feat: update L1 CloudFormation resource definitions

[aws-cdk-automation]

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-aiops
│ └ resources
│    └[~]  resource AWS::AIOps::InvestigationGroup
│       ├      - documentation: Creates an *investigation group* in your account. Creating an investigation group is a one-time setup task for each Region in your account. It is a necessary task to be able to perform investigations.
│       │      Settings in the investigation group help you centrally manage the common properties of your investigations, such as the following:
│       │      - Who can access the investigations
│       │      - Whether investigation data is encrypted with a customer managed AWS Key Management Service key.
│       │      - How long investigations and their data are retained by default.
│       │      Currently, you can have one investigation group in each Region in your account. Each investigation in a Region is a part of the investigation group in that Region
│       │      To create an investigation group and set up CloudWatch investigations, you must be signed in to an IAM principal that has the either the `AIOpsConsoleAdminPolicy` or the `AdministratorAccess` IAM policy attached, or to an account that has similar permissions.
│       │      > You can configure CloudWatch alarms to start investigations and add events to investigations. If you create your investigation group with `CreateInvestigationGroup` and you want to enable alarms to do this, you must use `PutInvestigationGroupPolicy` to create a resource policy that grants this permission to CloudWatch alarms.
│       │      > 
│       │      > For more information about configuring CloudWatch alarms to work with CloudWatch investigations, see
│       │      + documentation: Creates an *investigation group* in your account. Creating an investigation group is a one-time setup task for each Region in your account. It is a necessary task to be able to perform investigations.
│       │      Settings in the investigation group help you centrally manage the common properties of your investigations, such as the following:
│       │      - Who can access the investigations
│       │      - Whether investigation data is encrypted with a customer managed AWS Key Management Service key.
│       │      - How long investigations and their data are retained by default.
│       │      Currently, you can have one investigation group in each Region in your account. Each investigation in a Region is a part of the investigation group in that Region
│       │      To create an investigation group and set up CloudWatch investigations, you must be signed in to an IAM principal that has either the `AIOpsConsoleAdminPolicy` or the `AdministratorAccess` IAM policy attached, or to an account that has similar permissions.
│       │      > You can configure CloudWatch alarms to start investigations and add events to investigations. If you create your investigation group with `CreateInvestigationGroup` and you want to enable alarms to do this, you must use `PutInvestigationGroupPolicy` to create a resource policy that grants this permission to CloudWatch alarms.
│       │      > 
│       │      > For more information about configuring CloudWatch alarms, see [Using Amazon CloudWatch alarms](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html)
│       └ properties
│          ├ CrossAccountConfigurations: (documentation changed)
│          ├ InvestigationGroupPolicy: (documentation changed)
│          └ Name: (documentation changed)
├[~] service aws-amazonmq
│ └ resources
│    └[~]  resource AWS::AmazonMQ::Broker
│       ├ attributes
│       │  └[+] ConsoleURLs: Array<string>
│       └ types
│          └[~] type User
│            └ properties
│               └[-] JolokiaApiAccess: string
├[~] service aws-appstream
│ └ resources
│    ├[~]  resource AWS::AppStream::Fleet
│    │  └ properties
│    │     └ InstanceType: (documentation changed)
│    └[~]  resource AWS::AppStream::ImageBuilder
│       └ properties
│          └ InstanceType: (documentation changed)
├[~] service aws-billing
│ └ resources
│    └[~]  resource AWS::Billing::BillingView
│       └ properties
│          └ Name: (documentation changed)
├[~] service aws-certificatemanager
│ └ resources
│    └[~]  resource AWS::CertificateManager::Certificate
│       └ properties
│          └[+] CertificateExport: string
├[~] service aws-cloudfront
│ └ resources
│    ├[~]  resource AWS::CloudFront::CachePolicy
│    │  └ types
│    │     └[~] type CachePolicyConfig
│    │       └      - documentation: A cache policy configuration.
│    │              This configuration determines the following:
│    │              - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
│    │              - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.
│    │              The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but *not* include them in the cache key, use `OriginRequestPolicy` .
│    │              + documentation: A cache policy configuration.
│    │              This configuration determines the following:
│    │              - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
│    │              - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.
│    │              > If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the `Cache-Control: no-cache` , `no-store` , or `private` directives are present in the origin headers.
│    │              The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but *not* include them in the cache key, use `OriginRequestPolicy` .
│    └[~]  resource AWS::CloudFront::Distribution
│       └ types
│          ├[~] type CacheBehavior
│          │ └      - documentation: A complex type that describes how CloudFront processes requests.
│          │        You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.
│          │        For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see [Quotas](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) in the *Amazon CloudFront Developer Guide* .
│          │        If you don't want to specify any cache behaviors, include only an empty `CacheBehaviors` element. Don't specify an empty individual `CacheBehavior` element, because this is invalid. For more information, see [CacheBehaviors](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CacheBehaviors.html) .
│          │        To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty `CacheBehaviors` element.
│          │        To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.
│          │        For more information about cache behaviors, see [Cache Behavior Settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior) in the *Amazon CloudFront Developer Guide* .
│          │        + documentation: A complex type that describes how CloudFront processes requests.
│          │        You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.
│          │        For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see [Quotas](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) in the *Amazon CloudFront Developer Guide* .
│          │        If you don't want to specify any cache behaviors, include only an empty `CacheBehaviors` element. Don't specify an empty individual `CacheBehavior` element, because this is invalid. For more information, see [CacheBehaviors](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CacheBehaviors.html) .
│          │        To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty `CacheBehaviors` element.
│          │        To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.
│          │        > If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the `Cache-Control: no-cache` , `no-store` , or `private` directives are present in the origin headers. 
│          │        For more information about cache behaviors, see [Cache Behavior Settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior) in the *Amazon CloudFront Developer Guide* .
│          ├[~] type DefaultCacheBehavior
│          │ └      - documentation: A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if request URLs don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.
│          │        + documentation: A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if request URLs don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.
│          │        > If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the `Cache-Control: no-cache` , `no-store` , or `private` directives are present in the origin headers.
│          └[~] type DistributionConfig
│            └ properties
│               └ ConnectionMode: (documentation changed)
├[~] service aws-connect
│ └ resources
│    ├[~]  resource AWS::Connect::EvaluationForm
│    │  └ types
│    │     └[~] type AutoEvaluationConfiguration
│    │       └ properties
│    │          └ Enabled: (documentation changed)
│    └[~]  resource AWS::Connect::Instance
│       └ types
│          └[~] type Attributes
│            └ properties
│               ├[+] EnhancedChatMonitoring: boolean
│               ├[+] EnhancedContactMonitoring: boolean
│               ├[+] HighVolumeOutBound: boolean
│               ├[+] MultiPartyChatConference: boolean
│               └[+] MultiPartyConference: boolean
├[~] service aws-customerprofiles
│ └ resources
│    ├[~]  resource AWS::CustomerProfiles::CalculatedAttributeDefinition
│    │  ├      - documentation: A calculated attribute definition for Customer Profiles
│    │  │      + documentation: A calculated attribute definition for Customer Profiles.
│    │  └ types
│    │     ├[~] type Range
│    │     │ └ properties
│    │     │    ├ TimestampFormat: (documentation changed)
│    │     │    ├ TimestampSource: (documentation changed)
│    │     │    └ ValueRange: (documentation changed)
│    │     ├[~] type Readiness
│    │     │ ├      - documentation: The readiness status of the calculated attribute.
│    │     │ │      + documentation: Information indicating if the Calculated Attribute is ready for use by confirming all historical data has been processed and reflected.
│    │     │ └ properties
│    │     │    ├ Message: (documentation changed)
│    │     │    └ ProgressPercentage: (documentation changed)
│    │     └[~] type ValueRange
│    │       ├      - documentation: A structure specifying the endpoints of the relative time period over which data is included in the aggregation.
│    │       │      + documentation: A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value.
│    │       └ properties
│    │          ├ End: (documentation changed)
│    │          └ Start: (documentation changed)
│    └[~]  resource AWS::CustomerProfiles::SegmentDefinition
│       └ types
│          ├[~] type ProfileAttributes
│          │ └ properties
│          │    └ ProfileType: (documentation changed)
│          └[~] type ProfileTypeDimension
│            └ properties
│               ├ DimensionType: (documentation changed)
│               └ Values: (documentation changed)
├[~] service aws-docdb
│ └ resources
│    └[~]  resource AWS::DocDB::DBCluster
│       └ properties
│          └ GlobalClusterIdentifier: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~]  resource AWS::EC2::CapacityReservation
│    │  └ properties
│    │     ├ InstanceCount: (documentation changed)
│    │     └ InstanceType: (documentation changed)
│    ├[~]  resource AWS::EC2::Instance
│    │  └ properties
│    │     └ KeyName: (documentation changed)
│    └[~]  resource AWS::EC2::TrafficMirrorSession
│       ├ properties
│       │  └[+] OwnerId: string
│       └ attributes
│          └ Id: (documentation changed)
├[~] service aws-ecs
│ └ resources
│    └[~]  resource AWS::ECS::Service
│       └ types
│          ├[+]  type AdvancedConfiguration
│          │  ├      documentation: The advanced settings for a load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments. For more information, see [Required resources for Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-deployment-implementation.html) in the *Amazon Elastic Container Service Developer Guide* .
│          │  │      name: AdvancedConfiguration
│          │  └ properties
│          │     ├ TestListenerRule: string
│          │     ├ AlternateTargetGroupArn: string (required)
│          │     ├ ProductionListenerRule: string
│          │     └ RoleArn: string
│          ├[~] type DeploymentConfiguration
│          │ └ properties
│          │    ├[+] BakeTimeInMinutes: integer
│          │    ├[+] LifecycleHooks: Array<DeploymentLifecycleHook>
│          │    └[+] Strategy: string
│          ├[+]  type DeploymentLifecycleHook
│          │  ├      documentation: A deployment lifecycle hook runs custom logic at specific stages of the deployment process. Currently, you can use Lambda functions as hook targets.
│          │  │      For more information, see [Lifecycle hooks for Amazon ECS service deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-lifecycle-hooks.html) in the *Amazon Elastic Container Service Developer Guide* .
│          │  │      name: DeploymentLifecycleHook
│          │  └ properties
│          │     ├ LifecycleStages: Array<string> (required)
│          │     ├ HookTargetArn: string (required)
│          │     └ RoleArn: string (required)
│          ├[~] type LoadBalancer
│          │ └ properties
│          │    └[+] AdvancedConfiguration: AdvancedConfiguration
│          ├[~] type ServiceConnectClientAlias
│          │ └ properties
│          │    └[+] TestTrafficRules: ServiceConnectTestTrafficRules
│          ├[+]  type ServiceConnectTestTrafficRules
│          │  ├      documentation: The test traffic routing configuration for Amazon ECS blue/green deployments. This configuration allows you to define rules for routing specific traffic to the new service revision during the deployment process, allowing for safe testing before full production traffic shift.
│          │  │      For more information, see [Service Connect for Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect-blue-green.html) in the *Amazon Elastic Container Service Developer Guide* .
│          │  │      name: ServiceConnectTestTrafficRules
│          │  └ properties
│          │     └ Header: ServiceConnectTestTrafficRulesHeader (required)
│          ├[+]  type ServiceConnectTestTrafficRulesHeader
│          │  ├      name: ServiceConnectTestTrafficRulesHeader
│          │  └ properties
│          │     ├ Value: ServiceConnectTestTrafficRulesHeaderValue
│          │     └ Name: string (required)
│          └[+]  type ServiceConnectTestTrafficRulesHeaderValue
│             ├      name: ServiceConnectTestTrafficRulesHeaderValue
│             └ properties
│                └ Exact: string (required)
├[~] service aws-events
│ └ resources
│    └[~]  resource AWS::Events::EventBus
│       ├ properties
│       │  └[+] LogConfig: LogConfig
│       └ types
│          └[+]  type LogConfig
│             ├      documentation: The logging configuration settings for the event bus.
│             │      For more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .
│             │      name: LogConfig
│             └ properties
│                ├ IncludeDetail: string
│                └ Level: string
├[~] service aws-gamelift
│ └ resources
│    └[~]  resource AWS::GameLift::ContainerFleet
│       └ types
│          └[~] type LocationCapacity
│            └ properties
│               └ DesiredEC2Instances: (documentation changed)
├[~] service aws-guardduty
│ └ resources
│    ├[~]  resource AWS::GuardDuty::IPSet
│    │  └ properties
│    │     └[+] ExpectedBucketOwner: string
│    └[~]  resource AWS::GuardDuty::ThreatIntelSet
│       └ properties
│          └[+] ExpectedBucketOwner: string
├[~] service aws-kinesisfirehose
│ └ resources
│    └[~]  resource AWS::KinesisFirehose::DeliveryStream
│       └ types
│          ├[~] type CatalogConfiguration
│          │ └ properties
│          │    └[+] WarehouseLocation: string
│          ├[~] type DestinationTableConfiguration
│          │ └ properties
│          │    └[+] PartitionSpec: PartitionSpec
│          ├[~] type IcebergDestinationConfiguration
│          │ └ properties
│          │    ├[+] SchemaEvolutionConfiguration: SchemaEvolutionConfiguration
│          │    └[+] TableCreationConfiguration: TableCreationConfiguration
│          ├[+]  type PartitionField
│          │  ├      documentation: Represents a single field in a `PartitionSpec` .
│          │  │      Amazon Data Firehose is in preview release and is subject to change.
│          │  │      name: PartitionField
│          │  └ properties
│          │     └ SourceName: string (required)
│          ├[+]  type PartitionSpec
│          │  ├      documentation: Represents how to produce partition data for a table. Partition data is produced by transforming columns in a table. Each column transform is represented by a named `PartitionField` .
│          │  │      Here is an example of the schema in JSON.
│          │  │      `"partitionSpec": { "identity": [ {"sourceName": "column1"}, {"sourceName": "column2"}, {"sourceName": "column3"} ] }`
│          │  │      Amazon Data Firehose is in preview release and is subject to change.
│          │  │      name: PartitionSpec
│          │  └ properties
│          │     └ Identity: Array<PartitionField>
│          ├[+]  type SchemaEvolutionConfiguration
│          │  ├      documentation: The configuration to enable schema evolution.
│          │  │      Amazon Data Firehose is in preview release and is subject to change.
│          │  │      name: SchemaEvolutionConfiguration
│          │  └ properties
│          │     └ Enabled: boolean
│          └[+]  type TableCreationConfiguration
│             ├      documentation: The configuration to enable automatic table creation.
│             │      Amazon Data Firehose is in preview release and is subject to change.
│             │      name: TableCreationConfiguration
│             └ properties
│                └ Enabled: boolean
├[~] service aws-mediapackagev2
│ └ resources
│    └[~]  resource AWS::MediaPackageV2::OriginEndpoint
│       └ types
│          ├[+]  type DashBaseUrl
│          │  ├      documentation: The base URLs to use for retrieving segments. You can specify multiple locations and indicate the priority and weight for when each should be used, for use in mutli-CDN workflows.
│          │  │      name: DashBaseUrl
│          │  └ properties
│          │     ├ Url: string (required)
│          │     ├ ServiceLocation: string
│          │     ├ DvbPriority: integer
│          │     └ DvbWeight: integer
│          ├[+]  type DashDvbFontDownload
│          │  ├      documentation: For use with DVB-DASH profiles only. The settings for font downloads that you want AWS Elemental MediaPackage to pass through to the manifest.
│          │  │      name: DashDvbFontDownload
│          │  └ properties
│          │     ├ Url: string
│          │     ├ MimeType: string
│          │     └ FontFamily: string
│          ├[+]  type DashDvbMetricsReporting
│          │  ├      documentation: For use with DVB-DASH profiles only. The settings for error reporting from the playback device that you want AWS Elemental MediaPackage to pass through to the manifest.
│          │  │      name: DashDvbMetricsReporting
│          │  └ properties
│          │     ├ ReportingUrl: string (required)
│          │     └ Probability: integer
│          ├[+]  type DashDvbSettings
│          │  ├      documentation: For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.
│          │  │      name: DashDvbSettings
│          │  └ properties
│          │     ├ FontDownload: DashDvbFontDownload
│          │     └ ErrorMetrics: Array<DashDvbMetricsReporting>
│          ├[~] type DashManifestConfiguration
│          │ └ properties
│          │    ├[+] BaseUrls: Array<DashBaseUrl>
│          │    ├[+] Compactness: string
│          │    ├[+] DvbSettings: DashDvbSettings
│          │    ├[+] Profiles: Array<string>
│          │    ├[+] ProgramInformation: DashProgramInformation
│          │    └[+] SubtitleConfiguration: DashSubtitleConfiguration
│          ├[+]  type DashProgramInformation
│          │  ├      documentation: Details about the content that you want MediaPackage to pass through in the manifest to the playback device.
│          │  │      name: DashProgramInformation
│          │  └ properties
│          │     ├ Title: string
│          │     ├ Source: string
│          │     ├ Copyright: string
│          │     ├ LanguageCode: string
│          │     └ MoreInformationUrl: string
│          ├[+]  type DashSubtitleConfiguration
│          │  ├      documentation: The configuration for DASH subtitles.
│          │  │      name: DashSubtitleConfiguration
│          │  └ properties
│          │     └ TtmlConfiguration: DashTtmlConfiguration
│          └[+]  type DashTtmlConfiguration
│             ├      documentation: The settings for TTML subtitles.
│             │      name: DashTtmlConfiguration
│             └ properties
│                └ TtmlProfile: string (required)
├[~] service aws-omics
│ └ resources
│    ├[~]  resource AWS::Omics::RunGroup
│    │  └      - documentation: You can optionally create a run group to limit the compute resources for the runs that you add to the group.
│    │         + documentation: Creates a run group to limit the compute resources for the runs that are added to the group. Returns an ARN, ID, and tags for the run group.
│    ├[~]  resource AWS::Omics::Workflow
│    │  ├      - documentation: Creates a private workflow.Private workflows depend on a variety of resources that you create and configure before creating the workflow:
│    │  │      - *Input data* : Input data for the workflow, stored in an S3 bucket or a AWS HealthOmics sequence store.
│    │  │      - *Workflow definition files* : Define your workflow in one or more workflow definition files, written in WDL, Nextflow, or CWL. The workflow definition specifies the inputs and outputs for runs that use the workflow. It also includes specifications for the runs and run tasks for your workflow, including compute and memory requirements.
│    │  │      - (Optional) *Parameter template* - You can create a parameter template file that defines the run parameters, or AWS HealthOmics can generate the parameter template for you.
│    │  │      - *ECR container images* : Create one or more container images for the workflow. Store the images in a private ECR repository.
│    │  │      - (Optional) *Sentieon licenses* : Request a Sentieon license if you plan to use Sentieon software in a private workflow.
│    │  │      For more information, see [Creating or updating a private workflow in AWS HealthOmics](https://docs.aws.amazon.com/omics/latest/dev/creating-private-workflows.html) in the AWS HealthOmics User Guide.
│    │  │      + documentation: Creates a private workflow. Before you create a private workflow, you must create and configure these required resources:
│    │  │      - *Workflow definition files* : Define your workflow in one or more workflow definition files, written in WDL, Nextflow, or CWL. The workflow definition specifies the inputs and outputs for runs that use the workflow. It also includes specifications for the runs and run tasks for your workflow, including compute and memory requirements. The workflow definition file must be in .zip format.
│    │  │      - (Optional) *Parameter template* : You can create a parameter template file that defines the run parameters, or AWS HealthOmics can generate the parameter template for you.
│    │  │      - *ECR container images* : Create one or more container images for the workflow. Store the images in a private ECR repository.
│    │  │      - (Optional) *Sentieon licenses* : Request a Sentieon license if using the Sentieon software in a private workflow.
│    │  │      For more information, see [Creating or updating a private workflow in AWS HealthOmics](https://docs.aws.amazon.com/omics/latest/dev/creating-private-workflows.html) in the *AWS HealthOmics User Guide* .
│    │  └ properties
│    │     └ StorageCapacity: (documentation changed)
│    └[~]  resource AWS::Omics::WorkflowVersion
│       └      - documentation: Creates a new workflow version for the workflow that you specify with the `workflowId` parameter.
│              When you create a new version of a workflow, you need to specify the configuration for the new version. It doesn't inherit any configuration values from the workflow.
│              Provide a version name that is unique for this workflow. You cannot change the name after HealthOmics creates the version.
│              > Don’t include any personally identifiable information (PII) in the version name. Version names appear in the workflow version ARN. 
│              For more information, see [Workflow versioning in AWS HealthOmics](https://docs.aws.amazon.com/omics/latest/dev/workflow-versions.html) in the AWS HealthOmics User Guide.
│              + documentation: Creates a new workflow version for the workflow that you specify with the `workflowId` parameter.
│              When you create a new version of a workflow, you need to specify the configuration for the new version. It doesn't inherit any configuration values from the workflow.
│              Provide a version name that is unique for this workflow. You cannot change the name after HealthOmics creates the version.
│              > Don’t include any personally identifiable information (PII) in the version name. Version names appear in the workflow version ARN. 
│              For more information, see [Workflow versioning in AWS HealthOmics](https://docs.aws.amazon.com/omics/latest/dev/workflow-versions.html) in the *AWS HealthOmics User Guide* .
├[~] service aws-quicksight
│ └ resources
│    ├[~]  resource AWS::QuickSight::DataSource
│    │  └ types
│    │     ├[~] type AthenaParameters
│    │     │ └ properties
│    │     │    └[+] IdentityCenterConfiguration: IdentityCenterConfiguration
│    │     └[~] type RedshiftParameters
│    │       └ properties
│    │          └ IdentityCenterConfiguration: - json ⇐ IdentityCenterConfiguration
│    │                                         + IdentityCenterConfiguration
│    └[~]  resource AWS::QuickSight::Topic
│       ├      - tagInformation: undefined
│       │      + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│       └ properties
│          └[+] Tags: Array<tag> (immutable)
├[~] service aws-rds
│ └ resources
│    ├[~]  resource AWS::RDS::DBCluster
│    │  └ properties
│    │     └[+] DeleteAutomatedBackups: boolean
│    └[~]  resource AWS::RDS::DBInstance
│       └ attributes
│          ├[+] DBInstanceStatus: string
│          ├[+] InstanceCreateTime: string
│          ├[+] IsStorageConfigUpgradeAvailable: boolean
│          ├[+] LatestRestorableTime: string
│          ├[+] ListenerEndpoint: Endpoint
│          ├[+] ListenerEndpoint.Address: string
│          ├[+] ListenerEndpoint.HostedZoneId: string
│          ├[+] ListenerEndpoint.Port: string
│          ├[+] ReadReplicaDBClusterIdentifiers: Array<string>
│          └[+] ReadReplicaDBInstanceIdentifiers: Array<string>
├[~] service aws-redshift
│ └ resources
│    ├[~]  resource AWS::Redshift::ClusterSubnetGroup
│    │  └      - tagInformation: undefined
│    │         + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│    └[~]  resource AWS::Redshift::EventSubscription
│       └      - tagInformation: undefined
│              + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
├[~] service aws-s3
│ └ resources
│    └[~]  resource AWS::S3::Bucket
│       ├ properties
│       │  └[+] MetadataConfiguration: MetadataConfiguration
│       ├ attributes
│       │  ├[+] MetadataConfiguration.Destination: MetadataDestination
│       │  ├[+] MetadataConfiguration.InventoryTableConfiguration.TableArn: string
│       │  ├[+] MetadataConfiguration.InventoryTableConfiguration.TableName: string
│       │  ├[+] MetadataConfiguration.JournalTableConfiguration.TableArn: string
│       │  └[+] MetadataConfiguration.JournalTableConfiguration.TableName: string
│       └ types
│          ├[+]  type InventoryTableConfiguration
│          │  ├      documentation: The inventory table configuration for an S3 Metadata configuration.
│          │  │      name: InventoryTableConfiguration
│          │  └ properties
│          │     ├ TableName: string
│          │     ├ TableArn: string
│          │     ├ ConfigurationState: string (required)
│          │     └ EncryptionConfiguration: MetadataTableEncryptionConfiguration
│          ├[+]  type JournalTableConfiguration
│          │  ├      documentation: The journal table configuration for an S3 Metadata configuration.
│          │  │      name: JournalTableConfiguration
│          │  └ properties
│          │     ├ TableName: string
│          │     ├ TableArn: string
│          │     ├ RecordExpiration: RecordExpiration (required)
│          │     └ EncryptionConfiguration: MetadataTableEncryptionConfiguration (immutable)
│          ├[+]  type MetadataConfiguration
│          │  ├      documentation: Creates a V2 Amazon S3 Metadata configuration of a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide* .
│          │  │      name: MetadataConfiguration
│          │  └ properties
│          │     ├ Destination: MetadataDestination
│          │     ├ JournalTableConfiguration: JournalTableConfiguration (required)
│          │     └ InventoryTableConfiguration: InventoryTableConfiguration
│          ├[+]  type MetadataDestination
│          │  ├      documentation: The destination information for the S3 Metadata configuration.
│          │  │      name: MetadataDestination
│          │  └ properties
│          │     ├ TableBucketType: string (required)
│          │     ├ TableBucketArn: string
│          │     └ TableNamespace: string
│          ├[~] type MetadataTableConfiguration
│          │ └      - documentation: The metadata table configuration of an Amazon S3 general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) and [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html) .
│          │        + documentation: > We recommend that you create your S3 Metadata configurations by using the V2 [MetadataConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-s3-bucket-metadataconfiguration.html) resource type. We no longer recommend using the V1 `MetadataTableConfiguration` resource type.
│          │        > 
│          │        > If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using the [MetadataConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-s3-bucket-metadataconfiguration.html) resource type so that you can expire journal table records and create a live inventory table. 
│          │        Creates a V1 S3 Metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide* .
│          ├[+]  type MetadataTableEncryptionConfiguration
│          │  ├      documentation: The encryption settings for an S3 Metadata journal table or inventory table configuration.
│          │  │      name: MetadataTableEncryptionConfiguration
│          │  └ properties
│          │     ├ SseAlgorithm: string (required)
│          │     └ KmsKeyArn: string
│          ├[+]  type RecordExpiration
│          │  ├      documentation: The journal table record expiration settings for a journal table in an S3 Metadata configuration.
│          │  │      name: RecordExpiration
│          │  └ properties
│          │     ├ Expiration: string (required)
│          │     └ Days: integer
│          └[~] type S3TablesDestination
│            └      - documentation: The destination information for a V1 S3 Metadata configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.
│                   > If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using [CreateBucketMetadataConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html) so that you can expire journal table records and create a live inventory table.
│                   + documentation: The destination information for a V1 S3 Metadata configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.
├[~] service aws-s3express
│ └ resources
│    └[~]  resource AWS::S3Express::DirectoryBucket
│       ├      - tagInformation: undefined
│       │      + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│       └ properties
│          └[+] Tags: Array<tag>
├[~] service aws-s3tables
│ └ resources
│    └[+]  resource AWS::S3Tables::TablePolicy
│       ├      name: TablePolicy
│       │      cloudFormationType: AWS::S3Tables::TablePolicy
│       │      documentation: Creates a new maintenance configuration or replaces an existing table policy for a table. For more information, see [Adding a table policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-table-policy.html#table-policy-add) in the *Amazon Simple Storage Service User Guide* .
│       │      - **Permissions** - You must have the `s3tables:PutTablePolicy` permission to use this operation.
│       │      scrutinizable: ResourcePolicyResource
│       ├ properties
│       │  ├ ResourcePolicy: json | string (required)
│       │  └ TableARN: string (required, immutable)
│       └ attributes
│          ├ TableBucketARN: string
│          ├ Namespace: string
│          └ TableName: string
├[~] service aws-sagemaker
│ └ resources
│    ├[~]  resource AWS::SageMaker::Domain
│    │  └ properties
│    │     ├ SubnetIds: - Array<string> (required, immutable)
│    │     │            + Array<string> (immutable)
│    │     └ VpcId: - string (required, immutable)
│    │              + string (immutable)
│    ├[~]  resource AWS::SageMaker::Project
│    │  ├ properties
│    │  │  ├ ServiceCatalogProvisioningDetails: - ServiceCatalogProvisioningDetails ⇐ json (required, immutable)
│    │  │  │                                    + ServiceCatalogProvisioningDetails ⇐ json (immutable)
│    │  │  └[+] TemplateProviderDetails: Array<TemplateProviderDetail> (immutable)
│    │  └ types
│    │     ├[+]  type CfnStackParameter
│    │     │  ├      documentation: A key-value pair representing a parameter used in the CloudFormation stack.
│    │     │  │      name: CfnStackParameter
│    │     │  └ properties
│    │     │     ├ Key: string (required)
│    │     │     └ Value: string (required)
│    │     ├[+]  type CfnTemplateProviderDetail
│    │     │  ├      documentation: Details about a CloudFormation template provider configuration and associated provisioning information.
│    │     │  │      name: CfnTemplateProviderDetail
│    │     │  └ properties
│    │     │     ├ Parameters: Array<CfnStackParameter>
│    │     │     ├ RoleARN: string
│    │     │     ├ TemplateName: string (required)
│    │     │     └ TemplateURL: string (required)
│    │     └[+]  type TemplateProviderDetail
│    │        ├      documentation: Details about a template provider configuration and associated provisioning information.
│    │        │      name: TemplateProviderDetail
│    │        └ properties
│    │           └ CfnTemplateProviderDetail: CfnTemplateProviderDetail (required)
│    └[~]  resource AWS::SageMaker::Space
│       └ types
│          └[~] type SpaceSettings
│            └ properties
│               ├[+] RemoteAccess: string
│               └[+] SpaceManagedResources: string
├[~] service aws-ssm
│ └ resources
│    └[~]  resource AWS::SSM::PatchBaseline
│       └ properties
│          └[+] AvailableSecurityUpdatesComplianceStatus: string
├[~] service aws-timestream
│ └ resources
│    └[~]  resource AWS::Timestream::InfluxDBInstance
│       └ properties
│          ├ AllocatedStorage: - integer (immutable)
│          │                   + integer
│          └ DbStorageType: - string (immutable)
│                           + string
├[~] service aws-transfer
│ └ resources
│    └[~]  resource AWS::Transfer::Server
│       └ properties
│          └[+] IpAddressType: string
└[~] service aws-wisdom
  └ resources
     ├[~]  resource AWS::Wisdom::MessageTemplate
     │  ├ properties
     │  │  └[+] MessageTemplateAttachments: Array<MessageTemplateAttachment>
     │  └ types
     │     └[+]  type MessageTemplateAttachment
     │        ├      name: MessageTemplateAttachment
     │        └ properties
     │           ├ AttachmentId: string
     │           ├ AttachmentName: string (required)
     │           └ S3PresignedUrl: string (required)
     └[+]  resource AWS::Wisdom::QuickResponse
        ├      name: QuickResponse
        │      cloudFormationType: AWS::Wisdom::QuickResponse
        │      documentation: Creates an Amazon Q in Connect quick response.
        │      tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
        ├ properties
        │  ├ ContentType: string
        │  ├ KnowledgeBaseArn: string (required, immutable)
        │  ├ Name: string (required)
        │  ├ Channels: Array<string>
        │  ├ Content: QuickResponseContentProvider (required)
        │  ├ Description: string
        │  ├ GroupingConfiguration: GroupingConfiguration
        │  ├ IsActive: boolean
        │  ├ Language: string
        │  ├ ShortcutKey: string
        │  └ Tags: Array<tag>
        ├ attributes
        │  ├ QuickResponseId: string
        │  ├ QuickResponseArn: string
        │  ├ Status: string
        │  └ Contents: QuickResponseContents
        └ types
           ├ type GroupingConfiguration
           │ ├      documentation: The configuration information of the grouping of Amazon Q in Connect users.
           │ │      name: GroupingConfiguration
           │ └ properties
           │    ├ Criteria: string (required)
           │    └ Values: Array<string> (required)
           ├ type QuickResponseContentProvider
           │ ├      documentation: The container quick response content.
           │ │      name: QuickResponseContentProvider
           │ └ properties
           │    └ Content: string
           └ type QuickResponseContents
             ├      documentation: The content of the quick response stored in different media types.
             │      name: QuickResponseContents
             └ properties
                ├ Markdown: QuickResponseContentProvider
                └ PlainText: QuickResponseContentProvider

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 20e6899
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[aemada-aws]

need to delete https://github.com/aws/aws-cdk/blob/main/tools/%40aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-ecs-service.json with this PR. The override is no longer needed.