@ -738,6 +754,7 @@ func TestInitWithModulesJsonOnly(t *testing.T) { if err != nil { t.Errorf("Unexpected error: %v", err) } + if len(modules) != 0 { t.Errorf("Expected empty modules slice, got %v", modules) } @@ -756,11 +773,13 @@ func TestInitWithDSStoreOnly(t *testing.T) { // Create .terraform/modules directory with only .DS_Store modulesDir := filepath.Join(tempDir, ".terraform", "modules") err = os.MkdirAll(modulesDir, 0o755) + if err != nil { t.Fatal(err) } err = os.WriteFile(filepath.Join(modulesDir, ".DS_Store"), []byte{}, 0o644) + if err != nil { t.Fatal(err) } @@ -769,6 +788,7 @@ func TestInitWithDSStoreOnly(t *testing.T) { if err != nil { t.Errorf("Unexpected error: %v", err) } + if len(modules) != 0 { t.Errorf("Expected empty modules slice, got %v", modules) } @@ -778,12 +798,15 @@ func TestInitWithNonExistentDir(t *testing.T) { t.Parallel() tfPath, modules, err := pike.Init("/path/that/does/not/exist") + if err == nil { t.Error("Expected error for non-existent directory, got nil") } + if tfPath != nil { t.Errorf("Expected nil tfPath for non-existent directory, got %v", *tfPath) } + if modules != nil { t.Errorf("Expected nil modules for non-existent directory, got %v", modules) } diff --git a/src/schema/aws-acmpca-certificateauthority.json b/src/schema/aws-acmpca-certificateauthority.json index b5a4f0e9..36d5f411 100644 --- a/src/schema/aws-acmpca-certificateauthority.json +++ b/src/schema/aws-acmpca-certificateauthority.json @@ -388,7 +388,6 @@ }, "update": { "permissions": [ - "acm-pca:ListTags", "acm-pca:TagCertificateAuthority", "acm-pca:UntagCertificateAuthority", "acm-pca:UpdateCertificateAuthority" @@ -473,7 +472,6 @@ "/properties/Subject", "/properties/Subject", "/properties/CsrExtensions", - "/properties/Tags", "/properties/RevocationConfiguration", "/properties/KeyStorageSecurityStandard" ] diff --git a/src/schema/aws-apigateway-documentationversion.json b/src/schema/aws-apigateway-documentationversion.json index a842dc26..82ce6348 100644 --- a/src/schema/aws-apigateway-documentationversion.json +++ b/src/schema/aws-apigateway-documentationversion.json @@ -51,16 +51,16 @@ ], "properties": { "Description": { - "description": "A description about the new documentation snapshot.", + "description": "", "type": "string" }, "DocumentationVersion": { - "description": "The version identifier of the to-be-updated documentation version.", + "description": "", "minLength": 1, "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "minLength": 1, "type": "string" } diff --git a/src/schema/aws-apigateway-gatewayresponse.json b/src/schema/aws-apigateway-gatewayresponse.json index 9e882a9c..e13e7c06 100644 --- a/src/schema/aws-apigateway-gatewayresponse.json +++ b/src/schema/aws-apigateway-gatewayresponse.json @@ -55,7 +55,7 @@ }, "ResponseParameters": { "additionalProperties": false, - "description": "Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -65,7 +65,7 @@ }, "ResponseTemplates": { "additionalProperties": false, - "description": "Response templates of the GatewayResponse as a string-to-string map of key-value pairs.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -74,15 +74,15 @@ "type": "object" }, "ResponseType": { - "description": "The response type of the associated GatewayResponse.", + "description": "", "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" }, "StatusCode": { - "description": "The HTTP status code for this GatewayResponse.", + "description": "", "type": "string" } }, diff --git a/src/schema/aws-apigateway-method.json b/src/schema/aws-apigateway-method.json index 5c18070c..6bc96f38 100644 --- a/src/schema/aws-apigateway-method.json +++ b/src/schema/aws-apigateway-method.json @@ -11,7 +11,7 @@ "description": "``Integration`` is a property of the [AWS::ApiGateway::Method](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html) resource that specifies information about the target backend that a method calls.", "properties": { "CacheKeyParameters": { - "description": "A list of request parameters whose values API Gateway caches. To be valid values for ``cacheKeyParameters``, these parameters must also be specified for Method ``requestParameters``.", + "description": "", "items": { "type": "string" }, @@ -19,15 +19,15 @@ "uniqueItems": true }, "CacheNamespace": { - "description": "Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the ``cacheNamespace``. You can specify the same ``cacheNamespace`` across resources to return the same cached data for requests to different resources.", + "description": "", "type": "string" }, "ConnectionId": { - "description": "The ID of the VpcLink used for the integration when ``connectionType=VPC_LINK`` and undefined, otherwise.", + "description": "", "type": "string" }, "ConnectionType": { - "description": "The type of the network connection to the integration endpoint. The valid value is ``INTERNET`` for connections through the public routable internet or ``VPC_LINK`` for private connections between API Gateway and a network load balancer in a VPC. The default value is ``INTERNET``.", + "description": "", "enum": [ "INTERNET", "VPC_LINK" @@ -35,7 +35,7 @@ "type": "string" }, "ContentHandling": { - "description": "Specifies how to handle request payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the ``passthroughBehavior`` is configured to support payload pass-through.", + "description": "", "enum": [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" @@ -43,15 +43,15 @@ "type": "string" }, "Credentials": { - "description": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string ``arn:aws:iam::\\*:user/\\*``. To use resource-based permissions on supported AWS services, specify null.", + "description": "", "type": "string" }, "IntegrationHttpMethod": { - "description": "Specifies the integration's HTTP method type. For the Type property, if you specify ``MOCK``, this property is optional. For Lambda integrations, you must set the integration method to ``POST``. For all other types, you must specify this property.", + "description": "", "type": "string" }, "IntegrationResponses": { - "description": "Specifies the integration's responses.", + "description": "", "items": { "$ref": "#/definitions/IntegrationResponse" }, @@ -59,7 +59,7 @@ "uniqueItems": true }, "PassthroughBehavior": { - "description": "Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in ``requestTemplates``. The valid value is one of the following: ``WHEN_NO_MATCH``: passes the method request body through the integration request to the back end without transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request. ``WHEN_NO_TEMPLATES``: passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 Unsupported Media Type response. ``NEVER``: rejects the method request with an HTTP 415 Unsupported Media Type response when either the method request content type does not match any content type associated with the mapping templates defined in the integration request or no mapping template is defined in the integration request.", + "description": "", "enum": [ "WHEN_NO_MATCH", "WHEN_NO_TEMPLATES", @@ -69,7 +69,7 @@ }, "RequestParameters": { "additionalProperties": false, - "description": "A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` must be a valid and unique method request parameter name.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -79,7 +79,7 @@ }, "RequestTemplates": { "additionalProperties": false, - "description": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -88,12 +88,12 @@ "type": "object" }, "TimeoutInMillis": { - "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.", + "description": "", "minimum": 50, "type": "integer" }, "Type": { - "description": "Specifies an API method integration type. The valid value is one of the following:\n For the HTTP and HTTP proxy integrations, each integration can specify a protocol (``http/https``), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with a ``connectionType`` of ``VPC_LINK`` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.", + "description": "", "enum": [ "AWS", "AWS_PROXY", @@ -104,7 +104,7 @@ "type": "string" }, "Uri": { - "description": "Specifies Uniform Resource Identifier (URI) of the integration endpoint.\n For ``HTTP`` or ``HTTP_PROXY`` integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification for standard integrations. If ``connectionType`` is ``VPC_LINK`` specify the Network Load Balancer DNS name. For ``AWS`` or ``AWS_PROXY`` integrations, the URI is of the form ``arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}``. Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated AWS service (e.g., s3); and {subdomain} is a designated subdomain supported by certain AWS service for fast host-name lookup. action can be used for an AWS service action-based API, using an Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_api refers to the path to an AWS service resource, including the region of the integrated AWS service, if applicable. For example, for integration with the S3 API of GetObject, the uri can be either ``arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}`` or ``arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}``", + "description": "", "type": "string" } }, @@ -118,7 +118,7 @@ "description": "``IntegrationResponse`` is a property of the [Amazon API Gateway Method Integration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apitgateway-method-integration.html) property type that specifies the response that API Gateway sends after a method's backend finishes processing a request.", "properties": { "ContentHandling": { - "description": "Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.", + "description": "", "enum": [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" @@ -127,7 +127,7 @@ }, "ResponseParameters": { "additionalProperties": false, - "description": "A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where ``name`` is a valid and unique header name. The mapped non-static value must match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``name`` is a valid and unique response header name and ``JSON-expression`` is a valid JSON expression without the ``$`` prefix.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -137,7 +137,7 @@ }, "ResponseTemplates": { "additionalProperties": false, - "description": "Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -146,11 +146,11 @@ "type": "object" }, "SelectionPattern": { - "description": "Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the ``.+`` regex to match error response. However, make sure that the error response does not contain any newline (``\\n``) character in such cases. If the back end is an LAMlong function, the LAMlong function error header is matched. For all other HTTP and AWS back ends, the HTTP status code is matched.", + "description": "", "type": "string" }, "StatusCode": { - "description": "Specifies the status code that is used to map the integration response to an existing MethodResponse.", + "description": "", "type": "string" } }, @@ -161,11 +161,11 @@ }, "MethodResponse": { "additionalProperties": false, - "description": "Represents a method response of a given HTTP status code returned to the client. The method response is passed from the back end through the associated integration response that can be transformed using a mapping template.", + "description": "", "properties": { "ResponseModels": { "additionalProperties": false, - "description": "Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -175,7 +175,7 @@ }, "ResponseParameters": { "additionalProperties": false, - "description": "A key-value map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header and the value specifies whether the associated method response header is required or not. The expression of the key must match the pattern ``method.response.header.{name}``, where ``name`` is a valid and unique header name. API Gateway passes certain integration response data to the method response headers specified here according to the mapping you prescribe in the API's IntegrationResponse. The integration response data that can be mapped include an integration response header expressed in ``integration.response.header.{name}``, a static value enclosed within a pair of single quotes (e.g., ``'application/json'``), or a JSON expression from the back-end response payload in the form of ``integration.response.body.{JSON-expression}``, where ``JSON-expression`` is a valid JSON expression without the ``$`` prefix.)", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": [ @@ -187,7 +187,7 @@ "type": "object" }, "StatusCode": { - "description": "The method response's status code.", + "description": "", "type": "string" } }, @@ -232,11 +232,11 @@ ], "properties": { "ApiKeyRequired": { - "description": "A boolean flag specifying whether a valid ApiKey is required to invoke this method.", + "description": "", "type": "boolean" }, "AuthorizationScopes": { - "description": "A list of authorization scopes configured on the method. The scopes are used with a ``COGNITO_USER_POOLS`` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide an access token instead of an identity token for authorization purposes.", + "description": "", "items": { "type": "string" }, @@ -247,19 +247,19 @@ "type": "string" }, "AuthorizerId": { - "description": "The identifier of an authorizer to use on this method. The method's authorization type must be ``CUSTOM`` or ``COGNITO_USER_POOLS``.", + "description": "", "type": "string" }, "HttpMethod": { - "description": "The method's HTTP verb.", + "description": "", "type": "string" }, "Integration": { "$ref": "#/definitions/Integration", - "description": "Represents an ``HTTP``, ``HTTP_PROXY``, ``AWS``, ``AWS_PROXY``, or Mock integration." + "description": "" }, "MethodResponses": { - "description": "Gets a method response associated with a given HTTP status code.", + "description": "", "items": { "$ref": "#/definitions/MethodResponse" }, @@ -267,12 +267,12 @@ "uniqueItems": true }, "OperationName": { - "description": "A human-friendly operation identifier for the method. For example, you can assign the ``operationName`` of ``ListPets`` for the ``GET /pets`` method in the ``PetStore`` example.", + "description": "", "type": "string" }, "RequestModels": { "additionalProperties": false, - "description": "A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -282,7 +282,7 @@ }, "RequestParameters": { "additionalProperties": false, - "description": "A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A key is a method request parameter name matching the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` is a valid and unique parameter name. The value associated with the key is a Boolean flag indicating whether the parameter is required (``true``) or optional (``false``). The method request parameter names defined here are available in Integration to be mapped to integration request parameters or templates.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": [ @@ -294,15 +294,15 @@ "type": "object" }, "RequestValidatorId": { - "description": "The identifier of a RequestValidator for request validation.", + "description": "", "type": "string" }, "ResourceId": { - "description": "The Resource identifier for the MethodResponse resource.", + "description": "", "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" } }, diff --git a/src/schema/aws-apigateway-model.json b/src/schema/aws-apigateway-model.json index ff4e1068..f8c56f2c 100644 --- a/src/schema/aws-apigateway-model.json +++ b/src/schema/aws-apigateway-model.json @@ -52,11 +52,11 @@ ], "properties": { "ContentType": { - "description": "The content-type for the model.", + "description": "", "type": "string" }, "Description": { - "description": "The description of the model.", + "description": "", "type": "string" }, "Name": { @@ -64,11 +64,11 @@ "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" }, "Schema": { - "description": "The schema for the model. For ``application/json`` models, this should be JSON schema draft 4 model. Do not include \"\\*/\" characters in the description of any properties because such \"\\*/\" characters may be interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the installation of your API's SDK generated by API Gateway to fail.", + "description": "", "type": [ "object", "string" diff --git a/src/schema/aws-apigateway-requestvalidator.json b/src/schema/aws-apigateway-requestvalidator.json index 87a5b93d..5c7e1b27 100644 --- a/src/schema/aws-apigateway-requestvalidator.json +++ b/src/schema/aws-apigateway-requestvalidator.json @@ -50,7 +50,7 @@ ], "properties": { "Name": { - "description": "The name of this RequestValidator", + "description": "", "type": "string" }, "RequestValidatorId": { @@ -58,15 +58,15 @@ "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" }, "ValidateRequestBody": { - "description": "A Boolean flag to indicate whether to validate a request body according to the configured Model schema.", + "description": "", "type": "boolean" }, "ValidateRequestParameters": { - "description": "A Boolean flag to indicate whether to validate request parameters (``true``) or not (``false``).", + "description": "", "type": "boolean" } }, diff --git a/src/schema/aws-apigateway-resource.json b/src/schema/aws-apigateway-resource.json index 7df63637..51e5387a 100644 --- a/src/schema/aws-apigateway-resource.json +++ b/src/schema/aws-apigateway-resource.json @@ -50,11 +50,11 @@ ], "properties": { "ParentId": { - "description": "The parent resource's identifier.", + "description": "", "type": "string" }, "PathPart": { - "description": "The last path segment for this resource.", + "description": "", "type": "string" }, "ResourceId": { @@ -62,7 +62,7 @@ "type": "string" }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" } }, diff --git a/src/schema/aws-apigateway-restapi.json b/src/schema/aws-apigateway-restapi.json index 41f97919..eadc0128 100644 --- a/src/schema/aws-apigateway-restapi.json +++ b/src/schema/aws-apigateway-restapi.json @@ -6,7 +6,7 @@ "description": "The ``EndpointConfiguration`` property type specifies the endpoint types of a REST API.\n ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource.", "properties": { "Types": { - "description": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is ``\"EDGE\"``. For a regional API and its custom domain name, the endpoint type is ``REGIONAL``. For a private API, the endpoint type is ``PRIVATE``.", + "description": "", "items": { "type": "string" }, @@ -14,7 +14,7 @@ "uniqueItems": true }, "VpcEndpointIds": { - "description": "A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for ``PRIVATE`` endpoint type.", + "description": "", "items": { "relationshipRef": { "propertyPath": "/properties/Id", @@ -118,11 +118,11 @@ ], "properties": { "ApiKeySourceType": { - "description": "The source of the API key for metering requests according to a usage plan. Valid values are: ``HEADER`` to read the API key from the ``X-API-Key`` header of a request. ``AUTHORIZER`` to read the API key from the ``UsageIdentifierKey`` from a custom authorizer.", + "description": "", "type": "string" }, "BinaryMediaTypes": { - "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.", + "description": "", "items": { "type": "string" }, @@ -141,15 +141,15 @@ "description": "The Amazon Simple Storage Service (Amazon S3) location that points to an OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format." }, "CloneFrom": { - "description": "The ID of the RestApi that you want to clone from.", + "description": "", "type": "string" }, "Description": { - "description": "The description of the RestApi.", + "description": "", "type": "string" }, "DisableExecuteApiEndpoint": { - "description": "Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default ``https://{api_id}.execute-api.{region}.amazonaws.com`` endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint", + "description": "", "type": "boolean" }, "EndpointConfiguration": { @@ -157,11 +157,11 @@ "description": "A list of the endpoint types of the API. Use this property when creating an API. When importing an existing API, specify the endpoint configuration types using the ``Parameters`` property." }, "FailOnWarnings": { - "description": "A query parameter to indicate whether to rollback the API update (``true``) or not (``false``) when a warning is encountered. The default value is ``false``.", + "description": "", "type": "boolean" }, "MinimumCompressionSize": { - "description": "A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.", + "description": "", "type": "integer" }, "Mode": { @@ -174,7 +174,7 @@ }, "Parameters": { "additionalProperties": false, - "description": "Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API, set ``ignore=documentation`` as a ``parameters`` value, as in the AWS CLI command of ``aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'``.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -201,7 +201,7 @@ "type": "string" }, "Tags": { - "description": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters.", + "description": "", "items": { "$ref": "#/definitions/Tag" }, diff --git a/src/schema/aws-apigateway-stage.json b/src/schema/aws-apigateway-stage.json index 8c476a32..6f7e607d 100644 --- a/src/schema/aws-apigateway-stage.json +++ b/src/schema/aws-apigateway-stage.json @@ -22,21 +22,21 @@ }, "CanarySetting": { "additionalProperties": false, - "description": "Configuration settings of a canary deployment.", + "description": "", "properties": { "DeploymentId": { - "description": "The ID of the canary deployment.", + "description": "", "type": "string" }, "PercentTraffic": { - "description": "The percent (0-100) of traffic diverted to a canary deployment.", + "description": "", "maximum": 100, "minimum": 0, "type": "number" }, "StageVariableOverrides": { "additionalProperties": false, - "description": "Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values.", + "description": "", "patternProperties": { "[a-zA-Z0-9]+": { "type": "string" @@ -45,7 +45,7 @@ "type": "object" }, "UseStageCache": { - "description": "A Boolean flag to indicate whether the canary deployment uses the stage cache or not.", + "description": "", "type": "boolean" } }, @@ -56,19 +56,19 @@ "description": "The ``MethodSetting`` property type configures settings for all methods in a stage.\n The ``MethodSettings`` property of the ``AWS::ApiGateway::Stage`` resource contains a list of ``MethodSetting`` property types.", "properties": { "CacheDataEncrypted": { - "description": "Specifies whether the cached responses are encrypted.", + "description": "", "type": "boolean" }, "CacheTtlInSeconds": { - "description": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.", + "description": "", "type": "integer" }, "CachingEnabled": { - "description": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.", + "description": "", "type": "boolean" }, "DataTraceEnabled": { - "description": "Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs.", + "description": "", "type": "boolean" }, "HttpMethod": { @@ -76,11 +76,11 @@ "type": "string" }, "LoggingLevel": { - "description": "Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are ``OFF``, ``ERROR``, and ``INFO``. Choose ``ERROR`` to write only error-level entries to CloudWatch Logs, or choose ``INFO`` to include all ``ERROR`` events as well as extra informational events.", + "description": "", "type": "string" }, "MetricsEnabled": { - "description": "Specifies whether Amazon CloudWatch metrics are enabled for this method.", + "description": "", "type": "boolean" }, "ResourcePath": { @@ -88,12 +88,12 @@ "type": "string" }, "ThrottlingBurstLimit": { - "description": "Specifies the throttling burst limit.", + "description": "", "minimum": 0, "type": "integer" }, "ThrottlingRateLimit": { - "description": "Specifies the throttling rate limit.", + "description": "", "minimum": 0, "type": "number" } @@ -175,38 +175,38 @@ "properties": { "AccessLogSetting": { "$ref": "#/definitions/AccessLogSetting", - "description": "Access log settings, including the access log format and access log destination ARN." + "description": "" }, "CacheClusterEnabled": { - "description": "Specifies whether a cache cluster is enabled for the stage.", + "description": "", "type": "boolean" }, "CacheClusterSize": { - "description": "The stage's cache capacity in GB. For more information about choosing a cache size, see [Enabling API caching to enhance responsiveness](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html).", + "description": "", "type": "string" }, "CanarySetting": { "$ref": "#/definitions/CanarySetting", - "description": "Settings for the canary deployment in this stage." + "description": "" }, "ClientCertificateId": { - "description": "The identifier of a client certificate for an API stage.", + "description": "", "type": "string" }, "DeploymentId": { - "description": "The identifier of the Deployment that the stage points to.", + "description": "", "type": "string" }, "Description": { - "description": "The stage's description.", + "description": "", "type": "string" }, "DocumentationVersion": { - "description": "The version of the associated API documentation.", + "description": "", "type": "string" }, "MethodSettings": { - "description": "A map that defines the method settings for a Stage resource. Keys (designated as ``/{method_setting_key`` below) are method paths defined as ``{resource_path}/{http_method}`` for an individual method override, or ``/\\*/\\*`` for overriding all methods in the stage.", + "description": "", "insertionOrder": false, "items": { "$ref": "#/definitions/MethodSetting" @@ -215,15 +215,15 @@ "uniqueItems": true }, "RestApiId": { - "description": "The string identifier of the associated RestApi.", + "description": "", "type": "string" }, "StageName": { - "description": "The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.", + "description": "", "type": "string" }, "Tags": { - "description": "The collection of tags. Each tag element is associated with a given resource.", + "description": "", "insertionOrder": false, "items": { "$ref": "#/definitions/Tag" @@ -232,7 +232,7 @@ "uniqueItems": false }, "TracingEnabled": { - "description": "Specifies whether active tracing with X-ray is enabled for the Stage.", + "description": "", "type": "boolean" }, "Variables": { diff --git a/src/schema/aws-apigateway-usageplan.json b/src/schema/aws-apigateway-usageplan.json index 38a13121..e7a05d7b 100644 --- a/src/schema/aws-apigateway-usageplan.json +++ b/src/schema/aws-apigateway-usageplan.json @@ -3,19 +3,19 @@ "definitions": { "ApiStage": { "additionalProperties": false, - "description": "API stage name of the associated API stage in a usage plan.", + "description": "", "properties": { "ApiId": { - "description": "API Id of the associated API stage in a usage plan.", + "description": "", "type": "string" }, "Stage": { - "description": "API stage name of the associated API stage in a usage plan.", + "description": "", "type": "string" }, "Throttle": { "additionalProperties": false, - "description": "Map containing method level throttling information for API stage in a usage plan.", + "description": "", "patternProperties": { ".*": { "$ref": "#/definitions/ThrottleSettings" @@ -31,17 +31,17 @@ "description": "``QuotaSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies a target for the maximum number of requests users can make to your REST APIs.\n In some cases clients can exceed the targets that you set. Don\u2019t rely on usage plans to control costs. Consider using [](https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-managing-costs.html) to monitor costs and [](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) to manage API requests.", "properties": { "Limit": { - "description": "The target maximum number of requests that can be made in a given time period.", + "description": "", "minimum": 0, "type": "integer" }, "Offset": { - "description": "The number of requests subtracted from the given limit in the initial time period.", + "description": "", "minimum": 0, "type": "integer" }, "Period": { - "description": "The time period in which the limit applies. Valid values are \"DAY\", \"WEEK\" or \"MONTH\".", + "description": "", "type": "string" } }, @@ -75,12 +75,12 @@ "description": "``ThrottleSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies the overall request rate (average requests per second) and burst capacity when users call your REST APIs.", "properties": { "BurstLimit": { - "description": "The API target request burst rate limit. This allows more requests through for a period of time than the target rate limit.", + "description": "", "minimum": 0, "type": "integer" }, "RateLimit": { - "description": "The API target request rate limit.", + "description": "", "minimum": 0, "type": "number" } @@ -128,7 +128,7 @@ ], "properties": { "ApiStages": { - "description": "The associated API stages of a usage plan.", + "description": "", "items": { "$ref": "#/definitions/ApiStage" }, @@ -136,7 +136,7 @@ "uniqueItems": true }, "Description": { - "description": "The description of a usage plan.", + "description": "", "type": "string" }, "Id": { @@ -145,10 +145,10 @@ }, "Quota": { "$ref": "#/definitions/QuotaSettings", - "description": "The target maximum number of permitted requests per a given unit time interval." + "description": "" }, "Tags": { - "description": "The collection of tags. Each tag element is associated with a given resource.", + "description": "", "insertionOrder": false, "items": { "$ref": "#/definitions/Tag" @@ -158,10 +158,10 @@ }, "Throttle": { "$ref": "#/definitions/ThrottleSettings", - "description": "A map containing method level throttling information for API stage in a usage plan." + "description": "" }, "UsagePlanName": { - "description": "The name of a usage plan.", + "description": "", "type": "string" } }, diff --git a/src/schema/aws-apigateway-usageplankey.json b/src/schema/aws-apigateway-usageplankey.json index 74cf3f2b..f1922f9b 100644 --- a/src/schema/aws-apigateway-usageplankey.json +++ b/src/schema/aws-apigateway-usageplankey.json @@ -53,7 +53,7 @@ "type": "string" }, "KeyType": { - "description": "The type of a UsagePlanKey resource for a plan customer.", + "description": "", "enum": [ "API_KEY" ], diff --git a/src/schema/aws-apigateway-vpclink.json b/src/schema/aws-apigateway-vpclink.json index 746a11d9..1d99f642 100644 --- a/src/schema/aws-apigateway-vpclink.json +++ b/src/schema/aws-apigateway-vpclink.json @@ -81,11 +81,11 @@ ], "properties": { "Description": { - "description": "The description of the VPC link.", + "description": "", "type": "string" }, "Name": { - "description": "The name used to label and identify the VPC link.", + "description": "", "type": "string" }, "Tags": { @@ -98,7 +98,7 @@ "uniqueItems": true }, "TargetArns": { - "description": "The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS-account of the API owner.", + "description": "", "insertionOrder": false, "items": { "type": "string" diff --git a/src/schema/aws-appflow-flow.json b/src/schema/aws-appflow-flow.json index 46e54714..bd072064 100644 --- a/src/schema/aws-appflow-flow.json +++ b/src/schema/aws-appflow-flow.json @@ -1659,6 +1659,7 @@ }, "update": { "permissions": [ + "appflow:DescribeFlow", "appflow:UpdateFlow", "appflow:StartFlow", "appflow:StopFlow", @@ -1762,7 +1763,13 @@ "sourceUrl": "https://docs.aws.amazon.com/appflow/latest/userguide/what-is-appflow.html", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "appflow:TagResource", + "appflow:UntagResource", + "appflow:ListTagsForResource" + ], "tagOnCreate": true, + "tagProperty": "/properties/Tags", "tagUpdatable": false, "taggable": true }, diff --git a/src/schema/aws-aps-rulegroupsnamespace.json b/src/schema/aws-aps-rulegroupsnamespace.json index e8b5e492..9f4f6a97 100644 --- a/src/schema/aws-aps-rulegroupsnamespace.json +++ b/src/schema/aws-aps-rulegroupsnamespace.json @@ -121,6 +121,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "aps:TagResource", + "aps:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-aps-scraper.json b/src/schema/aws-aps-scraper.json index 226d8321..ec8c3613 100644 --- a/src/schema/aws-aps-scraper.json +++ b/src/schema/aws-aps-scraper.json @@ -33,6 +33,21 @@ }, "type": "object" }, + "RoleConfiguration": { + "additionalProperties": false, + "description": "Role configuration", + "properties": { + "SourceRoleArn": { + "description": "IAM Role in source account", + "type": "string" + }, + "TargetRoleArn": { + "description": "IAM Role in the target account", + "type": "string" + } + }, + "type": "object" + }, "ScrapeConfiguration": { "additionalProperties": false, "description": "Scraper configuration", @@ -144,7 +159,8 @@ "eks:DescribeCluster", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", - "iam:CreateServiceLinkedRole" + "iam:CreateServiceLinkedRole", + "iam:PassRole" ] }, "delete": { @@ -179,7 +195,8 @@ "aps:DescribeWorkspace", "aps:TagResource", "aps:UntagResource", - "aps:ListTagsForResource" + "aps:ListTagsForResource", + "iam:PassRole" ] } }, @@ -209,6 +226,9 @@ "pattern": "^arn:(aws|aws-us-gov|aws-cn):iam::[0-9]{12}:role/[a-zA-Z0-9-]+$", "type": "string" }, + "RoleConfiguration": { + "$ref": "#/definitions/RoleConfiguration" + }, "ScrapeConfiguration": { "$ref": "#/definitions/ScrapeConfiguration" }, @@ -245,6 +265,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "aps:TagResource", + "aps:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-aps-workspace.json b/src/schema/aws-aps-workspace.json index 2742ede9..c4b3a3c7 100644 --- a/src/schema/aws-aps-workspace.json +++ b/src/schema/aws-aps-workspace.json @@ -167,6 +167,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "aps:TagResource", + "aps:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-athena-datacatalog.json b/src/schema/aws-athena-datacatalog.json index 1adfb140..82c755b8 100644 --- a/src/schema/aws-athena-datacatalog.json +++ b/src/schema/aws-athena-datacatalog.json @@ -47,7 +47,7 @@ }, "list": { "permissions": [ - "athena:ListDataCatalog" + "athena:ListDataCatalogs" ] }, "read": { diff --git a/src/schema/aws-backupgateway-hypervisor.json b/src/schema/aws-backupgateway-hypervisor.json index ed4e3e7a..14f9d6ba 100644 --- a/src/schema/aws-backupgateway-hypervisor.json +++ b/src/schema/aws-backupgateway-hypervisor.json @@ -50,6 +50,7 @@ "handlers": { "create": { "permissions": [ + "backup-gateway:ListTagsForResource", "backup-gateway:ImportHypervisorConfiguration", "backup-gateway:GetHypervisor", "backup-gateway:ListHypervisors", @@ -74,7 +75,8 @@ "read": { "permissions": [ "backup-gateway:GetHypervisor", - "backup-gateway:ListHypervisors" + "backup-gateway:ListHypervisors", + "backup-gateway:ListTagsForResource" ] }, "update": { @@ -83,7 +85,8 @@ "backup-gateway:GetHypervisor", "backup-gateway:ListHypervisors", "backup-gateway:ImportHypervisorConfiguration", - "backup-gateway:DeleteHypervisor" + "backup-gateway:DeleteHypervisor", + "backup-gateway:ListTagsForResource" ] } }, @@ -145,6 +148,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "backup-gateway:UntagResource", + "backup-gateway:TagResource", + "backup-gateway:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": false, @@ -156,7 +164,6 @@ "/properties/LogGroupArn", "/properties/Name", "/properties/Password", - "/properties/Tags", "/properties/Username" ] } diff --git a/src/schema/aws-batch-jobdefinition.json b/src/schema/aws-batch-jobdefinition.json index a92b3141..8377fc92 100644 --- a/src/schema/aws-batch-jobdefinition.json +++ b/src/schema/aws-batch-jobdefinition.json @@ -369,6 +369,9 @@ }, "ReadOnly": { "type": "boolean" + }, + "SubPath": { + "type": "string" } }, "type": "object" @@ -397,6 +400,15 @@ "EksMetadata": { "additionalProperties": false, "properties": { + "Annotations": { + "additionalProperties": false, + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, "Labels": { "additionalProperties": false, "patternProperties": { @@ -405,10 +417,28 @@ } }, "type": "object" + }, + "Namespace": { + "type": "string" } }, "type": "object" }, + "EksPersistentVolumeClaim": { + "additionalProperties": false, + "properties": { + "ClaimName": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + } + }, + "required": [ + "ClaimName" + ], + "type": "object" + }, "EksPodProperties": { "additionalProperties": false, "properties": { @@ -498,6 +528,9 @@ "Name": { "type": "string" }, + "PersistentVolumeClaim": { + "$ref": "#/definitions/EksPersistentVolumeClaim" + }, "Secret": { "$ref": "#/definitions/EksSecret" } diff --git a/src/schema/aws-bedrock-knowledgebase.json b/src/schema/aws-bedrock-knowledgebase.json index 729fc196..b423d937 100644 --- a/src/schema/aws-bedrock-knowledgebase.json +++ b/src/schema/aws-bedrock-knowledgebase.json @@ -36,6 +36,14 @@ "maximum": 4096, "minimum": 0, "type": "integer" + }, + "EmbeddingDataType": { + "description": "The data type for the vectors when using a model to convert text into vector embeddings.", + "enum": [ + "FLOAT32", + "BINARY" + ], + "type": "string" } }, "type": "object" diff --git a/src/schema/aws-budgets-budgetsaction.json b/src/schema/aws-budgets-budgetsaction.json index bea8fa86..85d6313d 100644 --- a/src/schema/aws-budgets-budgetsaction.json +++ b/src/schema/aws-budgets-budgetsaction.json @@ -271,6 +271,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "budgets:TagResource", + "budgets:UntagResource", + "budgets:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/ResourceTags", "tagUpdatable": true, diff --git a/src/schema/aws-cloudformation-publictypeversion.json b/src/schema/aws-cloudformation-publictypeversion.json index c0770b85..a9bfc6ef 100644 --- a/src/schema/aws-cloudformation-publictypeversion.json +++ b/src/schema/aws-cloudformation-publictypeversion.json @@ -74,10 +74,10 @@ "type": "string" }, "PublisherId": { - "description": "The publisher id assigned by CloudFormation for publishing in this region.", + "description": "The reserved publisher id for this type, or the publisher id assigned by CloudFormation for publishing in this region.", "maxLength": 40, "minLength": 1, - "pattern": "[0-9a-zA-Z-]{40}", + "pattern": "[0-9a-zA-Z-]{1,40}", "type": "string" }, "Type": { diff --git a/src/schema/aws-cloudformation-publisher.json b/src/schema/aws-cloudformation-publisher.json index 1a498076..536ec04c 100644 --- a/src/schema/aws-cloudformation-publisher.json +++ b/src/schema/aws-cloudformation-publisher.json @@ -51,10 +51,10 @@ "type": "string" }, "PublisherId": { - "description": "The publisher id assigned by CloudFormation for publishing in this region.", + "description": "The reserved publisher id for this type, or the publisher id assigned by CloudFormation for publishing in this region.", "maxLength": 40, "minLength": 1, - "pattern": "[0-9a-zA-Z-]{40}", + "pattern": "[0-9a-zA-Z-]{1,40}", "type": "string" }, "PublisherProfile": { diff --git a/src/schema/aws-cloudformation-typeactivation.json b/src/schema/aws-cloudformation-typeactivation.json index a110a64d..3af6f678 100644 --- a/src/schema/aws-cloudformation-typeactivation.json +++ b/src/schema/aws-cloudformation-typeactivation.json @@ -105,10 +105,10 @@ "type": "string" }, "PublisherId": { - "description": "The publisher id assigned by CloudFormation for publishing in this region.", + "description": "The reserved publisher id for this type, or the publisher id assigned by CloudFormation for publishing in this region.", "maxLength": 40, "minLength": 1, - "pattern": "[0-9a-zA-Z-]{40}", + "pattern": "[0-9a-zA-Z-]{1,40}", "type": "string" }, "Type": { diff --git a/src/schema/aws-cloudfront-distribution.json b/src/schema/aws-cloudfront-distribution.json index 8583b765..40f81bec 100644 --- a/src/schema/aws-cloudfront-distribution.json +++ b/src/schema/aws-cloudfront-distribution.json @@ -729,6 +729,10 @@ "S3OriginConfig": { "$ref": "#/definitions/S3OriginConfig", "description": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the ``CustomOriginConfig`` type instead." + }, + "VpcOriginConfig": { + "$ref": "#/definitions/VpcOriginConfig", + "description": "" } }, "required": [ @@ -973,6 +977,27 @@ } }, "type": "object" + }, + "VpcOriginConfig": { + "additionalProperties": false, + "description": "", + "properties": { + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "VpcOriginId": { + "type": "string" + } + }, + "required": [ + "VpcOriginId" + ], + "type": "object" } }, "deprecatedProperties": [ diff --git a/src/schema/aws-cloudfront-vpcorigin.json b/src/schema/aws-cloudfront-vpcorigin.json new file mode 100644 index 00000000..b11a07cd --- /dev/null +++ b/src/schema/aws-cloudfront-vpcorigin.json @@ -0,0 +1,164 @@ +{ + "additionalProperties": false, + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "VpcOriginEndpointConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "Name": { + "type": "string" + }, + "OriginProtocolPolicy": { + "default": "match-viewer", + "type": "string" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Name", + "Arn" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::CloudFront::VpcOrigin", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateVpcOrigin", + "cloudfront:GetVpcOrigin", + "cloudfront:TagResource", + "ec2:DescribeInstances", + "elasticloadbalancing:DescribeLoadBalancers", + "ec2:DescribeInternetGateways", + "iam:CreateServiceLinkedRole", + "sts:AssumeRole" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteVpcOrigin", + "cloudfront:GetVpcOrigin", + "elasticloadbalancing:DescribeLoadBalancers", + "ec2:DescribeInstances", + "ec2:DescribeInternetGateways", + "iam:CreateServiceLinkedRole", + "sts:AssumeRole" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListVpcOrigins" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetVpcOrigin", + "cloudfront:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "cloudfront:UpdateVpcOrigin", + "cloudfront:GetVpcOrigin", + "cloudfront:TagResource", + "ec2:DescribeInstances", + "cloudfront:UntagResource", + "cloudfront:ListTagsForResource", + "elasticloadbalancing:DescribeLoadBalancers", + "ec2:DescribeInternetGateways", + "iam:CreateServiceLinkedRole", + "sts:AssumeRole" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Arn": { + "type": "string" + }, + "CreatedTime": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "LastModifiedTime": { + "type": "string" + }, + "Status": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "VpcOriginEndpointConfig": { + "$ref": "#/definitions/VpcOriginEndpointConfig" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/Status", + "/properties/CreatedTime", + "/properties/LastModifiedTime" + ], + "required": [ + "VpcOriginEndpointConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "permissions": [ + "cloudfront:TagResource", + "cloudfront:UntagResource", + "cloudfront:ListTagsForResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::CloudFront::VpcOrigin" +} diff --git a/src/schema/aws-cloudwatch-metricstream.json b/src/schema/aws-cloudwatch-metricstream.json index cdee013c..92ccc3d3 100644 --- a/src/schema/aws-cloudwatch-metricstream.json +++ b/src/schema/aws-cloudwatch-metricstream.json @@ -149,7 +149,8 @@ }, "read": { "permissions": [ - "cloudwatch:GetMetricStream" + "cloudwatch:GetMetricStream", + "cloudwatch:ListTagsForResource" ] }, "update": { @@ -274,9 +275,17 @@ "/properties/State" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudwatch.git", - "taggable": true, - "typeName": "AWS::CloudWatch::MetricStream", - "writeOnlyProperties": [ - "/properties/Tags" - ] + "tagging": { + "cloudFormationSystemTags": false, + "permissions": [ + "cloudwatch:TagResource", + "cloudwatch:UntagResource", + "cloudwatch:ListTagsForResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::CloudWatch::MetricStream" } diff --git a/src/schema/aws-codeconnections-connection.json b/src/schema/aws-codeconnections-connection.json index 3e7d7bb5..50281def 100644 --- a/src/schema/aws-codeconnections-connection.json +++ b/src/schema/aws-codeconnections-connection.json @@ -122,6 +122,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codeconnections.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "codeconnections:TagResource", + "codeconnections:ListTagsForResource", + "codeconnections:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-codestarconnections-connection.json b/src/schema/aws-codestarconnections-connection.json index a60f99d7..02c935db 100644 --- a/src/schema/aws-codestarconnections-connection.json +++ b/src/schema/aws-codestarconnections-connection.json @@ -122,6 +122,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codestarconnections.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "codestar-connections:TagResource", + "codestar-connections:ListTagsForResource", + "codestar-connections:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-comprehend-flywheel.json b/src/schema/aws-comprehend-flywheel.json index 5287ef47..412aba1b 100644 --- a/src/schema/aws-comprehend-flywheel.json +++ b/src/schema/aws-comprehend-flywheel.json @@ -276,6 +276,10 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "comprehend:TagResource", + "comprehend:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-config-configrule.json b/src/schema/aws-config-configrule.json index 63254195..7d86463d 100644 --- a/src/schema/aws-config-configrule.json +++ b/src/schema/aws-config-configrule.json @@ -116,7 +116,7 @@ "type": "object" } }, - "description": "You must first create and start the CC configuration recorder in order to create CC managed rules with CFNlong. For more information, see [Managing the Configuration Recorder](https://docs.aws.amazon.com/config/latest/developerguide/stop-start-recorder.html).\n Adds or updates an CC rule to evaluate if your AWS resources comply with your desired configurations. For information on how many CC rules you can have per account, see [Service Limits](https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html) in the *Developer Guide*.\n There are two types of rules: *Managed Rules* and *Custom Rules*. You can use the ``ConfigRule`` resource to create both CC Managed Rules and CC Custom Rules.\n CC Managed Rules are predefined, customizable rules created by CC. For a list of managed rules, see [List of Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html). If you are adding an CC managed rule, you must specify the rule's identifier for the ``SourceIdentifier`` key.\n CC Custom Rules are rules that you create from scratch. There are two ways to create CC custom rules: with Lambda functions ([Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/gettingstarted-concepts.html#gettingstarted-concepts-function)) and with CFNGUARDshort ([Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard)), a policy-as-code language. CC custom rules created with LAMlong are called *Custom Lambda Rules* and CC custom rules created with CFNGUARDshort are called *Custom Policy Rules*.\n If you are adding a new CC Custom LAM rule, you first need to create an LAMlong function that the rule invokes to evaluate your resources. When you use the ``ConfigRule`` resource to add a Custom LAM rule to CC, you must specify the Amazon Resource Name (ARN) that LAMlong assigns to the function. You specify the ARN in the ``SourceIdentifier`` key. This key is part of the ``Source`` object, which is part of the ``ConfigRule`` object. \n For any new CC rule that you add, specify the ``ConfigRuleName`` in the ``ConfigRule`` object. Do not specify the ``ConfigRuleArn`` or the ``ConfigRuleId``. These values are generated by CC for new rules.\n If you are updating a rule that you added previously, you can specify the rule by ``ConfigRuleName``, ``ConfigRuleId``, or ``ConfigRuleArn`` in the ``ConfigRule`` data type that you use in this request.\n For more information about developing and using CC rules, see [Evaluating Resources with Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) in the *Developer Guide*.", + "description": "You must first create and start the CC configuration recorder in order to create CC managed rules with CFNlong. For more information, see [Managing the Configuration Recorder](https://docs.aws.amazon.com/config/latest/developerguide/stop-start-recorder.html).\n Adds or updates an CC rule to evaluate if your AWS resources comply with your desired configurations. For information on how many CC rules you can have per account, see [Service Limits](https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html) in the *Developer Guide*.\n There are two types of rules: *Managed Rules* and *Custom Rules*. You can use the ``ConfigRule`` resource to create both CC Managed Rules and CC Custom Rules.\n CC Managed Rules are predefined, customizable rules created by CC. For a list of managed rules, see [List of Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html). If you are adding an CC managed rule, you must specify the rule's identifier for the ``SourceIdentifier`` key.\n CC Custom Rules are rules that you create from scratch. There are two ways to create CC custom rules: with Lambda functions ([Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/gettingstarted-concepts.html#gettingstarted-concepts-function)) and with CFNGUARDshort ([Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard)), a policy-as-code language. CC custom rules created with LAMlong are called *Custom Lambda Rules* and CC custom rules created with CFNGUARDshort are called *Custom Policy Rules*.\n If you are adding a new CC Custom LAM rule, you first need to create an LAMlong function that the rule invokes to evaluate your resources. When you use the ``ConfigRule`` resource to add a Custom LAM rule to CC, you must specify the Amazon Resource Name (ARN) that LAMlong assigns to the function. You specify the ARN in the ``SourceIdentifier`` key. This key is part of the ``Source`` object, which is part of the ``ConfigRule`` object. \n For any new CC rule that you add, specify the ``ConfigRuleName`` in the ``ConfigRule`` object. Do not specify the ``ConfigRuleArn`` or the ``ConfigRuleId``. These values are generated by CC for new rules.\n If you are updating a rule that you added previously, you can specify the rule by ``ConfigRuleName``, ``ConfigRuleId``, or ``ConfigRuleArn`` in the ``ConfigRule`` data type that you use in this request.\n For more information about developing and using CC rules, see [Evaluating Resources with Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) in the *Developer Guide*.", "handlers": { "create": { "permissions": [ diff --git a/src/schema/aws-connect-instance.json b/src/schema/aws-connect-instance.json index 29bf212a..d25c32fe 100644 --- a/src/schema/aws-connect-instance.json +++ b/src/schema/aws-connect-instance.json @@ -226,6 +226,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "connect:ListTagsForResource", + "connect:UntagResource", + "connect:TagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-connect-phonenumber.json b/src/schema/aws-connect-phonenumber.json index 776bc1dd..dc2df28e 100644 --- a/src/schema/aws-connect-phonenumber.json +++ b/src/schema/aws-connect-phonenumber.json @@ -40,7 +40,9 @@ "connect:DescribePhoneNumber", "connect:TagResource", "connect:ImportPhoneNumber", - "sms-voice:DescribePhoneNumbers" + "sms-voice:DescribePhoneNumbers", + "social-messaging:GetLinkedWhatsAppBusinessAccountPhoneNumber", + "social-messaging:TagResource" ] }, "delete": { diff --git a/src/schema/aws-connect-quickconnect.json b/src/schema/aws-connect-quickconnect.json index 1005166e..398ccfca 100644 --- a/src/schema/aws-connect-quickconnect.json +++ b/src/schema/aws-connect-quickconnect.json @@ -228,6 +228,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "connect:TagResource", + "connect:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-connect-securityprofile.json b/src/schema/aws-connect-securityprofile.json index b53d35b6..8aa4edd5 100644 --- a/src/schema/aws-connect-securityprofile.json +++ b/src/schema/aws-connect-securityprofile.json @@ -235,6 +235,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "connect:TagResource", + "connect:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-datazone-datasource.json b/src/schema/aws-datazone-datasource.json index f0aac79b..2108dbb8 100644 --- a/src/schema/aws-datazone-datasource.json +++ b/src/schema/aws-datazone-datasource.json @@ -1,6 +1,7 @@ { "additionalProperties": false, "createOnlyProperties": [ + "/properties/ConnectionIdentifier", "/properties/EnvironmentIdentifier", "/properties/DomainIdentifier", "/properties/ProjectIdentifier", @@ -146,6 +147,12 @@ "description": "Specifies whether to automatically import data quality metrics as part of the data source run.", "type": "boolean" }, + "CatalogName": { + "description": "The catalog name in the AWS Glue run configuration.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, "DataAccessRole": { "$ref": "#/definitions/DataAccessRole", "description": "The data access role included in the configuration details of the AWS Glue data source." @@ -229,8 +236,6 @@ } }, "required": [ - "RedshiftCredentialConfiguration", - "RedshiftStorage", "RelationalFilterConfigurations" ], "type": "object" @@ -454,6 +459,14 @@ "$ref": "#/definitions/DataSourceConfigurationInput", "description": "Configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration." }, + "ConnectionId": { + "description": "The unique identifier of a connection used to fetch relevant parameters from connection during Datasource run", + "type": "string" + }, + "ConnectionIdentifier": { + "description": "The unique identifier of a connection used to fetch relevant parameters from connection during Datasource run", + "type": "string" + }, "CreatedAt": { "description": "The timestamp of when the data source was created.", "format": "date-time", @@ -480,7 +493,6 @@ }, "EnvironmentId": { "description": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", - "pattern": "^[a-zA-Z0-9_-]{1,36}$", "type": "string" }, "EnvironmentIdentifier": { @@ -548,6 +560,7 @@ } }, "readOnlyProperties": [ + "/properties/ConnectionId", "/properties/CreatedAt", "/properties/DomainId", "/properties/EnvironmentId", @@ -563,7 +576,6 @@ "Name", "DomainIdentifier", "ProjectIdentifier", - "EnvironmentIdentifier", "Type" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-datazone", @@ -576,6 +588,7 @@ "typeName": "AWS::DataZone::DataSource", "writeOnlyProperties": [ "/properties/AssetFormsInput", + "/properties/ConnectionIdentifier", "/properties/EnvironmentIdentifier", "/properties/DomainIdentifier", "/properties/Configuration", diff --git a/src/schema/aws-detective-graph.json b/src/schema/aws-detective-graph.json index e6e34149..974e1e9b 100644 --- a/src/schema/aws-detective-graph.json +++ b/src/schema/aws-detective-graph.json @@ -26,13 +26,16 @@ "create": { "permissions": [ "detective:CreateGraph", + "detective:ListGraphs", + "detective:TagResource", "detective:UpdateOrganizationConfiguration", "organizations:DescribeOrganization" ] }, "delete": { "permissions": [ - "detective:DeleteGraph" + "detective:DeleteGraph", + "detective:ListGraphs" ] }, "list": { @@ -53,6 +56,7 @@ }, "update": { "permissions": [ + "detective:ListGraphs", "detective:UntagResource", "detective:TagResource", "detective:ListTagsForResource", diff --git a/src/schema/aws-dynamodb-table.json b/src/schema/aws-dynamodb-table.json index e729b55f..9d527429 100644 --- a/src/schema/aws-dynamodb-table.json +++ b/src/schema/aws-dynamodb-table.json @@ -276,7 +276,7 @@ "type": "boolean" }, "RecoveryPeriodInDays": { - "description": "", + "description": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", "maximum": 35, "minimum": 1, "type": "integer" diff --git a/src/schema/aws-ec2-capacityreservation.json b/src/schema/aws-ec2-capacityreservation.json index f680f7fc..ec91aebb 100644 --- a/src/schema/aws-ec2-capacityreservation.json +++ b/src/schema/aws-ec2-capacityreservation.json @@ -9,7 +9,8 @@ "/properties/OutPostArn", "/properties/EphemeralStorage", "/properties/EbsOptimized", - "/properties/PlacementGroupArn" + "/properties/PlacementGroupArn", + "/properties/AvailabilityZoneId" ], "definitions": { "Tag": { @@ -93,6 +94,9 @@ "AvailabilityZone": { "type": "string" }, + "AvailabilityZoneId": { + "type": "string" + }, "AvailableInstanceCount": { "type": "integer" }, @@ -154,10 +158,20 @@ ], "required": [ "InstanceCount", - "AvailabilityZone", "InstancePlatform", "InstanceType" ], + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "ec2:CreateTags", + "ec2:DeleteTags" + ], + "tagOnCreate": true, + "tagProperty": "/properties/TagSpecifications", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::EC2::CapacityReservation", "writeOnlyProperties": [ "/properties/UnusedReservationBillingOwnerId" diff --git a/src/schema/aws-ec2-eip.json b/src/schema/aws-ec2-eip.json index 8b39a14f..59710152 100644 --- a/src/schema/aws-ec2-eip.json +++ b/src/schema/aws-ec2-eip.json @@ -128,6 +128,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "ec2:CreateTags", + "ec2:DeleteTags", + "ec2:DescribeTags" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-ec2-ipam.json b/src/schema/aws-ec2-ipam.json index 106e226c..e4a5563e 100644 --- a/src/schema/aws-ec2-ipam.json +++ b/src/schema/aws-ec2-ipam.json @@ -46,7 +46,9 @@ "ec2:CreateIpam", "iam:CreateServiceLinkedRole", "ec2:CreateTags", - "ec2:DescribeIpams" + "ec2:DescribeIpams", + "ec2:DescribeIpamResourceDiscoveries", + "ec2:ModifyIpamResourceDiscovery" ] }, "delete": { @@ -63,7 +65,8 @@ }, "read": { "permissions": [ - "ec2:DescribeIpams" + "ec2:DescribeIpams", + "ec2:DescribeIpamResourceDiscoveries" ] }, "update": { @@ -71,7 +74,9 @@ "ec2:ModifyIpam", "ec2:CreateTags", "ec2:DeleteTags", - "ec2:DescribeIpams" + "ec2:DescribeIpams", + "ec2:DescribeIpamResourceDiscoveries", + "ec2:ModifyIpamResourceDiscovery" ] } }, diff --git a/src/schema/aws-ec2-ipamresourcediscovery.json b/src/schema/aws-ec2-ipamresourcediscovery.json index c300c550..8011d337 100644 --- a/src/schema/aws-ec2-ipamresourcediscovery.json +++ b/src/schema/aws-ec2-ipamresourcediscovery.json @@ -45,7 +45,9 @@ "permissions": [ "ec2:CreateIpamResourceDiscovery", "ec2:DescribeIpamResourceDiscoveries", - "ec2:CreateTags" + "ec2:ModifyIpamResourceDiscovery", + "ec2:CreateTags", + "iam:CreateServiceLinkedRole" ] }, "delete": { diff --git a/src/schema/aws-ec2-launchtemplate.json b/src/schema/aws-ec2-launchtemplate.json index e8cd7dfd..6c9d6a7e 100644 --- a/src/schema/aws-ec2-launchtemplate.json +++ b/src/schema/aws-ec2-launchtemplate.json @@ -334,7 +334,7 @@ "description": "The minimum and maximum amount of total accelerator memory, in MiB.\n Default: No minimum or maximum limits" }, "AcceleratorTypes": { - "description": "The accelerator types that must be on the instance type.\n + For instance types with GPU accelerators, specify ``gpu``.\n + For instance types with FPGA accelerators, specify ``fpga``.\n \n Default: Any accelerator type", + "description": "The accelerator types that must be on the instance type.\n + For instance types with FPGA accelerators, specify ``fpga``.\n + For instance types with GPU accelerators, specify ``gpu``.\n + For instance types with Inference accelerators, specify ``inference``.\n \n Default: Any accelerator type", "items": { "type": "string" }, @@ -808,7 +808,7 @@ "type": "string" }, "DeviceIndex": { - "description": "The device index for the network interface attachment. Each network interface requires a device index. If you create a launch template that includes secondary network interfaces but not a primary network interface, then you must add a primary network interface as a launch parameter when you launch an instance from the template.", + "description": "The device index for the network interface attachment. If the network interface is of type ``interface``, you must specify a device index.\n If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance``, then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance``.", "type": "integer" }, "EnaSrdSpecification": { diff --git a/src/schema/aws-ec2-placementgroup.json b/src/schema/aws-ec2-placementgroup.json index b7d1ff9f..c933617c 100644 --- a/src/schema/aws-ec2-placementgroup.json +++ b/src/schema/aws-ec2-placementgroup.json @@ -96,6 +96,7 @@ "permissions": [ "ec2:CreateTags" ], + "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": false, "taggable": true diff --git a/src/schema/aws-ec2-verifiedaccessendpoint.json b/src/schema/aws-ec2-verifiedaccessendpoint.json index 3cfea5a9..8dc141b8 100644 --- a/src/schema/aws-ec2-verifiedaccessendpoint.json +++ b/src/schema/aws-ec2-verifiedaccessendpoint.json @@ -8,9 +8,49 @@ "/properties/EndpointType", "/properties/SecurityGroupIds", "/properties/NetworkInterfaceOptions/NetworkInterfaceId", - "/properties/LoadBalancerOptions/LoadBalancerArn" + "/properties/LoadBalancerOptions/LoadBalancerArn", + "/properties/RdsOptions/Protocol", + "/properties/RdsOptions/RdsDbInstanceArn", + "/properties/RdsOptions/RdsDbClusterArn", + "/properties/RdsOptions/RdsDbProxyArn", + "/properties/CidrOptions/Cidr", + "/properties/CidrOptions/Protocol", + "/properties/CidrOptions/SubnetIds" ], "definitions": { + "CidrOptions": { + "additionalProperties": false, + "description": "The options for cidr type endpoint.", + "properties": { + "Cidr": { + "description": "The IP address range, in CIDR notation.", + "type": "string" + }, + "PortRanges": { + "description": "The list of port range.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/PortRange" + }, + "type": "array", + "uniqueItems": true + }, + "Protocol": { + "description": "The IP protocol.", + "type": "string" + }, + "SubnetIds": { + "description": "The IDs of the subnets.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/SubnetId" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, "LoadBalancerOptions": { "additionalProperties": false, "description": "The load balancer details if creating the AWS Verified Access endpoint as load-balancertype.", @@ -25,6 +65,15 @@ "minimum": 1, "type": "integer" }, + "PortRanges": { + "description": "The list of port range.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/PortRange" + }, + "type": "array", + "uniqueItems": true + }, "Protocol": { "description": "The IP protocol.", "type": "string" @@ -49,6 +98,51 @@ "description": "The ID of the network interface.", "type": "string" }, + "Port": { + "description": "The IP port number.", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "PortRanges": { + "description": "The list of port ranges.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/PortRange" + }, + "type": "array", + "uniqueItems": true + }, + "Protocol": { + "description": "The IP protocol.", + "type": "string" + } + }, + "type": "object" + }, + "PortRange": { + "additionalProperties": false, + "description": "The IP port range.", + "properties": { + "FromPort": { + "description": "The first port in the range.", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "ToPort": { + "description": "The last port in the range.", + "maximum": 65535, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "RdsOptions": { + "additionalProperties": false, + "description": "The options for rds type endpoint.", + "properties": { "Port": { "description": "The IP port number.", "maximum": 65535, @@ -58,6 +152,31 @@ "Protocol": { "description": "The IP protocol.", "type": "string" + }, + "RdsDbClusterArn": { + "description": "The ARN of the RDS DB cluster.", + "type": "string" + }, + "RdsDbInstanceArn": { + "description": "The ARN of the RDS DB instance.", + "type": "string" + }, + "RdsDbProxyArn": { + "description": "The ARN of the RDS DB proxy.", + "type": "string" + }, + "RdsEndpoint": { + "description": "The RDS endpoint.", + "type": "string" + }, + "SubnetIds": { + "description": "The IDs of the subnets.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/SubnetId" + }, + "type": "array", + "uniqueItems": true } }, "type": "object" @@ -115,106 +234,59 @@ "permissions": [ "ec2:CreateVerifiedAccessEndpoint", "ec2:DescribeVerifiedAccessEndpoints", - "iam:CreateServiceLinkedRole", - "iam:ListRoles", - "acm:GetCertificateWithPK", - "acm:DescribeCertificate", - "acm:CreateCertificateRelation", - "sso:GetManagedApplicationInstance", - "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration", - "sso:CreateManagedApplicationInstance", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAccountAttributes", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeListenerCertificates", "ec2:CreateTags", "ec2:DescribeTags", - "acm:DeleteCertificateRelation", - "ec2:DeleteVerifiedAccessEndpoint", + "ec2:DescribeVpcs", "ec2:GetVerifiedAccessEndpointPolicy", - "ec2:ModifyVerifiedAccessEndpoint", - "ec2:ModifyVerifiedAccessEndpointPolicy", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", + "iam:CreateServiceLinkedRole", + "acm:DescribeCertificate", + "sso:PutApplicationAccessScope", + "sso:GetSharedSsoConfiguration", + "sso:CreateManagedApplicationInstance", "sso:DeleteManagedApplicationInstance", "kms:DescribeKey", + "kms:GenerateDataKey", "kms:RetireGrant", "kms:CreateGrant", - "kms:GenerateDataKey", - "kms:Decrypt" + "kms:Decrypt", + "rds:DescribeDbInstances", + "rds:DescribeDbProxies", + "rds:DescribeDbClusters", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeVpcEndpointServiceConfigurations" ], - "timeoutInMinutes": 60 + "timeoutInMinutes": 600 }, "delete": { "permissions": [ "ec2:DescribeVerifiedAccessEndpoints", "ec2:DeleteVerifiedAccessEndpoint", + "ec2:GetVerifiedAccessEndpointPolicy", "ec2:DescribeTags", "ec2:DeleteTags", "sso:DeleteManagedApplicationInstance", - "acm:DeleteCertificateRelation", - "acm:DescribeCertificate", - "acm:CreateCertificateRelation", - "acm:GetCertificateWithPK", - "ec2:CreateVerifiedAccessEndpoint", - "ec2:DescribeAccountAttributes", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:GetVerifiedAccessEndpointPolicy", - "ec2:ModifyVerifiedAccessEndpoint", - "ec2:ModifyVerifiedAccessEndpointPolicy", - "elasticloadbalancing:DescribeListenerCertificates", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeLoadBalancers", - "iam:CreateServiceLinkedRole", - "iam:ListRoles", - "sso:CreateManagedApplicationInstance", - "sso:GetManagedApplicationInstance", - "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration", "kms:DescribeKey", "kms:RetireGrant", - "kms:CreateGrant", - "kms:GenerateDataKey", - "kms:Decrypt" + "kms:Decrypt", + "kms:GenerateDataKey" ], "timeoutInMinutes": 60 }, "list": { "permissions": [ "ec2:DescribeVerifiedAccessEndpoints", - "ec2:DescribeTags", - "acm:CreateCertificateRelation", - "acm:DeleteCertificateRelation", - "acm:DescribeCertificate", - "acm:GetCertificateWithPK", - "ec2:CreateVerifiedAccessEndpoint", - "ec2:DeleteVerifiedAccessEndpoint", - "ec2:DescribeAccountAttributes", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", "ec2:GetVerifiedAccessEndpointPolicy", - "ec2:ModifyVerifiedAccessEndpoint", - "ec2:ModifyVerifiedAccessEndpointPolicy", - "elasticloadbalancing:DescribeListenerCertificates", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeLoadBalancers", - "iam:CreateServiceLinkedRole", - "iam:ListRoles", - "sso:CreateManagedApplicationInstance", - "sso:DeleteManagedApplicationInstance", - "sso:GetManagedApplicationInstance", - "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration", + "ec2:DescribeTags", "kms:DescribeKey", - "kms:RetireGrant", - "kms:CreateGrant", - "kms:GenerateDataKey", - "kms:Decrypt" + "kms:Decrypt", + "kms:GenerateDataKey" ] }, "read": { @@ -222,33 +294,9 @@ "ec2:DescribeVerifiedAccessEndpoints", "ec2:GetVerifiedAccessEndpointPolicy", "ec2:DescribeTags", - "acm:CreateCertificateRelation", - "acm:DeleteCertificateRelation", - "acm:DescribeCertificate", - "acm:GetCertificateWithPK", - "ec2:CreateVerifiedAccessEndpoint", - "ec2:DeleteVerifiedAccessEndpoint", - "ec2:DescribeAccountAttributes", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:ModifyVerifiedAccessEndpoint", - "ec2:ModifyVerifiedAccessEndpointPolicy", - "elasticloadbalancing:DescribeListenerCertificates", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeLoadBalancers", - "iam:CreateServiceLinkedRole", - "iam:ListRoles", - "sso:CreateManagedApplicationInstance", - "sso:DeleteManagedApplicationInstance", - "sso:GetManagedApplicationInstance", - "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration", "kms:DescribeKey", - "kms:RetireGrant", - "kms:CreateGrant", - "kms:GenerateDataKey", - "kms:Decrypt" + "kms:Decrypt", + "kms:GenerateDataKey" ] }, "update": { @@ -257,34 +305,24 @@ "ec2:ModifyVerifiedAccessEndpointPolicy", "ec2:DescribeVerifiedAccessEndpoints", "ec2:GetVerifiedAccessEndpointPolicy", - "acm:GetCertificateWithPK", - "acm:DescribeCertificate", - "acm:CreateCertificateRelation", - "acm:DeleteCertificateRelation", - "sso:GetManagedApplicationInstance", - "sso:GetPeregrineStatus", - "sso:GetSharedSsoConfiguration", - "sso:CreateManagedApplicationInstance", - "sso:DeleteManagedApplicationInstance", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:DescribeNetworkInterfaces", - "ec2:DescribeAccountAttributes", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeListenerCertificates", + "ec2:DescribeVpcs", "ec2:DescribeTags", "ec2:DeleteTags", "ec2:CreateTags", - "ec2:CreateVerifiedAccessEndpoint", - "ec2:DeleteVerifiedAccessEndpoint", - "iam:CreateServiceLinkedRole", - "iam:ListRoles", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeListeners", + "elasticloadbalancing:DescribeListenerCertificates", "kms:DescribeKey", + "kms:GenerateDataKey", "kms:RetireGrant", "kms:CreateGrant", - "kms:GenerateDataKey", - "kms:Decrypt" + "kms:Decrypt", + "rds:DescribeDbInstances", + "rds:DescribeDbProxies", + "rds:DescribeDbClusters" ], "timeoutInMinutes": 60 } @@ -301,6 +339,10 @@ "description": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", "type": "string" }, + "CidrOptions": { + "$ref": "#/definitions/CidrOptions", + "description": "The options for cidr type endpoint." + }, "CreationTime": { "description": "The creation time.", "type": "string" @@ -349,6 +391,10 @@ "description": "The status of the Verified Access policy.", "type": "boolean" }, + "RdsOptions": { + "$ref": "#/definitions/RdsOptions", + "description": "The options for rds type endpoint." + }, "SecurityGroupIds": { "description": "The IDs of the security groups for the endpoint.", "insertionOrder": false, @@ -398,12 +444,9 @@ "/properties/VerifiedAccessInstanceId" ], "required": [ - "ApplicationDomain", "AttachmentType", - "DomainCertificateArn", "EndpointType", - "VerifiedAccessGroupId", - "EndpointDomainPrefix" + "VerifiedAccessGroupId" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2-verified-access.aws-ec2-verifiedaccessendpoint", "tagging": { diff --git a/src/schema/aws-ec2-vpnconnection.json b/src/schema/aws-ec2-vpnconnection.json index 519848c3..edb389fd 100644 --- a/src/schema/aws-ec2-vpnconnection.json +++ b/src/schema/aws-ec2-vpnconnection.json @@ -462,6 +462,7 @@ "readOnlyProperties": [ "/properties/VpnConnectionId" ], + "replacementStrategy": "delete_then_create", "required": [ "Type", "CustomerGatewayId" diff --git a/src/schema/aws-ecr-publicrepository.json b/src/schema/aws-ecr-publicrepository.json index c3f35190..eeecf4c5 100644 --- a/src/schema/aws-ecr-publicrepository.json +++ b/src/schema/aws-ecr-publicrepository.json @@ -178,5 +178,12 @@ "/properties/Arn" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecr.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::ECR::PublicRepository" } diff --git a/src/schema/aws-ecs-service.json b/src/schema/aws-ecs-service.json index a0c30dce..54d47ccc 100644 --- a/src/schema/aws-ecs-service.json +++ b/src/schema/aws-ecs-service.json @@ -22,14 +22,14 @@ "type": "string" }, "SecurityGroups": { - "description": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``awsvpcConfiguration``.\n All specified security groups must be from the same VPC.", + "description": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n All specified security groups must be from the same VPC.", "items": { "type": "string" }, "type": "array" }, "Subnets": { - "description": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``awsvpcConfiguration``.\n All specified subnets must be from the same VPC.", + "description": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n All specified subnets must be from the same VPC.", "items": { "type": "string" }, @@ -458,10 +458,6 @@ "description": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the ``Throughput`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.\n This parameter is only supported for the ``gp3`` volume type.", "type": "integer" }, - "VolumeInitializationRate": { - "description": "", - "type": "integer" - }, "VolumeType": { "description": "The volume type. This parameter maps 1:1 with the ``VolumeType`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide*.\n The following are the supported volume types.\n + General Purpose SSD: ``gp2``|``gp3`` \n + Provisioned IOPS SSD: ``io1``|``io2`` \n + Throughput Optimized HDD: ``st1`` \n + Cold HDD: ``sc1`` \n + Magnetic: ``standard`` \n The magnetic volume type is not supported on Fargate.", "type": "string" @@ -568,7 +564,7 @@ "type": "object" } }, - "description": "The ``AWS::ECS::Service`` resource creates an Amazon Elastic Container Service (Amazon ECS) service that runs and maintains the requested number of tasks and associated load balancers.\n The stack update fails if you change any properties that require replacement and at least one ECS Service Connect ``ServiceConnectConfiguration`` property the is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceConnectService`` must have a name that is unique in the namespace.\n Starting April 15, 2023, AWS; will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, ECS, or EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.", + "description": "The ``AWS::ECS::Service`` resource creates an Amazon Elastic Container Service (Amazon ECS) service that runs and maintains the requested number of tasks and associated load balancers.\n The stack update fails if you change any properties that require replacement and at least one ECS Service Connect ``ServiceConnectConfiguration`` property is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceConnectService`` must have a name that is unique in the namespace.\n Starting April 15, 2023, AWS; will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, ECS, or EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.", "handlers": { "create": { "permissions": [ @@ -624,7 +620,7 @@ "type": "string" }, "CapacityProviderStrategy": { - "description": "The capacity provider strategy to use for the service.\n If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used.\n A capacity provider strategy can contain a maximum of 20 capacity providers.", + "description": "The capacity provider strategy to use for the service.\n If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used.\n A capacity provider strategy may contain a maximum of 6 capacity providers.\n To remove this property from your service resource, specify an empty ``CapacityProviderStrategyItem`` array.", "items": { "$ref": "#/definitions/CapacityProviderStrategyItem" }, @@ -668,7 +664,7 @@ "type": "string" }, "LoadBalancers": { - "description": "A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide*.", + "description": "A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide*.\n To remove this property from your service resource, specify an empty ``LoadBalancer`` array.", "items": { "$ref": "#/definitions/LoadBalancer" }, @@ -683,14 +679,14 @@ "description": "The network configuration for the service. This parameter is required for task definitions that use the ``awsvpc`` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide*." }, "PlacementConstraints": { - "description": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.", + "description": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n To remove this property from your service resource, specify an empty ``PlacementConstraint`` array.", "items": { "$ref": "#/definitions/PlacementConstraint" }, "type": "array" }, "PlacementStrategies": { - "description": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.", + "description": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n To remove this property from your service resource, specify an empty ``PlacementStrategy`` array.", "items": { "$ref": "#/definitions/PlacementStrategy" }, @@ -734,7 +730,7 @@ "type": "string" }, "ServiceRegistries": { - "description": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html).\n Each service may be associated with one service registry. Multiple service registries for each service isn't supported.", + "description": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html).\n Each service may be associated with one service registry. Multiple service registries for each service isn't supported.\n To remove this property from your service resource, specify an empty ``ServiceRegistry`` array.", "items": { "$ref": "#/definitions/ServiceRegistry" }, @@ -752,7 +748,7 @@ "type": "string" }, "VolumeConfigurations": { - "description": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.", + "description": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n To remove this property from your service resource, specify an empty ``ServiceVolumeConfiguration`` array.", "items": { "$ref": "#/definitions/ServiceVolumeConfiguration" }, diff --git a/src/schema/aws-eks-identityproviderconfig.json b/src/schema/aws-eks-identityproviderconfig.json index e341fe52..30fd97d7 100644 --- a/src/schema/aws-eks-identityproviderconfig.json +++ b/src/schema/aws-eks-identityproviderconfig.json @@ -190,6 +190,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "eks:TagResource", + "eks:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-fms-policy.json b/src/schema/aws-fms-policy.json index fc80a68f..0201d1fa 100644 --- a/src/schema/aws-fms-policy.json +++ b/src/schema/aws-fms-policy.json @@ -453,6 +453,13 @@ "type": "array", "uniqueItems": true }, + "ResourceTagLogicalOperator": { + "enum": [ + "AND", + "OR" + ], + "type": "string" + }, "ResourceTags": { "insertionOrder": true, "items": { diff --git a/src/schema/aws-glue-connection.json b/src/schema/aws-glue-connection.json index ae23f964..396fd6a5 100644 --- a/src/schema/aws-glue-connection.json +++ b/src/schema/aws-glue-connection.json @@ -4,9 +4,66 @@ "/properties/CatalogId" ], "definitions": { + "AuthenticationConfigurationInput": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "type": "string" + }, + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/BasicAuthenticationCredentials" + }, + "CustomAuthenticationCredentials": { + "type": "object" + }, + "KmsKeyArn": { + "type": "string" + }, + "OAuth2Properties": { + "$ref": "#/definitions/OAuth2PropertiesInput" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "AuthenticationType" + ], + "type": "object" + }, + "AuthorizationCodeProperties": { + "additionalProperties": false, + "properties": { + "AuthorizationCode": { + "type": "string" + }, + "RedirectUri": { + "type": "string" + } + }, + "type": "object" + }, + "BasicAuthenticationCredentials": { + "additionalProperties": false, + "properties": { + "Password": { + "type": "string" + }, + "Username": { + "type": "string" + } + }, + "type": "object" + }, "ConnectionInput": { "additionalProperties": false, "properties": { + "AthenaProperties": { + "type": "object" + }, + "AuthenticationConfiguration": { + "$ref": "#/definitions/AuthenticationConfigurationInput" + }, "ConnectionProperties": { "type": "object" }, @@ -28,6 +85,22 @@ }, "PhysicalConnectionRequirements": { "$ref": "#/definitions/PhysicalConnectionRequirements" + }, + "PythonProperties": { + "type": "object" + }, + "SparkProperties": { + "type": "object" + }, + "ValidateCredentials": { + "type": "boolean" + }, + "ValidateForComputeEnvironments": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false } }, "required": [ @@ -35,6 +108,60 @@ ], "type": "object" }, + "OAuth2ClientApplication": { + "additionalProperties": false, + "properties": { + "AWSManagedClientApplicationReference": { + "type": "string" + }, + "UserManagedClientApplicationClientId": { + "type": "string" + } + }, + "type": "object" + }, + "OAuth2Credentials": { + "additionalProperties": false, + "properties": { + "AccessToken": { + "type": "string" + }, + "JwtToken": { + "type": "string" + }, + "RefreshToken": { + "type": "string" + }, + "UserManagedClientApplicationClientSecret": { + "type": "string" + } + }, + "type": "object" + }, + "OAuth2PropertiesInput": { + "additionalProperties": false, + "properties": { + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AuthorizationCodeProperties" + }, + "OAuth2ClientApplication": { + "$ref": "#/definitions/OAuth2ClientApplication" + }, + "OAuth2Credentials": { + "$ref": "#/definitions/OAuth2Credentials" + }, + "OAuth2GrantType": { + "type": "string" + }, + "TokenUrl": { + "type": "string" + }, + "TokenUrlParametersMap": { + "type": "object" + } + }, + "type": "object" + }, "PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { diff --git a/src/schema/aws-glue-tableoptimizer.json b/src/schema/aws-glue-tableoptimizer.json index ea43a678..f8f0eec4 100644 --- a/src/schema/aws-glue-tableoptimizer.json +++ b/src/schema/aws-glue-tableoptimizer.json @@ -7,14 +7,53 @@ "/properties/CatalogId" ], "definitions": { + "IcebergConfiguration": { + "additionalProperties": false, + "properties": { + "Location": { + "type": "string" + }, + "OrphanFileRetentionPeriodInDays": { + "type": "integer" + } + }, + "type": "object" + }, + "OrphanFileDeletionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/IcebergConfiguration" + } + }, + "type": "object" + }, + "RetentionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/IcebergConfiguration" + } + }, + "type": "object" + }, "TableOptimizerConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "type": "boolean" }, + "OrphanFileDeletionConfiguration": { + "$ref": "#/definitions/OrphanFileDeletionConfiguration" + }, + "RetentionConfiguration": { + "$ref": "#/definitions/RetentionConfiguration" + }, "RoleArn": { "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/VpcConfiguration" } }, "required": [ @@ -22,6 +61,15 @@ "RoleArn" ], "type": "object" + }, + "VpcConfiguration": { + "additionalProperties": false, + "properties": { + "GlueConnectionName": { + "type": "string" + } + }, + "type": "object" } }, "description": "Resource Type definition for AWS::Glue::TableOptimizer", diff --git a/src/schema/aws-healthimaging-datastore.json b/src/schema/aws-healthimaging-datastore.json index 58096c62..900fa4a5 100644 --- a/src/schema/aws-healthimaging-datastore.json +++ b/src/schema/aws-healthimaging-datastore.json @@ -146,6 +146,11 @@ "required": [], "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "medical-imaging:TagResource", + "medical-imaging:UntagResource", + "medical-imaging:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": false, diff --git a/src/schema/aws-iot-billinggroup.json b/src/schema/aws-iot-billinggroup.json index e3927fb1..cd778b6c 100644 --- a/src/schema/aws-iot-billinggroup.json +++ b/src/schema/aws-iot-billinggroup.json @@ -9,14 +9,14 @@ "description": "A key-value pair to associate with a resource.", "properties": { "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", + "description": "Tag key (1-128 chars). No 'aws:' prefix. Allows: [A-Za-z0-9 _.:/=+-]", "maxLength": 128, "minLength": 1, "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", "type": "string" }, "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", + "description": "Tag value (1-256 chars). No 'aws:' prefix. Allows: [A-Za-z0-9 _.:/=+-]", "maxLength": 256, "minLength": 1, "type": "string" @@ -111,6 +111,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "iot:ListTagsForResource", + "iot:TagResource", + "iot:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-iot-thinggroup.json b/src/schema/aws-iot-thinggroup.json index f6ffd96e..032ac000 100644 --- a/src/schema/aws-iot-thinggroup.json +++ b/src/schema/aws-iot-thinggroup.json @@ -25,14 +25,14 @@ "description": "A key-value pair to associate with a resource.", "properties": { "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", + "description": "Tag key (1-128 chars). No 'aws:' prefix. Allows: [A-Za-z0-9 _.:/=+-]", "maxLength": 128, "minLength": 1, "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", "type": "string" }, "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", + "description": "Tag value (1-256 chars). No 'aws:' prefix. Allows: [A-Za-z0-9 _.:/=+-]", "maxLength": 256, "minLength": 1, "type": "string" @@ -144,6 +144,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "iot:ListTagsForResource", + "iot:TagResource", + "iot:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-iot-thingtype.json b/src/schema/aws-iot-thingtype.json index edd25629..9b31c7f6 100644 --- a/src/schema/aws-iot-thingtype.json +++ b/src/schema/aws-iot-thingtype.json @@ -167,6 +167,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "iot:ListTagsForResource", + "iot:TagResource", + "iot:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-iotfleetwise-statetemplate.json b/src/schema/aws-iotfleetwise-statetemplate.json index e5cf48a2..0b3c7d1c 100644 --- a/src/schema/aws-iotfleetwise-statetemplate.json +++ b/src/schema/aws-iotfleetwise-statetemplate.json @@ -96,6 +96,12 @@ "pattern": "^[^\\u0000-\\u001F\\u007F]+$", "type": "string" }, + "Id": { + "maxLength": 26, + "minLength": 26, + "pattern": "^[A-Z0-9]+$", + "type": "string" + }, "LastModificationTime": { "format": "date-time", "type": "string" @@ -146,6 +152,7 @@ }, "readOnlyProperties": [ "/properties/Arn", + "/properties/Id", "/properties/CreationTime", "/properties/LastModificationTime" ], diff --git a/src/schema/aws-iotfleetwise-vehicle.json b/src/schema/aws-iotfleetwise-vehicle.json index 3b07afd1..74a9bd08 100644 --- a/src/schema/aws-iotfleetwise-vehicle.json +++ b/src/schema/aws-iotfleetwise-vehicle.json @@ -4,6 +4,69 @@ "/properties/Name" ], "definitions": { + "OnChangeStateTemplateUpdateStrategy": { + "additionalProperties": false, + "type": "object" + }, + "PeriodicStateTemplateUpdateStrategy": { + "additionalProperties": false, + "properties": { + "StateTemplateUpdateRate": { + "$ref": "#/definitions/TimePeriod" + } + }, + "required": [ + "StateTemplateUpdateRate" + ], + "type": "object" + }, + "StateTemplateAssociation": { + "additionalProperties": false, + "minProperties": 0, + "properties": { + "Identifier": { + "maxLength": 100, + "minLength": 1, + "type": "string" + }, + "StateTemplateUpdateStrategy": { + "$ref": "#/definitions/StateTemplateUpdateStrategy" + } + }, + "required": [ + "Identifier", + "StateTemplateUpdateStrategy" + ], + "type": "object" + }, + "StateTemplateUpdateStrategy": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Periodic": { + "$ref": "#/definitions/PeriodicStateTemplateUpdateStrategy" + } + }, + "required": [ + "Periodic" + ], + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "OnChange": { + "$ref": "#/definitions/OnChangeStateTemplateUpdateStrategy" + } + }, + "required": [ + "OnChange" + ], + "type": "object" + } + ] + }, "Tag": { "additionalProperties": false, "properties": { @@ -24,6 +87,32 @@ ], "type": "object" }, + "TimePeriod": { + "additionalProperties": false, + "properties": { + "Unit": { + "$ref": "#/definitions/TimeUnit" + }, + "Value": { + "minimum": 1, + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "TimeUnit": { + "enum": [ + "MILLISECOND", + "SECOND", + "MINUTE", + "HOUR" + ], + "type": "string" + }, "VehicleAssociationBehavior": { "enum": [ "CreateIotThing", @@ -115,6 +204,16 @@ "pattern": "^[a-zA-Z\\d\\-_:]+$", "type": "string" }, + "StateTemplates": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/StateTemplateAssociation" + }, + "maxItems": 20, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, "Tags": { "insertionOrder": false, "items": { diff --git a/src/schema/aws-iotsitewise-gateway.json b/src/schema/aws-iotsitewise-gateway.json index edbeda37..710f7aa5 100644 --- a/src/schema/aws-iotsitewise-gateway.json +++ b/src/schema/aws-iotsitewise-gateway.json @@ -1,7 +1,8 @@ { "additionalProperties": false, "createOnlyProperties": [ - "/properties/GatewayPlatform" + "/properties/GatewayPlatform", + "/properties/GatewayVersion" ], "definitions": { "CapabilityConfiguration": { @@ -50,7 +51,6 @@ ], "properties": { "Greengrass": { - "$ref": "#/definitions/Greengrass", "description": "A gateway that runs on AWS IoT Greengrass V1." }, "GreengrassV2": { @@ -64,24 +64,23 @@ }, "type": "object" }, - "Greengrass": { - "additionalProperties": false, - "description": "Contains the ARN of AWS IoT Greengrass Group V1 that the gateway runs on.", - "properties": { - "GroupArn": { - "description": "The ARN of the Greengrass group.", - "type": "string" - } - }, - "required": [ - "GroupArn" - ], - "type": "object" + "GatewayVersion": { + "description": "The version of the gateway you want to create.", + "type": "string" }, "GreengrassV2": { "additionalProperties": false, "description": "Contains the CoreDeviceThingName of AWS IoT Greengrass Group V2 that the gateway runs on.", "properties": { + "CoreDeviceOperatingSystem": { + "description": "The operating system of the core device in AWS IoT Greengrass V2.", + "enum": [ + "LINUX_AARCH64", + "LINUX_AMD64", + "WINDOWS_AMD64" + ], + "type": "string" + }, "CoreDeviceThingName": { "description": "The name of the CoreDevice in GreenGrass V2.", "type": "string" @@ -124,6 +123,9 @@ "type": "object" } }, + "deprecatedProperties": [ + "/properties/GatewayPlatform/Greengrass" + ], "description": "Resource schema for AWS::IoTSiteWise::Gateway", "handlers": { "create": { @@ -197,6 +199,10 @@ "$ref": "#/definitions/GatewayPlatform", "description": "The gateway's platform. You can only specify one platform in a gateway." }, + "GatewayVersion": { + "description": "The version of the gateway you want to create.", + "type": "string" + }, "Tags": { "description": "A list of key-value pairs that contain metadata for the gateway.", "insertionOrder": false, diff --git a/src/schema/aws-ivs-channel.json b/src/schema/aws-ivs-channel.json index 42c17950..a7dc332e 100644 --- a/src/schema/aws-ivs-channel.json +++ b/src/schema/aws-ivs-channel.json @@ -1,17 +1,47 @@ { "additionalProperties": false, "definitions": { + "MultitrackInputConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "default": false, + "description": "Indicates whether multitrack input is enabled. Can be set to true only if channel type is STANDARD. Setting enabled to true with any other channel type will cause an exception. If true, then policy, maximumResolution, and containerFormat are required, and containerFormat must be set to FRAGMENTED_MP4. Default: false.", + "type": "boolean" + }, + "MaximumResolution": { + "description": "Maximum resolution for multitrack input. Required if enabled is true.", + "enum": [ + "SD", + "HD", + "FULL_HD" + ], + "type": "string" + }, + "Policy": { + "description": "Indicates whether multitrack input is allowed or required. Required if enabled is true.", + "enum": [ + "ALLOW", + "REQUIRE" + ], + "type": "string" + } + }, + "type": "object" + }, "Tag": { "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, @@ -74,6 +104,15 @@ "description": "Whether the channel is authorized.", "type": "boolean" }, + "ContainerFormat": { + "default": "TS", + "description": "Indicates which content-packaging format is used (MPEG-TS or fMP4). If multitrackInputConfiguration is specified and enabled is true, then containerFormat is required and must be set to FRAGMENTED_MP4. Otherwise, containerFormat may be set to TS or FRAGMENTED_MP4. Default: TS.", + "enum": [ + "TS", + "FRAGMENTED_MP4" + ], + "type": "string" + }, "IngestEndpoint": { "description": "Channel ingest endpoint, part of the definition of an ingest server, used when you set up streaming software.", "type": "string" @@ -92,6 +131,9 @@ ], "type": "string" }, + "MultitrackInputConfiguration": { + "$ref": "#/definitions/MultitrackInputConfiguration" + }, "Name": { "default": "-", "description": "Channel", diff --git a/src/schema/aws-ivs-ingestconfiguration.json b/src/schema/aws-ivs-ingestconfiguration.json index 7fa195e8..b847e275 100644 --- a/src/schema/aws-ivs-ingestconfiguration.json +++ b/src/schema/aws-ivs-ingestconfiguration.json @@ -11,13 +11,15 @@ "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, diff --git a/src/schema/aws-ivs-playbackkeypair.json b/src/schema/aws-ivs-playbackkeypair.json index 4519efba..b6aa7250 100644 --- a/src/schema/aws-ivs-playbackkeypair.json +++ b/src/schema/aws-ivs-playbackkeypair.json @@ -83,7 +83,7 @@ "type": "string" }, "PublicKeyMaterial": { - "description": "The public portion of a customer-generated key pair.", + "description": "The public portion of a customer-generated key pair. This field is required to create the AWS::IVS::PlaybackKeyPair resource.", "type": "string" }, "Tags": { diff --git a/src/schema/aws-ivs-publickey.json b/src/schema/aws-ivs-publickey.json index db2d4557..dbe485da 100644 --- a/src/schema/aws-ivs-publickey.json +++ b/src/schema/aws-ivs-publickey.json @@ -83,7 +83,7 @@ "type": "string" }, "PublicKeyMaterial": { - "description": "The public portion of a customer-generated key pair.", + "description": "The public portion of a customer-generated key pair. This field is required to create the AWS::IVS::PublicKey resource.", "pattern": "-----BEGIN PUBLIC KEY-----\\r?\\n([a-zA-Z0-9+/=\\r\\n]+)\\r?\\n-----END PUBLIC KEY-----(\\r?\\n)?", "type": "string" }, diff --git a/src/schema/aws-ivs-recordingconfiguration.json b/src/schema/aws-ivs-recordingconfiguration.json index 0645d0dd..c164e501 100644 --- a/src/schema/aws-ivs-recordingconfiguration.json +++ b/src/schema/aws-ivs-recordingconfiguration.json @@ -82,13 +82,15 @@ "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, diff --git a/src/schema/aws-ivs-stage.json b/src/schema/aws-ivs-stage.json index 535cb6d9..e2029787 100644 --- a/src/schema/aws-ivs-stage.json +++ b/src/schema/aws-ivs-stage.json @@ -40,13 +40,15 @@ "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, @@ -129,6 +131,7 @@ "items": { "$ref": "#/definitions/Tag" }, + "maxItems": 50, "type": "array", "uniqueItems": true } diff --git a/src/schema/aws-ivs-storageconfiguration.json b/src/schema/aws-ivs-storageconfiguration.json index 16ecc7a8..7390fb34 100644 --- a/src/schema/aws-ivs-storageconfiguration.json +++ b/src/schema/aws-ivs-storageconfiguration.json @@ -27,13 +27,15 @@ "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, diff --git a/src/schema/aws-ivs-streamkey.json b/src/schema/aws-ivs-streamkey.json index d84213ff..186d2723 100644 --- a/src/schema/aws-ivs-streamkey.json +++ b/src/schema/aws-ivs-streamkey.json @@ -8,13 +8,15 @@ "additionalProperties": false, "properties": { "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, "type": "string" }, "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 1, + "minLength": 0, "type": "string" } }, diff --git a/src/schema/aws-kafkaconnect-connector.json b/src/schema/aws-kafkaconnect-connector.json index fe131986..9bbbb3e0 100644 --- a/src/schema/aws-kafkaconnect-connector.json +++ b/src/schema/aws-kafkaconnect-connector.json @@ -452,7 +452,6 @@ "update": { "permissions": [ "kafkaconnect:UpdateConnector", - "kafkaconnect:UpdateConnectorConfiguration", "kafkaconnect:DescribeConnector", "kafkaconnect:DescribeConnectorOperation", "kafkaconnect:TagResource", diff --git a/src/schema/aws-kinesisfirehose-deliverystream.json b/src/schema/aws-kinesisfirehose-deliverystream.json index 77321cc2..9499e235 100644 --- a/src/schema/aws-kinesisfirehose-deliverystream.json +++ b/src/schema/aws-kinesisfirehose-deliverystream.json @@ -8,6 +8,7 @@ "/properties/AmazonOpenSearchServerlessDestinationConfiguration/VpcConfiguration", "/properties/DatabaseSourceConfiguration", "/properties/KinesisStreamSourceConfiguration", + "/properties/DirectPutSourceConfiguration", "/properties/MSKSourceConfiguration", "/properties/IcebergDestinationConfiguration", "/properties/SnowflakeDestinationConfiguration/SnowflakeVpcConfiguration" @@ -565,6 +566,17 @@ }, "type": "array" }, + "DirectPutSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ThroughputHintInMBs": { + "maximum": 100, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, "DocumentIdOptions": { "additionalProperties": false, "properties": { @@ -942,6 +954,9 @@ "IcebergDestinationConfiguration": { "additionalProperties": false, "properties": { + "AppendOnly": { + "type": "boolean" + }, "BufferingHints": { "$ref": "#/definitions/BufferingHints" }, @@ -1873,6 +1888,9 @@ ], "type": "string" }, + "DirectPutSourceConfiguration": { + "$ref": "#/definitions/DirectPutSourceConfiguration" + }, "ElasticsearchDestinationConfiguration": { "$ref": "#/definitions/ElasticsearchDestinationConfiguration" }, diff --git a/src/schema/aws-lambda-codesigningconfig.json b/src/schema/aws-lambda-codesigningconfig.json index d7e8e514..ee653f12 100644 --- a/src/schema/aws-lambda-codesigningconfig.json +++ b/src/schema/aws-lambda-codesigningconfig.json @@ -144,6 +144,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "lambda:ListTags", + "lambda:TagResource", + "lambda:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-m2-application.json b/src/schema/aws-m2-application.json index 6982f52b..428d908e 100644 --- a/src/schema/aws-m2-application.json +++ b/src/schema/aws-m2-application.json @@ -158,7 +158,13 @@ ], "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "m2:TagResource", + "m2:UntagResource", + "m2:ListTagsForResource" + ], "tagOnCreate": true, + "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, diff --git a/src/schema/aws-m2-environment.json b/src/schema/aws-m2-environment.json index b9491b13..9bd67f47 100644 --- a/src/schema/aws-m2-environment.json +++ b/src/schema/aws-m2-environment.json @@ -285,7 +285,13 @@ ], "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "m2:TagResource", + "m2:UntagResource", + "m2:ListTagsForResource" + ], "tagOnCreate": true, + "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, diff --git a/src/schema/aws-mediaconnect-flow.json b/src/schema/aws-mediaconnect-flow.json index 70f3a7af..f705c08c 100644 --- a/src/schema/aws-mediaconnect-flow.json +++ b/src/schema/aws-mediaconnect-flow.json @@ -6,6 +6,35 @@ "/properties/Source/Name" ], "definitions": { + "AudioMonitoringSetting": { + "additionalProperties": false, + "description": "Specifies the configuration for audio stream metrics monitoring.", + "properties": { + "SilentAudio": { + "$ref": "#/definitions/SilentAudio" + } + }, + "type": "object" + }, + "BlackFrames": { + "additionalProperties": false, + "description": "Configures settings for the BlackFrames metric.", + "properties": { + "State": { + "description": "Indicates whether the BlackFrames metric is enabled or disabled.", + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "ThresholdSeconds": { + "description": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "type": "integer" + } + }, + "type": "object" + }, "Encryption": { "additionalProperties": false, "description": "Information about the encryption of the flow.", @@ -168,6 +197,25 @@ }, "type": "object" }, + "FrozenFrames": { + "additionalProperties": false, + "description": "Configures settings for the FrozenFrames metric.", + "properties": { + "State": { + "description": "Indicates whether the FrozenFrames metric is enabled or disabled.", + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "ThresholdSeconds": { + "description": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "type": "integer" + } + }, + "type": "object" + }, "GatewayBridgeSource": { "additionalProperties": false, "description": "The source configuration for cloud flows receiving a stream from a bridge.", @@ -350,6 +398,25 @@ ], "type": "object" }, + "SilentAudio": { + "additionalProperties": false, + "description": "Configures settings for the SilentAudio metric.", + "properties": { + "State": { + "description": "Indicates whether the SilentAudio metric is enabled or disabled.", + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "ThresholdSeconds": { + "description": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "type": "integer" + } + }, + "type": "object" + }, "Source": { "additionalProperties": false, "description": "The settings for the source of the flow.", @@ -463,6 +530,21 @@ "additionalProperties": false, "description": "The settings for source monitoring.", "properties": { + "AudioMonitoringSettings": { + "description": "Contains the settings for audio stream metrics monitoring.", + "items": { + "$ref": "#/definitions/AudioMonitoringSetting" + }, + "type": "array" + }, + "ContentQualityAnalysisState": { + "description": "Indicates whether content quality analysis is enabled or disabled.", + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, "ThumbnailState": { "description": "The state of thumbnail monitoring.", "enum": [ @@ -470,11 +552,28 @@ "DISABLED" ], "type": "string" + }, + "VideoMonitoringSettings": { + "description": "Contains the settings for video stream metrics monitoring.", + "items": { + "$ref": "#/definitions/VideoMonitoringSetting" + }, + "type": "array" + } + }, + "type": "object" + }, + "VideoMonitoringSetting": { + "additionalProperties": false, + "description": "Specifies the configuration for video stream metrics monitoring.", + "properties": { + "BlackFrames": { + "$ref": "#/definitions/BlackFrames" + }, + "FrozenFrames": { + "$ref": "#/definitions/FrozenFrames" } }, - "required": [ - "ThumbnailState" - ], "type": "object" }, "VpcInterface": { diff --git a/src/schema/aws-msk-serverlesscluster.json b/src/schema/aws-msk-serverlesscluster.json index 3610bb27..1be026d3 100644 --- a/src/schema/aws-msk-serverlesscluster.json +++ b/src/schema/aws-msk-serverlesscluster.json @@ -149,6 +149,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "kafka:TagResource", + "kafka:UntagResource", + "kafka:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": false, diff --git a/src/schema/aws-neptunegraph-privategraphendpoint.json b/src/schema/aws-neptunegraph-privategraphendpoint.json index 21b288b8..97eafe06 100644 --- a/src/schema/aws-neptunegraph-privategraphendpoint.json +++ b/src/schema/aws-neptunegraph-privategraphendpoint.json @@ -51,7 +51,8 @@ "list": { "permissions": [ "neptune-graph:GetPrivateGraphEndpoint", - "neptune-graph:ListPrivateGraphEndpoints" + "neptune-graph:ListPrivateGraphEndpoints", + "neptune-graph:ListGraphs" ], "timeoutInMinutes": 2160 }, diff --git a/src/schema/aws-organizations-account.json b/src/schema/aws-organizations-account.json index 998bd283..e22c5326 100644 --- a/src/schema/aws-organizations-account.json +++ b/src/schema/aws-organizations-account.json @@ -34,6 +34,7 @@ "organizations:CreateAccount", "organizations:DescribeCreateAccountStatus", "organizations:MoveAccount", + "organizations:ListAccounts", "organizations:ListParents", "organizations:TagResource", "organizations:DescribeAccount", diff --git a/src/schema/aws-organizations-organizationalunit.json b/src/schema/aws-organizations-organizationalunit.json index eaeb6ee6..de6a0f1b 100644 --- a/src/schema/aws-organizations-organizationalunit.json +++ b/src/schema/aws-organizations-organizationalunit.json @@ -35,6 +35,7 @@ "organizations:CreateOrganizationalUnit", "organizations:DescribeOrganizationalUnit", "organizations:ListParents", + "organizations:ListOrganizationalUnitsForParent", "organizations:ListTagsForResource", "organizations:TagResource" ] diff --git a/src/schema/aws-organizations-policy.json b/src/schema/aws-organizations-policy.json index 1965bb8d..5fd0daa4 100644 --- a/src/schema/aws-organizations-policy.json +++ b/src/schema/aws-organizations-policy.json @@ -37,6 +37,7 @@ "organizations:CreatePolicy", "organizations:DescribePolicy", "organizations:AttachPolicy", + "organizations:ListPolicies", "organizations:ListTagsForResource", "organizations:ListTargetsForPolicy", "organizations:TagResource" diff --git a/src/schema/aws-panorama-applicationinstance.json b/src/schema/aws-panorama-applicationinstance.json index b1af6878..19031a57 100644 --- a/src/schema/aws-panorama-applicationinstance.json +++ b/src/schema/aws-panorama-applicationinstance.json @@ -312,7 +312,18 @@ "DefaultRuntimeContextDevice" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", - "taggable": true, + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "panorama:ListTagsForResource", + "panorama:TagResource", + "panorama:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Panorama::ApplicationInstance", "writeOnlyProperties": [ "/properties/ApplicationInstanceIdToReplace" diff --git a/src/schema/aws-panorama-package.json b/src/schema/aws-panorama-package.json index ed2a0a33..bec2ccc1 100644 --- a/src/schema/aws-panorama-package.json +++ b/src/schema/aws-panorama-package.json @@ -186,6 +186,17 @@ "PackageName" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", - "taggable": true, + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "panorama:ListTagsForResource", + "panorama:TagResource", + "panorama:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Panorama::Package" } diff --git a/src/schema/aws-panorama-packageversion.json b/src/schema/aws-panorama-packageversion.json index 6dadfd61..938d99fb 100644 --- a/src/schema/aws-panorama-packageversion.json +++ b/src/schema/aws-panorama-packageversion.json @@ -172,7 +172,6 @@ "PatchVersion" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-panorama.git", - "taggable": false, "typeName": "AWS::Panorama::PackageVersion", "writeOnlyProperties": [ "/properties/UpdatedLatestPatchVersion" diff --git a/src/schema/aws-pcs-cluster.json b/src/schema/aws-pcs-cluster.json index 7d0a1cb5..337680b0 100644 --- a/src/schema/aws-pcs-cluster.json +++ b/src/schema/aws-pcs-cluster.json @@ -202,7 +202,6 @@ }, "Name": { "description": "The name that identifies the cluster.", - "pattern": "^(?!pcs_)^(?![A-Za-z0-9]{10}$)[A-Za-z][A-Za-z0-9-]+$", "type": "string" }, "Networking": { diff --git a/src/schema/aws-pcs-computenodegroup.json b/src/schema/aws-pcs-computenodegroup.json index 3650d44d..de964e6a 100644 --- a/src/schema/aws-pcs-computenodegroup.json +++ b/src/schema/aws-pcs-computenodegroup.json @@ -212,7 +212,6 @@ }, "Name": { "description": "The name that identifies the compute node group.", - "pattern": "^(?!pcs_)^(?![A-Za-z0-9]{10}$)[A-Za-z][A-Za-z0-9-]+$", "type": "string" }, "PurchaseOption": { diff --git a/src/schema/aws-pcs-queue.json b/src/schema/aws-pcs-queue.json index d973b7c3..4f83b8e9 100644 --- a/src/schema/aws-pcs-queue.json +++ b/src/schema/aws-pcs-queue.json @@ -126,7 +126,6 @@ }, "Name": { "description": "The name that identifies the queue.", - "pattern": "^(?!pcs_)^(?![A-Za-z0-9]{10}$)[A-Za-z][A-Za-z0-9-]+$", "type": "string" }, "Status": { diff --git a/src/schema/aws-qbusiness-webexperience.json b/src/schema/aws-qbusiness-webexperience.json index 5299878b..9a223ffe 100644 --- a/src/schema/aws-qbusiness-webexperience.json +++ b/src/schema/aws-qbusiness-webexperience.json @@ -4,6 +4,32 @@ "/properties/ApplicationId" ], "definitions": { + "BrowserExtension": { + "enum": [ + "FIREFOX", + "CHROME" + ], + "type": "string" + }, + "BrowserExtensionConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledBrowserExtensions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/BrowserExtension" + }, + "maxItems": 2, + "minItems": 0, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "EnabledBrowserExtensions" + ], + "type": "object" + }, "CustomizationConfiguration": { "additionalProperties": false, "properties": { @@ -209,6 +235,9 @@ "pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$", "type": "string" }, + "BrowserExtensionConfiguration": { + "$ref": "#/definitions/BrowserExtensionConfiguration" + }, "CreatedAt": { "format": "date-time", "type": "string" diff --git a/src/schema/aws-quicksight-topic.json b/src/schema/aws-quicksight-topic.json index b3acd4ae..e5fde361 100644 --- a/src/schema/aws-quicksight-topic.json +++ b/src/schema/aws-quicksight-topic.json @@ -2,6 +2,7 @@ "additionalProperties": false, "createOnlyProperties": [ "/properties/AwsAccountId", + "/properties/FolderArns", "/properties/TopicId" ], "definitions": { @@ -390,7 +391,9 @@ "THOUSANDS", "MILLIONS", "BILLIONS", - "TRILLIONS" + "TRILLIONS", + "LAKHS", + "CRORES" ], "type": "string" }, @@ -684,6 +687,16 @@ ], "type": "object" }, + "TopicConfigOptions": { + "additionalProperties": false, + "description": "Model for configuration of a Topic", + "properties": { + "QBusinessInsightsEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, "TopicDateRangeFilter": { "additionalProperties": false, "properties": { @@ -700,6 +713,9 @@ "TopicDetails": { "additionalProperties": false, "properties": { + "ConfigOptions": { + "$ref": "#/definitions/TopicConfigOptions" + }, "DataSets": { "items": { "$ref": "#/definitions/DatasetMetadata" @@ -983,6 +999,9 @@ "pattern": "^[0-9]{12}$", "type": "string" }, + "ConfigOptions": { + "$ref": "#/definitions/TopicConfigOptions" + }, "DataSets": { "items": { "$ref": "#/definitions/DatasetMetadata" @@ -994,6 +1013,14 @@ "minLength": 0, "type": "string" }, + "FolderArns": { + "items": { + "type": "string" + }, + "maxItems": 20, + "minItems": 0, + "type": "array" + }, "Name": { "maxLength": 128, "minLength": 1, @@ -1018,5 +1045,8 @@ "tagUpdatable": false, "taggable": false }, - "typeName": "AWS::QuickSight::Topic" + "typeName": "AWS::QuickSight::Topic", + "writeOnlyProperties": [ + "/properties/FolderArns" + ] } diff --git a/src/schema/aws-ram-permission.json b/src/schema/aws-ram-permission.json index 4b2435a7..4c6bebab 100644 --- a/src/schema/aws-ram-permission.json +++ b/src/schema/aws-ram-permission.json @@ -121,7 +121,12 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ram", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "ram:TagResource", + "ram:UntagResource" + ], "tagOnCreate": true, + "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, diff --git a/src/schema/aws-rds-dbcluster.json b/src/schema/aws-rds-dbcluster.json index 8e66a5fe..e557ff2c 100644 --- a/src/schema/aws-rds-dbcluster.json +++ b/src/schema/aws-rds-dbcluster.json @@ -435,7 +435,7 @@ "type": "string" }, "PreferredMaintenanceWindow": { - "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", "type": "string" }, "PubliclyAccessible": { diff --git a/src/schema/aws-rds-dbinstance.json b/src/schema/aws-rds-dbinstance.json index 6981d691..493372c0 100644 --- a/src/schema/aws-rds-dbinstance.json +++ b/src/schema/aws-rds-dbinstance.json @@ -353,7 +353,7 @@ "uniqueItems": true }, "DBSnapshotIdentifier": { - "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties. For information about the properties that you can specify, see the ``RestoreDBInstanceFromDBSnapshot`` action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an unencrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster.", + "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties, and the point-in-time recovery properties ``RestoreTime`` and ``UseLatestRestorableTime``. For information about the properties that you can specify, see the [RestoreDBInstanceFromDBSnapshot](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an unencrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster.", "type": "string" }, "DBSubnetGroupName": { @@ -519,7 +519,7 @@ "type": "string" }, "PreferredMaintenanceWindow": { - "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window.", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window.", "type": "string" }, "ProcessorFeatures": { @@ -572,7 +572,7 @@ "type": "boolean" }, "StorageThroughput": { - "description": "Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora.", + "description": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora.", "type": "integer" }, "StorageType": { diff --git a/src/schema/aws-resiliencehub-app.json b/src/schema/aws-resiliencehub-app.json index 48624d49..866beca9 100644 --- a/src/schema/aws-resiliencehub-app.json +++ b/src/schema/aws-resiliencehub-app.json @@ -290,11 +290,6 @@ "PermissionModel": { "$ref": "#/definitions/PermissionModel" }, - "RegulatoryPolicyArn": { - "description": "Amazon Resource Name (ARN) of the Regulatory Policy.", - "pattern": "^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$", - "type": "string" - }, "ResiliencyPolicyArn": { "description": "Amazon Resource Name (ARN) of the Resiliency Policy.", "pattern": "^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$", diff --git a/src/schema/aws-resourcegroups-group.json b/src/schema/aws-resourcegroups-group.json index 05b97d06..bf5b5a94 100644 --- a/src/schema/aws-resourcegroups-group.json +++ b/src/schema/aws-resourcegroups-group.json @@ -202,7 +202,8 @@ "cloudFormationSystemTags": true, "permissions": [ "resource-groups:Tag", - "resource-groups:Untag" + "resource-groups:Untag", + "resource-groups:GetTags" ], "tagOnCreate": true, "tagProperty": "/properties/Tags", diff --git a/src/schema/aws-s3-bucket.json b/src/schema/aws-s3-bucket.json index 09ccd7db..1076f5bf 100644 --- a/src/schema/aws-s3-bucket.json +++ b/src/schema/aws-s3-bucket.json @@ -485,7 +485,7 @@ "uniqueItems": true }, "TransitionDefaultMinimumObjectSize": { - "description": "", + "description": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations.\n + ``all_storage_classes_128K`` - Objects smaller than 128 KB will not transition to any storage class by default.\n + ``varies_by_storage_class`` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. \n \n To customize the minimum object size for any transition you can add a filter that specifies a custom ``ObjectSizeGreaterThan`` or ``ObjectSizeLessThan`` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.", "enum": [ "varies_by_storage_class", "all_storage_classes_128K" @@ -517,6 +517,19 @@ }, "type": "object" }, + "MetadataTableConfiguration": { + "additionalProperties": false, + "description": "", + "properties": { + "S3TablesDestination": { + "$ref": "#/definitions/S3TablesDestination" + } + }, + "required": [ + "S3TablesDestination" + ], + "type": "object" + }, "Metrics": { "additionalProperties": false, "description": "A container specifying replication metrics-related settings enabling replication metrics and events.", @@ -1215,9 +1228,36 @@ ], "type": "object" }, + "S3TablesDestination": { + "additionalProperties": false, + "description": "", + "properties": { + "TableArn": { + "description": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the aws_s3_metadata namespace in the destination table bucket.", + "type": "string" + }, + "TableBucketArn": { + "description": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.", + "type": "string" + }, + "TableName": { + "description": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the aws_s3_metadata namespace in the destination table bucket.", + "type": "string" + }, + "TableNamespace": { + "description": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always aws_s3_metadata.", + "type": "string" + } + }, + "required": [ + "TableBucketArn", + "TableName" + ], + "type": "object" + }, "ServerSideEncryptionByDefault": { "additionalProperties": false, - "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html).\n + *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key (``aws/s3``) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. \n + *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. The [managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (``aws/s3``) isn't supported. \n + *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.", + "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html).\n + *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key (``aws/s3``) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. \n + *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (``aws/s3``) isn't supported. \n + *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.", "properties": { "KMSMasterKeyID": { "description": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. \n + *General purpose buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n + *Directory buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms``.\n \n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n + *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n + *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.\n \n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.", @@ -1321,7 +1361,7 @@ }, "TagFilter": { "additionalProperties": false, - "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.", + "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket. For more information, see [Categorizing your storage using tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html) in the *Amazon Simple Storage Service User Guide*.", "properties": { "Key": { "description": "The tag key.", @@ -1436,7 +1476,7 @@ "description": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC." }, "TransitionInDays": { - "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.", + "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE``, valid values are ``0`` or positive integers. If the specified storage class is ``STANDARD_IA`` or ``ONEZONE_IA``, valid values are positive integers greater than ``30``. Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide*.", "type": "integer" } }, @@ -1525,7 +1565,15 @@ "s3:PutBucketVersioning", "s3:PutObjectLockConfiguration", "s3:PutBucketOwnershipControls", - "s3:PutIntelligentTieringConfiguration" + "s3:PutIntelligentTieringConfiguration", + "s3:GetBucketMetadataTableConfiguration", + "s3:CreateBucketMetadataTableConfiguration", + "s3tables:CreateNamespace", + "s3tables:CreateTable", + "s3tables:GetTable", + "s3tables:PutTablePolicy", + "s3tables:GetTableMetadataLocation", + "s3tables:UpdateTableMetadataLocation" ] }, "delete": { @@ -1559,6 +1607,7 @@ "s3:GetBucketTagging", "s3:GetBucketOwnershipControls", "s3:GetIntelligentTieringConfiguration", + "s3:GetBucketMetadataTableConfiguration", "s3:ListBucket" ] }, @@ -1576,6 +1625,15 @@ "s3:PutBucketReplication", "s3:PutBucketWebsite", "s3:PutAccelerateConfiguration", + "s3:GetBucketMetadataTableConfiguration", + "s3:DeleteBucketMetadataTableConfiguration", + "s3:CreateBucketMetadataTableConfiguration", + "s3tables:CreateNamespace", + "s3tables:CreateTable", + "s3tables:GetTable", + "s3tables:PutTablePolicy", + "s3tables:GetTableMetadataLocation", + "s3tables:UpdateTableMetadataLocation", "s3:PutBucketPublicAccessBlock", "s3:PutReplicationConfiguration", "s3:PutBucketOwnershipControls", @@ -1639,7 +1697,7 @@ "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*." }, "BucketName": { - "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "type": "string" }, "CorsConfiguration": { @@ -1686,6 +1744,10 @@ "$ref": "#/definitions/LoggingConfiguration", "description": "Settings that define where logs are stored." }, + "MetadataTableConfiguration": { + "$ref": "#/definitions/MetadataTableConfiguration", + "description": "" + }, "MetricsConfigurations": { "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).", "insertionOrder": true, @@ -1701,7 +1763,7 @@ }, "ObjectLockConfiguration": { "$ref": "#/definitions/ObjectLockConfiguration", - "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)." + "description": "This operation is not supported for directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)." }, "ObjectLockEnabled": { "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.", @@ -1762,10 +1824,17 @@ "/properties/DomainName", "/properties/DualStackDomainName", "/properties/RegionalDomainName", + "/properties/MetadataTableConfiguration/S3TablesDestination/TableNamespace", + "/properties/MetadataTableConfiguration/S3TablesDestination/TableArn", "/properties/WebsiteURL" ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "s3:PutBucketTagging", + "s3:GetBucketTagging", + "s3:DeleteBucketTagging" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-sagemaker-featuregroup.json b/src/schema/aws-sagemaker-featuregroup.json index be19975a..511bceb7 100644 --- a/src/schema/aws-sagemaker-featuregroup.json +++ b/src/schema/aws-sagemaker-featuregroup.json @@ -350,6 +350,11 @@ ], "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "sagemaker:AddTags", + "sagemaker:ListTags", + "sagemaker:DeleteTags" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": false, diff --git a/src/schema/aws-sagemaker-image.json b/src/schema/aws-sagemaker-image.json index 2a3c9e78..b3168ce2 100644 --- a/src/schema/aws-sagemaker-image.json +++ b/src/schema/aws-sagemaker-image.json @@ -143,6 +143,11 @@ ], "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "sagemaker:AddTags", + "sagemaker:ListTags", + "sagemaker:DeleteTags" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-sagemaker-pipeline.json b/src/schema/aws-sagemaker-pipeline.json index 84929036..fb6be1dd 100644 --- a/src/schema/aws-sagemaker-pipeline.json +++ b/src/schema/aws-sagemaker-pipeline.json @@ -173,5 +173,17 @@ "PipelineDefinition", "RoleArn" ], + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "sagemaker:AddTags", + "sagemaker:ListTags", + "sagemaker:DeleteTags" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::SageMaker::Pipeline" } diff --git a/src/schema/aws-securityhub-hub.json b/src/schema/aws-securityhub-hub.json index 321cd2f4..53637684 100644 --- a/src/schema/aws-securityhub-hub.json +++ b/src/schema/aws-securityhub-hub.json @@ -89,6 +89,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securityhub", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "securityhub:ListTagsForResource", + "securityhub:TagResource", + "securityhub:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-signer-profilepermission.json b/src/schema/aws-signer-profilepermission.json index 4cfd5775..c3d673db 100644 --- a/src/schema/aws-signer-profilepermission.json +++ b/src/schema/aws-signer-profilepermission.json @@ -73,5 +73,11 @@ "StatementId" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, "typeName": "AWS::Signer::ProfilePermission" } diff --git a/src/schema/aws-signer-signingprofile.json b/src/schema/aws-signer-signingprofile.json index 58374113..9f2480c4 100644 --- a/src/schema/aws-signer-signingprofile.json +++ b/src/schema/aws-signer-signingprofile.json @@ -148,5 +148,17 @@ "PlatformId" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "signer:TagResource", + "signer:UntagResource", + "signer:ListTagsForResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Signer::SigningProfile" } diff --git a/src/schema/aws-ssmincidents-replicationset.json b/src/schema/aws-ssmincidents-replicationset.json index 0f290db3..1baa34d2 100644 --- a/src/schema/aws-ssmincidents-replicationset.json +++ b/src/schema/aws-ssmincidents-replicationset.json @@ -16,7 +16,9 @@ "description": "The ReplicationSet regional configuration.", "properties": { "SseKmsKeyId": { - "$ref": "#/definitions/Arn" + "description": "The AWS Key Management Service key ID or Key Alias to use to encrypt your replication set.", + "maxLength": 2048, + "type": "string" } }, "required": [ @@ -155,6 +157,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm-incidents.git", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "ssm-incidents:TagResource", + "ssm-incidents:UntagResource", + "ssm-incidents:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-ssmincidents-responseplan.json b/src/schema/aws-ssmincidents-responseplan.json index 227ec97c..0ccf938d 100644 --- a/src/schema/aws-ssmincidents-responseplan.json +++ b/src/schema/aws-ssmincidents-responseplan.json @@ -452,6 +452,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm-incidents.git", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "ssm-incidents:TagResource", + "ssm-incidents:UntagResource", + "ssm-incidents:ListTagsForResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-sso-application.json b/src/schema/aws-sso-application.json index 7bdeb2e7..d7225276 100644 --- a/src/schema/aws-sso-application.json +++ b/src/schema/aws-sso-application.json @@ -80,7 +80,8 @@ "permissions": [ "sso:CreateApplication", "sso:DescribeApplication", - "sso:TagResource" + "sso:TagResource", + "sso:ListTagsForResource" ] }, "delete": { @@ -100,7 +101,8 @@ ] }, "permissions": [ - "sso:ListApplications" + "sso:ListApplications", + "sso:ListTagsForResource" ] }, "read": { @@ -191,6 +193,10 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sso/aws-sso-application", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "sso:TagResource", + "sso:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-timestream-database.json b/src/schema/aws-timestream-database.json index 6a9de39d..51c2d4cd 100644 --- a/src/schema/aws-timestream-database.json +++ b/src/schema/aws-timestream-database.json @@ -95,5 +95,17 @@ "/properties/Arn" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "timestream:TagResource", + "timestream:ListTagsForResource", + "timestream:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Timestream::Database" } diff --git a/src/schema/aws-timestream-influxdbinstance.json b/src/schema/aws-timestream-influxdbinstance.json index b1fce7f8..34c9f4a7 100644 --- a/src/schema/aws-timestream-influxdbinstance.json +++ b/src/schema/aws-timestream-influxdbinstance.json @@ -6,13 +6,12 @@ "/properties/Password", "/properties/Organization", "/properties/Bucket", - "/properties/DbInstanceType", "/properties/VpcSubnetIds", "/properties/VpcSecurityGroupIds", "/properties/PubliclyAccessible", "/properties/DbStorageType", "/properties/AllocatedStorage", - "/properties/DeploymentType" + "/properties/NetworkType" ], "definitions": { "Tag": { @@ -88,7 +87,9 @@ "timestream-influxdb:UpdateDbInstance", "timestream-influxdb:TagResource", "timestream-influxdb:UntagResource", - "timestream-influxdb:ListTagsForResource" + "timestream-influxdb:ListTagsForResource", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs" ], "timeoutInMinutes": 2160 } @@ -211,7 +212,15 @@ "description": "The unique name that is associated with the InfluxDB instance.", "maxLength": 40, "minLength": 3, - "pattern": "^[a-zA-z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$", + "pattern": "^[a-zA-Z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$", + "type": "string" + }, + "NetworkType": { + "description": "Network type of the InfluxDB Instance.", + "enum": [ + "IPV4", + "DUAL" + ], "type": "string" }, "Organization": { @@ -227,6 +236,12 @@ "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "Port": { + "description": "The port number on which InfluxDB accepts connections.", + "maximum": 65535, + "minimum": 1024, + "type": "integer" + }, "PubliclyAccessible": { "default": false, "description": "Attach a public IP to the customer ENI.", @@ -244,6 +259,8 @@ "DELETING", "MODIFYING", "UPDATING", + "UPDATING_DEPLOYMENT_TYPE", + "UPDATING_INSTANCE_TYPE", "DELETED", "FAILED" ], @@ -299,6 +316,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git", "tagging": { "cloudFormationSystemTags": true, + "permissions": [ + "timestream-influxdb:TagResource", + "timestream-influxdb:ListTagsForResource", + "timestream-influxdb:UntagResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/schema/aws-timestream-scheduledquery.json b/src/schema/aws-timestream-scheduledquery.json index 68526369..a7d68c33 100644 --- a/src/schema/aws-timestream-scheduledquery.json +++ b/src/schema/aws-timestream-scheduledquery.json @@ -542,5 +542,17 @@ "ErrorReportConfiguration" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "timestream:TagResource", + "timestream:ListTagsForResource", + "timestream:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Timestream::ScheduledQuery" } diff --git a/src/schema/aws-timestream-table.json b/src/schema/aws-timestream-table.json index 8102afdc..ca9dd7ab 100644 --- a/src/schema/aws-timestream-table.json +++ b/src/schema/aws-timestream-table.json @@ -236,5 +236,17 @@ "DatabaseName" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "timestream:TagResource", + "timestream:ListTagsForResource", + "timestream:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Timestream::Table" } diff --git a/src/utils_test.go b/src/utils_test.go index c2082d40..d2d2d673 100644 --- a/src/utils_test.go +++ b/src/utils_test.go @@ -25,6 +25,7 @@ func Test_randSeq(t *testing.T) { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() + if got := pike.RandSeq(tt.args.n); len(got) != tt.want { t.Errorf("RandSeq() = %v, want %v", got, tt.want) } diff --git a/src/watch.go b/src/watch.go index 081ad8b7..49076740 100644 --- a/src/watch.go +++ b/src/watch.go @@ -3,7 +3,6 @@ package pike import ( "context" "encoding/json" - "errors" "fmt" "net/url" "reflect" @@ -69,7 +68,13 @@ func WaitForPolicyChange(client *iam.Client, arn string, version string, wait, p log.Print("Not equal") } - return wait, errors.New("wait expired with no change") + return wait, &waitExpiredError{} +} + +type waitExpiredError struct{} + +func (e *waitExpiredError) Error() string { + return "wait expired with no change" } // GetVersion gets the version of the IAM policy. @@ -115,18 +120,25 @@ func GetPolicyVersion(client *iam.Client, policyArn string, version string) (*st return fixed, err } +type castToListOfInterfaceError struct{} + +func (e *castToListOfInterfaceError) Error() string { + return "failed to convert to list of interfaces" +} + // SortActions sorts the actions list of an IAM policy. func SortActions(myPolicy string) (*string, error) { var raw map[string]interface{} err := json.Unmarshal([]byte(myPolicy), &raw) + if err != nil { - return nil, err + return nil, &unmarshallJSONError{err, myPolicy} } Statements, ok := raw["Statement"].([]interface{}) if !ok { - return nil, fmt.Errorf("failed to assert list of interface for Statements") + return nil, &castToListOfInterfaceError{} } var NewStatements []interface{} @@ -160,13 +172,14 @@ func SortActions(myPolicy string) (*string, error) { } fixed, err := json.Marshal(raw) + if err != nil { return nil, &marshallPolicyError{err} } result := string(fixed) - return &result, err + return &result, nil } func sortInterfaceStrings(actions interface{}) []string { diff --git a/terraform/aws/backup/aws_mskconnect_connector.tf b/terraform/aws/backup/aws_mskconnect_connector.tf new file mode 100644 index 00000000..23575f2f --- /dev/null +++ b/terraform/aws/backup/aws_mskconnect_connector.tf @@ -0,0 +1 @@ +resource "aws_mskconnect_connector" "pike" {}