2025/03/06 Run 'make docs-all'.

Author: nam054

docs/data-sources/ce_cost_category.md

@@ -28,3 +28,12 @@ Data Source schema for AWS::CE::CostCategory
 - `rule_version` (String)
 - `rules` (String) JSON array format of Expression in Billing and Cost Management API
 - `split_charge_rules` (String) Json array format of CostCategorySplitChargeRule in Billing and Cost Management API
+- `tags` (Attributes List) Tags to assign to the cost category. (see [below for nested schema](#nestedatt--tags))
+
+<a id="nestedatt--tags"></a>
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String) The key name for the tag.
+- `value` (String) The value for the tag.

docs/data-sources/dms_data_provider.md

@@ -37,6 +37,8 @@ Data Source schema for AWS::DMS::DataProvider
 Read-Only:
 
 - `doc_db_settings` (Attributes) DocDbSettings property identifier. (see [below for nested schema](#nestedatt--settings--doc_db_settings))
+- `ibm_db_2_luw_settings` (Attributes) IbmDb2LuwSettings property identifier. (see [below for nested schema](#nestedatt--settings--ibm_db_2_luw_settings))
+- `ibm_db_2_z_os_settings` (Attributes) IbmDb2zOsSettings property identifier. (see [below for nested schema](#nestedatt--settings--ibm_db_2_z_os_settings))
 - `maria_db_settings` (Attributes) MariaDbSettings property identifier. (see [below for nested schema](#nestedatt--settings--maria_db_settings))
 - `microsoft_sql_server_settings` (Attributes) MicrosoftSqlServerSettings property identifier. (see [below for nested schema](#nestedatt--settings--microsoft_sql_server_settings))
 - `mongo_db_settings` (Attributes) MongoDbSettings property identifier. (see [below for nested schema](#nestedatt--settings--mongo_db_settings))
@@ -57,6 +59,30 @@ Read-Only:
 - `ssl_mode` (String)
 
 
+<a id="nestedatt--settings--ibm_db_2_luw_settings"></a>
+### Nested Schema for `settings.ibm_db_2_luw_settings`
+
+Read-Only:
+
+- `certificate_arn` (String)
+- `database_name` (String)
+- `port` (Number)
+- `server_name` (String)
+- `ssl_mode` (String)
+
+
+<a id="nestedatt--settings--ibm_db_2_z_os_settings"></a>
+### Nested Schema for `settings.ibm_db_2_z_os_settings`
+
+Read-Only:
+
+- `certificate_arn` (String)
+- `database_name` (String)
+- `port` (Number)
+- `server_name` (String)
+- `ssl_mode` (String)
+
+
 <a id="nestedatt--settings--maria_db_settings"></a>
 ### Nested Schema for `settings.maria_db_settings`
 

docs/data-sources/ecr_public_repository.md

@@ -22,9 +22,10 @@ Data Source schema for AWS::ECR::PublicRepository
 ### Read-Only
 
 - `arn` (String)
-- `repository_catalog_data` (Attributes) The CatalogData property type specifies Catalog data for ECR Public Repository. For information about Catalog Data, see <link> (see [below for nested schema](#nestedatt--repository_catalog_data))
-- `repository_name` (String) The name to use for the repository. The repository name may be specified on its own (such as nginx-web-app) or it can be prepended with a namespace to group the repository into a category (such as project-a/nginx-web-app). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html.
-- `repository_policy_text` (String) The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html in the Amazon Elastic Container Registry User Guide.
+- `repository_catalog_data` (Attributes) The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide*. (see [below for nested schema](#nestedatt--repository_catalog_data))
+- `repository_name` (String) The name to use for the public repository. The repository name may be specified on its own (such as ``nginx-web-app``) or it can be prepended with a namespace to group the repository into a category (such as ``project-a/nginx-web-app``). If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).
+  If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
+- `repository_policy_text` (String) The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide*.
 - `tags` (Attributes Set) An array of key-value pairs to apply to this resource. (see [below for nested schema](#nestedatt--tags))
 
 <a id="nestedatt--repository_catalog_data"></a>
@@ -44,5 +45,5 @@ Read-Only:
 
 Read-Only:
 
-- `key` (String) The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
-- `value` (String) The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+- `key` (String) One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values.
+- `value` (String) A ``value`` acts as a descriptor within a tag category (key).

docs/data-sources/ecr_pull_through_cache_rule.md

@@ -21,7 +21,7 @@ Data Source schema for AWS::ECR::PullThroughCacheRule
 
 ### Read-Only
 
-- `credential_arn` (String) The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.
-- `ecr_repository_prefix` (String) The ECRRepositoryPrefix is a custom alias for upstream registry url.
-- `upstream_registry` (String) The name of the upstream registry.
-- `upstream_registry_url` (String) The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached
+- `credential_arn` (String) The ARN of the Secrets Manager secret associated with the pull through cache rule.
+- `ecr_repository_prefix` (String) The Amazon ECR repository prefix associated with the pull through cache rule.
+- `upstream_registry` (String) The name of the upstream source registry associated with the pull through cache rule.
+- `upstream_registry_url` (String) The upstream registry URL associated with the pull through cache rule.

docs/data-sources/ecr_replication_configuration.md

@@ -21,37 +21,37 @@ Data Source schema for AWS::ECR::ReplicationConfiguration
 
 ### Read-Only
 
-- `registry_id` (String) The RegistryId associated with the aws account.
-- `replication_configuration` (Attributes) An object representing the replication configuration for a registry. (see [below for nested schema](#nestedatt--replication_configuration))
+- `registry_id` (String)
+- `replication_configuration` (Attributes) The replication configuration for a registry. (see [below for nested schema](#nestedatt--replication_configuration))
 
 <a id="nestedatt--replication_configuration"></a>
 ### Nested Schema for `replication_configuration`
 
 Read-Only:
 
-- `rules` (Attributes List) An array of objects representing the replication rules for a replication configuration. A replication configuration may contain a maximum of 10 rules. (see [below for nested schema](#nestedatt--replication_configuration--rules))
+- `rules` (Attributes List) An array of objects representing the replication destinations and repository filters for a replication configuration. (see [below for nested schema](#nestedatt--replication_configuration--rules))
 
 <a id="nestedatt--replication_configuration--rules"></a>
 ### Nested Schema for `replication_configuration.rules`
 
 Read-Only:
 
-- `destinations` (Attributes List) An array of objects representing the details of a replication destination. (see [below for nested schema](#nestedatt--replication_configuration--rules--destinations))
-- `repository_filters` (Attributes List) An array of objects representing the details of a repository filter. (see [below for nested schema](#nestedatt--replication_configuration--rules--repository_filters))
+- `destinations` (Attributes List) An array of objects representing the destination for a replication rule. (see [below for nested schema](#nestedatt--replication_configuration--rules--destinations))
+- `repository_filters` (Attributes List) An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated. (see [below for nested schema](#nestedatt--replication_configuration--rules--repository_filters))
 
 <a id="nestedatt--replication_configuration--rules--destinations"></a>
 ### Nested Schema for `replication_configuration.rules.destinations`
 
 Read-Only:
 
-- `region` (String) A Region to replicate to.
-- `registry_id` (String) The account ID of the destination registry to replicate to.
+- `region` (String) The Region to replicate to.
+- `registry_id` (String) The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.
 
 
 <a id="nestedatt--replication_configuration--rules--repository_filters"></a>
 ### Nested Schema for `replication_configuration.rules.repository_filters`
 
 Read-Only:
 
-- `filter` (String) The repository filter to be applied for replication.
-- `filter_type` (String) Type of repository filter
+- `filter` (String) The repository filter details. When the ``PREFIX_MATCH`` filter type is specified, this value is required and should be the repository name prefix to configure replication for.
+- `filter_type` (String) The repository filter type. The only supported value is ``PREFIX_MATCH``, which is a repository name prefix specified with the ``filter`` parameter.

docs/data-sources/ecr_repository.md

@@ -40,8 +40,10 @@ Data Source schema for AWS::ECR::Repository
 Read-Only:
 
 - `encryption_type` (String) The encryption type to use.
- If you use the ``KMS`` encryption type, the contents of the repository will be encrypted using server-side encryption with KMSlong key stored in KMS. When you use KMS to encrypt your data, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an key stored in (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide*.
- If you use the ``AES256`` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide*.
+ If you use the ``KMS`` encryption type, the contents of the repository will be encrypted using server-side encryption with KMSlong key stored in KMS. When you use KMS to encrypt your data, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.
+ If you use the ``KMS_DSSE`` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the ``KMS`` encryption type, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created. 
+ If you use the ``AES256`` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
+ For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide*.
 - `kms_key` (String) If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used.
 
 

docs/data-sources/iam_saml_provider.md

@@ -21,11 +21,25 @@ Data Source schema for AWS::IAM::SAMLProvider
 
 ### Read-Only
 
+- `add_private_key` (String) The private key from your external identity provider
 - `arn` (String) Amazon Resource Name (ARN) of the SAML provider
+- `assertion_encryption_mode` (String) The encryption setting for the SAML provider
 - `name` (String)
+- `private_key_list` (Attributes List) (see [below for nested schema](#nestedatt--private_key_list))
+- `remove_private_key` (String) The Key ID of the private key to remove
 - `saml_metadata_document` (String)
+- `saml_provider_uuid` (String) The unique identifier assigned to the SAML provider
 - `tags` (Attributes List) (see [below for nested schema](#nestedatt--tags))
 
+<a id="nestedatt--private_key_list"></a>
+### Nested Schema for `private_key_list`
+
+Read-Only:
+
+- `key_id` (String) The unique identifier for the SAML private key.
+- `timestamp` (String) The date and time, in <a href=\"http://www.iso.org/iso/iso8601\">ISO 8601 date-time </a> format, when the private key was uploaded.
+
+
 <a id="nestedatt--tags"></a>
 ### Nested Schema for `tags`
 

docs/data-sources/iot_account_audit_configuration.md

@@ -35,7 +35,8 @@ Read-Only:
 - `ca_certificate_expiring_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--ca_certificate_expiring_check))
 - `ca_certificate_key_quality_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--ca_certificate_key_quality_check))
 - `conflicting_client_ids_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--conflicting_client_ids_check))
-- `device_certificate_expiring_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_expiring_check))
+- `device_certificate_age_check` (Attributes) A structure containing the configName and corresponding configValue for configuring DeviceCertAgeCheck. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_age_check))
+- `device_certificate_expiring_check` (Attributes) A structure containing the configName and corresponding configValue for configuring DeviceCertExpirationCheck. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_expiring_check))
 - `device_certificate_key_quality_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_key_quality_check))
 - `device_certificate_shared_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_shared_check))
 - `intermediate_ca_revoked_for_active_device_certificates_check` (Attributes) The configuration for a specific audit check. (see [below for nested schema](#nestedatt--audit_check_configurations--intermediate_ca_revoked_for_active_device_certificates_check))
@@ -80,13 +81,39 @@ Read-Only:
 - `enabled` (Boolean) True if the check is enabled.
 
 
+<a id="nestedatt--audit_check_configurations--device_certificate_age_check"></a>
+### Nested Schema for `audit_check_configurations.device_certificate_age_check`
+
+Read-Only:
+
+- `configuration` (Attributes) A structure containing the configName and corresponding configValue for configuring audit checks. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_age_check--configuration))
+- `enabled` (Boolean) True if the check is enabled.
+
+<a id="nestedatt--audit_check_configurations--device_certificate_age_check--configuration"></a>
+### Nested Schema for `audit_check_configurations.device_certificate_age_check.configuration`
+
+Read-Only:
+
+- `cert_age_threshold_in_days` (String) The configValue for configuring audit checks.
+
+
+
 <a id="nestedatt--audit_check_configurations--device_certificate_expiring_check"></a>
 ### Nested Schema for `audit_check_configurations.device_certificate_expiring_check`
 
 Read-Only:
 
+- `configuration` (Attributes) A structure containing the configName and corresponding configValue for configuring audit checks. (see [below for nested schema](#nestedatt--audit_check_configurations--device_certificate_expiring_check--configuration))
 - `enabled` (Boolean) True if the check is enabled.
 
+<a id="nestedatt--audit_check_configurations--device_certificate_expiring_check--configuration"></a>
+### Nested Schema for `audit_check_configurations.device_certificate_expiring_check.configuration`
+
+Read-Only:
+
+- `cert_expiration_threshold_in_days` (String) The configValue for configuring audit checks.
+
+
 
 <a id="nestedatt--audit_check_configurations--device_certificate_key_quality_check"></a>
 ### Nested Schema for `audit_check_configurations.device_certificate_key_quality_check`

docs/data-sources/rds_db_instance.md

@@ -69,7 +69,9 @@ Data Source schema for AWS::RDS::DBInstance
   +  Web and Express editions: Must be an integer from 20 to 1024.
 - `allow_major_version_upgrade` (Boolean) A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.
  Constraints: Major version upgrades must be allowed when specifying a value for the ``EngineVersion`` parameter that is a different major version than the DB instance's current version.
-- `apply_immediately` (Boolean)
+- `apply_immediately` (Boolean) Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the ``PreferredMaintenanceWindow`` setting. If set to ``false``, changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.
+ In addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html), this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.
+ Default: ``true``
 - `associated_roles` (Attributes List) The IAMlong (IAM) roles associated with the DB instance. 
   *Amazon Aurora* 
  Not applicable. The associated roles are managed by the DB cluster. (see [below for nested schema](#nestedatt--associated_roles))
@@ -530,7 +532,7 @@ Data Source schema for AWS::RDS::DBInstance
  If you specify ``io1``, ``io2``, or ``gp3``, you must also include a value for the ``Iops`` parameter.
  This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.
  Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` 
- Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp2``.
+ Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp3``.
 - `tags` (Attributes List) Tags to assign to the DB instance. (see [below for nested schema](#nestedatt--tags))
 - `tde_credential_arn` (String)
 - `tde_credential_password` (String)