diff --git a/main.ncl b/main.ncl
index 9d27c6c..e8dc8dc 100644
--- a/main.ncl
+++ b/main.ncl
@@ -62,6 +62,7 @@
"buf.gen.yaml" = import "out/buf.gen.yaml.ncl",
"buf.plugin.yaml" = import "out/buf.plugin.yaml.ncl",
"buf.work.yaml" = import "out/buf.work.yaml.ncl",
+"CodeRabbit" = import "out/CodeRabbit.ncl",
"CodeCV" = import "out/CodeCV.ncl",
"latexindent configuration" = import "out/latexindent configuration.ncl",
"Lobe AI Agent" = import "out/Lobe AI Agent.ncl",
@@ -108,6 +109,7 @@
"Better Scripts" = import "out/Better Scripts.ncl",
"Bleep" = import "out/Bleep.ncl",
"CMake Presets" = import "out/CMake Presets.ncl",
+"Cache Warmup config" = import "out/Cache Warmup config.ncl",
"Calqulus pipeline" = import "out/Calqulus pipeline.ncl",
"Camel YAML DSL" = import "out/Camel YAML DSL.ncl",
"Carafe" = import "out/Carafe.ncl",
@@ -187,6 +189,15 @@
"AWS CloudFormation" = import "out/AWS CloudFormation.ncl",
"AWS CloudFormation Serverless Application Model (SAM)" = import "out/AWS CloudFormation Serverless Application Model (SAM).ncl",
"AWS SAM CLI Samconfig" = import "out/AWS SAM CLI Samconfig.ncl",
+"Landing Zone Accelerator on AWS - Accounts Config" = import "out/Landing Zone Accelerator on AWS - Accounts Config.ncl",
+"Landing Zone Accelerator on AWS - Customizations Config" = import "out/Landing Zone Accelerator on AWS - Customizations Config.ncl",
+"Landing Zone Accelerator on AWS - Global Config" = import "out/Landing Zone Accelerator on AWS - Global Config.ncl",
+"Landing Zone Accelerator on AWS - IAM Config" = import "out/Landing Zone Accelerator on AWS - IAM Config.ncl",
+"Landing Zone Accelerator on AWS - Network Config" = import "out/Landing Zone Accelerator on AWS - Network Config.ncl",
+"Landing Zone Accelerator on AWS - Organization Config" = import "out/Landing Zone Accelerator on AWS - Organization Config.ncl",
+"Landing Zone Accelerator on AWS - Replacements Config" = import "out/Landing Zone Accelerator on AWS - Replacements Config.ncl",
+"Landing Zone Accelerator on AWS - Security Config" = import "out/Landing Zone Accelerator on AWS - Security Config.ncl",
+"Changesets" = import "out/Changesets.ncl",
"chisel-slices.json" = import "out/chisel-slices.json.ncl",
"Citation File Format" = import "out/Citation File Format.ncl",
"coffeelint.json" = import "out/coffeelint.json.ncl",
@@ -254,6 +265,7 @@
"electron-builder configuration file" = import "out/electron-builder configuration file.ncl",
"evcc.yaml" = import "out/evcc.yaml.ncl",
"Expo SDK" = import "out/Expo SDK.ncl",
+"EAS config" = import "out/EAS config.ncl",
"ezd task runner" = import "out/ezd task runner.ncl",
".eslintrc" = import "out/.eslintrc.ncl",
"Facets - FSDL - Application" = import "out/Facets - FSDL - Application.ncl",
@@ -317,6 +329,7 @@
"host.json" = import "out/host.json.ncl",
"host-meta.json" = import "out/host-meta.json.ncl",
".htmlhintrc" = import "out/.htmlhintrc.ncl",
+".htmlvalidate" = import "out/.htmlvalidate.ncl",
"Ory Hydra configuration" = import "out/Ory Hydra configuration.ncl",
"Hyperfoil benchmark configuration" = import "out/Hyperfoil benchmark configuration.ncl",
"IBM Zapp document" = import "out/IBM Zapp document.ncl",
@@ -411,7 +424,7 @@
"Minecraft Resource Pack Texture Mcmeta" = import "out/Minecraft Resource Pack Texture Mcmeta.ncl",
"Minecraft Data Pack Trim Material" = import "out/Minecraft Data Pack Trim Material.ncl",
"Minecraft Data Pack Trim Pattern" = import "out/Minecraft Data Pack Trim Pattern.ncl",
-"MkDocs Configuration 1.0" = import "out/MkDocs Configuration 1.0.ncl",
+"mkdocs.yml" = import "out/mkdocs.yml.ncl",
"MLOS Configs" = import "out/MLOS Configs.ncl",
"monospace.yml" = import "out/monospace.yml.ncl",
"Monoweave Configuration" = import "out/Monoweave Configuration.ncl",
@@ -450,6 +463,7 @@
"ONe's changelog entry" = import "out/ONe's changelog entry.ncl",
"openfin.json" = import "out/openfin.json.ncl",
"OpenRewrite Resource" = import "out/OpenRewrite Resource.ncl",
+"Open Data Contract Standard (ODCS))" = import "out/Open Data Contract Standard (ODCS)).ncl",
"Outblocks project configuration" = import "out/Outblocks project configuration.ncl",
"Outblocks App configuration" = import "out/Outblocks App configuration.ncl",
"Outblocks database table" = import "out/Outblocks database table.ncl",
@@ -867,4 +881,5 @@
"Configu .cfgu files" = import "out/Configu .cfgu files.ncl",
"Configu .configu file" = import "out/Configu .configu file.ncl",
"Qt Creator workspace file" = import "out/Qt Creator workspace file.ncl",
+"mprocs Configuration file" = import "out/mprocs Configuration file.ncl",
}
diff --git a/out/.htmlvalidate.ncl b/out/.htmlvalidate.ncl
new file mode 100644
index 0000000..19765bd
--- /dev/null
+++ b/out/.htmlvalidate.ncl
@@ -0,0 +1 @@
+null
diff --git a/out/ABCSupplyPlan.ncl b/out/ABCSupplyPlan.ncl
index 1a0f4b5..fafb643 100644
--- a/out/ABCSupplyPlan.ncl
+++ b/out/ABCSupplyPlan.ncl
@@ -1029,8 +1029,10 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/AnnotationMap!predicate",
plannedOrders =
_js2n__-refsenv."_js2n__-:definitions/PositiveDateMap!predicate",
+ planningFrequencies =
+ _js2n__-refsenv."_js2n__-:definitions/PositiveIntegerTimeDependentValues!predicate",
shelfLives =
- _js2n__-refsenv."_js2n__-:definitions/NonNegativeNonNegativeIntegerTimeDependentValues!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NonNegativeIntegerTimeDependentValues!predicate",
showQuantitiesAs =
_js2n__-prdslib.allOf
[
@@ -1038,7 +1040,7 @@ let rec _js2n__-refsenv
_js2n__-prdslib.enum [ "Units", "Lots", "Cost" ]
],
stopshipBuffers =
- _js2n__-refsenv."_js2n__-:definitions/NonNegativeNonNegativeIntegerTimeDependentValues!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NonNegativeIntegerTimeDependentValues!predicate",
targetMFC =
_js2n__-prdslib.allOf
[
@@ -1179,7 +1181,7 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/TemplateTimeDependentValue!predicate",
_js2n__-refsenv."_js2n__-:definitions/NonNegativeIntegerConstraints!predicate"
],
- "_js2n__-:definitions/NonNegativeNonNegativeIntegerTimeDependentValues!predicate"
+ "_js2n__-:definitions/NonNegativeIntegerTimeDependentValues!predicate"
| doc "Array of time-dependent integer values, ensuring each is non-negative."
= _js2n__-prdslib.allOf
[
@@ -1187,6 +1189,37 @@ let rec _js2n__-refsenv
_js2n__-prdslib.arrays.arrayOf
_js2n__-refsenv."_js2n__-:definitions/NonNegativeIntegerTimeDependentValue!predicate"
],
+ "_js2n__-:definitions/NonNegativeNumberConstraints!predicate"
+ | doc "Defines constraints for numbers to ensure they are non-negative, used in various contexts."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "timeDependentValue" ],
+ _js2n__-prdslib.records.record
+ {
+ timeDependentValue =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.numbers.minimum 0
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/NonNegativeNumberTimeDependentValue!predicate"
+ | doc "Defines a time-specific number within a valid range, ensuring it is non-negative."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/TemplateTimeDependentValue!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NonNegativeNumberConstraints!predicate"
+ ],
+ "_js2n__-:definitions/NonNegativeNumberTimeDependentValues!predicate"
+ | doc "Array of time-dependent non-negative numbers."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonNegativeNumberTimeDependentValue!predicate"
+ ],
"_js2n__-:definitions/PercentTimeDependentValue!predicate"
| doc "Defines a time-specific percentage value within a valid date range, adhering to percentage constraints."
= _js2n__-prdslib.allOf
@@ -1234,15 +1267,59 @@ let rec _js2n__-refsenv
],
} false _js2n__-prdslib.never
],
+ "_js2n__-:definitions/PositiveIntegerConstraints!predicate"
+ | doc "Defines constraints for integer values to ensure they are positive, used in various configurations where a strictly positive value is required."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "timeDependentValue" ],
+ _js2n__-prdslib.records.record
+ {
+ timeDependentValue =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/PositiveIntegerTimeDependentValue!predicate"
+ | doc "Defines a time-specific integer value that must always be positive, ensuring it meets the requirements of scenarios where zero or negative numbers are not permitted."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/TemplateTimeDependentValue!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/PositiveIntegerConstraints!predicate"
+ ],
+ "_js2n__-:definitions/PositiveIntegerTimeDependentValues!predicate"
+ | doc "Array of time-dependent integer values, ensuring each is positive. This setup is intended for scenarios where values must always be greater than zero."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/PositiveIntegerTimeDependentValue!predicate"
+ ],
"_js2n__-:definitions/RecipeState!predicate"
| doc "Defines a recipe within the system, including its components and yields."
= _js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
_js2n__-prdslib.records.required
- [ "percentAllocations", "percentYield", "recipe" ],
+ [
+ "allocationMethod",
+ "percentAllocations",
+ "percentYield",
+ "priorityAllocations",
+ "recipe"
+ ],
_js2n__-prdslib.records.record
{
+ allocationMethod =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "PercentAllocation", "PriorityAllocation" ]
+ ],
percentAllocations =
_js2n__-refsenv."_js2n__-:definitions/PercentTimeDependentValues!predicate",
percentYield =
@@ -1251,6 +1328,8 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType '"Number",
_js2n__-prdslib.numbers.minimum 0
],
+ priorityAllocations =
+ _js2n__-refsenv."_js2n__-:definitions/NonNegativeNumberTimeDependentValues!predicate",
recipe =
_js2n__-prdslib.allOf
[
@@ -1284,6 +1363,10 @@ let rec _js2n__-refsenv
}
in
{
+ "$schema"
+ | std.enum.TagOrString
+ | [| '"https://json.schemastore.org/abc-supply-plan-3.0.0.json" |]
+ | doc "Link to https://json.schemastore.org/abc-supply-plan-3.0.0.json",
abcMaterialsMap
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
@@ -1318,5 +1401,5 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/RecipeState!predicate",
} false _js2n__-prdslib.never
])
- | doc "A mapping of recipes, representing the relationships and dependencies between materials.",
+ | doc "A mapping of recipes, representing the acyclic relationships among materials. abcAreAllocationMethodsHomogeneous requires no mixing of Allocation Methods. A downstream material cannot have mixed upstream recipes. An upstream material cannot have mixed downstream recipes.",
}
\ No newline at end of file
diff --git a/out/AWS SAM CLI Samconfig.ncl b/out/AWS SAM CLI Samconfig.ncl
index 46ce84c..c8d39b0 100644
--- a/out/AWS SAM CLI Samconfig.ncl
+++ b/out/AWS SAM CLI Samconfig.ncl
@@ -1178,8 +1178,13 @@ let rec _js2n__-refsenv
tags =
_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType
- '"Array",
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType
+ '"Array",
+ _js2n__-prdslib.isType
+ '"String"
+ ],
_js2n__-prdslib.arrays.arrayOf
(_js2n__-prdslib.isType
'"String")
@@ -2342,8 +2347,13 @@ let rec _js2n__-refsenv
tags =
_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType
- '"Array",
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType
+ '"Array",
+ _js2n__-prdslib.isType
+ '"String"
+ ],
_js2n__-prdslib.arrays.arrayOf
(_js2n__-prdslib.isType
'"String")
diff --git a/out/All Contributors configuration file.ncl b/out/All Contributors configuration file.ncl
index 558dec3..d74c121 100644
--- a/out/All Contributors configuration file.ncl
+++ b/out/All Contributors configuration file.ncl
@@ -923,6 +923,7 @@ let rec _js2n__-refsenv
"gitmoji",
"none"
],
+ commitType = _js2n__-prdslib.isType '"String",
contributorTemplate =
_js2n__-prdslib.allOf
[
@@ -958,47 +959,56 @@ let rec _js2n__-refsenv
[
_js2n__-prdslib.isType '"Array",
_js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
+ (_js2n__-prdslib.anyOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
+ _js2n__-prdslib.allOf
[
- "a11y",
- "audio",
- "blog",
- "bug",
- "business",
- "code",
- "content",
- "data",
- "design",
- "doc",
- "eventOrganizing",
- "example",
- "financial",
- "fundingFinding",
- "ideas",
- "infra",
- "maintenance",
- "mentoring",
- "platform",
- "plugin",
- "projectManagement",
- "promotion",
- "question",
- "research",
- "review",
- "security",
- "talk",
- "test",
- "tool",
- "translation",
- "tutorial",
- "userTesting",
- "video"
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [
+ "a11y",
+ "audio",
+ "blog",
+ "bug",
+ "business",
+ "code",
+ "content",
+ "data",
+ "design",
+ "doc",
+ "eventOrganizing",
+ "example",
+ "financial",
+ "fundingFinding",
+ "ideas",
+ "infra",
+ "maintenance",
+ "mentoring",
+ "platform",
+ "plugin",
+ "projectManagement",
+ "promotion",
+ "question",
+ "research",
+ "review",
+ "security",
+ "talk",
+ "test",
+ "tool",
+ "translation",
+ "tutorial",
+ "userTesting",
+ "video"
+ ]
],
- _js2n__-prdslib.strings.minLength
- 0
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.strings.minLength
+ 0
+ ]
]),
_js2n__-prdslib.arrays.minItems 1
],
diff --git a/out/Cache Warmup config.ncl b/out/Cache Warmup config.ncl
new file mode 100644
index 0000000..75ab390
--- /dev/null
+++ b/out/Cache Warmup config.ncl
@@ -0,0 +1,975 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {}
+ in
+ {
+ "$schema" | String | optional,
+ allowFailures
+ | Bool
+ | doc "Allow failures during URL crawling and exit with zero."
+ | optional,
+ crawler
+ | String
+ | doc "FQCN of the crawler to use for cache warmup."
+ | optional,
+ crawlerOptions
+ | { .. }
+ | doc "Additional options for configurable crawlers."
+ | optional,
+ excludePatterns
+ | Array (String)
+ | doc "Patterns of URLs to be excluded from cache warmup."
+ | optional,
+ format
+ | std.enum.TagOrString
+ | [| 'text, 'json |]
+ | doc "The formatter used to print the cache warmup result."
+ | optional,
+ limit
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.minimum 0
+ ])
+ | doc "Limit the number of URLs to be processed."
+ | optional,
+ logFile | String | doc "A file where to log crawling results." | optional,
+ logLevel
+ | std.enum.TagOrString
+ | [|
+ 'debug,
+ 'info,
+ 'notice,
+ 'warning,
+ 'error,
+ 'critical,
+ 'alert,
+ 'emergency
+ |]
+ | doc "The log level used to determine which crawling results to log."
+ | optional,
+ progress
+ | Bool
+ | doc "Show a progress bar during cache warmup."
+ | optional,
+ repeatAfter
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.minimum 0
+ ])
+ | doc "Run cache warmup in endless loop and repeat x seconds after each run."
+ | optional,
+ sitemaps
+ | Array (String)
+ | doc "URLs or local filenames of XML sitemaps to be warmed up."
+ | optional,
+ stopOnFailure
+ | Bool
+ | doc "Cancel further cache warmup requests on failure."
+ | optional,
+ strategy
+ | std.enum.TagOrString
+ | [| 'sort-by-priority, 'sort-by-lastmod, 'sort-by-changefreq |]
+ | doc "Optional crawling strategy to prepare URLs before crawling them."
+ | optional,
+ urls | Array (String) | doc "Additional URLs to be warmed up." | optional,
+ }
\ No newline at end of file
diff --git a/out/Changesets.ncl b/out/Changesets.ncl
new file mode 100644
index 0000000..baa35c4
--- /dev/null
+++ b/out/Changesets.ncl
@@ -0,0 +1,1015 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {}
+ in
+ {
+ access
+ | std.enum.TagOrString
+ | [| 'public, 'restricted |]
+ | doc "Determines whether Changesets should publish packages to the registry publicly or to a restricted scope."
+ | optional,
+ baseBranch
+ | String
+ | doc "Determines the branch that Changesets uses when finding what packages have changed."
+ | optional,
+ bumpVersionsWithWorkspaceProtocolOnly
+ | Bool
+ | doc "Determines whether Changesets should only bump dependency ranges that use workspace protocol of packages that are part of the workspace."
+ | optional,
+ changedFilePatterns
+ | Array (String)
+ | doc "Glob patterns for changed files that should determining the package as changed."
+ | optional,
+ changelog
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.items
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.arrays.maxItems 2,
+ _js2n__-prdslib.arrays.minItems 1
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Bool",
+ _js2n__-prdslib.enum [ false ]
+ ],
+ _js2n__-prdslib.isType '"String"
+ ])
+ | doc "The configuration for changelog generators."
+ | optional,
+ commit
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.items
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.arrays.maxItems 2,
+ _js2n__-prdslib.arrays.minItems 1
+ ],
+ _js2n__-prdslib.isType '"Bool",
+ _js2n__-prdslib.isType '"String"
+ ])
+ | doc "Determines whether Changesets should commit the results of the add and version command."
+ | optional,
+ fixed
+ | Array (Array (String))
+ | doc "Packages that should always be released together with the same version."
+ | optional,
+ ignore
+ | Array (String)
+ | doc "Packages that should not be released."
+ | optional,
+ linked
+ | Array (Array (String))
+ | doc "Packages that should be linked together so when they are being released, they will be released at the same version."
+ | optional,
+ privatePackages
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ tag = _js2n__-prdslib.isType '"Bool",
+ version = _js2n__-prdslib.isType '"Bool",
+ } {} true _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.const false
+ ])
+ | optional,
+ snapshot
+ | {
+ prereleaseTemplate
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc "A template for the prerelease (suffix) part of the generated snapshot version. The template can use the following variable patterns: {commit}, {tag}, {datetime}, {timestamp}."
+ | optional,
+ useCalculatedVersion
+ | Bool
+ | doc "It can be used to make generated snapshot versions use the calculated version (based on the changeset files) as a base version, instead of 0.0.0"
+ | optional,
+ ..
+ }
+ | optional,
+ updateInternalDependencies
+ | std.enum.TagOrString
+ | [| 'minor, 'patch |]
+ | doc "The minimum bump type to trigger automatic update of internal dependencies that are part of the same release."
+ | optional,
+ ..
+ }
\ No newline at end of file
diff --git a/out/CodeRabbit.ncl b/out/CodeRabbit.ncl
new file mode 100644
index 0000000..19b046d
--- /dev/null
+++ b/out/CodeRabbit.ncl
@@ -0,0 +1,1350 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/schema!contract" =
+ {
+ chat
+ | {
+ auto_reply
+ | Bool
+ | doc "Enable the bot to reply automatically without requiring the user to tag it."
+ | optional,
+ }
+ | optional,
+ early_access
+ | Bool
+ | doc "Enable early-access features."
+ | optional,
+ enable_free_tier
+ | Bool
+ | doc "Enable free tier features for users not on a paid plan."
+ | optional,
+ knowledge_base
+ | {
+ issues
+ | {
+ scope
+ | std.enum.TagOrString
+ | [| 'auto, 'global, 'local |]
+ | doc "Issues | Specify the scope of git platform (GitHub/GitLab) issues to use for the knowledge base. 'local' uses the repository's issues, 'global' uses the organization's issues, and 'auto' uses repository's issues for public repositories and organization's issues for private repositories."
+ | optional,
+ }
+ | optional,
+ jira
+ | {
+ project_keys
+ | Array (String)
+ | doc "Jira Project Keys | Specify the Jira project keys to use for the knowledge base."
+ | optional,
+ }
+ | optional,
+ learnings
+ | {
+ scope
+ | std.enum.TagOrString
+ | [| 'auto, 'global, 'local |]
+ | doc "Learnings | Specify the scope of learnings to use for the knowledge base. 'local' uses the repository's learnings, 'global' uses the organization's learnings, and 'auto' uses repository's learnings for public repositories and organization's learnings for private repositories."
+ | optional,
+ }
+ | optional,
+ linear
+ | {
+ team_keys
+ | Array (String)
+ | doc "Linear Team Keys | Specify the Linear project keys to use for the knowledge base."
+ | optional,
+ }
+ | optional,
+ }
+ | optional,
+ language
+ | std.enum.TagOrString
+ | [|
+ 'fr-FR,
+ 'de-LU,
+ 'sv-SE,
+ 'fa-IR,
+ 'it-IT,
+ 'es-ES,
+ 'de-DE-x-simple-language-DE,
+ 'nl-NL,
+ 'no,
+ 'nb,
+ 'crh,
+ 'crh-UA,
+ 'zh,
+ 'zh-CN,
+ 'uk,
+ 'uk-UA,
+ 'tr,
+ 'tl,
+ 'tl-PH,
+ 'ta,
+ 'ta-IN,
+ 'sv,
+ 'sl,
+ 'sl-SI,
+ 'sk,
+ 'sk-SK,
+ 'ru,
+ 'ru-RU,
+ 'ro,
+ 'ro-RO,
+ 'pl,
+ 'pl-PL,
+ 'ko,
+ 'ko-KR,
+ 'km,
+ 'km-KH,
+ 'ja,
+ 'ja-JP,
+ 'it,
+ 'gl,
+ 'gl-ES,
+ 'ga,
+ 'ga-IE,
+ 'fa,
+ 'eo,
+ 'el,
+ 'el-GR,
+ 'de-DE-x-simple-language,
+ 'da,
+ 'da-DK,
+ 'ca-ES-balear,
+ 'ca-ES-valencia,
+ 'ca,
+ 'ca-ES,
+ 'br,
+ 'br-FR,
+ 'be,
+ 'be-BY,
+ 'ast,
+ 'ast-ES,
+ 'ar,
+ 'pt-PT,
+ 'pt-MZ,
+ 'pt-BR,
+ 'pt,
+ 'pt-AO,
+ 'nl-BE,
+ 'nl,
+ 'fr-BE,
+ 'fr-CH,
+ 'fr-CA,
+ 'fr,
+ 'es-AR,
+ 'es,
+ 'en-ZA,
+ 'en-NZ,
+ 'en-CA,
+ 'en-GB,
+ 'en-AU,
+ 'en-US,
+ 'en,
+ 'de-CH,
+ 'de-AT,
+ 'de-DE,
+ 'de
+ |]
+ | doc "Set the language for reviews by using the corresponding ISO language code."
+ | optional,
+ reviews
+ | {
+ abort_on_close
+ | Bool
+ | doc "Abort the in-progress review if the pull request is closed or merged."
+ | optional,
+ auto_review
+ | {
+ auto_incremental_review
+ | Bool
+ | doc "Enable Automatic Incremental Review | Automatic incremental code review on each push"
+ | optional,
+ base_branches
+ | Array (String)
+ | doc "Base branches (other than the default branch) to review. Accepts regex patterns."
+ | optional,
+ drafts | Bool | doc "Review draft PRs/MRs." | optional,
+ enabled
+ | Bool
+ | doc "Enable Automatic Review | Automatic code review"
+ | optional,
+ ignore_title_keywords
+ | Array (String)
+ | doc "Ignore reviewing if the title of the pull request contains any of these keywords (case-insensitive)."
+ | optional,
+ labels
+ | Array (String)
+ | doc "Restrict automatic reviews to only those pull requests that match one of the specified labels."
+ | optional,
+ }
+ | optional,
+ auto_title_placeholder
+ | String
+ | doc "Add this keyword in the PR/MR title to auto-generate the title."
+ | optional,
+ collapse_walkthrough
+ | Bool
+ | doc "Generate walkthrough in a markdown collapsible section."
+ | optional,
+ high_level_summary
+ | Bool
+ | doc "Generate a high level summary of the changes in the PR/MR description."
+ | optional,
+ high_level_summary_placeholder
+ | String
+ | doc "Placeholder in the PR/MR description that gets replaced with the high level summary."
+ | optional,
+ path_filters
+ | Array (String)
+ | doc "Specify file patterns to exclude or include for a review. Accepts glob patterns. Example: !dist/**, src/**"
+ | optional,
+ path_instructions
+ | Array
+ {
+ instructions
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 3000
+ ])
+ | doc "Provides specific additional guidelines for code review based on file paths.",
+ path
+ | String
+ | doc "File path glob pattern. Example: **/*.js",
+ }
+ | doc "Path Instructions | Provide specific additional guidelines for code review based on file paths."
+ | optional,
+ poem
+ | Bool
+ | doc "Generate a poem in the walkthrough comment."
+ | optional,
+ profile
+ | std.enum.TagOrString
+ | [| 'assertive, 'chill |]
+ | doc "Set the profile for reviews."
+ | optional,
+ request_changes_workflow
+ | Bool
+ | doc "Approve the review once CodeRabbit's comments are resolved. Note: In GitLab, all discussions must be resolved."
+ | optional,
+ review_status
+ | Bool
+ | doc "Post review details on each review. Additionally, post a review status when a review is skipped in certain cases."
+ | optional,
+ tools
+ | {
+ ast-grep
+ | {
+ essential_rules
+ | Bool
+ | doc "Use ast-grep essentials package."
+ | optional,
+ packages
+ | Array (String)
+ | doc "Predefined packages to be used."
+ | optional,
+ rule_dirs
+ | Array (String)
+ | doc "List of rules directories."
+ | optional,
+ util_dirs
+ | Array (String)
+ | doc "List of utils directories."
+ | optional,
+ }
+ | doc "ast-grep is a code analysis tool that helps you to find patterns in your codebase using abstract syntax trees patterns."
+ | optional,
+ biome
+ | {
+ enabled
+ | Bool
+ | doc "Enable Biome | Biome is a fast formatter, linter, and analyzer for web projects. | Enable Biome integration."
+ | optional,
+ }
+ | doc "Biome is a fast formatter, linter, and analyzer for web projects."
+ | optional,
+ github-checks
+ | {
+ enabled
+ | Bool
+ | doc m%"
+ Enable GitHub Checks
+ | Enable integration, defaults to true
+ | Enable GitHub Checks integration.
+ "%
+ | optional,
+ timeout_ms
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.numbers.maximum 300000,
+ _js2n__-prdslib.numbers.minimum 0
+ ])
+ | doc "Time in milliseconds to wait for all GitHub Checks to conclude."
+ | optional,
+ }
+ | doc "GitHub Checks integration configuration."
+ | optional,
+ gitleaks
+ | {
+ enabled
+ | Bool
+ | doc "Enable Gitleaks | Gitleaks is a secret scanner. | Enable Gitleaks integration."
+ | optional,
+ }
+ | doc "Gitleaks is a secret scanner."
+ | optional,
+ golangci-lint
+ | {
+ config_file
+ | String
+ | doc "Optional path to the golangci-lint configuration file relative to the repository. Useful when the configuration file is named differently than the default '.golangci.yml', '.golangci.yaml', '.golangci.toml', '.golangci.json'."
+ | optional,
+ enabled
+ | Bool
+ | doc "Enable golangci-lint | golangci-lint is a fast linters runner for Go. | Enable golangci-lint integration."
+ | optional,
+ }
+ | doc "golangci-lint is a fast linters runner for Go."
+ | optional,
+ hadolint
+ | {
+ enabled
+ | Bool
+ | doc "Enable Hadolint | Hadolint is a Dockerfile linter. | Enable Hadolint integration."
+ | optional,
+ }
+ | doc "Hadolint is a Dockerfile linter."
+ | optional,
+ languagetool
+ | {
+ disabled_categories
+ | Array (String)
+ | doc "IDs of categories to be disabled."
+ | optional,
+ disabled_rules
+ | Array (String)
+ | doc "IDs of rules to be disabled."
+ | optional,
+ enabled
+ | Bool
+ | doc "Enable LanguageTool | Enable LanguageTool integration."
+ | optional,
+ enabled_categories
+ | Array (String)
+ | doc "IDs of categories to be enabled."
+ | optional,
+ enabled_only
+ | Bool
+ | doc "Only the rules and categories whose IDs are specified with 'enabledRules' or 'enabledCategories' are enabled."
+ | optional,
+ enabled_rules
+ | Array (String)
+ | doc "IDs of rules to be enabled. The rule won't run unless 'level' is set to a level that activates the rule."
+ | optional,
+ level
+ | std.enum.TagOrString
+ | [| 'picky, '"default" |]
+ | doc "If set to 'picky', additional rules will be activated, i.e. rules that you might only find useful when checking formal text."
+ | optional,
+ }
+ | doc "LanguageTool is a style and grammar checker for 30+ languages."
+ | optional,
+ markdownlint
+ | {
+ enabled
+ | Bool
+ | doc m%"
+ Enable Markdownlint
+ | Markdownlint is a static analysis tool for Node.js with a library of rules to enforce standards and consistency for Markdown files.
+ | Enable markdownlint integration.
+ "%
+ | optional,
+ }
+ | doc "Markdownlint is a static analysis tool to enforce standards and consistency for Markdown files."
+ | optional,
+ phpstan
+ | {
+ enabled
+ | Bool
+ | doc "Enable PHPStan | PHPStan requires [config file](https://phpstan.org/config-reference#config-file) in your repository root."
+ | optional,
+ level
+ | std.enum.TagOrString
+ | [|
+ 'max,
+ '"9",
+ '"8",
+ '"7",
+ '"6",
+ '"5",
+ '"4",
+ '"3",
+ '"2",
+ '"1",
+ '"0",
+ '"default"
+ |]
+ | doc "Level | Specify the [rule level](https://phpstan.org/user-guide/rule-levels) to run."
+ | optional,
+ }
+ | doc "PHPStan is a tool to analyze PHP code."
+ | optional,
+ ruff
+ | {
+ enabled
+ | Bool
+ | doc "Enable Ruff | Ruff is a Python linter and code formatter. | Enable ruff integration."
+ | optional,
+ }
+ | doc "Ruff is a Python linter and code formatter."
+ | optional,
+ shellcheck
+ | {
+ enabled
+ | Bool
+ | doc "Enable ShellCheck | ShellCheck is a static analysis tool that finds bugs in your shell. | Enable shellcheck integration."
+ | optional,
+ }
+ | doc "Shellcheck is a static analysis tool that finds bugs in your shell scripts."
+ | optional,
+ swiftlint
+ | {
+ config_file
+ | String
+ | doc "Optional path to the SwiftLint configuration file relative to the repository. This is useful when the configuration file is named differently than the default '.swiftlint.yml' or '.swiftlint.yaml'."
+ | optional,
+ enabled
+ | Bool
+ | doc "Enable SwiftLint | SwiftLint is a Swift linter. | Enable SwiftLint integration."
+ | optional,
+ }
+ | doc "SwiftLint integration configuration object."
+ | optional,
+ yamllint
+ | {
+ enabled
+ | Bool
+ | doc "Enable Yamllint | yamllint is a fast linters runner for yaml. | Enable yamllint integration."
+ | optional,
+ }
+ | doc "Yamllint is a fast linters runner for yaml."
+ | optional,
+ }
+ | doc "Tools that provide additional context to code reviews."
+ | optional,
+ }
+ | doc "Settings related to reviews."
+ | optional,
+ tone_instructions
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 250
+ ])
+ | doc "Set the tone of reviews and chat. Example: 'You must use talk like Mr. T. I pity the fool who doesn't!'"
+ | optional,
+ },
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/schema!contract"
\ No newline at end of file
diff --git a/out/Containerlab.ncl b/out/Containerlab.ncl
index d4766d4..c6bfd93 100644
--- a/out/Containerlab.ncl
+++ b/out/Containerlab.ncl
@@ -1354,6 +1354,7 @@ let rec _js2n__-refsenv
"cumulus_cvx",
"openbsd",
"freebsd",
+ "generic_vm",
"fortinet_fortigate"
]
],
@@ -1705,6 +1706,8 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/node-config!predicate",
freebsd =
_js2n__-refsenv."_js2n__-:definitions/node-config!predicate",
+ generic_vm =
+ _js2n__-refsenv."_js2n__-:definitions/node-config!predicate",
host =
_js2n__-refsenv."_js2n__-:definitions/node-config!predicate",
ipinfusion_ocnos =
diff --git a/out/Cycle Stack File.ncl b/out/Cycle Stack File.ncl
index 0a236ad..beeea64 100644
--- a/out/Cycle Stack File.ncl
+++ b/out/Cycle Stack File.ncl
@@ -908,10 +908,10 @@ let rec _js2n__-refsenv
_js2n__-prdslib.records.record
{
source_id =
- _js2n__-refsenv."_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/5/properties/details/properties/source_id!predicate",
+ _js2n__-refsenv."_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/4/properties/details/properties/source_id!predicate",
} {} true _js2n__-prdslib.always
],
- "_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/5/properties/details/properties/source_id!predicate"
+ "_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/4/properties/details/properties/source_id!predicate"
| doc "The ID referencing the image source where this image originated."
= _js2n__-prdslib.isType '"String",
"_js2n__-:properties/scoped_variables/items/properties/access/properties/internal_api/properties/duration/anyOf/0!predicate"
@@ -5260,7 +5260,7 @@ let rec _js2n__-refsenv
_js2n__-prdslib.records.record
{
source_id =
- _js2n__-refsenv."_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/5/properties/details/properties/source_id!predicate",
+ _js2n__-refsenv."_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/4/properties/details/properties/source_id!predicate",
}
{}
true
@@ -5312,200 +5312,196 @@ let rec _js2n__-refsenv
'Record,
_js2n__-prdslib.records.required
[
- "auth",
"target",
"url"
],
_js2n__-prdslib.records.record
{
auth =
- _js2n__-prdslib.anyOf
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.allOf
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.oneOf
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.oneOf
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.allOf
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "details",
- "type"
- ],
- _js2n__-prdslib.records.record
- {
- details =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.record
- {
- token =
- _js2n__-prdslib.isType
- '"String",
- username =
- _js2n__-prdslib.isType
- '"String",
- }
- {}
- true
- _js2n__-prdslib.always
- ],
- type =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [
- "user"
- ]
- ],
- }
- {}
- true
- _js2n__-prdslib.always
+ "details",
+ "type"
],
- _js2n__-prdslib.allOf
+ _js2n__-prdslib.records.record
+ {
+ details =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.record
+ {
+ token =
+ _js2n__-prdslib.isType
+ '"String",
+ username =
+ _js2n__-prdslib.isType
+ '"String",
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ type =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [
+ "user"
+ ]
+ ],
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "details",
- "type"
- ],
- _js2n__-prdslib.records.record
- {
- details =
- _js2n__-prdslib.allOf
+ "details",
+ "type"
+ ],
+ _js2n__-prdslib.records.record
+ {
+ details =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "credentials",
- "flavor"
- ],
- _js2n__-prdslib.records.record
- {
- credentials =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.record
- {
- api_key =
- _js2n__-prdslib.isType
- '"String",
- client_id =
- _js2n__-prdslib.isType
- '"String",
- config =
- _js2n__-prdslib.isType
- '"String",
- namespace =
- _js2n__-prdslib.isType
- '"String",
- region =
- _js2n__-prdslib.isType
- '"String",
- secret =
- _js2n__-prdslib.isType
- '"String",
- subscription_id =
- _js2n__-prdslib.isType
- '"String",
- }
- {}
- true
- _js2n__-prdslib.always
- ],
- flavor =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [
- "ecr"
- ]
- ],
- }
- {}
- true
- _js2n__-prdslib.always
+ "credentials",
+ "flavor"
],
- type =
- _js2n__-prdslib.allOf
+ _js2n__-prdslib.records.record
+ {
+ credentials =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.record
+ {
+ api_key =
+ _js2n__-prdslib.isType
+ '"String",
+ client_id =
+ _js2n__-prdslib.isType
+ '"String",
+ config =
+ _js2n__-prdslib.isType
+ '"String",
+ namespace =
+ _js2n__-prdslib.isType
+ '"String",
+ region =
+ _js2n__-prdslib.isType
+ '"String",
+ secret =
+ _js2n__-prdslib.isType
+ '"String",
+ subscription_id =
+ _js2n__-prdslib.isType
+ '"String",
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ flavor =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [
+ "ecr"
+ ]
+ ],
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ type =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
[
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [
- "provider"
- ]
- ],
- }
- {}
- true
- _js2n__-prdslib.always
- ],
- _js2n__-prdslib.allOf
+ "provider"
+ ]
+ ],
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "details",
- "type"
- ],
- _js2n__-prdslib.records.record
- {
- details =
- _js2n__-prdslib.allOf
+ "details",
+ "type"
+ ],
+ _js2n__-prdslib.records.record
+ {
+ details =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
[
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "url"
- ],
- _js2n__-prdslib.records.record
- {
- url =
- _js2n__-prdslib.isType
- '"String",
- }
- {}
- true
- _js2n__-prdslib.always
+ "url"
],
- type =
- _js2n__-prdslib.allOf
+ _js2n__-prdslib.records.record
+ {
+ url =
+ _js2n__-prdslib.isType
+ '"String",
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ type =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
[
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [
- "webhook"
- ]
- ],
- }
- {}
- true
- _js2n__-prdslib.always
- ]
- ]
- ],
- _js2n__-prdslib.isType
- 'Null
+ "webhook"
+ ]
+ ],
+ }
+ {}
+ true
+ _js2n__-prdslib.always
+ ],
+ _js2n__-prdslib.isType
+ 'Null
+ ]
],
existing =
_js2n__-refsenv."_js2n__-:properties/containers/additionalProperties/properties/image/properties/origin/oneOf/2/properties/details/properties/existing!predicate",
@@ -5531,46 +5527,6 @@ let rec _js2n__-refsenv
} {} true
_js2n__-prdslib.always
],
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.record
- {
- details =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [
- "expires",
- "token"
- ],
- _js2n__-prdslib.records.record
- {
- expires =
- _js2n__-prdslib.isType
- '"String",
- token =
- _js2n__-prdslib.isType
- '"String",
- } {} true
- _js2n__-prdslib.always
- ],
- type =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [
- "cycle-upload"
- ]
- ],
- } {} true
- _js2n__-prdslib.always
- ],
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType
@@ -5608,28 +5564,6 @@ let rec _js2n__-refsenv
],
} {} true
_js2n__-prdslib.always
- ],
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- 'Record,
- _js2n__-prdslib.records.required
- [ "type" ],
- _js2n__-prdslib.records.record
- {
- details =
- _js2n__-prdslib.isType
- 'Record,
- type =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [ "none" ]
- ],
- } {} true
- _js2n__-prdslib.always
]
]
],
diff --git a/out/Datahub Ingestion Recipe.ncl b/out/Datahub Ingestion Recipe.ncl
index b301696..c0fc17d 100644
--- a/out/Datahub Ingestion Recipe.ncl
+++ b/out/Datahub Ingestion Recipe.ncl
@@ -2126,6 +2126,8 @@ let rec _js2n__-refsenv
extra_client_options = _js2n__-prdslib.isType 'Record,
extract_column_lineage = _js2n__-prdslib.isType '"Bool",
extract_lineage_from_catalog = _js2n__-prdslib.isType '"Bool",
+ extract_policy_tags_from_catalog =
+ _js2n__-prdslib.isType '"Bool",
include_data_platform_instance =
_js2n__-prdslib.isType '"Bool",
include_external_url = _js2n__-prdslib.isType '"Bool",
@@ -3264,6 +3266,8 @@ let rec _js2n__-refsenv
env = _js2n__-prdslib.isType '"String",
fivetran_log_config =
_js2n__-refsenv."_js2n__-:definitions/FivetranLogConfig!predicate",
+ history_sync_lookback_period =
+ _js2n__-prdslib.isType 'Integer,
include_column_lineage = _js2n__-prdslib.isType '"Bool",
platform_instance = _js2n__-prdslib.isType '"String",
sources_to_database =
diff --git a/out/Devbox Config.ncl b/out/Devbox Config.ncl
index 557cf0e..7d4a75d 100644
--- a/out/Devbox Config.ncl
+++ b/out/Devbox Config.ncl
@@ -903,6 +903,10 @@ let rec _js2n__-refsenv
| String
| doc "The schema version of this devbox.json file."
| optional,
+ description
+ | String
+ | doc "A description of the Devbox development environment."
+ | optional,
env
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
@@ -919,6 +923,10 @@ let rec _js2n__-refsenv
| Array (String)
| doc "List of additional plugins to activate within your devbox shell"
| optional,
+ name
+ | String
+ | doc "The name of the Devbox development environment."
+ | optional,
packages
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.oneOf
diff --git a/out/EAS config.ncl b/out/EAS config.ncl
new file mode 100644
index 0000000..dfeeee6
--- /dev/null
+++ b/out/EAS config.ncl
@@ -0,0 +1,1185 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/Build!predicate"
+ | doc "EAS Build configuration. Learn more: https://docs.expo.dev/build-reference/eas-json/"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-refsenv."_js2n__-:definitions/BuildProfile!predicate",
+ } true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/BuildCache!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ customPaths =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String"),
+ _js2n__-prdslib.arrays.uniqueItems
+ ],
+ disabled = _js2n__-prdslib.isType '"Bool",
+ key = _js2n__-prdslib.isType '"String",
+ paths =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String"),
+ _js2n__-prdslib.arrays.uniqueItems
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/BuildProfile!predicate"
+ | doc "The build profile configuration."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ android =
+ _js2n__-refsenv."_js2n__-:definitions/BuildProfileAndroid!predicate",
+ autoIncrement = _js2n__-prdslib.isType '"Bool",
+ buildArtifactPaths =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ bun = _js2n__-prdslib.isType '"String",
+ cache =
+ _js2n__-refsenv."_js2n__-:definitions/BuildCache!predicate",
+ channel = _js2n__-prdslib.isType '"String",
+ config = _js2n__-prdslib.isType '"String",
+ credentialsSource =
+ _js2n__-prdslib.enum [ "remote", "local" ],
+ developmentClient = _js2n__-prdslib.isType '"Bool",
+ distribution = _js2n__-prdslib.enum [ "internal", "store" ],
+ env =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ { ".*" = _js2n__-prdslib.isType '"String", } true
+ _js2n__-prdslib.always
+ ],
+ extends = _js2n__-prdslib.isType '"String",
+ ios =
+ _js2n__-refsenv."_js2n__-:definitions/BuildProfileIos!predicate",
+ node = _js2n__-prdslib.isType '"String",
+ pnpm = _js2n__-prdslib.isType '"String",
+ prebuildCommand = _js2n__-prdslib.isType '"String",
+ resourceClass =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.enum [ "default", "medium", "large" ],
+ _js2n__-prdslib.isType '"String"
+ ],
+ withoutCredentials = _js2n__-prdslib.isType '"Bool",
+ yarn = _js2n__-prdslib.isType '"String",
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/BuildProfileAndroid!predicate"
+ | doc "The Android-specific build profile configuration."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ applicationArchivePath = _js2n__-prdslib.isType '"String",
+ artifactPath = _js2n__-prdslib.isType '"String",
+ autoIncrement =
+ _js2n__-prdslib.enum
+ [ false, true, "versionCode", "version" ],
+ buildType = _js2n__-prdslib.enum [ "app-bundle", "apk" ],
+ config = _js2n__-prdslib.isType '"String",
+ gradleCommand = _js2n__-prdslib.isType '"String",
+ image =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.enum
+ [
+ "auto",
+ "latest",
+ "sdk-51",
+ "sdk-50",
+ "sdk-49",
+ "ubuntu-22.04-jdk-17-ndk-r25b",
+ "ubuntu-22.04-jdk-11-ndk-r23b",
+ "ubuntu-20.04-jdk-11-ndk-r23b",
+ "ubuntu-22.04-jdk-17-ndk-r21e",
+ "ubuntu-22.04-jdk-11-ndk-r21e",
+ "ubuntu-20.04-jdk-11-ndk-r21e",
+ "ubuntu-22.04-jdk-8-ndk-r21e",
+ "ubuntu-20.04-jdk-8-ndk-r21e",
+ "ubuntu-20.04-jdk-11-ndk-r19c",
+ "ubuntu-20.04-jdk-8-ndk-r19c"
+ ],
+ _js2n__-prdslib.enum [ "default", "stable" ]
+ ],
+ ndk = _js2n__-prdslib.isType '"String",
+ resourceClass =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.enum [ "default", "medium", "large" ],
+ _js2n__-prdslib.isType '"String"
+ ],
+ withoutCredentials = _js2n__-prdslib.isType '"Bool",
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/BuildProfileIos!predicate"
+ | doc "The iOS-specific build profile configuration."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ applicationArchivePath = _js2n__-prdslib.isType '"String",
+ artifactPath = _js2n__-prdslib.isType '"String",
+ autoIncrement =
+ _js2n__-prdslib.enum
+ [ false, true, "buildNumber", "version" ],
+ buildConfiguration = _js2n__-prdslib.isType '"String",
+ bundler = _js2n__-prdslib.isType '"String",
+ cocoapods = _js2n__-prdslib.isType '"String",
+ config = _js2n__-prdslib.isType '"String",
+ enterpriseProvisioning =
+ _js2n__-prdslib.enum [ "universal", "adhoc" ],
+ fastlane = _js2n__-prdslib.isType '"String",
+ image =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.enum
+ [
+ "auto",
+ "latest",
+ "sdk-51",
+ "sdk-50",
+ "sdk-49",
+ "macos-sonoma-14.4-xcode-15.3",
+ "macos-ventura-13.6-xcode-15.2",
+ "macos-ventura-13.6-xcode-15.1",
+ "macos-ventura-13.6-xcode-15.0"
+ ],
+ _js2n__-prdslib.enum
+ [
+ "default",
+ "stable",
+ "macos-monterey-12.4-xcode-13.4",
+ "macos-monterey-12.3-xcode-13.3",
+ "macos-monterey-12.1-xcode-13.2",
+ "macos-ventura-13.4-xcode-14.3.1",
+ "macos-ventura-13.3-xcode-14.3",
+ "macos-monterey-12.6-xcode-14.2",
+ "macos-monterey-12.6-xcode-14.1",
+ "macos-monterey-12.6-xcode-14.0"
+ ]
+ ],
+ resourceClass =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.enum
+ [ "default", "medium", "large", "m-medium" ],
+ _js2n__-prdslib.isType '"String"
+ ],
+ scheme = _js2n__-prdslib.isType '"String",
+ simulator = _js2n__-prdslib.isType '"Bool",
+ withoutCredentials = _js2n__-prdslib.isType '"Bool",
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/Cli!predicate"
+ | doc "Configure the basic behavior of your project with the EAS CLI"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ appVersionSource = _js2n__-prdslib.enum [ "local", "remote" ],
+ promptToConfigurePushNotifications =
+ _js2n__-prdslib.isType '"Bool",
+ requireCommit = _js2n__-prdslib.isType '"Bool",
+ version = _js2n__-prdslib.isType '"String",
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/Submit!predicate"
+ | doc "EAS Submit configuration. Learn more: https://docs.expo.dev/submit/eas-json/"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-refsenv."_js2n__-:definitions/SubmitProfile!predicate",
+ } true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/SubmitProfile!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ android =
+ _js2n__-refsenv."_js2n__-:definitions/SubmitProfileAndroid!predicate",
+ extends = _js2n__-prdslib.isType '"String",
+ ios =
+ _js2n__-refsenv."_js2n__-:definitions/SubmitProfileIos!predicate",
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/SubmitProfileAndroid!predicate"
+ | doc "The Android-specific submit profile configuration."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ applicationId = _js2n__-prdslib.isType '"String",
+ changesNotSentForReview = _js2n__-prdslib.isType '"Bool",
+ releaseStatus =
+ _js2n__-prdslib.enum
+ [ "draft", "inProgress", "halted", "completed" ],
+ rollout = _js2n__-prdslib.isType '"Number",
+ serviceAccountKeyPath = _js2n__-prdslib.isType '"String",
+ track =
+ _js2n__-prdslib.enum
+ [ "beta", "alpha", "internal", "production" ],
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/SubmitProfileIos!predicate"
+ | doc "The iOS-specific submit profile configuration."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ appName = _js2n__-prdslib.isType '"String",
+ appleId = _js2n__-prdslib.isType '"String",
+ appleTeamId = _js2n__-prdslib.isType '"String",
+ ascApiKeyId = _js2n__-prdslib.isType '"String",
+ ascApiKeyIssuerId = _js2n__-prdslib.isType '"String",
+ ascApiKeyPath = _js2n__-prdslib.isType '"String",
+ ascAppId = _js2n__-prdslib.isType '"String",
+ bundleIdentifier = _js2n__-prdslib.isType '"String",
+ companyName = _js2n__-prdslib.isType '"String",
+ language = _js2n__-prdslib.isType '"String",
+ metadataPath = _js2n__-prdslib.isType '"String",
+ sku = _js2n__-prdslib.isType '"String",
+ } {} true _js2n__-prdslib.always
+ ],
+ }
+ in
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ build = _js2n__-refsenv."_js2n__-:definitions/Build!predicate",
+ cli = _js2n__-refsenv."_js2n__-:definitions/Cli!predicate",
+ submit = _js2n__-refsenv."_js2n__-:definitions/Submit!predicate",
+ } {} true _js2n__-prdslib.always
+ ])
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Accounts Config.ncl b/out/Landing Zone Accelerator on AWS - Accounts Config.ncl
new file mode 100644
index 0000000..276ad7e
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Accounts Config.ncl
@@ -0,0 +1,1036 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/AwsAccountId!contract"
+ | doc "AWS Account ID"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 12,
+ _js2n__-prdslib.strings.minLength 12
+ ]),
+ "_js2n__-:definitions/EmailAddress!contract"
+ | doc "An email address"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 64,
+ _js2n__-prdslib.strings.minLength 6,
+ _js2n__-prdslib.strings.pattern
+ "['^\\S+@\\S+\\.\\S+$', '^\\w+$']"
+ ]),
+ "_js2n__-:definitions/EmailAddress!predicate"
+ | doc "An email address"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 64,
+ _js2n__-prdslib.strings.minLength 6,
+ _js2n__-prdslib.strings.pattern "['^\\S+@\\S+\\.\\S+$', '^\\w+$']"
+ ],
+ "_js2n__-:definitions/IAccountConfig!predicate"
+ | doc "Account configuration"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "email", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ email =
+ _js2n__-refsenv."_js2n__-:definitions/EmailAddress!predicate",
+ name =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyNoSpaceString!predicate",
+ organizationalUnit =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ warm = _js2n__-prdslib.isType '"Bool",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IAccountIdConfig!contract" =
+ {
+ accountId
+ | _js2n__-refsenv."_js2n__-:definitions/AwsAccountId!contract",
+ email
+ | _js2n__-refsenv."_js2n__-:definitions/EmailAddress!contract",
+ },
+ "_js2n__-:definitions/IAccountsConfig!contract" =
+ {
+ accountIds
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAccountIdConfig!contract"
+ | optional,
+ mandatoryAccounts
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/IAccountConfig!predicate"
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/IGovCloudAccountConfig!predicate"
+ ]
+ ]),
+ workloadAccounts
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/IAccountConfig!predicate"
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/IGovCloudAccountConfig!predicate"
+ ]
+ ]),
+ },
+ "_js2n__-:definitions/IGovCloudAccountConfig!predicate"
+ | doc m%"
+ GovCloud Account configuration
+ Used instead of the account configuration in the commercial
+ partition when creating GovCloud partition linked accounts.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "email", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ email =
+ _js2n__-refsenv."_js2n__-:definitions/EmailAddress!predicate",
+ enableGovCloud = _js2n__-prdslib.isType '"Bool",
+ name =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyNoSpaceString!predicate",
+ organizationalUnit =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/NonEmptyNoSpaceString!predicate"
+ | doc "A string that contains no spaces"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1,
+ _js2n__-prdslib.strings.pattern "^[^\\s]*$"
+ ],
+ "_js2n__-:definitions/NonEmptyString!predicate"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ],
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/IAccountsConfig!contract"
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Customizations Config.ncl b/out/Landing Zone Accelerator on AWS - Customizations Config.ncl
new file mode 100644
index 0000000..9c22f2d
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Customizations Config.ncl
@@ -0,0 +1,2250 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/AlbListenerProtocolEnum!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'HTTPS, 'HTTP |] ],
+ "_js2n__-:definitions/AlbListenerTypeEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'redirect, 'forward, 'fixed-response |]
+ ],
+ "_js2n__-:definitions/AlbRoutingHttpConfigMitigationModeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'strictest, 'defensive, 'monitor |] ],
+ "_js2n__-:definitions/AlbSchemeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'internal, 'internet-facing |] ],
+ "_js2n__-:definitions/AlpnPolicyEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'None,
+ 'HTTP2Preferred,
+ 'HTTP2Optional,
+ 'HTTP2Only,
+ 'HTTP1Only
+ |]
+ ],
+ "_js2n__-:definitions/AutoScalingHealthCheckTypeEnum!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'ELB, 'EC2 |] ],
+ "_js2n__-:definitions/IAlbAttributesConfig!contract"
+ | doc "Application Load Balancer attributes config."
+ = {
+ deletionProtection
+ | Bool
+ | doc "Enable or disable deletion protection."
+ | optional,
+ http2Enabled
+ | Bool
+ | doc "Indicates whether HTTP/2 is enabled. The possible values are true and false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens."
+ | optional,
+ idleTimeout
+ | Number
+ | doc "The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds."
+ | optional,
+ routingHttpDesyncMitigationMode
+ | _js2n__-refsenv."_js2n__-:definitions/AlbRoutingHttpConfigMitigationModeEnum!contract"
+ | doc "Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive`."
+ | optional,
+ routingHttpDropInvalidHeader
+ | Bool
+ | doc "Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( true ) or routed to targets ( false ). The default is false."
+ | optional,
+ routingHttpXAmznTlsCipherEnable
+ | Bool
+ | doc "Indicates whether the two headers ( x-amzn-tls-version and x-amzn-tls-cipher-suite ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true and false . The default is false."
+ | optional,
+ routingHttpXffClientPort
+ | Bool
+ | doc "Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. The possible values are true and false . The default is false."
+ | optional,
+ routingHttpXffHeaderProcessingMode
+ | _js2n__-refsenv."_js2n__-:definitions/RoutingHttpXffHeaderProcessingModeEnum!contract"
+ | doc "Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are append, preserve, and remove. The default is append."
+ | optional,
+ wafFailOpen
+ | Bool
+ | doc "Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are true and false. The default is false."
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerConfig!contract"
+ | doc "Application Load Balancer listener config. Currently only action type of `forward`, `redirect` and `fixed-response` is allowed."
+ = {
+ certificate
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Applies to HTTPS listeners. The default certificate for the listener. You must provide exactly one certificate arn or a certificate name which was created by LZA"
+ | optional,
+ fixedResponseConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerFixedResponseConfig!contract"
+ | doc "Information for creating an action that returns a custom HTTP response. Specify only when type is `fixed-response`."
+ | optional,
+ forwardConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerForwardConfig!contract"
+ | doc "Information for creating an action that distributes requests to targetGroup. Stickiness for targetGroup can be set here."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the application load balancer listener",
+ order
+ | Number
+ | doc "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first"
+ | optional,
+ port
+ | Number
+ | doc "Port of the application load balancer listener",
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/AlbListenerProtocolEnum!contract"
+ | doc "Protocol of the application load balancer listener. The supported protocols are HTTP and HTTPS",
+ redirectConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerRedirectConfig!contract"
+ | doc "Information for creating a redirect action. Specify only when type is `redirect`."
+ | optional,
+ sslPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/SslPolicyAlbEnum!contract"
+ | doc "The security policy that defines which protocols and ciphers are supported."
+ | optional,
+ targetGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Target Group name to which traffic will be forwarded to. This name should be same as {@link ApplicationLoadBalancerTargetGroupConfig targetGroup } name.",
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/AlbListenerTypeEnum!contract"
+ | doc "Type of the application load balancer listener",
+ },
+ "_js2n__-:definitions/IAlbListenerFixedResponseConfig!contract"
+ | doc m%"
+ Application load balancer listener fixed response config
+ It returns a custom HTTP response.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `fixed-response`.
+ "%
+ = {
+ contentType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The message to send back."
+ | optional,
+ messageBody
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The HTTP response code (2XX, 4XX, or 5XX)."
+ | optional,
+ statusCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json",
+ },
+ "_js2n__-:definitions/IAlbListenerForwardConfig!contract"
+ | doc m%"
+ Application Load balancer listener forward config. Used to define forward action.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `forward`.
+ "%
+ = {
+ targetGroupStickinessConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerTargetGroupStickinessConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerRedirectConfig!contract"
+ | doc m%"
+ Application Load balancer listener redirect config. Used to define redirect action.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `redirect`.
+ "%
+ = {
+ host
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ path
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ port | Number | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ query
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ statusCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerTargetGroupStickinessConfig!contract"
+ | doc m%"
+ Application Load balancer listener forward config target group stickiness config
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `forward`.
+ "%
+ = {
+ durationSeconds
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days)."
+ | optional,
+ enabled
+ | Bool
+ | doc "Indicates whether target group stickiness is enabled."
+ | optional,
+ },
+ "_js2n__-:definitions/IAppConfigItem!contract"
+ | doc m%"
+ Application configuration.
+ Used to define two tier application configurations for the accelerator.
+ "%
+ = {
+ applicationLoadBalancer
+ | _js2n__-refsenv."_js2n__-:definitions/IApplicationLoadBalancerConfig!contract"
+ | doc "Application Load Balancer for the application"
+ | optional,
+ autoscaling
+ | _js2n__-refsenv."_js2n__-:definitions/IAutoScalingConfig!contract"
+ | doc "AutoScalingGroup for the application"
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "The location where the application will be deployed.",
+ launchTemplate
+ | _js2n__-refsenv."_js2n__-:definitions/ILaunchTemplateConfig!contract"
+ | doc "Launch Template for the application"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the application. This should be unique per application.",
+ networkLoadBalancer
+ | _js2n__-refsenv."_js2n__-:definitions/INetworkLoadBalancerConfig!contract"
+ | doc "Network Load Balancer for the application"
+ | optional,
+ targetGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Target groups for the application"
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "VPC where the application will be deployed. The value should be a reference to the vpc in the network config under `vpcs:`.",
+ },
+ "_js2n__-:definitions/IApplicationLoadBalancerConfig!contract"
+ | doc "Used to define Application Load Balancer configurations for the accelerator."
+ = {
+ attributes
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbAttributesConfig!contract"
+ | doc "Attributes for Application Load Balancer."
+ | optional,
+ listeners
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAlbListenerConfig!contract"
+ | doc "Listeners for Application Load Balancer."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the application load balancer",
+ scheme
+ | _js2n__-refsenv."_js2n__-:definitions/AlbSchemeEnum!contract"
+ | doc "Internal or internet facing scheme for Application Load Balancer."
+ | optional,
+ securityGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Security Groups to attach to the Application Load Balancer.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc m%"
+ The location where the Application Load Balancer(s) will be deployed to.
+ *
+ "%
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Subnets to launch the Application Load Balancer in.",
+ },
+ "_js2n__-:definitions/IAutoScalingConfig!contract"
+ | doc "Autoscaling group configuration for the application."
+ = {
+ desiredSize
+ | Number
+ | doc "The desired capacity is the initial capacity of the Auto Scaling group at the time of its creation and the capacity it attempts to maintain. It can scale beyond this capacity if you configure auto scaling. This number must be greater than or equal to the minimum size of the group and less than or equal to the maximum size of the group.",
+ healthCheckGracePeriod
+ | Number
+ | doc "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service and marking it unhealthy due to a failed Elastic Load Balancing or custom health check. This is useful if your instances do not immediately pass these health checks after they enter the `InService` state. Defaults to 0 if unspecified."
+ | optional,
+ healthCheckType
+ | _js2n__-refsenv."_js2n__-:definitions/AutoScalingHealthCheckTypeEnum!contract"
+ | doc "The service to use for the health checks. The valid values are EC2 (default) and ELB. If you configure an Auto Scaling group to use load balancer (ELB) health checks, it considers the instance unhealthy if it fails either the EC2 status checks or the load balancer health checks."
+ | optional,
+ launchTemplate
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Information used to specify the launch template and version to use to launch instances.",
+ maxSize | Number | doc "The maximum size of the group.",
+ minSize | Number | doc "The minimum size of the group.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The name of the Auto Scaling group. This name must be unique per Region per account. The name can contain any ASCII character 33 to 126 including most punctuation characters, digits, and upper and lowercased letters.
+ *Note* You cannot use a colon (:) in the name.
+ "%,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "List of subnet names for a virtual private cloud (VPC) where instances in the Auto Scaling group can be created. These subnets should be created under the VPC in network-config.yaml.",
+ targetGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Target group name array to associate with the Auto Scaling group. These names are from the {@link TargetGroupItemConfig target group } set in the application. Instances are registered as targets with the target groups. The target groups receive incoming traffic and route requests to one or more registered targets."
+ | optional,
+ },
+ "_js2n__-:definitions/IBlockDeviceMappingItem!contract"
+ | doc "The parameters for a block device mapping in launch template."
+ = {
+ deviceName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The device name (for example, /dev/sdh or xvdh).",
+ ebs
+ | _js2n__-refsenv."_js2n__-:definitions/IEbsItem!contract"
+ | doc "Parameters used to automatically set up EBS volumes when the instance is launched."
+ | optional,
+ },
+ "_js2n__-:definitions/ICfnParameter!contract" =
+ { name | String, value | String, },
+ "_js2n__-:definitions/ICloudFormationStack!contract"
+ | doc "Defines a custom CloudFormation Stack to be deployed to the environment."
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "CloudFormation Stack deployment targets",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The description is to used to provide more information about the stack."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name that will be used as a base for the created CloudFormation Stack Name. The name should not contain any spaces as this isn't supported by the Accelerator.",
+ parameters
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICfnParameter!contract"
+ | doc "The parameters to pass to the stack."
+ | optional,
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "A list of AWS regions to deploy the stack to.",
+ runOrder
+ | Number
+ | doc "The order to deploy the stack relative to the other stacks. Must be a positive integer. To deploy stacks in parallel, set runOrder of each stack to 1.",
+ template
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The file path to the template file defining the stack.",
+ terminationProtection
+ | Bool
+ | doc "This determines whether to enable termination protection for the stack.",
+ },
+ "_js2n__-:definitions/ICloudFormationStackSet!contract"
+ | doc "Defines a custom CloudFormation StackSet to be deployed to the environment."
+ = {
+ capabilities
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "CAPABILITY_IAM",
+ "CAPABILITY_NAMED_IAM",
+ "CAPABILITY_AUTO_EXPAND"
+ ]
+ ])
+ ])
+ | doc "The CloudFormation capabilities enabled to deploy the stackset."
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "CloudFormation StackSet deployment targets",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The description is to used to provide more information about the stackset."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name that will be used as a base for the created CloudFormation StackSet Name. The name should not contain any spaces as this isn't supported by the Accelerator.",
+ parameters
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICfnParameter!contract"
+ | doc "The parameters to be passed to the stackset."
+ | optional,
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "A list of regions to deploy the stackset.",
+ template
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The file path to the template file used for deployment.",
+ },
+ "_js2n__-:definitions/ICustomizationConfig!contract"
+ | doc m%"
+ Defines CloudFormation Stacks and StackSets to be deployed to the environment.
+ This feature supports the deployment of customer-provided CloudFormation templates to AWS
+ accounts and/or organizational units. These deployments can leverage independent CloudFormation stacks
+ or CloudFormation StackSets depending on the customer's deployment preference.
+ "%
+ = {
+ cloudFormationStackSets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICloudFormationStackSet!contract"
+ | optional,
+ cloudFormationStacks
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICloudFormationStack!contract"
+ | optional,
+ serviceCatalogPortfolios
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IPortfolioConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/ICustomizationsConfig!contract"
+ | doc m%"
+ Defines custom CloudFormation and external web and application tier resources. We recommend creating resources
+ with native LZA features where possible.
+ "%
+ = {
+ applications
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAppConfigItem!contract"
+ | optional,
+ customizations
+ | _js2n__-refsenv."_js2n__-:definitions/ICustomizationConfig!contract"
+ | optional,
+ firewalls
+ | _js2n__-refsenv."_js2n__-:definitions/IEc2FirewallConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IDeploymentTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ excludedAccounts | Array (String) | optional,
+ excludedRegions | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/IEbsItem!contract"
+ | doc "The parameters for a block device for an EBS volume."
+ = {
+ deleteOnTermination
+ | Bool
+ | doc "Indicates whether the EBS volume is deleted on instance termination."
+ | optional,
+ encrypted
+ | Bool
+ | doc "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value. If encrypted is `true` and kmsKeyId is not provided, then accelerator checks for {@link EbsDefaultVolumeEncryptionConfig default ebs encryption } in the config."
+ | optional,
+ iops
+ | Number
+ | doc "The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes."
+ | optional,
+ kmsKeyId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption."
+ | optional,
+ snapshotId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The ID of the snapshot."
+ | optional,
+ throughput
+ | Number
+ | doc "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s. Valid Range: Minimum value of 125. Maximum value of 1000."
+ | optional,
+ volumeSize
+ | Number
+ | doc m%"
+ The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:
+ - gp2 and gp3: 1-16,384
+ - io1 and io2: 4-16,384
+ - st1 and sc1: 125-16,384
+ - standard: 1-1,024
+ "%
+ | optional,
+ volumeType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The volume type. Valid Values: `standard | io1 | io2 | gp2 | sc1 | st1 | gp3`"
+ | optional,
+ },
+ "_js2n__-:definitions/IEc2FirewallAutoScalingGroupConfig!contract"
+ | doc m%"
+ EC2 firewall autoscaling group configuration.
+ Used to define EC2-based firewall instances to be deployed in an autoscaling group.
+
+ ```
+ - name: accelerator-firewall-asg
+ autoscaling:
+ name: firewall-asg
+ maxSize: 4
+ minSize: 1
+ desiredSize: 2
+ launchTemplate: firewall-lt
+ healthCheckGracePeriod: 300
+ healthCheckType: ELB
+ targetGroups:
+ - firewall-gwlb-tg
+ subnets:
+ - firewall-subnet-a
+ - firewall-subnet-b
+ launchTemplate:
+ name: firewall-lt
+ blockDeviceMappings:
+ - deviceName: /dev/xvda
+ ebs:
+ deleteOnTermination: true
+ encrypted: true
+ volumeSize: 20
+ enforceImdsv2: true
+ iamInstanceProfile: firewall-profile
+ imageId: ami-123xyz
+ instanceType: c6i.xlarge
+ networkInterfaces:
+ - deleteOnTermination: true
+ description: Primary interface
+ deviceIndex: 0
+ groups:
+ - firewall-data-sg
+ - deleteOnTermination: true
+ description: Management interface
+ deviceIndex: 1
+ groups:
+ - firewall-mgmt-sg
+ userData: path/to/userdata.txt
+ vpc: Network-Inspection
+ tags: []
+ ```
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The logical name of the account to deploy the firewall autoscaling group to"
+ | optional,
+ autoscaling
+ | _js2n__-refsenv."_js2n__-:definitions/IAutoScalingConfig!contract"
+ | doc "An AutoScaling Group configuration",
+ configDir
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 directory path to pull a firewall configuration directory.
+
+ Either configFile or configDir can be set but not both.
+
+ For example, if your S3 folder path is `s3://path/to/config`, specify `path/to/config` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the configuration directory.
+ "%
+ | optional,
+ configFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 object path to pull a firewall configuration file from.
+
+ For example, if your S3 object path is `s3://path/to/config.txt`, specify `path/to/config.txt` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the configuration file.
+ "%
+ | optional,
+ launchTemplate
+ | _js2n__-refsenv."_js2n__-:definitions/ILaunchTemplateConfig!contract"
+ | doc "The launch template for the firewall instance",
+ licenseFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 object path to pull a firewall license file from.
+
+ For example, if your S3 object path is `s3://path/to/license.lic`, specify `path/to/license.lic` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the license file.
+ "%
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the firewall instance",
+ staticReplacements
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IFirewallStaticReplacementsConfig!contract"
+ | doc "(OPTIONAL) Static firewall configuration replacements definition."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags"
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy the firewall instance to",
+ },
+ "_js2n__-:definitions/IEc2FirewallConfig!contract"
+ | doc m%"
+ EC2 firewall configuration.
+ Used to define EC2-based firewall and management appliances
+ "%
+ = {
+ autoscalingGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IEc2FirewallAutoScalingGroupConfig!contract"
+ | doc "Define EC2-based firewall instances in autoscaling groups"
+ | optional,
+ instances
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IEc2FirewallInstanceConfig!contract"
+ | doc "Define EC2-based firewall standalone instances"
+ | optional,
+ managerInstances
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IEc2FirewallInstanceConfig!contract"
+ | doc "Define EC2-based firewall management instances"
+ | optional,
+ targetGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Define target groups for EC2-based firewalls"
+ | optional,
+ },
+ "_js2n__-:definitions/IEc2FirewallInstanceConfig!contract"
+ | doc m%"
+ EC2 firewall instance configuration.
+ Use to define an array of standalone firewall instances
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The logical name of the account to deploy the firewall instance to"
+ | optional,
+ configDir
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 directory path to pull a firewall configuration directory.
+
+ Either configFile or configDir can be set but not both.
+
+ For example, if your S3 folder path is `s3://path/to/config`, specify `path/to/config` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the configuration directory.
+ "%
+ | optional,
+ configFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 object path to pull a firewall configuration file from.
+
+ For example, if your S3 object path is `s3://path/to/config.txt`, specify `path/to/config.txt` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the configuration file.
+ "%
+ | optional,
+ detailedMonitoring
+ | Bool
+ | doc "(OPTIONAL) Specify true to enable detailed monitoring. Otherwise, basic monitoring is enabled."
+ | optional,
+ launchTemplate
+ | _js2n__-refsenv."_js2n__-:definitions/ILaunchTemplateConfig!contract"
+ | doc "The launch template for the firewall instance",
+ licenseFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) Specify a relative S3 object path to pull a firewall license file from.
+
+ For example, if your S3 object path is `s3://path/to/license.lic`, specify `path/to/license.lic` for this property.
+
+ **NOTE:** The custom resource backing this feature does not force update on every core pipeline run. To update the resource, update the name of the license file.
+ "%
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the firewall instance",
+ staticReplacements
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IFirewallStaticReplacementsConfig!contract"
+ | doc "(OPTIONAL) Static firewall configuration replacements definition."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags"
+ | optional,
+ terminationProtection
+ | Bool
+ | doc m%"
+ (OPTIONAL) If you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API.
+
+ More information: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination
+ "%
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy the firewall instance to",
+ },
+ "_js2n__-:definitions/IFirewallStaticReplacementsConfig!contract"
+ | doc "Firewall Static Replacements Config"
+ = {
+ key
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The key name for the static replacement",
+ value
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The value of the static replacement",
+ },
+ "_js2n__-:definitions/ILaunchTemplateConfig!contract"
+ | doc "Configure a launch template for the application."
+ = {
+ blockDeviceMappings
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IBlockDeviceMappingItem!contract"
+ | optional,
+ enforceImdsv2
+ | Bool
+ | doc "By default, {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html IMDSv2 } is enabled. Disable it by setting this to false."
+ | optional,
+ iamInstanceProfile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the instance profile created by accelerator in iam-config.yaml under roleSets"
+ | optional,
+ imageId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ Valid AMI ID or a reference to ssm parameter store to get AMI ID. If ssm parameter is referenced it should follow the pattern ${ACCEL_LOOKUP::ImageId:/path/to/ssm/parameter/for/ami}
+
+ For example to get the latest x86_64 amazon linux 2 ami, the value would be `${ACCEL_LOOKUP::ImageId:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2}`
+ "%,
+ instanceType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Valid instance type which can be launched in the target account and region.",
+ keyPair
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the key pair. LZA does not create keypair. This should exist in the account/region or else deployment will fail."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ networkInterfaces
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkInterfaceItem!contract"
+ | doc "One or more network interfaces. If you specify a network interface, you must specify any security groups and subnets as part of the network interface."
+ | optional,
+ securityGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "One or more security group names. These should be created under the VPC in network-config.yaml"
+ | optional,
+ userData
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Path to user data. The path is relative to the config repository and the content should be in regular text. It is encoded in base64 before passing in to Launch Template"
+ | optional,
+ },
+ "_js2n__-:definitions/INetworkInterfaceItem!contract"
+ | doc "The parameters for a network interface."
+ = {
+ associateCarrierIpAddress
+ | Bool
+ | doc "Associates a Carrier IP address with eth0 for a new network interface. Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface."
+ | optional,
+ associateElasticIp
+ | Bool
+ | doc "Associate an elastic IP with the interface"
+ | optional,
+ associatePublicIpAddress
+ | Bool
+ | doc "Associates a public IPv4 address with eth0 for a new network interface."
+ | optional,
+ deleteOnTermination
+ | Bool
+ | doc "Indicates whether the network interface is deleted when the instance is terminated."
+ | optional,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A description for the network interface."
+ | optional,
+ deviceIndex
+ | Number
+ | doc "The device index for the network interface attachment."
+ | optional,
+ groups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Security group names to associate with this network interface."
+ | optional,
+ interfaceType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa. If you are not creating an EFA, specify interface or omit this parameter. Valid values: `interface | efa`"
+ | optional,
+ networkCardIndex
+ | Number
+ | doc "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0."
+ | optional,
+ networkInterfaceId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The ID of the network interface."
+ | optional,
+ privateIpAddress
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The primary private IPv4 address of the network interface."
+ | optional,
+ privateIpAddresses
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IPrivateIpAddressItem!contract"
+ | doc "One or more private IPv4 addresses."
+ | optional,
+ secondaryPrivateIpAddressCount
+ | Number
+ | doc "The number of secondary private IPv4 addresses to assign to a network interface."
+ | optional,
+ sourceDestCheck
+ | Bool
+ | doc "If the value is true , source/destination checks are enabled; otherwise, they are disabled. The default value is true. You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls."
+ | optional,
+ subnetId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Valid subnet name from network-config.yaml under the same vpc"
+ | optional,
+ },
+ "_js2n__-:definitions/INetworkLoadBalancerConfig!contract"
+ | doc "Network Load Balancer configuration."
+ = {
+ crossZoneLoadBalancing
+ | Bool
+ | doc "Cross Zone load balancing for Network Load Balancer."
+ | optional,
+ deletionProtection
+ | Bool
+ | doc "Deletion protection for Network Load Balancer."
+ | optional,
+ listeners
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INlbListenerConfig!contract"
+ | doc "Listeners for Network Load Balancer."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name for Network Load Balancer.",
+ scheme
+ | _js2n__-refsenv."_js2n__-:definitions/LoadBalancerSchemeEnum!contract"
+ | doc "Load Balancer scheme. If undefined, the default of {@link https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateLoadBalancer.html ELBv2 CreateLoadBalancer API } is used."
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Subnets to launch the Network Load Balancer in.",
+ },
+ "_js2n__-:definitions/INlbListenerConfig!contract"
+ | doc "Application Load Balancer listener config. Currently only action type of `forward`, `redirect` and `fixed-response` is allowed."
+ = {
+ alpnPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/AlpnPolicyEnum!contract"
+ | doc "Application-Layer Protocol Negotiation (ALPN) policy} for TLS encrypted traffic"
+ | optional,
+ certificate
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "ACM ARN of the certificate to be associated with the listener."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name for Listener.",
+ port
+ | Number
+ | doc "Port where the traffic is directed to."
+ | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/NlbProtocolEnum!contract"
+ | doc "Protocol used for the traffic. The supported protocols are TCP, TLS, UDP, or TCP_UDP."
+ | optional,
+ sslPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/SslPolicyNlbEnum!contract"
+ | doc "SSL policy for TLS encrypted traffic"
+ | optional,
+ targetGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Target Group to direct the traffic to.",
+ },
+ "_js2n__-:definitions/INlbTargetType!predicate"
+ | doc "The codes to use when checking for a successful response from a target. If the protocol version is gRPC, these are gRPC codes. Otherwise, these are HTTP codes."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "account", "nlbName", "region" ],
+ _js2n__-prdslib.records.record
+ {
+ account =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ nlbName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ region =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IPortfolioAssociatoinConfig!contract"
+ | doc "Portfolio Associations configuration"
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Indicates the name of the principal to associate the portfolio with.",
+ propagateAssociation
+ | Bool
+ | doc "Indicates whether the principal association should be created in accounts the portfolio is shared with. Verify the IAM principal exists in all accounts the portfolio is shared with before enabling."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/PortfolioAssociationType!contract"
+ | doc "Indicates the type of portfolio association, valid values are: Group, User, and Role.",
+ },
+ "_js2n__-:definitions/IPortfolioConfig!contract"
+ | doc "Service Catalog Portfolios configuration"
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the account to deploy the portfolio.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the portfolio",
+ portfolioAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IPortfolioAssociatoinConfig!contract"
+ | doc "Configuration of portfolio associations to give access to IAM principals."
+ | optional,
+ products
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IProductConfig!contract"
+ | doc "Product Configuration"
+ | optional,
+ provider
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The provider of the portfolio",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The region names to deploy the portfolio.",
+ shareTagOptions
+ | Bool
+ | doc "Whether or not to share TagOptions with other account(s)/OU(s)"
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "Portfolio share target. Sharing portfolios to Organizational Units is only supported for portfolios in the Management account."
+ | optional,
+ tagOptions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITagOptionsConfig!contract"
+ | doc "Portfolio TagOptions configuration"
+ | optional,
+ },
+ "_js2n__-:definitions/IPrivateIpAddressItem!contract"
+ | doc "Configure a secondary private IPv4 address for a network interface."
+ = {
+ primary
+ | Bool
+ | doc "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary."
+ | optional,
+ privateIpAddress
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The private IPv4 address."
+ | optional,
+ },
+ "_js2n__-:definitions/IProductConfig!contract"
+ | doc "Service Catalog Products configuration"
+ = {
+ constraints
+ | _js2n__-refsenv."_js2n__-:definitions/IProductConstraintConfig!contract"
+ | doc "Product Constraint configuration"
+ | optional,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Product description"
+ | optional,
+ distributor
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the product's publisher."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the product",
+ owner
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The owner of the product",
+ support
+ | _js2n__-refsenv."_js2n__-:definitions/IProductSupportConfig!contract"
+ | doc "Product support details."
+ | optional,
+ tagOptions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITagOptionsConfig!contract"
+ | doc "Product TagOptions configuration"
+ | optional,
+ versions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IProductVersionConfig!contract"
+ | doc "Product version configuration",
+ },
+ "_js2n__-:definitions/IProductConstraintConfig!contract"
+ | doc "Service Catalog Product Constraint configuration. For more information see https://docs.aws.amazon.com/servicecatalog/latest/adminguide/constraints.html"
+ = {
+ launch
+ | _js2n__-refsenv."_js2n__-:definitions/IProductLaunchConstraintConfig!contract"
+ | doc "Launch constraint role name and type, supports LocalRole or Role."
+ | optional,
+ notifications
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A list of SNS topic names to stream product notifications to"
+ | optional,
+ tagUpdate
+ | Bool
+ | doc "Determines if Service Catalog Tag Update constraint is enabled"
+ | optional,
+ },
+ "_js2n__-:definitions/IProductLaunchConstraintConfig!contract"
+ | doc "Service Catalog Product Constraint configuration. For more information see https://docs.aws.amazon.com/servicecatalog/latest/adminguide/constraints.html"
+ = {
+ role
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the IAM Role.",
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/ProductLaunchConstraintType!contract"
+ | doc "The type of launch constraint, either Role or LocalRole. For more information, see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-launchroleconstraint.html",
+ },
+ "_js2n__-:definitions/IProductSupportConfig!contract"
+ | doc "Product Support configuration"
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Support description of how users should use email contact and support link."
+ | optional,
+ email
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The email address to report issues with the product"
+ | optional,
+ url
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The url to the site where users can find support information or file tickets."
+ | optional,
+ },
+ "_js2n__-:definitions/IProductVersionConfig!contract"
+ | doc "Product Versions configuration"
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The version description"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the version of the product",
+ template
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The product template.",
+ },
+ "_js2n__-:definitions/IShareTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/ITag!contract" = { key | String, value | String, },
+ "_js2n__-:definitions/ITagOptionsConfig!contract"
+ | doc "Service Catalog TagOptions configuration."
+ = {
+ key
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The tag key",
+ values
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of values that can be used for the tag key",
+ },
+ "_js2n__-:definitions/ITargetGroupAttributeTypes!contract"
+ | doc "Set attributes for target group."
+ = {
+ algorithm
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupAttributeAlgorithm!contract"
+ | doc "The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin. The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ appCookieDuration
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ appCookieName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP, and AWSALBTG; they're reserved for use by the load balancer. The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ connectionTermination
+ | Bool
+ | doc "Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is true or false. The default is false. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ deregistrationDelay
+ | Number
+ | doc "The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds."
+ | optional,
+ lbCookieDuration
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ preserveClientIp
+ | Bool
+ | doc "Indicates whether client IP preservation is enabled. The value is true or false. The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation cannot be disabled for UDP and TCP_UDP target groups. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ proxyProtocolV2
+ | Bool
+ | doc "Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ slowStart
+ | Number
+ | doc "The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ stickiness
+ | Bool
+ | doc "Indicates whether target stickiness is enabled. The value is true or false. The default is false."
+ | optional,
+ stickinessType
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupAttributeStickinessType!contract"
+ | doc "Indicates the type of stickiness. The possible values are: - lb_cookie and app_cookie for Application Load Balancers. - source_ip for Network Load Balancers. - source_ip_dest_ip and source_ip_dest_ip_proto for Gateway Load Balancers"
+ | optional,
+ targetFailover
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupTargetFailoverType!contract"
+ | doc "Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered or becomes unhealthy. The possible values are rebalance and no_rebalance. The default is no_rebalance"
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupHealthCheckType!contract"
+ | doc "Configure health check for target group."
+ = {
+ interval
+ | Number
+ | doc "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds."
+ | optional,
+ path
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "[HTTP/HTTPS health checks] The destination for health checks on the targets. [HTTP1 or HTTP2 protocol version] The ping path. The default is /. [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is /AWS.ALB/healthcheck."
+ | optional,
+ port
+ | Number
+ | doc "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port`, which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80."
+ | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupHealthCheckProtocolType!contract"
+ | doc "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks."
+ | optional,
+ timeout
+ | Number
+ | doc "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds."
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Target Group Configuration"
+ = {
+ attributes
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupAttributeTypes!contract"
+ | doc "Target Group Attributes."
+ | optional,
+ healthCheck
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupHealthCheckType!contract"
+ | doc "Target Group HealthCheck."
+ | optional,
+ matcher
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupMatcherType!contract"
+ | doc "The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the target group. This value is used in {@link ApplicationLoadBalancerListenerConfig Application Load Balancer listeners } , {@link NetworkLoadBalancerListenerConfig Network Load Balancer listeners } , and {@link AutoScalingConfig Autoscaling config } .",
+ port
+ | Number
+ | doc "The port on which the targets receive traffic.",
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupProtocolType!contract"
+ | doc "Target group protocol version. Should be one of HTTP, HTTPS, GENEVE, TCP, UDP, TCP_UDP or TLS The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. A TCP_UDP listener must be associated with a TCP_UDP target group. For Gateway Load Balancers, the supported protocol is GENEVE.",
+ protocolVersion
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupProtocolVersionType!contract"
+ | doc "The protocol version. Should be one of 'GRPC', 'HTTP1', 'HTTP2'. Specify GRPC to send requests to targets using gRPC. Specify HTTP2 to send requests to targets using HTTP/2. The default is HTTP1, which sends requests to targets using HTTP/1.1."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "The accounts/OUs location where the Target Group will be deployed to."
+ | optional,
+ targets
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/INlbTargetType!predicate"
+ ])
+ )
+ | doc "Target group targets. These targets should be the friendly names assigned to firewall instances."
+ | optional,
+ threshold
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupThresholdType!contract"
+ | doc "Target Group Threshold."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupType!contract"
+ | doc m%"
+ The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.
+ - `instance` - Register targets by instance ID. This is the default value.
+ - `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses. `alb` - Register a single Application Load Balancer as a target.
+ "%,
+ },
+ "_js2n__-:definitions/ITargetGroupMatcherType!contract"
+ | doc "Add the ability to target an NLB created by the Landing Zone Accelerator"
+ = {
+ grpcCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12."
+ | optional,
+ httpCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). For Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Note that when using shorthand syntax, some values such as commas need to be escaped."
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupThresholdType!contract"
+ | doc "Configure health check threshold for target group."
+ = {
+ healthy
+ | Number
+ | doc "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 3."
+ | optional,
+ unhealthy
+ | Number
+ | doc "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 3."
+ | optional,
+ },
+ "_js2n__-:definitions/LoadBalancerSchemeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'internal, 'internet-facing |] ],
+ "_js2n__-:definitions/NlbProtocolEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'TCP_UDP, 'TLS, 'UDP, 'TCP |] ],
+ "_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ]),
+ "_js2n__-:definitions/NonEmptyString!predicate"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ],
+ "_js2n__-:definitions/PortfolioAssociationType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'PermissionSet, 'Role, 'Group, 'User |]
+ ],
+ "_js2n__-:definitions/ProductLaunchConstraintType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'LocalRole, 'Role |] ],
+ "_js2n__-:definitions/Region!contract"
+ | doc "AWS Region"
+ = std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'us-west-2,
+ 'us-west-1,
+ 'us-iso-west-1,
+ 'us-isob-east-1,
+ 'us-iso-east-1,
+ 'us-gov-east-1,
+ 'us-gov-west-1,
+ 'us-east-2,
+ 'us-east-1,
+ 'sa-east-1,
+ 'me-south-1,
+ 'me-central-1,
+ 'il-central-1,
+ 'eu-west-3,
+ 'eu-west-2,
+ 'eu-west-1,
+ 'eu-south-2,
+ 'eu-south-1,
+ 'eu-north-1,
+ 'eu-central-2,
+ 'eu-central-1,
+ 'cn-northwest-1,
+ 'cn-north-1,
+ 'ca-west-1,
+ 'ca-central-1,
+ 'ap-southeast-4,
+ 'ap-southeast-3,
+ 'ap-southeast-2,
+ 'ap-southeast-1,
+ 'ap-south-2,
+ 'ap-south-1,
+ 'ap-northeast-3,
+ 'ap-northeast-2,
+ 'ap-northeast-1,
+ 'ap-east-1,
+ 'af-south-1
+ |]
+ ],
+ "_js2n__-:definitions/RoutingHttpXffHeaderProcessingModeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'remove, 'preserve, 'append |] ],
+ "_js2n__-:definitions/SslPolicyAlbEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ELBSecurityPolicy-2016-08,
+ 'ELBSecurityPolicy-FS-1-2-Res-2020-10,
+ 'ELBSecurityPolicy-2015-05,
+ 'ELBSecurityPolicy-FS-1-2-Res-2019-08,
+ 'ELBSecurityPolicy-FS-1-2-2019-08,
+ 'ELBSecurityPolicy-FS-1-1-2019-08,
+ 'ELBSecurityPolicy-FS-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-Ext-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-2017-01,
+ 'ELBSecurityPolicy-TLS-1-1-2017-01,
+ 'ELBSecurityPolicy-TLS-1-0-2015-04
+ |]
+ ],
+ "_js2n__-:definitions/SslPolicyNlbEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ELBSecurityPolicy-2016-08,
+ 'ELBSecurityPolicy-TLS13-1-3-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-0-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-1-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Res-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-2021-06,
+ 'ELBSecurityPolicy-FS-1-2-Res-2020-10,
+ 'ELBSecurityPolicy-2015-05,
+ 'ELBSecurityPolicy-FS-1-2-Res-2019-08,
+ 'ELBSecurityPolicy-FS-1-2-2019-08,
+ 'ELBSecurityPolicy-FS-1-1-2019-08,
+ 'ELBSecurityPolicy-FS-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-Ext-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-2017-01,
+ 'ELBSecurityPolicy-TLS-1-1-2017-01,
+ 'ELBSecurityPolicy-TLS-1-0-2015-04
+ |]
+ ],
+ "_js2n__-:definitions/TargetGroupAttributeAlgorithm!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'least_outstanding_requests, 'round_robin |]
+ ],
+ "_js2n__-:definitions/TargetGroupAttributeStickinessType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'source_ip_dest_ip_proto,
+ 'source_ip_dest_ip,
+ 'source_ip,
+ 'app_cookie,
+ 'lb_cookie
+ |]
+ ],
+ "_js2n__-:definitions/TargetGroupHealthCheckProtocolType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'TCP, 'HTTPS, 'HTTP |] ],
+ "_js2n__-:definitions/TargetGroupProtocolType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'GENEVE, 'HTTPS, 'HTTP, 'TCP_UDP, 'UDP, 'TLS, 'TCP |]
+ ],
+ "_js2n__-:definitions/TargetGroupProtocolVersionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'HTTP2, 'HTTP1, 'GRPC |] ],
+ "_js2n__-:definitions/TargetGroupTargetFailoverType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'rebalance, 'no_rebalance |] ],
+ "_js2n__-:definitions/TargetGroupType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'lambda, 'alb, 'ip, 'instance |] ],
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/ICustomizationsConfig!contract"
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Global Config.ncl b/out/Landing Zone Accelerator on AWS - Global Config.ncl
new file mode 100644
index 0000000..19765bd
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Global Config.ncl
@@ -0,0 +1 @@
+null
diff --git a/out/Landing Zone Accelerator on AWS - IAM Config.ncl b/out/Landing Zone Accelerator on AWS - IAM Config.ncl
new file mode 100644
index 0000000..19765bd
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - IAM Config.ncl
@@ -0,0 +1 @@
+null
diff --git a/out/Landing Zone Accelerator on AWS - Network Config.ncl b/out/Landing Zone Accelerator on AWS - Network Config.ncl
new file mode 100644
index 0000000..e119589
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Network Config.ncl
@@ -0,0 +1,4940 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/AlbListenerProtocolEnum!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'HTTPS, 'HTTP |] ],
+ "_js2n__-:definitions/AlbListenerTypeEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'redirect, 'forward, 'fixed-response |]
+ ],
+ "_js2n__-:definitions/AlbRoutingHttpConfigMitigationModeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'strictest, 'defensive, 'monitor |] ],
+ "_js2n__-:definitions/AlbSchemeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'internal, 'internet-facing |] ],
+ "_js2n__-:definitions/AllowDeny!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'deny, 'allow |] ],
+ "_js2n__-:definitions/AlpnPolicyEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'None,
+ 'HTTP2Preferred,
+ 'HTTP2Optional,
+ 'HTTP2Only,
+ 'HTTP1Only
+ |]
+ ],
+ "_js2n__-:definitions/CertificateConfigType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'request, '"import" |] ],
+ "_js2n__-:definitions/CertificateValidationType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'DNS, 'EMAIL |] ],
+ "_js2n__-:definitions/DnsFirewallBlockResponseType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'OVERRIDE, 'NXDOMAIN, 'NODATA |] ],
+ "_js2n__-:definitions/DnsFirewallManagedDomainListsType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'AWSManagedDomainsMalwareDomainList,
+ 'AWSManagedDomainsBotnetCommandandControl,
+ 'AWSManagedDomainsAggregateThreatList
+ |]
+ ],
+ "_js2n__-:definitions/DnsFirewallRuleActionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'BLOCK, 'ALERT, 'ALLOW |] ],
+ "_js2n__-:definitions/DpdTimeoutActionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'restart, 'none, 'clear |] ],
+ "_js2n__-:definitions/DxVirtualInterfaceType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'transit, 'private |] ],
+ "_js2n__-:definitions/EnableDisable!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'disable, 'enable |] ],
+ "_js2n__-:definitions/EncryptionAlgorithmType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'AES256-GCM-16, 'AES128-GCM-16, 'AES256, 'AES128 |]
+ ],
+ "_js2n__-:definitions/GatewayEndpointType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'dynamodb, 's3 |] ],
+ "_js2n__-:definitions/GatewayRouteTableType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'virtualPrivateGateway, 'internetGateway |]
+ ],
+ "_js2n__-:definitions/IAlbAttributesConfig!contract"
+ | doc "Application Load Balancer attributes config."
+ = {
+ deletionProtection
+ | Bool
+ | doc "Enable or disable deletion protection."
+ | optional,
+ http2Enabled
+ | Bool
+ | doc "Indicates whether HTTP/2 is enabled. The possible values are true and false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens."
+ | optional,
+ idleTimeout
+ | Number
+ | doc "The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds."
+ | optional,
+ routingHttpDesyncMitigationMode
+ | _js2n__-refsenv."_js2n__-:definitions/AlbRoutingHttpConfigMitigationModeEnum!contract"
+ | doc "Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive`."
+ | optional,
+ routingHttpDropInvalidHeader
+ | Bool
+ | doc "Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( true ) or routed to targets ( false ). The default is false."
+ | optional,
+ routingHttpXAmznTlsCipherEnable
+ | Bool
+ | doc "Indicates whether the two headers ( x-amzn-tls-version and x-amzn-tls-cipher-suite ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true and false . The default is false."
+ | optional,
+ routingHttpXffClientPort
+ | Bool
+ | doc "Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. The possible values are true and false . The default is false."
+ | optional,
+ routingHttpXffHeaderProcessingMode
+ | _js2n__-refsenv."_js2n__-:definitions/RoutingHttpXffHeaderProcessingModeEnum!contract"
+ | doc "Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are append, preserve, and remove. The default is append."
+ | optional,
+ wafFailOpen
+ | Bool
+ | doc "Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are true and false. The default is false."
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerConfig!contract"
+ | doc "Application Load Balancer listener config. Currently only action type of `forward`, `redirect` and `fixed-response` is allowed."
+ = {
+ certificate
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Applies to HTTPS listeners. The default certificate for the listener. You must provide exactly one certificate arn or a certificate name which was created by LZA"
+ | optional,
+ fixedResponseConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerFixedResponseConfig!contract"
+ | doc "Information for creating an action that returns a custom HTTP response. Specify only when type is `fixed-response`."
+ | optional,
+ forwardConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerForwardConfig!contract"
+ | doc "Information for creating an action that distributes requests to targetGroup. Stickiness for targetGroup can be set here."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the application load balancer listener",
+ order
+ | Number
+ | doc "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first"
+ | optional,
+ port
+ | Number
+ | doc "Port of the application load balancer listener",
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/AlbListenerProtocolEnum!contract"
+ | doc "Protocol of the application load balancer listener. The supported protocols are HTTP and HTTPS",
+ redirectConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerRedirectConfig!contract"
+ | doc "Information for creating a redirect action. Specify only when type is `redirect`."
+ | optional,
+ sslPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/SslPolicyAlbEnum!contract"
+ | doc "The security policy that defines which protocols and ciphers are supported."
+ | optional,
+ targetGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Target Group name to which traffic will be forwarded to. This name should be same as {@link ApplicationLoadBalancerTargetGroupConfig targetGroup } name.",
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/AlbListenerTypeEnum!contract"
+ | doc "Type of the application load balancer listener",
+ },
+ "_js2n__-:definitions/IAlbListenerFixedResponseConfig!contract"
+ | doc m%"
+ Application load balancer listener fixed response config
+ It returns a custom HTTP response.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `fixed-response`.
+ "%
+ = {
+ contentType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The message to send back."
+ | optional,
+ messageBody
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The HTTP response code (2XX, 4XX, or 5XX)."
+ | optional,
+ statusCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json",
+ },
+ "_js2n__-:definitions/IAlbListenerForwardConfig!contract"
+ | doc m%"
+ Application Load balancer listener forward config. Used to define forward action.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `forward`.
+ "%
+ = {
+ targetGroupStickinessConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbListenerTargetGroupStickinessConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerRedirectConfig!contract"
+ | doc m%"
+ Application Load balancer listener redirect config. Used to define redirect action.
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `redirect`.
+ "%
+ = {
+ host
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ path
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ port | Number | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ query
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ statusCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IAlbListenerTargetGroupStickinessConfig!contract"
+ | doc m%"
+ Application Load balancer listener forward config target group stickiness config
+ Applicable only when `type` under {@link ApplicationLoadBalancerListenerConfig listener} is `forward`.
+ "%
+ = {
+ durationSeconds
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days)."
+ | optional,
+ enabled
+ | Bool
+ | doc "Indicates whether target group stickiness is enabled."
+ | optional,
+ },
+ "_js2n__-:definitions/IApplicationLoadBalancerConfig!contract"
+ | doc "Used to define Application Load Balancer configurations for the accelerator."
+ = {
+ attributes
+ | _js2n__-refsenv."_js2n__-:definitions/IAlbAttributesConfig!contract"
+ | doc "Attributes for Application Load Balancer."
+ | optional,
+ listeners
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAlbListenerConfig!contract"
+ | doc "Listeners for Application Load Balancer."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the application load balancer",
+ scheme
+ | _js2n__-refsenv."_js2n__-:definitions/AlbSchemeEnum!contract"
+ | doc "Internal or internet facing scheme for Application Load Balancer."
+ | optional,
+ securityGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Security Groups to attach to the Application Load Balancer.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc m%"
+ The location where the Application Load Balancer(s) will be deployed to.
+ *
+ "%
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Subnets to launch the Application Load Balancer in.",
+ },
+ "_js2n__-:definitions/ICentralNetworkServicesConfig!contract"
+ | doc m%"
+ Central network services configuration.
+ Use this configuration to define centralized networking services for your environment.
+ Central network services enables you to easily designate a central account that owns your
+ core network infrastructure. These network resources can be shared with other
+ accounts in your organization so that workload accounts can consume them.
+ "%
+ = {
+ delegatedAdminAccount
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the delegated administrator account for network services. Resources configured under `centralNetworkServices` will be created in this account.",
+ gatewayLoadBalancers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IGwlbConfig!contract"
+ | doc "An array of Gateway Load Balancer configurations."
+ | optional,
+ ipams
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IIpamConfig!contract"
+ | doc "An array of IPAM configurations."
+ | optional,
+ networkFirewall
+ | _js2n__-refsenv."_js2n__-:definitions/INfwConfig!contract"
+ | doc "A Network Firewall configuration."
+ | optional,
+ route53Resolver
+ | _js2n__-refsenv."_js2n__-:definitions/IResolverConfig!contract"
+ | doc "A Route 53 resolver configuration."
+ | optional,
+ },
+ "_js2n__-:definitions/ICertificateConfig!contract"
+ | doc m%"
+ Amazon Certificate Manager (ACM) Configuration
+
+ {@link https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Import certificate} or {@link https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html Request certificate} from ACM
+ "%
+ = {
+ cert
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Path to certificate in S3 assets bucket. The bucket value is in the outputs of Pipeline stack in home region. Path should be given relative to the bucket. The certificate to import. This value should be provided when type is set to import or else validation fails."
+ | optional,
+ chain
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Path to the PEM encoded certificate chain in S3 assets bucket. The bucket value is in the outputs of Pipeline stack in home region. Path should be given relative to the bucket. This value is optional when type is set to import."
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "ACM deployment target. This should be provided to deploy ACM into OUs or account."
+ | optional,
+ domain
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. In compliance with RFC 5280, the length of the domain name (technically, the Common Name) that you provide cannot exceed 64 octets (characters), including periods. To add a longer domain name, specify it in the Subject Alternative Name field, which supports names up to 253 octets in length. This value should be provided when type is set to request or else validation fails."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the certificate. This should be unique in the certificates array. Duplicate names will fail the validation.",
+ privKey
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Path to the private key in S3 assets bucket. The bucket value is in the outputs of Pipeline stack in home region. Path should be given relative to the bucket. The private key that matches the public key in the certificate. This value should be provided when type is set to import or else validation fails."
+ | optional,
+ san
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the DomainName field is www.example.com if users can reach your site by using either name."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/CertificateConfigType!contract"
+ | doc "Type of ACM cert. Valid values are `import` or `request`",
+ validation
+ | _js2n__-refsenv."_js2n__-:definitions/CertificateValidationType!contract"
+ | doc "The method you want to use if you are requesting a public certificate to validate that you own or control domain. You can validate with DNS or validate with email. Valid values are 'DNS' or 'EMAIL'. This value should be provided when type is set to request or else validation fails."
+ | optional,
+ },
+ "_js2n__-:definitions/ICustomerGatewayConfig!contract"
+ | doc m%"
+ Use this configuration to define Customer Gateways and site-to-site VPN connections.
+ A customer gateway device is a physical or software appliance that you own or manage in
+ your on-premises network (on your side of a Site-to-Site VPN connection).
+ A VPN connection refers to the connection between your VPC and your own on-premises network.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The logical name of the account to deploy the Customer Gateway to. This value should match the name of the account recorded in the accounts-config.yaml file.",
+ asn | Number | doc "Define the ASN used for the Customer Gateway",
+ ipAddress
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Defines the IP address of the Customer Gateway",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The name of the CGW.
+
+ The value of this property will be utilized as the logical id for this resource. Any references to this object should specify this value.
+ "%,
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The AWS region to provision the customer gateway in",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "Define tags for the Customer Gateway"
+ | optional,
+ vpnConnections
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpnConnectionConfig!contract"
+ | doc "Define the optional VPN Connection configuration"
+ | optional,
+ },
+ "_js2n__-:definitions/IDefaultVpcsConfig!contract"
+ | doc "Use this configuration to delete default VPCs in your environment."
+ = {
+ delete | Bool | doc "Enable to delete default VPCs.",
+ excludeAccounts
+ | Array (String)
+ | doc "(OPTIONAL) Include an array of friendly account names to exclude from default VPC deletion."
+ | optional,
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) Include an array of AWS regions to exclude from default VPC deletion."
+ | optional,
+ },
+ "_js2n__-:definitions/IDeploymentTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ excludedAccounts | Array (String) | optional,
+ excludedRegions | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/IDhcpOptsConfig!contract"
+ | doc m%"
+ Use this configuration to define custom DHCP options sets for your VPCs.
+ Custom DHCP option sets give you control over the DNS servers, domain names,
+ or Network Time Protocol (NTP) servers used by the devices in your VPC.
+
+ The following example creates a DHCP option set named `accelerator-dhcp-opts`
+ in the `Network` account in the `us-east-1` region. The options set assigns
+ a domain name of `example.com` to hosts in the VPC and configures the DNS
+ server to `1.1.1.1`.
+ "%
+ = {
+ accounts
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of friendly account names to deploy the options set.",
+ domainName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A domain name to assign to hosts using the options set."
+ | optional,
+ domainNameServers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of IP addresses for domain name servers."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the DHCP options set.",
+ netbiosNameServers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL An array of IP addresses for NetBIOS servers."
+ | optional,
+ netbiosNodeType
+ | _js2n__-refsenv."_js2n__-:definitions/NetbiosNodeType!contract"
+ | doc "(OPTIONAL) The NetBIOS node type number."
+ | optional,
+ ntpServers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of IP addresses for NTP servers."
+ | optional,
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "An array of regions to deploy the options set.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the options set."
+ | optional,
+ },
+ "_js2n__-:definitions/IDnsFirewallRuleGroupConfig!contract"
+ | doc m%"
+ Use this configuration to define a group of rules for your DNS firewall.
+ Rule groups contain one to many rules that can be associated with VPCs in your environment.
+ These rules allow you to define the behavior of your DNS firewall.
+
+ The following example creates a rule group that contains one rule entry.
+ The rule blocks a list of custom domains contained in a file in the accelerator
+ configuration repository. The rule group is shared to the entire organization.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the DNS firewall rule group.",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The regions to deploy the rule group to.",
+ rules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDnsFirewallRulesConfig!contract"
+ | doc "An array of DNS firewall rule configurations.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "An array of tags for the rule group."
+ | optional,
+ },
+ "_js2n__-:definitions/IDnsFirewallRulesConfig!contract"
+ | doc m%"
+ Use this configuration to define individual rules for your DNS firewall.
+ This allows you to define the DNS firewall behavior for your VPCs.
+ "%
+ = {
+ action
+ | _js2n__-refsenv."_js2n__-:definitions/DnsFirewallRuleActionType!contract"
+ | doc "An action for the DNS firewall rule to take on matching requests.",
+ blockOverrideDomain
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Configure an override domain for BLOCK actions. This is a custom DNS record to send back in response to the query."
+ | optional,
+ blockOverrideTtl
+ | Number
+ | doc "(OPTIONAL) Configure a time-to-live (TTL) for the override domain. This is the recommended amount of time for the DNS resolver or web browser to cache the override record and use it in response to this query, if it is received again. By default, this is zero, and the record isn't cached."
+ | optional,
+ blockResponse
+ | _js2n__-refsenv."_js2n__-:definitions/DnsFirewallBlockResponseType!contract"
+ | doc "Configure a specific response type for BLOCK actions. Block response types are defined here: {@link https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-dns-firewall-rule-actions.html }"
+ | optional,
+ customDomainList
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A file containing a custom domain list in TXT format."
+ | optional,
+ managedDomainList
+ | _js2n__-refsenv."_js2n__-:definitions/DnsFirewallManagedDomainListsType!contract"
+ | doc "Configure a rule that uses an AWS-managed domain list. AWS-managed domain lists are defined here: {@link https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-dns-firewall-managed-domain-lists.html } ."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the DNS firewall rule.",
+ "priority" | Number | doc "The priority of the DNS firewall rule.",
+ },
+ "_js2n__-:definitions/IDnsQueryLogsConfig!contract"
+ | doc m%"
+ Use this configuration to define a centralized query logging configuration that can
+ be associated with VPCs in your environment.
+ You can use this configuration to log queries that originate from your VPCs,
+ queries to your inbound and outbound resolver endpoints,
+ and queries that use Route 53 Resolver DNS firewall to allow, block, or monitor
+ domain lists.
+
+ The following example creates a query logging configuration that logs to both
+ S3 and a CloudWatch Logs log group. It is shared with the entire organization.
+ "%
+ = {
+ destinations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/LogDestinationType!contract"
+ | doc "An array of destination services used to store the logs.",
+ excludedRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the query logging config.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "Resource Access Manager (RAM) share targets."
+ | optional,
+ },
+ "_js2n__-:definitions/IDxGatewayConfig!contract"
+ | doc "A DXGW is a globally-available resource than can be used to connect your VPCs to your on-premise infrastructure."
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account to deploy the DX Gateway.",
+ asn
+ | Number
+ | doc "A Border Gateway Protocol (BGP) Autonomous System Number (ASN).",
+ gatewayName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the Direct Connect Gateway. This name will show as the name of the resource in the AWS console and API.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the DX Gateway. This name is used as a logical reference for the resource in the accelerator.",
+ transitGatewayAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDxTransitGatewayAssociationConfig!contract"
+ | doc "(OPTIONAL) An array of transit gateway association configurations. Creates transit gateway attachments for this DX gateway."
+ | optional,
+ virtualInterfaces
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDxVirtualInterfaceConfig!contract"
+ | doc "(OPTIONAL) An array of virtual interface configurations. Creates virtual interfaces on the DX gateway."
+ | optional,
+ },
+ "_js2n__-:definitions/IDxTransitGatewayAssociationConfig!contract"
+ | doc "Use this configuration to define transit gateway attachments for a DX gateway."
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account the transit gateway is deployed to.",
+ allowedPrefixes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of CIDR prefixes that are allowed to advertise over this transit gateway association.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the transit gateway to associate.",
+ routeTableAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of TGW route table(s) to associate with this attachment."
+ | optional,
+ routeTablePropagations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of TGW route table(s) to propagate routes from this attachment."
+ | optional,
+ },
+ "_js2n__-:definitions/IDxVirtualInterfaceConfig!contract"
+ | doc m%"
+ Use this configuration to create a virtual interface to a DX Gateway. Virtual interfaces
+ enable access to your AWS services from your on-premises environment.
+
+ The following example creates a transit VIF called Accelerator-VIF in the Network account
+ on a DX connection with resource ID dxcon-example:
+ "%
+ = {
+ addressFamily
+ | _js2n__-refsenv."_js2n__-:definitions/IpVersionType!contract"
+ | doc m%"
+ (OPTIONAL) The address family to use for this virtual interface.
+
+ Default - ipv4
+ "%
+ | optional,
+ amazonAddress
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) The peer IP address to use for Amazon's side of the virtual interface.
+
+ Default - randomly-generated by Amazon
+ "%
+ | optional,
+ connectionId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The resource ID of the {@link https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html#overview-components DX connection } the virtual interface will be created on",
+ customerAddress
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) The peer IP address to use for customer's side of the virtual interface.
+
+ Default - randomly-generated by Amazon
+ "%
+ | optional,
+ customerAsn
+ | Number
+ | doc "A Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the customer side of the connection.",
+ enableSiteLink
+ | Bool
+ | doc m%"
+ (OPTIONAL) Enable SiteLink for this virtual interface.
+
+ Default - false
+ "%
+ | optional,
+ interfaceName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the virtual interface. This name will show as the name of the resource in the AWS console and API.",
+ jumboFrames
+ | Bool
+ | doc m%"
+ (OPTIONAL) Enable jumbo frames for the virtual interface.
+
+ Default - standard 1500 MTU frame size
+ "%
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the virtual interface. This name is used as a logical reference for the resource in the accelerator.",
+ ownerAccount
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the owning account of the DX connection.",
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The region of the virtual interface.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags to apply to the virtual interface."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/DxVirtualInterfaceType!contract"
+ | doc "The type of the virtual interface",
+ vlan
+ | Number
+ | doc "The virtual local area network (VLAN) tag to use for this virtual interface.",
+ },
+ "_js2n__-:definitions/IElbAccountIdsConfig!contract"
+ | doc "An optional ELB root account ID"
+ = {
+ accountId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ },
+ "_js2n__-:definitions/IEndpointPolicyConfig!contract"
+ | doc m%"
+ Use this configuration to define VPC endpoint policies for your VPC gateway and interface endpoints.
+ The endpoint policy is a JSON policy document that controls which AWS principals can use the VPC
+ endpoint to access the endpoint service.
+
+ The following example defines an endpoint policy named `Default` and references a path
+ where a JSON policy document is stored:
+ "%
+ = {
+ document
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A file path for a JSON-formatted policy document.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the endpoint policy.",
+ },
+ "_js2n__-:definitions/IFirewallManagerNotificationChannelConfig!contract"
+ | doc "An optional Firewall Manager Service Config"
+ = {
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Enables the FMS notification channel. Defaults to enabled.",
+ snsTopic
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The SNS Topic Name to publish to.",
+ },
+ "_js2n__-:definitions/IFirewallManagerServiceConfig!contract"
+ | doc "An optional Firewall Manager Service Config"
+ = {
+ delegatedAdminAccount
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly account name to deploy the FMS configuration",
+ notificationChannels
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IFirewallManagerNotificationChannelConfig!contract"
+ | doc "The FMS Notification Channel Configuration"
+ | optional,
+ },
+ "_js2n__-:definitions/IGatewayEndpointConfig!contract"
+ | doc m%"
+ Use this configuration to define gateway endpoints for your VPC.
+ A gateway endpoint targets specific IP routes in an Amazon VPC route table,
+ in the form of a prefix-list, used for traffic destined to Amazon DynamoDB
+ or Amazon Simple Storage Service (Amazon S3).
+ "%
+ = {
+ defaultPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the default policy for the gateway endpoints.",
+ endpoints
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IGatewayEndpointServiceConfig!contract"
+ | doc "An array of endpoints to create.",
+ },
+ "_js2n__-:definitions/IGatewayEndpointServiceConfig!contract"
+ | doc "Use this configuration to define the service and endpoint policy for gateway endpoints."
+ = {
+ applyPolicy
+ | Bool
+ | doc "(OPTIONAL) Specify whether or not a policy is applied to the endpoint. By default, if no policy is specified in the `policy` property, a default policy is applied. Specifying this option as `false` will ensure no policy is applied to the endpoint. This property defaults to `true` if not specified."
+ | optional,
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of a policy for the gateway endpoint. If left undefined, the default policy will be used."
+ | optional,
+ service
+ | _js2n__-refsenv."_js2n__-:definitions/GatewayEndpointType!contract"
+ | doc "The name of the service to create the endpoint for",
+ serviceName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The full name of the service to create the endpoint for."
+ | optional,
+ },
+ "_js2n__-:definitions/IGwlbConfig!contract"
+ | doc m%"
+ Use to define Gateway Load Balancer configurations for the accelerator.
+ Gateway Load Balancers enable you to deploy, scale, and manage virtual appliances,
+ such as firewalls, intrusion detection and prevention systems, and deep packet inspection
+ systems. It combines a transparent network gateway (that is, a single entry and exit point
+ for all traffic) and distributes traffic while scaling your virtual appliances with the demand.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Set an override for the account the Gateway Load Balancer is deployed to."
+ | optional,
+ crossZoneLoadBalancing
+ | Bool
+ | doc "(OPTIONAL) Whether to enable cross-zone load balancing."
+ | optional,
+ deletionProtection
+ | Bool
+ | doc "(OPTIONAL) Whether to enable deletion protection."
+ | optional,
+ endpoints
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IGwlbEndpointConfig!contract"
+ | doc "An array of Gateway Load Balancer endpoint configurations.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the Gateway Load Balancer.",
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of friendly names of subnets to deploy the Gateway Load Balancer to.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of CloudFormation tag objects."
+ | optional,
+ targetGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of a target group to forward traffic to"
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy the Gateway Load Balancer to.",
+ },
+ "_js2n__-:definitions/IGwlbEndpointConfig!contract"
+ | doc m%"
+ Use this configuration to define endpoints for your Gateway Load Balancer.
+ Gateway Load Balancers use Gateway Load Balancer endpoints to securely exchange
+ traffic across VPC boundaries. A Gateway Load Balancer endpoint is a VPC endpoint
+ that provides private connectivity between virtual appliances in the service provider
+ VPC and application servers in the service consumer VPC.
+
+ The following example creates two Gateway Load Balancer endpoints,
+ `Endpoint-A` and `Endpoint-B`. The endpoints are created in subnets named
+ `Network-Inspection-A` and `Network-Inspection-B`, respectively, in the VPC named
+ `Network-Inspection`.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account to deploy the endpoint to.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the Gateway Load Balancer endpoint.",
+ subnet
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the subnet to deploy the Gateway Load Balancer endpoint to.",
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy the Gateway Load Balancer endpoint to.",
+ },
+ "_js2n__-:definitions/IInterfaceEndpointConfig!contract"
+ | doc m%"
+ Use this configuration to define interface endpoints for your VPC.
+ Interface endpoints powered by AWS PrivateLink to connect your VPC to AWS services as if they were in your VPC, without the use of an internet gateway.
+ "%
+ = {
+ allowedCidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of source CIDRs allowed to communicate with the endpoints."
+ | optional,
+ central
+ | Bool
+ | doc "(OPTIONAL) Enable to define interface endpoints as centralized endpoints."
+ | optional,
+ defaultPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the default policy for the interface endpoints.",
+ endpoints
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IInterfaceEndpointServiceConfig!contract"
+ | doc "An array of VPC interface endpoint services to be deployed.",
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of the friendly names of VPC subnets for the endpoints to be deployed.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the private hosted zones associated with the VPC Interface endpoints."
+ | optional,
+ },
+ "_js2n__-:definitions/IInterfaceEndpointServiceConfig!contract"
+ | doc "Use this configuration to define the service and endpoint policy for gateway endpoints."
+ = {
+ applyPolicy
+ | Bool
+ | doc "(OPTIONAL) Specify whether or not a policy is applied to the endpoint. By default, if no policy is specified in the `policy` property, a default policy is applied. Specifying this option as `false` will ensure no policy is applied to the endpoint. This property defaults to `true` if not specified."
+ | optional,
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of a policy for the interface endpoint. If left undefined, the default policy will be used."
+ | optional,
+ securityGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Apply the provided security group for this interface endpoint."
+ | optional,
+ service
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the service to create the endpoint for.",
+ serviceName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The full name of the service to create the endpoint for."
+ | optional,
+ },
+ "_js2n__-:definitions/IIpamAllocationConfig!contract"
+ | doc "Use this configuration to dynamically assign a VPC or subnet CIDR from an IPAM pool."
+ = {
+ ipamPoolName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The IPAM pool name to request the allocation from.",
+ netmaskLength | Number | doc "The subnet mask length to request.",
+ },
+ "_js2n__-:definitions/IIpamConfig!contract"
+ | doc m%"
+ Use this configuration to define an AWS-managed VPC IPAM.
+ IPAM is a feature that makes it easier for you to plan, track, and monitor IP addresses for your AWS workloads.
+
+ The following example defines an IPAM that is capable of operating in the us-east-1 and us-west-2 regions:
+ "%
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the IPAM."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the IPAM.",
+ operatingRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) An array of regions that the IPAM will manage."
+ | optional,
+ pools
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IIpamPoolConfig!contract"
+ | doc "An optional array of IPAM pool configurations to create under the IPAM."
+ | optional,
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The region to deploy the IPAM.",
+ scopes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IIpamScopeConfig!contract"
+ | doc "(OPTIONAL) An array of IPAM scope configurations to create under the IPAM."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the IPAM."
+ | optional,
+ },
+ "_js2n__-:definitions/IIpamPoolConfig!contract"
+ | doc m%"
+ Use this configuration to define custom IPAM pools for your VPCs. A pool is a collection of contiguous
+ IP address ranges. IPAM pools enable you to organize your IP addresses according to your routing and security needs.
+ "%
+ = {
+ addressFamily
+ | _js2n__-refsenv."_js2n__-:definitions/IpVersionType!contract"
+ | doc "The address family for the IPAM pool."
+ | optional,
+ allocationDefaultNetmaskLength
+ | Number
+ | doc "(OPTIONAL) The default netmask length of IPAM allocations for this pool."
+ | optional,
+ allocationMaxNetmaskLength
+ | Number
+ | doc "(OPTIONAL) The maximum netmask length of IPAM allocations for this pool."
+ | optional,
+ allocationMinNetmaskLength
+ | Number
+ | doc "(OPTIONAL) The minimum netmask length of IPAM allocations for this pool."
+ | optional,
+ allocationResourceTags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags that are required for resources that use CIDRs from this IPAM pool."
+ | optional,
+ autoImport
+ | Bool
+ | doc "(OPTIONAL) If set to `true`, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM."
+ | optional,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the IPAM pool."
+ | optional,
+ locale
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) The AWS Region where you want to make an IPAM pool available for allocations."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the IPAM pool.",
+ provisionedCidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of CIDR ranges to provision for the IPAM pool."
+ | optional,
+ publiclyAdvertisable
+ | Bool
+ | doc "(OPTIONAL) Determines if a pool is publicly advertisable."
+ | optional,
+ scope
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of the IPAM scope to assign the IPAM pool to."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ sourceIpamPool
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of the source IPAM pool to create this IPAM pool from."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the IPAM pool."
+ | optional,
+ },
+ "_js2n__-:definitions/IIpamScopeConfig!contract"
+ | doc m%"
+ Use this configuration to define custom private IPAM scopes for your VPCs.
+ An IPAM scope is the highest-level container for an IPAM. Within scopes, pools can be created.
+ Custom IPAM scopes can be used to create pools and manage resources that use the same IP space.
+ "%
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Description for the IPAM scope."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the IPAM scope.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the IPAM scope."
+ | optional,
+ },
+ "_js2n__-:definitions/ILifecycleRule!contract"
+ | doc "S3 bucket life cycle rules object."
+ = {
+ abortIncompleteMultipartUpload
+ | Number
+ | doc "Specifies a lifecycle rule that aborts incomplete multipart uploads to an Amazon S3 bucket."
+ | optional,
+ enabled | Bool | doc "Whether this rule is enabled." | optional,
+ expiration
+ | Number
+ | doc "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon Glacier."
+ | optional,
+ expiredObjectDeleteMarker
+ | Bool
+ | doc "Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired."
+ | optional,
+ id
+ | String
+ | doc "Friendly name for the rule. Rule name must be unique."
+ | optional,
+ noncurrentVersionExpiration
+ | Number
+ | doc "Time between when a new version of the object is uploaded to the bucket and when old versions of the object expire."
+ | optional,
+ noncurrentVersionTransitions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransition!contract"
+ | doc "One or more transition rules that specify when non-current objects transition to a specified storage class."
+ | optional,
+ prefix
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Object key prefix that identifies one or more objects to which this rule applies."
+ | optional,
+ transitions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransition!contract"
+ | doc "One or more transition rules that specify when an object transitions to a specified storage class."
+ | optional,
+ },
+ "_js2n__-:definitions/ILoadBalancersConfig!contract"
+ | doc m%"
+ Use this configuration to define Application Load Balancers (ALBs) or
+ Network Load Balancers (NLBs) to be deployed in the specified VPC subnets.
+ "%
+ = {
+ applicationLoadBalancers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IApplicationLoadBalancerConfig!contract"
+ | doc "(OPTIONAL) An array of Application Load Balancer (ALB) configurations. Use this property to define ALBs to be deployed in the specified VPC subnets."
+ | optional,
+ networkLoadBalancers
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkLoadBalancerConfig!contract"
+ | doc "(OPTIONAL) An array of Network Load Balancer (NLB) configurations. Use this property to define NLBs to be deployed in the specified VPC subnets."
+ | optional,
+ },
+ "_js2n__-:definitions/ILocalGatewayConfig!contract"
+ | doc m%"
+ Use this configuration to reference existing local gateways for your Outposts.
+ The local gateway for your Outpost rack enables connectivity from your Outpost subnets to
+ all AWS services that are available in the parent Region, in the same way that you access them from an Availability Zone subnet.
+ "%
+ = {
+ id
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The id for the Local Gateway",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Local Gateway",
+ routeTables
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILocalGatewayRouteTableConfig!contract"
+ | doc "The route tables for the Local Gateway",
+ },
+ "_js2n__-:definitions/ILocalGatewayRouteTableConfig!contract"
+ | doc m%"
+ Use this configuration to reference route tables for your Outposts local gateway.
+ Outpost subnet route tables on a rack can include a route to your on-premises network.
+ The local gateway routes this traffic for low latency routing to the on-premises network.
+ "%
+ = {
+ id
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The id for the Route Table",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Route Table",
+ },
+ "_js2n__-:definitions/INatGatewayConfig!contract"
+ | doc m%"
+ Use this configuration to define AWS-managed NAT Gateways for your VPC.
+ You can use a NAT gateway so that instances in a private subnet can connect to services outside your VPCs.
+ "%
+ = {
+ allocationId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The allocation ID of the Elastic IP address that's associated with the NAT gateway. This allocation ID must exist in the target account the NAT gateway is deployed to."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the NAT Gateway.",
+ private
+ | Bool
+ | doc "(OPTIONAL) Set `true` to define a NAT gateway with private connectivity type"
+ | optional,
+ subnet
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the subnet for the NAT Gateway to be deployed.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the NAT Gateway."
+ | optional,
+ },
+ "_js2n__-:definitions/INetworkAclConfig!contract"
+ | doc m%"
+ Use this configuration to define custom network ACLs for your VPC.
+ A network ACL allows or denies specific inbound or outbound traffic at the subnet level.
+ Network ACLs are stateless, which means that responses to allowed inbound traffic are subject
+ to the rules for outbound traffic (and vice versa).
+
+ The following example shows an inbound and outbound rule that would allow
+ inbound SSH traffic from the CIDR range 10.0.0.0/16.
+ "%
+ = {
+ inboundRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclInboundRuleConfig!contract"
+ | doc "(OPTIONAL) A list of inbound rules to define for the Network ACL"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the Network ACL.",
+ outboundRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclOutboundRuleConfig!contract"
+ | doc "(OPTIONAL) A list of outbound rules to define for the Network ACL"
+ | optional,
+ subnetAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A list of subnets to associate with the Network ACL",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) A list of tags to attach to the Network ACL"
+ | optional,
+ },
+ "_js2n__-:definitions/INetworkAclInboundRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define inbound rules for your network ACLs.
+ An inbound rule allows or denies specific inbound traffic at the subnet level.
+
+ The following example allows inbound SSH traffic from source CIDR 10.0.0.0/16:
+ "%
+ = {
+ action
+ | _js2n__-refsenv."_js2n__-:definitions/AllowDeny!contract"
+ | doc "The action for the network ACL rule.",
+ fromPort
+ | Number
+ | doc "The port to start from in the network ACL rule.",
+ protocol
+ | Number
+ | doc "The {@link https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml IANA protocol number } for the network ACL rule. You may also specify -1 for all protocols.",
+ rule | Number | doc "The rule ID number for the rule.",
+ source
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclSubnetSelection!predicate"
+ ])
+ | doc "The source of the network ACL rule.",
+ toPort
+ | Number
+ | doc "The port to end with in the network ACL rule.",
+ },
+ "_js2n__-:definitions/INetworkAclOutboundRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define outbound rules for your network ACLs.
+ An outbound rule allows or denies specific outbound traffic at the subnet level.
+
+ The following example allows outbound TCP traffic in the ephemeral port ranges to destination CIDR 10.0.0.0/16:
+ "%
+ = {
+ action
+ | _js2n__-refsenv."_js2n__-:definitions/AllowDeny!contract"
+ | doc "The action for the network ACL rule.",
+ destination
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclSubnetSelection!predicate"
+ ])
+ | doc "The destination of the network ACL rule.",
+ fromPort
+ | Number
+ | doc "The port to start from in the network ACL rule.",
+ protocol
+ | Number
+ | doc "The {@link https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml IANA protocol number } for the network ACL rule. You may also specify -1 for all protocols.",
+ rule | Number | doc "The rule ID number for the rule.",
+ toPort
+ | Number
+ | doc "The port to end with in the network ACL rule.",
+ },
+ "_js2n__-:definitions/INetworkAclSubnetSelection!predicate"
+ | doc m%"
+ Network ACL subnet selection configuration.
+ Use this configuration to dynamically reference a subnet as a source/destination for a network ACL.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "subnet", "vpc" ],
+ _js2n__-prdslib.records.record
+ {
+ account =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ ipv6 = _js2n__-prdslib.isType '"Bool",
+ region =
+ _js2n__-refsenv."_js2n__-:definitions/Region!predicate",
+ subnet =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ vpc =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/INetworkConfig!contract"
+ | doc "Network Configuration. Used to define a network configuration for the accelerator."
+ = {
+ accountVpcEndpointIds
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {} {} true
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ])
+ ])
+ | doc m%"
+ A map between account Id and all the VPC Endpoint IDs in the account.
+
+ Currently, the dynamic values will only be loaded in FinalizeStack for SCP finalization. Only the account VPC Endpoints referred by ACCEL_LOOKUP in SCPs will be loaded.
+ "%
+ | optional,
+ accountVpcIds
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {} {} true
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ])
+ ])
+ | doc m%"
+ A map between account Id and all the VPC IDs in the account.
+
+ Currently, the dynamic values will only be loaded in FinalizeStack for SCP finalization. Only the account VPCs referred in SCPs by ACCEL_LOOKUP will be loaded.
+ "%
+ | optional,
+ centralNetworkServices
+ | _js2n__-refsenv."_js2n__-:definitions/ICentralNetworkServicesConfig!contract"
+ | doc "An optional Central Network services configuration."
+ | optional,
+ certificates
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICertificateConfig!contract"
+ | doc "Certificate manager configuration"
+ | optional,
+ customerGateways
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ICustomerGatewayConfig!contract"
+ | doc "An array of Customer Gateway configurations."
+ | optional,
+ defaultVpc
+ | _js2n__-refsenv."_js2n__-:definitions/IDefaultVpcsConfig!contract"
+ | doc "A default VPC configuration.",
+ dhcpOptions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDhcpOptsConfig!contract"
+ | doc "An optional list of DHCP options set configurations."
+ | optional,
+ directConnectGateways
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDxGatewayConfig!contract"
+ | doc "An optional array of Direct Connect Gateway configurations."
+ | optional,
+ elbAccountIds
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IElbAccountIdsConfig!contract"
+ | doc "An optional ELB root account ID"
+ | optional,
+ endpointPolicies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IEndpointPolicyConfig!contract"
+ | doc "A list of VPC configurations. An array of VPC endpoint policies.",
+ firewallManagerService
+ | _js2n__-refsenv."_js2n__-:definitions/IFirewallManagerServiceConfig!contract"
+ | doc "Firewall manager service configuration"
+ | optional,
+ homeRegion
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "Accelerator home region name."
+ | optional,
+ prefixLists
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IPrefixListConfig!contract"
+ | doc "An optional list of prefix list set configurations."
+ | optional,
+ transitGatewayPeering
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayPeeringConfig!contract"
+ | doc "Transit Gateway peering configuration."
+ | optional,
+ transitGateways
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayConfig!contract"
+ | doc "An array of Transit Gateway configurations.",
+ vpcFlowLogs
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsConfig!contract"
+ | doc "A VPC flow logs configuration."
+ | optional,
+ vpcPeering
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcPeeringConfig!contract"
+ | doc "An optional list of VPC peering configurations"
+ | optional,
+ vpcTemplates
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcTemplatesConfig!contract"
+ | doc "An optional list of VPC template configurations"
+ | optional,
+ vpcs
+ | Array _js2n__-refsenv."_js2n__-:definitions/IVpcConfig!contract"
+ | doc "An array of VPC configurations.",
+ },
+ "_js2n__-:definitions/INetworkLoadBalancerConfig!contract"
+ | doc "Network Load Balancer configuration."
+ = {
+ crossZoneLoadBalancing
+ | Bool
+ | doc "Cross Zone load balancing for Network Load Balancer."
+ | optional,
+ deletionProtection
+ | Bool
+ | doc "Deletion protection for Network Load Balancer."
+ | optional,
+ listeners
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INlbListenerConfig!contract"
+ | doc "Listeners for Network Load Balancer."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name for Network Load Balancer.",
+ scheme
+ | _js2n__-refsenv."_js2n__-:definitions/LoadBalancerSchemeEnum!contract"
+ | doc "Load Balancer scheme. If undefined, the default of {@link https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateLoadBalancer.html ELBv2 CreateLoadBalancer API } is used."
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Subnets to launch the Network Load Balancer in.",
+ },
+ "_js2n__-:definitions/INfwConfig!contract"
+ | doc m%"
+ Use this configuration to define Network Firewalls in your environment.
+ AWS Network Firewall is a stateful, managed, network firewall and intrusion
+ detection and prevention service for your virtual private cloud (VPC) that
+ you create in Amazon Virtual Private Cloud (Amazon VPC).
+ With Network Firewall, you can filter traffic at the perimeter of your VPC.
+ This includes filtering traffic going to and coming from an internet gateway,
+ NAT gateway, or over VPN or AWS Direct Connect.
+
+ The following example creates a simple Network Firewall rule group, policy,
+ and firewall. The policy and rule group are shared with the entire organization.
+ The firewall endpoints are created in subnets named `Subnet-A` and `Subnet-B`
+ in the VPC named `Network-Inspection`.
+ "%
+ = {
+ firewalls
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwFirewallConfig!contract"
+ | doc "An array of Network Firewall firewall configurations.",
+ policies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwFirewallPolicyConfig!contract"
+ | doc "An array of Network Firewall policy configurations.",
+ rules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleGroupConfig!contract"
+ | doc "An array of Network Firewall rule group configurations.",
+ },
+ "_js2n__-:definitions/INfwFirewallConfig!contract"
+ | doc m%"
+ Use this configuration to define a Network Firewall firewall.
+ An AWS Network Firewall firewall connects a firewall policy,
+ which defines network traffic monitoring and filtering behavior,
+ to the VPC that you want to protect. The firewall configuration
+ includes specifications for the Availability Zones and subnets
+ where the firewall endpoints are placed. It also defines high-level
+ settings like the firewall logging configuration and tagging on the AWS firewall resource.
+ "%
+ = {
+ deleteProtection
+ | Bool
+ | doc "(OPTIONAL) Enable for deletion protection on the firewall."
+ | optional,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the firewall."
+ | optional,
+ firewallPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the Network Firewall policy.",
+ firewallPolicyChangeProtection
+ | Bool
+ | doc "(OPTIONAL) Enable to disallow firewall policy changes."
+ | optional,
+ loggingConfiguration
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwLoggingConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall logging configurations."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the firewall.",
+ subnetChangeProtection
+ | Bool
+ | doc "(OPTIONAL) Enable to disallow firewall subnet changes."
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of the friendly names of subnets to deploy Network Firewall to.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the firewall."
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy Network Firewall to.",
+ },
+ "_js2n__-:definitions/INfwFirewallPolicyConfig!contract"
+ | doc m%"
+ Use this configuration to define a Network Firewall policy.
+ An AWS Network Firewall firewall policy defines the monitoring and protection behavior
+ for a firewall. The details of the behavior are defined in the rule groups that you add
+ to your policy, and in some policy default settings.
+ "%
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the policy."
+ | optional,
+ firewallPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/INfwFirewallPolicyPolicyConfig!contract"
+ | doc "Use this property to define specific behaviors and rule groups to associate with the policy.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the policy.",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The regions to deploy the policy to.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the policy."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwFirewallPolicyPolicyConfig!contract"
+ | doc m%"
+ Use this configuration to define how the Network Firewall policy will behave.
+ An AWS Network Firewall firewall policy defines the monitoring and protection behavior
+ for a firewall. The details of the behavior are defined in the rule groups that you add
+ to your policy, and in some policy default settings.
+ "%
+ = {
+ statefulDefaultActions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatefulDefaultActionType!contract"
+ | doc "(OPTIONAL) An array of default actions to take on packets evaluated by the stateful engine."
+ | optional,
+ statefulEngineOptions
+ | _js2n__-refsenv."_js2n__-:definitions/NfwStatefulRuleOptionsType!contract"
+ | doc "(OPTIONAL) Define how the stateful engine will evaluate packets."
+ | optional,
+ statefulRuleGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwStatefulRuleGroupReferenceConfig!contract"
+ | doc "{OPTIONAL) An array of Network Firewall stateful rule group reference configurations."
+ | optional,
+ statelessCustomActions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceCustomActionConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall custom action configurations."
+ | optional,
+ statelessDefaultActions
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatelessRuleActionType!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ])
+ )
+ | doc "An array of default actions to take on packets evaluated by the stateless engine.",
+ statelessFragmentDefaultActions
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatelessRuleActionType!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ])
+ )
+ | doc "An array of default actions to take on fragmented packets.",
+ statelessRuleGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwStatelessRuleGroupReferenceConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall stateless rule group reference configurations."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwLoggingConfig!contract"
+ | doc m%"
+ Use this configuration to define logging destinations for Network Firewall.
+ You can configure AWS Network Firewall logging for your firewall's stateful engine.
+ Logging gives you detailed information about network traffic, including the time that
+ the stateful engine received a packet, detailed information about the packet, and any
+ stateful rule action taken against the packet. The logs are published to the log destination
+ that you've configured, where you can retrieve and view them.
+ "%
+ = {
+ destination
+ | _js2n__-refsenv."_js2n__-:definitions/LogDestinationType!contract"
+ | doc "The destination service to log to.",
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/NfwLogType!contract"
+ | doc "The type of actions to log.",
+ },
+ "_js2n__-:definitions/INfwRuleGroupConfig!contract"
+ | doc m%"
+ Use this configuration to define stateful and stateless rule groups for Network Firewall.
+ An AWS Network Firewall rule group is a reusable set of criteria for inspecting and handling network traffic.
+ You add one or more rule groups to a firewall policy as part of policy configuration.
+ "%
+ = {
+ capacity | Number | doc "The capacity of the rule group.",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the rule group."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the rule group.",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The regions to deploy the rule group to.",
+ ruleGroup
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleGroupRuleConfig!contract"
+ | doc "(OPTIONAL) A Network Firewall rule configuration."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the rule group."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/NfwRuleType!contract"
+ | doc "The type of rules in the rule group.",
+ },
+ "_js2n__-:definitions/INfwRuleGroupRuleConfig!contract"
+ | doc m%"
+ Network Firewall rule group rule configuration.
+ Used to define rules for a Network Firewall rule group.
+ "%
+ = {
+ ruleVariables
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleVariableConfig!contract"
+ | doc "A Network Firewall rule variable configuration."
+ | optional,
+ rulesSource
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceConfig!contract"
+ | doc "A Network Firewall rule source configuration.",
+ statefulRuleOptions
+ | _js2n__-refsenv."_js2n__-:definitions/NfwStatefulRuleOptionsType!contract"
+ | doc "A stateful rule option for the rule group."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwRuleSourceConfig!contract"
+ | doc m%"
+ Network Firewall rule source configuration.
+ Use this configuration to define stateful and/or stateless rules for your Network Firewall.
+ The following rules sources are supported:
+ - File with list of Suricata-compatible rules
+ - Domain list
+ - Single Suricata-compatible rule
+ - Stateful rule in IP header format
+ - Stateless rules and custom actions
+ "%
+ = {
+ rulesFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Suricata rules file. Use this property to define a Suricata-compatible rules file for Network Firewall."
+ | optional,
+ rulesSourceList
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceListConfig!contract"
+ | doc "(OPTIONAL) A Network Firewall rule source list configuration. Use this property to define a domain list for Network Firewall."
+ | optional,
+ rulesString
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A Suricata-compatible stateful rule string. Use this property to define a single Suricata-compatible rule for Network Firewall."
+ | optional,
+ statefulRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatefulRuleConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall stateful rule IP header configurations. Use this property to define a stateful rule in IP header format for Network Firewall."
+ | optional,
+ statelessRulesAndCustomActions
+ | _js2n__-refsenv."_js2n__-:definitions/INfwStatelessRulesAndCustomActionsConfig!contract"
+ | doc "(OPTIONAL) A Network Firewall stateless rules and custom action configuration. Use this property to define stateless rules and custom actions for Network Firewall."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwRuleSourceCustomActionConfig!contract"
+ | doc m%"
+ Use this configuration to define to define custom actions for Network Firewall.
+ You can optionally specify a named custom action to apply.
+ For this action, Network Firewall assigns a dimension to Amazon CloudWatch metrics
+ with the name set to CustomAction and a value that you specify.
+ "%
+ = {
+ actionDefinition
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceCustomActionDefinitionConfig!contract"
+ | doc "A Network Firewall custom action definition configuration.",
+ actionName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the custom action.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceCustomActionDefinitionConfig!contract"
+ | doc m%"
+ Use this configuration to define custom CloudWatch metrics for Network Firewall.
+ You can optionally specify a named custom action to apply.
+ For this action, Network Firewall assigns a dimension to Amazon CloudWatch metrics
+ with the name set to CustomAction and a value that you specify.
+ "%
+ = {
+ publishMetricAction
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceCustomActionDimensionConfig!contract"
+ | doc "A Network Firewall custom action dimensions configuration.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceCustomActionDimensionConfig!contract"
+ | doc m%"
+ Use this configuration to define custom action dimensions to log in CloudWatch metrics.
+ You can optionally specify a named custom action to apply.
+ For this action, Network Firewall assigns a dimension to Amazon CloudWatch metrics
+ with the name set to CustomAction and a value that you specify.
+ "%
+ = {
+ dimensions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of values of the custom metric dimensions to log.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceListConfig!contract"
+ | doc m%"
+ Use this configuration to define DNS domain allow and deny lists for Network Firewall.
+ Domain lists allow you to configure domain name filtering for your Network Firewall.
+ "%
+ = {
+ generatedRulesType
+ | _js2n__-refsenv."_js2n__-:definitions/NfwGeneratedRulesType!contract"
+ | doc "The type of rules to generate from the source list.",
+ targetTypes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NfwTargetType!contract"
+ | doc "An array of protocol types to inspect.",
+ targets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of target domain names.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatefulRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define stateful rules for Network Firewall in an IP packet header format.
+ This header format can be used instead of Suricata-compatible rules to define your stateful firewall
+ filtering behavior.
+ "%
+ = {
+ action
+ | _js2n__-refsenv."_js2n__-:definitions/NfwStatefulRuleActionType!contract"
+ | doc "The action type for the stateful rule.",
+ header
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatefulRuleHeaderConfig!contract"
+ | doc "A Network Firewall stateful rule header configuration.",
+ ruleOptions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatefulRuleOptionsConfig!contract"
+ | doc "An array of Network Firewall stateful rule options configurations.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatefulRuleHeaderConfig!contract"
+ | doc m%"
+ Use this configuration to define stateful rules for Network Firewall in an IP packet header format.
+ This header format can be used instead of Suricata-compatible rules to define your stateful firewall
+ filtering behavior.
+ "%
+ = {
+ destination
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The destination CIDR range to inspect for.",
+ destinationPort
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The destination port or port range to inspect.",
+ direction
+ | _js2n__-refsenv."_js2n__-:definitions/NfwStatefulRuleDirectionType!contract"
+ | doc "The direction of the traffic flow to inspect.",
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/NfwStatefulRuleProtocolType!contract"
+ | doc "The protocol to inspect.",
+ source
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The source CIDR range to inspect for.",
+ sourcePort
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The source port or port range to inspect.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatefulRuleOptionsConfig!contract"
+ | doc m%"
+ Network Firewall stateful rule options configuration.
+ Use this configuration to specify keywords and setting metadata for stateful rules.
+ "%
+ = {
+ keyword
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A Suricata-compatible keyword.",
+ settings
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of values for the keyword."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatelessMatchAttributesConfig!contract"
+ | doc m%"
+ Use this configuration to define stateless rule match attributes for Network Firewall.
+ To be a match, a packet must satisfy all of the match settings in the rule.
+ "%
+ = {
+ destinationPorts
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessPortRangeConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall stateless port range configurations."
+ | optional,
+ destinations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of destination CIDR ranges to inspect for."
+ | optional,
+ protocols
+ | Array (Number)
+ | doc "(OPTIONAL) An array of IP protocol numbers to inspect for."
+ | optional,
+ sourcePorts
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessPortRangeConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall stateless port range configurations."
+ | optional,
+ sources
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of source CIDR ranges to inspect for."
+ | optional,
+ tcpFlags
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessTcpFlagsConfig!contract"
+ | doc "(OPTIONAL) An array of Network Firewall stateless TCP flag configurations."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatelessPortRangeConfig!contract"
+ | doc "Use this configuration to define a port range in stateless rules."
+ = {
+ fromPort | Number | doc "The port to start from in the range.",
+ toPort | Number | doc "The port to end with in the range.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatelessRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define stateless rule for your Network Firewall.
+ Network Firewall supports the standard stateless 5-tuple rule specification
+ for network traffic inspection. When Network Firewall finds a match between
+ a rule's inspection criteria and a packet, we say that the packet matches
+ the rule and its rule group, and Network Firewall applies the rule's specified action to the packet.
+ "%
+ = {
+ "priority" | Number | doc "The priority number for the rule.",
+ ruleDefinition
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessRuleDefinitionConfig!contract"
+ | doc "A Network Firewall stateless rule definition configuration.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatelessRuleDefinitionConfig!contract"
+ | doc "Use this configuration to define a stateless rule definition for your Network Firewall."
+ = {
+ actions
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatelessRuleActionType!predicate"
+ ])
+ )
+ | doc "An array of actions to take using the stateless rule engine.",
+ matchAttributes
+ | _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessMatchAttributesConfig!contract"
+ | doc "A Network Firewall stateless rule match attributes configuration.",
+ },
+ "_js2n__-:definitions/INfwRuleSourceStatelessTcpFlagsConfig!contract"
+ | doc m%"
+ Use this configuration to define TCP flags to inspect in stateless rules.
+ Optional, standard TCP flag settings, which indicate which flags to inspect and the values to inspect for.
+ "%
+ = {
+ flags
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatelessRuleTcpFlagType!contract"
+ | doc "An array of TCP flags.",
+ masks
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NfwStatelessRuleTcpFlagType!contract"
+ | doc "The set of flags to consider in the inspection.",
+ },
+ "_js2n__-:definitions/INfwRuleVariableConfig!contract"
+ | doc m%"
+ Use this configuration to define rule variable definitions for Network Firewall.
+ Rule variables can be used in Suricata-compatible and domain list rule definitions.
+ They are not supported in stateful rule IP header definitions.
+ "%
+ = {
+ ipSets
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleVariableDefinitionConfig!predicate",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleVariableDefinitionConfig!predicate"
+ ]
+ ])
+ | doc "A Network Firewall rule variable definition configuration.",
+ portSets
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleVariableDefinitionConfig!predicate",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleVariableDefinitionConfig!predicate"
+ ]
+ ])
+ | doc "A Network Firewall rule variable definition configuration.",
+ },
+ "_js2n__-:definitions/INfwRuleVariableDefinitionConfig!predicate"
+ | doc m%"
+ Use this configuration to define rule variable definitions for Network Firewall.
+ Rule variables can be used in Suricata-compatible and domain list rule definitions.
+ They are not supported in stateful rule IP header definitions.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "definition", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ definition =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ],
+ name =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/INfwStatefulRuleGroupReferenceConfig!contract"
+ | doc m%"
+ Network Firewall stateful rule group reference configuration.
+ Use this configuration to reference a stateful rule group in a Network Firewall policy.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the rule group.",
+ "priority"
+ | Number
+ | doc "(OPTIONAL) If using strict ordering, a priority number for the rule."
+ | optional,
+ },
+ "_js2n__-:definitions/INfwStatelessRuleGroupReferenceConfig!contract"
+ | doc m%"
+ Network Firewall stateless rule group reference configuration.
+ Use this configuration to reference a stateless rule group in a Network Firewall policy.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the rule group.",
+ "priority" | Number | doc "A priority number for the rule.",
+ },
+ "_js2n__-:definitions/INfwStatelessRulesAndCustomActionsConfig!contract"
+ | doc "Use this configuration to define stateless rules and custom actions for Network Firewall."
+ = {
+ customActions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceCustomActionConfig!contract"
+ | doc "An array of Network Firewall custom action configurations."
+ | optional,
+ statelessRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INfwRuleSourceStatelessRuleConfig!contract"
+ | doc "An array of Network Firewall stateless rule configurations.",
+ },
+ "_js2n__-:definitions/INlbListenerConfig!contract"
+ | doc "Application Load Balancer listener config. Currently only action type of `forward`, `redirect` and `fixed-response` is allowed."
+ = {
+ alpnPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/AlpnPolicyEnum!contract"
+ | doc "Application-Layer Protocol Negotiation (ALPN) policy} for TLS encrypted traffic"
+ | optional,
+ certificate
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "ACM ARN of the certificate to be associated with the listener."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name for Listener.",
+ port
+ | Number
+ | doc "Port where the traffic is directed to."
+ | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/NlbProtocolEnum!contract"
+ | doc "Protocol used for the traffic. The supported protocols are TCP, TLS, UDP, or TCP_UDP."
+ | optional,
+ sslPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/SslPolicyNlbEnum!contract"
+ | doc "SSL policy for TLS encrypted traffic"
+ | optional,
+ targetGroup
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Target Group to direct the traffic to.",
+ },
+ "_js2n__-:definitions/INlbTargetType!predicate"
+ | doc "The codes to use when checking for a successful response from a target. If the protocol version is gRPC, these are gRPC codes. Otherwise, these are HTTP codes."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "account", "nlbName", "region" ],
+ _js2n__-prdslib.records.record
+ {
+ account =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ nlbName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ region =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IOutpostsConfig!contract"
+ | doc m%"
+ Use this configuration to reference Outposts that exist in your environment.
+ AWS Outposts enables customers to build and run applications on premises using the same
+ programming interfaces as in AWS Regions, while using local compute and storage resources
+ for lower latency and local data processing needs.
+ "%
+ = {
+ arn
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The ARN for the Outpost",
+ availabilityZone
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-prdslib.isType '"Number"
+ ])
+ | doc "The availability zone where the Outpost resides",
+ localGateway
+ | _js2n__-refsenv."_js2n__-:definitions/ILocalGatewayConfig!contract"
+ | doc "The Local Gateway configuration for the Outpost"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Outpost",
+ },
+ "_js2n__-:definitions/IPhase1Config!contract"
+ | doc m%"
+ Internet Key Exchange (IKE) Phase 1 tunnel options configuration.
+ Use this configuration to restrict the permitted Diffie-Hellman group numbers, encryption algorithms, and integrity algorithms for IKE Phase 1 negotiations.
+ You may also modify the Phase 1 lifetime for the VPN tunnel.
+ "%
+ = {
+ dhGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/Phase1DhGroupType!contract"
+ | doc m%"
+ (OPTIONAL) An array of permitted Diffie-Hellman group numbers used in the IKE Phase 1 for initial authentication.
+
+ Default - `[2, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24]`
+ "%
+ | optional,
+ encryptionAlgorithms
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/EncryptionAlgorithmType!contract"
+ | doc m%"
+ (OPTIONAL) An array of encryption algorithms permitted for IKE Phase 1 negotiations.
+
+ Default - `[AES128, AES256, AES128-GCM-16, AES256-GCM-16]`
+ "%
+ | optional,
+ integrityAlgorithms
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IntegrityAlgorithmType!contract"
+ | doc m%"
+ (OPTIONAL) An array of integrity algorithms permitted for IKE Phase 1 negotiations.
+
+ Default - `[SHA1, SHA2-256, SHA2-384, SHA2-512]`
+ "%
+ | optional,
+ lifetimeSeconds
+ | Number
+ | doc m%"
+ (OPTIONAL) The IKE Phase 1 lifetime (in seconds) for the VPN tunnel.
+
+ Default: `28800` (8 hours)
+ "%
+ | optional,
+ },
+ "_js2n__-:definitions/IPhase2Config!contract"
+ | doc m%"
+ Internet Key Exchange (IKE) Phase 2 tunnel options configuration.
+ Use this configuration to restrict the permitted Diffie-Hellman group numbers, encryption algorithms, and integrity algorithms for IKE Phase 2 negotiations.
+ You may also modify the Phase 2 lifetime for the VPN tunnel.
+ "%
+ = {
+ dhGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/Phase2DhGroupType!contract"
+ | doc m%"
+ (OPTIONAL) An array of permitted Diffie-Hellman group numbers used in the IKE Phase 2 negotiations.
+
+ Default - `[2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24]`
+ "%
+ | optional,
+ encryptionAlgorithms
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/EncryptionAlgorithmType!contract"
+ | doc m%"
+ (OPTIONAL) An array of encryption algorithms permitted for IKE Phase 2 negotiations.
+
+ Default - `[AES128, AES256, AES128-GCM-16, AES256-GCM-16]`
+ "%
+ | optional,
+ integrityAlgorithms
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IntegrityAlgorithmType!contract"
+ | doc m%"
+ (OPTIONAL) An array of integrity algorithms permitted for IKE Phase 2 negotiations.
+
+ Default - `[SHA1, SHA2-256, SHA2-384, SHA2-512]`
+ "%
+ | optional,
+ lifetimeSeconds
+ | Number
+ | doc m%"
+ (OPTIONAL) The IKE Phase 2 lifetime (in seconds) for the VPN tunnel.
+
+ Default: `3600` (1 hour)
+ "%
+ | optional,
+ },
+ "_js2n__-:definitions/IPrefixListConfig!contract"
+ | doc m%"
+ Use this configuration to define custom prefix lists for your environment.
+ A managed prefix list is a set of one or more CIDR blocks.
+ You can use prefix lists to make it easier to configure and maintain your security groups and route tables.
+
+ The following example creates a prefix list named `accelerator-pl` that may contain up to 10 entries.
+ The prefix list is deployed to all accounts in the organization.
+ "%
+ = {
+ accounts
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(DEPRECATED) An array of friendly names for the accounts the prefix list is deployed."
+ | optional,
+ addressFamily
+ | _js2n__-refsenv."_js2n__-:definitions/IpAddressFamilyType!contract"
+ | doc "The IP address family of the prefix list.",
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Prefix List deployment targets"
+ | optional,
+ entries
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of CIDR entries for the prefix list.",
+ maxEntries
+ | Number
+ | doc "The maximum allowed entries in the prefix list.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the prefix list.",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(DEPRECATED) An array of region names for the prefix list to be deployed."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the prefix list."
+ | optional,
+ },
+ "_js2n__-:definitions/IPrefixListSourceConfig!predicate"
+ | doc m%"
+ Prefix list security group source configuration.
+ Use this configuration to define a custom prefix list as a source in a security group rule.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "prefixLists" ],
+ _js2n__-prdslib.records.record
+ {
+ prefixLists =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IResolverConfig!contract"
+ | doc m%"
+ Use this configuration to define several features of Route 53 resolver, including resolver endpoints,
+ DNS firewall rule groups, and DNS query logs.
+ Amazon Route 53 Resolver responds recursively to DNS queries from AWS resources for public records,
+ Amazon VPC-specific DNS names, and Amazon Route 53 private hosted zones, and is available by default in all VPCs.
+ "%
+ = {
+ endpoints
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IResolverEndpointConfig!contract"
+ | doc "(OPTIONAL) An array of Route 53 resolver endpoint configurations."
+ | optional,
+ firewallRuleGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDnsFirewallRuleGroupConfig!contract"
+ | doc "(OPTIONAL) An array of Route 53 DNS firewall rule group configurations."
+ | optional,
+ queryLogs
+ | _js2n__-refsenv."_js2n__-:definitions/IDnsQueryLogsConfig!contract"
+ | doc "(OPTIONAL) A Route 53 resolver DNS query logging configuration."
+ | optional,
+ rules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IResolverRuleConfig!contract"
+ | doc "(OPTIONAL) An array of Route 53 resolver rules."
+ | optional,
+ },
+ "_js2n__-:definitions/IResolverEndpointConfig!contract"
+ | doc m%"
+ Use this configuration to define inbound and outbound resolver endpoints.
+ Route 53 Resolver contains endpoints that you configure to answer DNS queries to
+ and from your on-premises environment.
+ "%
+ = {
+ allowedCidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The allowed ingress/egress CIDRs for the resolver endpoint security group."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the resolver endpoint.",
+ rules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IResolverRuleConfig!contract"
+ | doc "(OPTIONAL) An array of resolver rule configurations for the endpoint."
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of friendly names for subnets to deploy the resolver endpoint to.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the resolver endpoint."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/ResolverEndpointType!contract"
+ | doc m%"
+ The type of resolver endpoint to deploy.
+
+ INBOUND: allows DNS queries to your VPC from your network
+
+ OUTBOUND: allows DNS queries from your VPC to your network
+ "%,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the VPC to deploy the resolver endpoint to.",
+ },
+ "_js2n__-:definitions/IResolverRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define resolver SYSTEM and FORWARD rules for your resolver.
+ If you want Resolver to forward queries for specified domain names to your network,
+ you create one forwarding rule for each domain name and specify the name of the
+ domain for which you want to forward queries.
+ "%
+ = {
+ domainName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The domain name for the resolver rule.",
+ excludedRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) Regions to exclude from SYSTEM rule deployment."
+ | optional,
+ inboundEndpointTarget
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of an inbound endpoint to target."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the resolver rule.",
+ ruleType
+ | _js2n__-refsenv."_js2n__-:definitions/RuleType!contract"
+ | doc "(OPTIONAL) The type of rule to create."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the resolver rule."
+ | optional,
+ targetIps
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IRuleTargetIps!contract"
+ | doc "(OPTIONAL) An array of target IP configurations for the resolver rule."
+ | optional,
+ },
+ "_js2n__-:definitions/IRouteTableConfig!contract"
+ | doc m%"
+ Use this configuration to define custom route tables for your VPC.
+ Route tables contain a set of rules, called routes, to determine where network traffic from a subnet or gateway is directed.
+ "%
+ = {
+ gatewayAssociation
+ | _js2n__-refsenv."_js2n__-:definitions/GatewayRouteTableType!contract"
+ | doc "Designate a gateway to associate this route table with."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the VPC route table.",
+ routes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IRouteTableEntryConfig!contract"
+ | doc "An array of VPC route table entry configuration objects."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the VPC route table."
+ | optional,
+ },
+ "_js2n__-:definitions/IRouteTableEntryConfig!contract"
+ | doc m%"
+ Use this configuration to define static route entries in a VPC subnet or gateway route table.
+ Static routes are used determine traffic flow from your subnet to a defined destination address and target.
+ "%
+ = {
+ destination
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The destination IPv4 CIDR block or dynamic subnet reference for the route table entry."
+ | optional,
+ destinationPrefixList
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the destination prefix list for the route table entry."
+ | optional,
+ ipv6Destination
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The destination IPv6 CIDR block or dynamic subnet reference for the route table entry."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the route table.",
+ target
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the destination target."
+ | optional,
+ targetAvailabilityZone
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-prdslib.isType '"Number"
+ ])
+ | doc "The Availability Zone (AZ) the target resides in."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/RouteTableEntryType!contract"
+ | doc "The destination type of route table entry."
+ | optional,
+ },
+ "_js2n__-:definitions/IRuleTargetIps!contract" =
+ {
+ ip | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ port
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityGroupConfig!contract"
+ | doc m%"
+ Use this configuration to define security groups in your VPC.
+ A security group acts as a firewall that controls the traffic
+ allowed to and from the resources in your VPC.
+ You can choose the ports and protocols to allow for inbound and outbound traffic.
+
+ The following example creates a security group that allows inbound RDP and SSH traffic from source CIDR 10.0.0.0/16.
+ It also allows all outbound traffic.
+ "%
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description for the security group."
+ | optional,
+ inboundRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityGroupRuleConfig!contract"
+ | doc "An array of security group rule configurations for ingress rules.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the security group.",
+ outboundRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityGroupRuleConfig!contract"
+ | doc "An array of security group rule configurations for egress rules.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the security group."
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityGroupRuleConfig!contract"
+ | doc m%"
+ Use this configuration to define ingress and egress rules for your security groups.
+ The rules of a security group control the inbound traffic that's allowed to reach the resources
+ that are associated with the security group. The rules also control the outbound traffic that's
+ allowed to leave them.
+ "%
+ = {
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A description for the security group rule.",
+ fromPort
+ | Number
+ | doc "(OPTIONAL) The port to start from in the security group rule."
+ | optional,
+ ipProtocols
+ | Array (String)
+ | doc "(OPTIONAL) An array of custom IP Protocols for the security group rule"
+ | optional,
+ sources
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/ISubnetSourceConfig!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityGroupSourceConfig!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/IPrefixListSourceConfig!predicate"
+ ])
+ )
+ | doc "An array of sources for the security group rule.",
+ tcpPorts
+ | Array (Number)
+ | doc "(OPTIONAL) An array of TCP ports to include in the security group rule."
+ | optional,
+ toPort
+ | Number
+ | doc "(OPTIONAL) The port to end with in the security group rule."
+ | optional,
+ types
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/SecurityGroupRuleType!contract"
+ | doc "(OPTIONAL) An array of port/protocol types to include in the security group rule."
+ | optional,
+ udpPorts
+ | Array (Number)
+ | doc "(OPTIONAL) An array of UDP ports to include in the security group rule."
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityGroupSourceConfig!predicate"
+ | doc m%"
+ Security group source configuration.
+ Use this configuration to define a security group as a source of a security group rule.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "securityGroups" ],
+ _js2n__-prdslib.records.record
+ {
+ securityGroups =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IShareTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/ISubnetConfig!contract"
+ | doc m%"
+ Use this configuration to define subnets for your VPC.
+ A subnet is a range of IP addresses in your VPC that can be used to create AWS resources, such as EC2 instances.
+ "%
+ = {
+ assignIpv6OnCreation
+ | Bool
+ | doc "(OPTIONAL) Indicates whether a network interface created in this subnet receives an IPv6 address on creation."
+ | optional,
+ availabilityZone
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-prdslib.isType '"Number"
+ ])
+ | doc "The Availability Zone (AZ) the subnet resides in."
+ | optional,
+ enableDns64
+ | Bool
+ | doc m%"
+ (OPTIONAL) Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
+
+ For more information, see {@link https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-nat64-dns64 DNS64 and NAT64 } in the Amazon Virtual Private Cloud User Guide.
+ "%
+ | optional,
+ ipamAllocation
+ | _js2n__-refsenv."_js2n__-:definitions/IIpamAllocationConfig!contract"
+ | doc "The IPAM pool configuration for the subnet."
+ | optional,
+ ipv4CidrBlock
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The IPv4 CIDR block to associate with the subnet."
+ | optional,
+ ipv6CidrBlock
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The IPv6 CIDR block to associate with the subnet."
+ | optional,
+ mapPublicIpOnLaunch
+ | Bool
+ | doc "(OPTIONAL) Configure automatic mapping of public IPs."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the VPC subnet.",
+ outpost
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name for the outpost to attach to the subnet"
+ | optional,
+ privateDnsOptions
+ | _js2n__-refsenv."_js2n__-:definitions/ISubnetPrivateDnsConfig!contract"
+ | doc "(OPTIONAL) Private DNS name options for the subnet."
+ | optional,
+ routeTable
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the route table to associate with the subnet."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the VPC subnet."
+ | optional,
+ },
+ "_js2n__-:definitions/ISubnetPrivateDnsConfig!contract"
+ | doc "Use this configuration to define custom DNS name settings for your VPC subnets."
+ = {
+ enableDnsAAAARecord
+ | Bool
+ | doc "(OPTIONAL) Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records."
+ | optional,
+ enableDnsARecord
+ | Bool
+ | doc "(OPTIONAL) Indicates whether to respond to DNS queries for instance hostnames with DNS A records."
+ | optional,
+ hostnameType
+ | std.enum.TagOrString
+ | [| 'resource-name, 'ip-name |]
+ | doc "The type of hostname for EC2 instances."
+ | optional,
+ },
+ "_js2n__-:definitions/ISubnetSourceConfig!predicate"
+ | doc m%"
+ VPC subnet security group source configuration.
+ Use this configuration to dynamically reference subnet CIDRs in a security group rule.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "account", "subnets", "vpc" ],
+ _js2n__-prdslib.records.record
+ {
+ account =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ ipv6 = _js2n__-prdslib.isType '"Bool",
+ subnets =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ],
+ vpc =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/ITag!contract" = { key | String, value | String, },
+ "_js2n__-:definitions/ITargetGroupAttributeTypes!contract"
+ | doc "Set attributes for target group."
+ = {
+ algorithm
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupAttributeAlgorithm!contract"
+ | doc "The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin. The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ appCookieDuration
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ appCookieName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP, and AWSALBTG; they're reserved for use by the load balancer. The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ connectionTermination
+ | Bool
+ | doc "Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is true or false. The default is false. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ deregistrationDelay
+ | Number
+ | doc "The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds."
+ | optional,
+ lbCookieDuration
+ | Number
+ | doc "The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ preserveClientIp
+ | Bool
+ | doc "Indicates whether client IP preservation is enabled. The value is true or false. The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation cannot be disabled for UDP and TCP_UDP target groups. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ proxyProtocolV2
+ | Bool
+ | doc "Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false. The following attribute is supported only by Network Load Balancers."
+ | optional,
+ slowStart
+ | Number
+ | doc "The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled). The following attribute is supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address."
+ | optional,
+ stickiness
+ | Bool
+ | doc "Indicates whether target stickiness is enabled. The value is true or false. The default is false."
+ | optional,
+ stickinessType
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupAttributeStickinessType!contract"
+ | doc "Indicates the type of stickiness. The possible values are: - lb_cookie and app_cookie for Application Load Balancers. - source_ip for Network Load Balancers. - source_ip_dest_ip and source_ip_dest_ip_proto for Gateway Load Balancers"
+ | optional,
+ targetFailover
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupTargetFailoverType!contract"
+ | doc "Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered or becomes unhealthy. The possible values are rebalance and no_rebalance. The default is no_rebalance"
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupHealthCheckType!contract"
+ | doc "Configure health check for target group."
+ = {
+ interval
+ | Number
+ | doc "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds."
+ | optional,
+ path
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "[HTTP/HTTPS health checks] The destination for health checks on the targets. [HTTP1 or HTTP2 protocol version] The ping path. The default is /. [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is /AWS.ALB/healthcheck."
+ | optional,
+ port
+ | Number
+ | doc "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port`, which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80."
+ | optional,
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupHealthCheckProtocolType!contract"
+ | doc "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks."
+ | optional,
+ timeout
+ | Number
+ | doc "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds."
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Target Group Configuration"
+ = {
+ attributes
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupAttributeTypes!contract"
+ | doc "Target Group Attributes."
+ | optional,
+ healthCheck
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupHealthCheckType!contract"
+ | doc "Target Group HealthCheck."
+ | optional,
+ matcher
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupMatcherType!contract"
+ | doc "The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the target group. This value is used in {@link ApplicationLoadBalancerListenerConfig Application Load Balancer listeners } , {@link NetworkLoadBalancerListenerConfig Network Load Balancer listeners } , and {@link AutoScalingConfig Autoscaling config } .",
+ port
+ | Number
+ | doc "The port on which the targets receive traffic.",
+ protocol
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupProtocolType!contract"
+ | doc "Target group protocol version. Should be one of HTTP, HTTPS, GENEVE, TCP, UDP, TCP_UDP or TLS The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. A TCP_UDP listener must be associated with a TCP_UDP target group. For Gateway Load Balancers, the supported protocol is GENEVE.",
+ protocolVersion
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupProtocolVersionType!contract"
+ | doc "The protocol version. Should be one of 'GRPC', 'HTTP1', 'HTTP2'. Specify GRPC to send requests to targets using gRPC. Specify HTTP2 to send requests to targets using HTTP/2. The default is HTTP1, which sends requests to targets using HTTP/1.1."
+ | optional,
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "The accounts/OUs location where the Target Group will be deployed to."
+ | optional,
+ targets
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/INlbTargetType!predicate"
+ ])
+ )
+ | doc "Target group targets. These targets should be the friendly names assigned to firewall instances."
+ | optional,
+ threshold
+ | _js2n__-refsenv."_js2n__-:definitions/ITargetGroupThresholdType!contract"
+ | doc "Target Group Threshold."
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/TargetGroupType!contract"
+ | doc m%"
+ The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.
+ - `instance` - Register targets by instance ID. This is the default value.
+ - `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses. `alb` - Register a single Application Load Balancer as a target.
+ "%,
+ },
+ "_js2n__-:definitions/ITargetGroupMatcherType!contract"
+ | doc "Add the ability to target an NLB created by the Landing Zone Accelerator"
+ = {
+ grpcCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12."
+ | optional,
+ httpCode
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). For Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\"). Note that when using shorthand syntax, some values such as commas need to be escaped."
+ | optional,
+ },
+ "_js2n__-:definitions/ITargetGroupThresholdType!contract"
+ | doc "Configure health check threshold for target group."
+ = {
+ healthy
+ | Number
+ | doc "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 3."
+ | optional,
+ unhealthy
+ | Number
+ | doc "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 3."
+ | optional,
+ },
+ "_js2n__-:definitions/ITransitGatewayAttachmentConfig!contract"
+ | doc m%"
+ Use this configuration to define a Transit Gateway attachment to your VPC.
+ Transit Gateway attachments allow you to interconnect your virtual private clouds (VPCs) and on-premises networks.
+ Defining a VPC attachment deploys an elastic network interface within VPC subnets,
+ which is then used by the transit gateway to route traffic to and from the chosen subnets.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Transit Gateway attachment.",
+ options
+ | _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayAttachmentOptionsConfig!contract"
+ | doc "(OPTIONAL) A Transit Gateway attachment options configuration."
+ | optional,
+ routeTableAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of a Transit Gateway route table to associate the attachment to."
+ | optional,
+ routeTablePropagations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of friendly names of Transit Gateway route tables to propagate the attachment."
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "An array of the friendly names of VPC subnets for the attachment to be deployed.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the Transit Gateway attachment."
+ | optional,
+ transitGateway
+ | _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayAttachmentTargetConfig!contract"
+ | doc "A Transit Gateway attachment target configuration object.",
+ },
+ "_js2n__-:definitions/ITransitGatewayAttachmentOptionsConfig!contract"
+ | doc "Used to specify advanced options for the VPC attachment."
+ = {
+ applianceModeSupport
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "(OPTIONAL) Enable to configure appliance mode for the attachment. This option is disabled by default."
+ | optional,
+ dnsSupport
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "(OPTIONAL) Enable to configure DNS support for the attachment. This option is enabled by default."
+ | optional,
+ ipv6Support
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "(OPTIONAL) Enable to configure IPv6 support for the attachment. This option is disabled by default."
+ | optional,
+ },
+ "_js2n__-:definitions/ITransitGatewayAttachmentTargetConfig!contract"
+ | doc "Use this configuration to target a Transit Gateway when defining an attachment for your VPC."
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account for the attachment target Transit Gateway.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the attachment target Transit Gateway.",
+ },
+ "_js2n__-:definitions/ITransitGatewayConfig!contract"
+ | doc m%"
+ Use this configuration to define Transit Gateways for your environment.
+ A transit gateway acts as a virtual router for traffic flowing between your virtual private clouds (VPCs) and on-premises networks.
+
+ The following example creates a TGW called Network-Main in the Network account in the us-east-1 region.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account to deploy the Transit Gateway.",
+ asn
+ | Number
+ | doc "A Border Gateway Protocol (BGP) Autonomous System Number (ASN).",
+ autoAcceptSharingAttachments
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "Enable this option to automatically accept cross-account attachments.",
+ defaultRouteTableAssociation
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "Configure default route table association.",
+ defaultRouteTablePropagation
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "Configure default route table propagation.",
+ dnsSupport
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "Configure DNS support between VPCs.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Transit Gateway.",
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The region name to deploy the Transit Gateway.",
+ routeTables
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteTableConfig!contract"
+ | doc "An array of Transit Gateway route table configuration objects.",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "(OPTIONAL) Resource Access Manager (RAM) share targets."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the Transit Gateway."
+ | optional,
+ vpnEcmpSupport
+ | _js2n__-refsenv."_js2n__-:definitions/EnableDisable!contract"
+ | doc "Equal Cost Multipath (ECMP) routing support between VPN tunnels.",
+ },
+ "_js2n__-:definitions/ITransitGatewayPeeringAccepterConfig!contract"
+ | doc m%"
+ Transit Gateway (TGW) peering accepter configuration.
+ Use this configuration to define the accepter side of the peering attachment.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account of the accepter transit gateway",
+ applyTags
+ | Bool
+ | doc "(OPTIONAL) Peering request apply tags flag. Note: When this flag is set to `true`, the requester attachment tags are replicated to the accepter attachment."
+ | optional,
+ autoAccept
+ | Bool
+ | doc "(OPTIONAL) Peering request auto accept flag. Note: When this flag is set to `true`, the peering request will be automatically accepted by the accelerator."
+ | optional,
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The name of the region the accepter transit gateway resides in",
+ routeTableAssociations
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of TGW route table to associate with this peering attachment.",
+ transitGatewayName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the accepter transit gateway",
+ },
+ "_js2n__-:definitions/ITransitGatewayPeeringConfig!contract"
+ | doc "Use this configuration to define a peering attachment between two TGWs."
+ = {
+ accepter
+ | _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayPeeringAccepterConfig!contract"
+ | doc "Peering attachment accepter configuration",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of TGW peering.",
+ requester
+ | _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayPeeringRequesterConfig!contract"
+ | doc "Peering attachment requester configuration.",
+ },
+ "_js2n__-:definitions/ITransitGatewayPeeringRequesterConfig!contract"
+ | doc m%"
+ Transit Gateway (TGW) peering requester configuration.
+ Use this configuration to define the requester side of the peering attachment.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the account of the requester transit gateway",
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The name of the region the accepter transit gateway resides in",
+ routeTableAssociations
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of TGW route table to associate with this peering attachment.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the Transit Gateway Peering."
+ | optional,
+ transitGatewayName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of the requester transit gateway",
+ },
+ "_js2n__-:definitions/ITransitGatewayRouteEntryConfig!contract"
+ | doc "Use this configuration to define static route entries in a Transit Gateway route table."
+ = {
+ attachment
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteTableVpcEntryConfig!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteTableDxGatewayEntryConfig!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteTableVpnEntryConfig!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteTableTgwPeeringEntryConfig!predicate"
+ ])
+ | doc m%"
+ The target {@link https://docs.aws.amazon.com/vpc/latest/tgw/working-with-transit-gateways.html Transit Gateway attachment } for the route table entry. Supported attachment types include:
+
+ - VPC
+ - Direct Connect Gateway
+ - VPN
+ - Transit Gateway Peering
+ "%
+ | optional,
+ blackhole
+ | Bool
+ | doc "(OPTIONAL) Enable to create a blackhole for the destination CIDR. Leave undefined if specifying a VPC destination."
+ | optional,
+ destinationCidrBlock
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The destination IPv4/v6 CIDR block for the route table entry."
+ | optional,
+ destinationPrefixList
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name of a prefix list for the route table entry."
+ | optional,
+ },
+ "_js2n__-:definitions/ITransitGatewayRouteTableConfig!contract"
+ | doc m%"
+ Use this configuration define route tables for your Transit Gateway. Route tables are used to configure
+ routing behaviors for your Transit Gateway.
+
+ The following example creates a TGW route table called Network-Main-Shared with no static route entries:
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the Transit Gateway route table.",
+ routes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayRouteEntryConfig!contract"
+ | doc "An array of Transit Gateway route entry configuration objects.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tag objects for the Transit Gateway route table."
+ | optional,
+ },
+ "_js2n__-:definitions/ITransitGatewayRouteTableDxGatewayEntryConfig!predicate"
+ | doc m%"
+ Transit Gateway Direct Connect Gateway static route entry configuration.
+ Use this configuration to define a Direct Connect Gateway attachment as a target for Transit
+ Gateway static routes.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "directConnectGatewayName" ],
+ _js2n__-prdslib.records.record
+ {
+ directConnectGatewayName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/ITransitGatewayRouteTableTgwPeeringEntryConfig!predicate"
+ | doc m%"
+ Transit Gateway peering static route entry configuration.
+ Used to define a peering attachment as a target for Transit
+ Gateway static routes.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "transitGatewayPeeringName" ],
+ _js2n__-prdslib.records.record
+ {
+ transitGatewayPeeringName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/ITransitGatewayRouteTableVpcEntryConfig!predicate"
+ | doc m%"
+ Transit Gateway VPC static route entry configuration.
+ Use this configuration to define an account and VPC name as a target for Transit Gateway static route entries.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "account", "vpcName" ],
+ _js2n__-prdslib.records.record
+ {
+ account =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ vpcName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/ITransitGatewayRouteTableVpnEntryConfig!predicate"
+ | doc m%"
+ Transit Gateway VPN static route entry configuration.
+ Use this configuration to define a VPN attachment as a target for Transit
+ Gateway static routes.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "vpnConnectionName" ],
+ _js2n__-prdslib.records.record
+ {
+ vpnConnectionName =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/ITransition!contract" =
+ {
+ storageClass
+ | _js2n__-refsenv."_js2n__-:definitions/StorageClass!contract",
+ transitionAfter | Number,
+ },
+ "_js2n__-:definitions/IVirtualPrivateGatewayConfig!contract"
+ | doc m%"
+ Used to define Virtual Private Gateways that are attached to a VPC.
+ You can create an IPsec VPN connection between your VPC and your remote network.
+ On the AWS side of the Site-to-Site VPN connection, a virtual private gateway or transit
+ gateway provides two VPN endpoints (tunnels) for automatic failover.
+ "%
+ = {
+ asn
+ | Number
+ | doc "Define the ASN (Amazon Side) used for the Virtual Private Gateway",
+ },
+ "_js2n__-:definitions/IVpcConfig!contract"
+ | doc m%"
+ Use this configuration to define a VPC that is deployed to a single account and region.
+ With Amazon Virtual Private Cloud (Amazon VPC), you can launch AWS resources in a logically
+ isolated virtual network that you've defined. This virtual network closely resembles a traditional
+ network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
+ "%
+ = {
+ account
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The logical name of the account to deploy the VPC to",
+ cidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of IPv4 CIDRs to associate with the VPC."
+ | optional,
+ defaultSecurityGroupRulesDeletion
+ | Bool
+ | doc "(OPTIONAL) Determine if the all traffic ingress and egress rules are deleted in the default security group of a VPC."
+ | optional,
+ dhcpOptions
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of a custom DHCP options set."
+ | optional,
+ dnsFirewallRuleGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcDnsFirewallAssociationConfig!contract"
+ | doc "(OPTIONAL) An array of DNS firewall VPC association configurations. Use this property to associate Route 53 resolver DNS firewall rule groups with the VPC."
+ | optional,
+ egressOnlyIgw
+ | Bool
+ | doc "(OPTIONAL) Create an {@link https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html Egress-only internet gateway (EIGW) } for the VPC"
+ | optional,
+ enableDnsHostnames
+ | Bool
+ | doc "Enable DNS hostname support for the VPC."
+ | optional,
+ enableDnsSupport
+ | Bool
+ | doc "Enable DNS support for the VPC."
+ | optional,
+ gatewayEndpoints
+ | _js2n__-refsenv."_js2n__-:definitions/IGatewayEndpointConfig!contract"
+ | doc "(OPTIONAL) An array of gateway endpoints for the VPC. Use this property to define S3 or DynamoDB gateway endpoints for the VPC."
+ | optional,
+ instanceTenancy
+ | _js2n__-refsenv."_js2n__-:definitions/InstanceTenancyType!contract"
+ | doc "(OPTIONAL) Define instance tenancy for the VPC. The default value is `default`."
+ | optional,
+ interfaceEndpoints
+ | _js2n__-refsenv."_js2n__-:definitions/IInterfaceEndpointConfig!contract"
+ | doc "(OPTIONAL) A list of VPC interface endpoints. Use this property to define VPC interface endpoints for the VPC."
+ | optional,
+ internetGateway
+ | Bool
+ | doc "Defines if an {@link https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html internet gateway } should be added to the VPC"
+ | optional,
+ ipamAllocations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IIpamAllocationConfig!contract"
+ | doc "(OPTIONAL) An array of IPAM allocation configurations."
+ | optional,
+ ipv6Cidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcIpv6Config!contract"
+ | doc "(OPTIONAL) An array of IPv6 CIDR block configurations."
+ | optional,
+ loadBalancers
+ | _js2n__-refsenv."_js2n__-:definitions/ILoadBalancersConfig!contract"
+ | doc "Elastic Load Balancing configuration. Use this property to define Elastic Load Balancers for this VPC."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The friendly name of the VPC.
+
+ The value of this property will be utilized as the logical id for this resource. Any references to this object should specify this value.
+ "%,
+ natGateways
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INatGatewayConfig!contract"
+ | doc "(OPTIONAL) An array of NAT gateway configurations for the VPC. Use this property to configure the NAT gateways for the VPC."
+ | optional,
+ networkAcls
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclConfig!contract"
+ | doc "(OPTIONAL) A list of Network Access Control Lists (ACLs) to deploy for this VPC"
+ | optional,
+ outposts
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IOutpostsConfig!contract"
+ | doc "(OPTIONAL) An array of Local Gateway Route table configurations. Use this configuration to associate Outposts Local Gateway Route tables with the VPC."
+ | optional,
+ queryLogs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of DNS query log configuration names."
+ | optional,
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The AWS region to deploy the VPC to",
+ resolverRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of Route 53 resolver rule names."
+ | optional,
+ routeTables
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IRouteTableConfig!contract"
+ | doc "(OPTIONAL) An array of route table configurations for the VPC. Use this property to configure the route tables for the VPC."
+ | optional,
+ securityGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityGroupConfig!contract"
+ | doc "(OPTIONAL) A list of Security Groups to deploy for this VPC"
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISubnetConfig!contract"
+ | doc "(OPTIONAL) An array of subnet configurations for the VPC. Use this property to configure the subnets for the VPC."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) A list of tags to apply to this VPC"
+ | optional,
+ targetGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Target group configuration. Use this property to define target groups for this VPC."
+ | optional,
+ transitGatewayAttachments
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayAttachmentConfig!contract"
+ | doc "(OPTIONAL) An array of Transit Gateway attachment configurations. Use this property to configure the Transit Gateway attachments for the VPC."
+ | optional,
+ useCentralEndpoints
+ | Bool
+ | doc "(OPTIONAL) When set to true, this VPC will be configured to utilize centralized endpoints. This includes having the Route 53 Private Hosted Zone associated with this VPC. Centralized endpoints are configured per region, and can span to spoke accounts"
+ | optional,
+ virtualPrivateGateway
+ | _js2n__-refsenv."_js2n__-:definitions/IVirtualPrivateGatewayConfig!contract"
+ | doc "(OPTIONAL) Virtual Private Gateway configuration. Use this property to configure a Virtual Private Gateway for the VPC."
+ | optional,
+ vpcFlowLogs
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsConfig!contract"
+ | doc "VPC flog log configuration. Use this property to define a VPC-specific VPC flow logs configuration."
+ | optional,
+ vpcRoute53Resolver
+ | _js2n__-refsenv."_js2n__-:definitions/IResolverConfig!contract"
+ | doc "A Route 53 resolver configuration local to the VPC."
+ | optional,
+ },
+ "_js2n__-:definitions/IVpcDnsFirewallAssociationConfig!contract" =
+ {
+ mutationProtection
+ | _js2n__-refsenv."_js2n__-:definitions/MutationProtectionType!contract"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ "priority" | Number,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IVpcFlowLogsCloudWatchLogsConfig!contract" =
+ {
+ kms
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ retentionInDays | Number | optional,
+ },
+ "_js2n__-:definitions/IVpcFlowLogsConfig!contract" =
+ {
+ customFields
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ defaultFormat | Bool,
+ destinations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/LogDestinationType!contract",
+ destinationsConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsDestinationConfig!contract"
+ | optional,
+ maxAggregationInterval | Number,
+ trafficType
+ | _js2n__-refsenv."_js2n__-:definitions/TrafficType!contract",
+ },
+ "_js2n__-:definitions/IVpcFlowLogsDestinationConfig!contract" =
+ {
+ cloudWatchLogs
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsCloudWatchLogsConfig!contract"
+ | optional,
+ s3
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsS3BucketConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IVpcFlowLogsS3BucketConfig!contract" =
+ {
+ lifecycleRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILifecycleRule!contract"
+ | optional,
+ overrideS3LogPath
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/IVpcIpv6Config!contract"
+ | doc "VPC IPv6 static CIDR configuration. Use this to associate a static IPv6 CIDR block to your VPC."
+ = {
+ amazonProvided
+ | Bool
+ | doc "(OPTIONAL) Indicates whether Amazon automatically provisions a /56 IPv6 CIDR block for the VPC."
+ | optional,
+ byoipPoolId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Used to define the Bring-Your-Own-IP (BYOIP) address pool ID to use for the IPv6 CIDR block."
+ | optional,
+ cidrBlock
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Associate an IPv6 CIDR block with your VPC."
+ | optional,
+ },
+ "_js2n__-:definitions/IVpcPeeringConfig!contract"
+ | doc m%"
+ VPC peering configuration.
+ Used to define VPC peering connections.
+
+ VPC can be from vpc or vpcTemplates configuration.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A friendly name for the peering connection.",
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "An array of tags for the peering connection."
+ | optional,
+ vpcs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The VPCs to peer.
+
+ VPC can be from vpc or vpcTemplates configuration.
+ "%,
+ },
+ "_js2n__-:definitions/IVpcTemplatesConfig!contract"
+ | doc m%"
+ Use this configuration to define a VPC using a standard configuration that is deployed to multiple account(s)/OU(s) defined using a `deploymentTargets` property.
+ With Amazon Virtual Private Cloud (Amazon VPC), you can launch AWS resources in a logically
+ isolated virtual network that you've defined. This virtual network closely resembles a traditional
+ network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
+
+ Static CIDR:
+ ```
+ vpcTemplates:
+ - name: Accelerator-Template
+ deploymentTargets:
+ organizationalUnits:
+ - Infrastructure
+ region: us-east-1
+ cidrs:
+ - 10.0.0.0/24
+ enableDnsHostnames: true
+ enableDnsSupport: true
+ instanceTenancy: default
+ routeTables: []
+ subnets: []
+ natGateways: []
+ transitGatewayAttachments: []
+ tags: []
+ ```
+ IPAM allocation:
+ ```
+ vpcTemplates:
+ - name: Accelerator-Template
+ deploymentTargets:
+ organizationalUnits:
+ - Infrastructure
+ region: us-east-1
+ ipamAllocations:
+ - ipamPoolName: accelerator-regional-pool
+ netmaskLength: 24
+ enableDnsHostnames: true
+ enableDnsSupport: true
+ instanceTenancy: default
+ routeTables: []
+ subnets: []
+ natGateways: []
+ transitGatewayAttachments: []
+ tags: []
+ ```
+ Static IPv6 CIDR:
+ ```
+ vpcTemplates:
+ - name: Accelerator-Template
+ deploymentTargets:
+ organizationalUnits:
+ - Infrastructure
+ region: us-east-1
+ cidrs:
+ - 10.0.0.0/24
+ ipv6Cidrs:
+ - amazonProvided: true
+ enableDnsHostnames: true
+ enableDnsSupport: true
+ instanceTenancy: default
+ routeTables: []
+ subnets: []
+ natGateways: []
+ transitGatewayAttachments: []
+ tags: []
+ ```
+ "%
+ = {
+ cidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of IPv4 CIDRs to associate with the VPC."
+ | optional,
+ defaultSecurityGroupRulesDeletion
+ | Bool
+ | doc "(OPTIONAL) Determine if the all traffic ingress and egress rules are deleted in the default security group of a VPC."
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "VPC deployment targets.",
+ dhcpOptions
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The friendly name of a custom DHCP options set."
+ | optional,
+ dnsFirewallRuleGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcDnsFirewallAssociationConfig!contract"
+ | doc "(OPTIONAL) An array of DNS firewall VPC association configurations. Use this property to associate Route 53 resolver DNS firewall rule groups with the VPC."
+ | optional,
+ egressOnlyIgw
+ | Bool
+ | doc "(OPTIONAL) Create an {@link https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html Egress-only internet gateway (EIGW) } for the VPC"
+ | optional,
+ enableDnsHostnames
+ | Bool
+ | doc "Enable DNS hostname support for the VPC."
+ | optional,
+ enableDnsSupport
+ | Bool
+ | doc "Enable DNS support for the VPC."
+ | optional,
+ gatewayEndpoints
+ | _js2n__-refsenv."_js2n__-:definitions/IGatewayEndpointConfig!contract"
+ | doc "(OPTIONAL) An array of gateway endpoints for the VPC. Use this property to define S3 or DynamoDB gateway endpoints for the VPC."
+ | optional,
+ instanceTenancy
+ | _js2n__-refsenv."_js2n__-:definitions/InstanceTenancyType!contract"
+ | doc "(OPTIONAL) Define instance tenancy for the VPC. The default value is `default`."
+ | optional,
+ interfaceEndpoints
+ | _js2n__-refsenv."_js2n__-:definitions/IInterfaceEndpointConfig!contract"
+ | doc "(OPTIONAL) A list of VPC interface endpoints. Use this property to define VPC interface endpoints for the VPC."
+ | optional,
+ internetGateway
+ | Bool
+ | doc "Defines if an {@link https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html internet gateway } should be added to the VPC"
+ | optional,
+ ipamAllocations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IIpamAllocationConfig!contract"
+ | doc "(OPTIONAL) An array of IPAM allocation configurations."
+ | optional,
+ ipv6Cidrs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpcIpv6Config!contract"
+ | doc "(OPTIONAL) An array of IPv6 CIDR block configurations."
+ | optional,
+ loadBalancers
+ | _js2n__-refsenv."_js2n__-:definitions/ILoadBalancersConfig!contract"
+ | doc "Elastic Load Balancing configuration. Use this property to define Elastic Load Balancers for this VPC."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The friendly name of the VPC.
+
+ The value of this property will be utilized as the logical id for this resource. Any references to this object should specify this value.
+ "%,
+ natGateways
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INatGatewayConfig!contract"
+ | doc "(OPTIONAL) An array of NAT gateway configurations for the VPC. Use this property to configure the NAT gateways for the VPC."
+ | optional,
+ networkAcls
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/INetworkAclConfig!contract"
+ | doc "(OPTIONAL) A list of Network Access Control Lists (ACLs) to deploy for this VPC"
+ | optional,
+ queryLogs
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of DNS query log configuration names."
+ | optional,
+ region
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "The AWS region to deploy the VPCs to",
+ resolverRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A list of Route 53 resolver rule names."
+ | optional,
+ routeTables
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IRouteTableConfig!contract"
+ | doc "(OPTIONAL) An array of route table configurations for the VPC. Use this property to configure the route tables for the VPC."
+ | optional,
+ securityGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityGroupConfig!contract"
+ | doc "(OPTIONAL) A list of Security Groups to deploy for this VPC"
+ | optional,
+ subnets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISubnetConfig!contract"
+ | doc "(OPTIONAL) An array of subnet configurations for the VPC. Use this property to configure the subnets for the VPC."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) A list of tags to apply to this VPC"
+ | optional,
+ targetGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITargetGroupItem!contract"
+ | doc "Target group configuration. Use this property to define target groups for this VPC."
+ | optional,
+ transitGatewayAttachments
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransitGatewayAttachmentConfig!contract"
+ | doc "(OPTIONAL) An array of Transit Gateway attachment configurations. Use this property to configure the Transit Gateway attachments for the VPC."
+ | optional,
+ useCentralEndpoints
+ | Bool
+ | doc "(OPTIONAL) When set to true, this VPC will be configured to utilize centralized endpoints. This includes having the Route 53 Private Hosted Zone associated with this VPC. Centralized endpoints are configured per region, and can span to spoke accounts"
+ | optional,
+ virtualPrivateGateway
+ | _js2n__-refsenv."_js2n__-:definitions/IVirtualPrivateGatewayConfig!contract"
+ | doc "(OPTIONAL) Virtual Private Gateway configuration. Use this property to configure a Virtual Private Gateway for the VPC."
+ | optional,
+ vpcFlowLogs
+ | _js2n__-refsenv."_js2n__-:definitions/IVpcFlowLogsConfig!contract"
+ | doc "VPC flog log configuration. Use this property to define a VPC-specific VPC flow logs configuration."
+ | optional,
+ },
+ "_js2n__-:definitions/IVpnConnectionConfig!contract"
+ | doc m%"
+ Use this configuration to define the VPN connections that
+ terminate either on a Transit Gateway or virtual private gateway.
+ A VPN connection refers to the connection between your VPC and your own on-premises network.
+ You can enable access to your remote network from your VPC by creating an
+ AWS Site-to-Site VPN (Site-to-Site VPN) connection, and configuring routing
+ to pass traffic through the connection.
+
+ **IMPORTANT**: After initial deployment of your VPN connection with any of the v1.5.0+ options noted below, you can make property changes in one of {@link VpnConnectionConfig } or {@link VpnTunnelOptionsSpecificationsConfig }, but not both.
+ You may make multiple property changes in one of those configurations if necessary. Trying to modify properties in both configurations will result in a pipeline failure. This is due to the fact that
+ only a single mutating API call can be made at a time for AWS Site-to-Site VPN connections.
+
+ Note: you may manually roll back the resulting CloudFormation stack should you encounter this failure. More details on how to skip failed resources in the following reference:
+ https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html
+ "%
+ = {
+ amazonIpv4NetworkCidr
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) The Amazon-side IPv4 CIDR range that is allowed through the site-to-site VPN tunnel. Configuring this option restricts the Amazon-side CIDR range that can communicate with your local network.
+
+ Default - `0.0.0.0/0`
+ "%
+ | optional,
+ customerIpv4NetworkCidr
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) The customer-side IPv4 CIDR range that is allowed through the site-to-site VPN tunnel. Configuring this option restricts the local CIDR range that can communicate with your AWS environment.
+
+ Default - `0.0.0.0/0`
+ "%
+ | optional,
+ enableVpnAcceleration
+ | Bool
+ | doc "(OPTIONAL) Enable Site-to-Site VPN Acceleration. For more information, see {@link https://docs.aws.amazon.com/vpn/latest/s2svpn/accelerated-vpn.html Accelerated Site-to-Site VPN connections } ."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The name of the VPN Connection.
+
+ The value of this property will be utilized as the logical id for this resource. Any references to this object should specify this value.
+ "%,
+ routeTableAssociations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of Transit Gateway route table names to associate the VPN attachment to"
+ | optional,
+ routeTablePropagations
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of Transit Gateway route table names to propagate the VPN attachment to"
+ | optional,
+ staticRoutesOnly
+ | Bool
+ | doc "(OPTIONAL) If creating a VPN connection for a device that doesn't support Border Gateway Protocol (BGP) declare true as a value, otherwise, use false."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) An array of tags for the VPN Connection."
+ | optional,
+ transitGateway
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The logical name of the Transit Gateway that the customer Gateway is attached to so that a VPN connection is established."
+ | optional,
+ tunnelSpecifications
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IVpnTunnelOptionsSpecificationsConfig!contract"
+ | doc "(OPTIONAL) Define the optional VPN Tunnel configuration"
+ | optional,
+ vpc
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The logical name of the Virtual Private Cloud that a Virtual Private Gateway is attached to."
+ | optional,
+ },
+ "_js2n__-:definitions/IVpnLoggingConfig!contract"
+ | doc m%"
+ Use this configuration to define CloudWatch log groups for your Site-to-Site VPN connections.
+ AWS Site-to-Site VPN logs provide you with deeper visibility into your Site-to-Site VPN deployments.
+ With this feature, you have access to Site-to-Site VPN connection logs that provide details on IP Security (IPsec) tunnel establishment,
+ Internet Key Exchange (IKE) negotiations, and dead peer detection (DPD) protocol messages.
+ "%
+ = {
+ enable
+ | Bool
+ | doc "(OPTIONAL) Enable site-to-site VPN tunnel logging to CloudWatch Logs."
+ | optional,
+ logGroupName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ (OPTIONAL) The name of the CloudWatch Logs log group that you would like tunnel logs to be sent to.
+
+ Default - Randomly generated name based on CDK stack and VPN resource name.
+ "%
+ | optional,
+ outputFormat
+ | _js2n__-refsenv."_js2n__-:definitions/VpnLoggingOutputFormatType!contract"
+ | doc m%"
+ (OPTIONAL) The output format of the VPN tunnel logs.
+
+ Default - `json`
+ "%
+ | optional,
+ },
+ "_js2n__-:definitions/IVpnTunnelOptionsSpecificationsConfig!contract"
+ | doc m%"
+ Use this configuration to define optional tunnel configurations for a site-to-site VPN connection.
+
+ **IMPORTANT**: After initial deployment of your VPN connection with any of the v1.5.0+ options noted below, you can only make property changes to one VPN tunnel per core pipeline run.
+ You may make multiple property changes in that one VPN tunnel if necessary. Trying to modify properties in both tunnels will result in a pipeline failure. This is due to the fact that
+ only a single mutating API call can be made at a time for AWS Site-to-Site VPN connections.
+
+ Note: you may manually roll back the resulting CloudFormation stack should you encounter this failure. More details on how to skip failed resources in the following reference:
+ https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html
+ "%
+ = {
+ dpdTimeoutAction
+ | _js2n__-refsenv."_js2n__-:definitions/DpdTimeoutActionType!contract"
+ | doc m%"
+ (OPTIONAL) Dead Peer Detection (DPD) timeout action. You can specify the action to take after DPD timeout occurs.
+
+ Default - `clear`
+ "%
+ | optional,
+ dpdTimeoutSeconds
+ | Number
+ | doc m%"
+ (OPTIONAL) The duration, in seconds, after which Dead Peer Detection (DPD) timeout occurs.
+
+ Default - `30`
+ "%
+ | optional,
+ ikeVersions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IkeVersionType!contract"
+ | doc m%"
+ (OPTIONAL) The Internet Key Exchange (IKE) versions that are permitted on the tunnel.
+
+ Default - `ikev1`,`ikev2`
+ "%
+ | optional,
+ logging
+ | _js2n__-refsenv."_js2n__-:definitions/IVpnLoggingConfig!contract"
+ | doc "(OPTIONAL) Site-to-Site VPN CloudWatch logging configuration."
+ | optional,
+ phase1
+ | _js2n__-refsenv."_js2n__-:definitions/IPhase1Config!contract"
+ | doc "(OPTIONAL) Internet Key Exchange (IKE) phase 1 configuration."
+ | optional,
+ phase2
+ | _js2n__-refsenv."_js2n__-:definitions/IPhase2Config!contract"
+ | doc "(OPTIONAL) Internet Key Exchange (IKE) phase 2 configuration."
+ | optional,
+ preSharedKey
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL): The Secrets Manager name that stores the pre-shared key (PSK), that exists in the same account and region that the VPN Connection will be created in."
+ | optional,
+ rekeyFuzzPercentage
+ | Number
+ | doc m%"
+ (OPTIONAL) The percentage of the rekey window (determined by the rekey margin time) within which the rekey time is randomly selected.
+
+ Default - `100`
+ "%
+ | optional,
+ rekeyMarginTimeSeconds
+ | Number
+ | doc m%"
+ (OPTIONAL) The margin time in seconds before the phase 1 and phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey.
+
+ Default - `270` (4.5 minutes)
+ "%
+ | optional,
+ replayWindowSize
+ | Number
+ | doc m%"
+ (OPTIONAL) The number of packets in an IKE replay window.
+
+ Default - `1024`
+ "%
+ | optional,
+ startupAction
+ | _js2n__-refsenv."_js2n__-:definitions/StartupActionType!contract"
+ | doc m%"
+ (OPTIONAL) The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify `start` for Amazon Web Services to initiate the IKE negotiation.
+
+ Default - `add`
+ "%
+ | optional,
+ tunnelInsideCidr
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL): The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway."
+ | optional,
+ tunnelLifecycleControl
+ | Bool
+ | doc "(OPTIONAL) Enable tunnel endpoint lifecycle control. This feature provides control over the schedule of endpoint replacements. For more information, see {@link https://docs.aws.amazon.com/vpn/latest/s2svpn/tunnel-endpoint-lifecycle.html Tunnel Endpoint Lifecycle Control } ."
+ | optional,
+ },
+ "_js2n__-:definitions/IkeVersionType!contract" =
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.enum [ 1, 2 ]
+ ]),
+ "_js2n__-:definitions/InstanceTenancyType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'dedicated, '"default" |] ],
+ "_js2n__-:definitions/IntegrityAlgorithmType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'SHA2-512, 'SHA2-384, 'SHA2-256, 'SHA1 |]
+ ],
+ "_js2n__-:definitions/IpAddressFamilyType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'IPv6, 'IPv4 |] ],
+ "_js2n__-:definitions/IpVersionType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'ipv6, 'ipv4 |] ],
+ "_js2n__-:definitions/LoadBalancerSchemeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'internal, 'internet-facing |] ],
+ "_js2n__-:definitions/LogDestinationType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'cloud-watch-logs, 's3 |] ],
+ "_js2n__-:definitions/MutationProtectionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'DISABLED, 'ENABLED |] ],
+ "_js2n__-:definitions/NetbiosNodeType!contract" =
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.enum [ 1, 2, 4, 8 ]
+ ]),
+ "_js2n__-:definitions/NfwGeneratedRulesType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'DENYLIST, 'ALLOWLIST |] ],
+ "_js2n__-:definitions/NfwLogType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'FLOW, 'ALERT |] ],
+ "_js2n__-:definitions/NfwRuleType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'STATELESS, 'STATEFUL |] ],
+ "_js2n__-:definitions/NfwStatefulDefaultActionType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ '"aws:alert_established",
+ '"aws:alert_strict",
+ '"aws:drop_established",
+ '"aws:drop_strict"
+ |]
+ ],
+ "_js2n__-:definitions/NfwStatefulRuleActionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'PASS, 'DROP, 'ALERT |] ],
+ "_js2n__-:definitions/NfwStatefulRuleDirectionType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'FORWARD, 'ANY |] ],
+ "_js2n__-:definitions/NfwStatefulRuleOptionsType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'STRICT_ORDER, 'DEFAULT_ACTION_ORDER |]
+ ],
+ "_js2n__-:definitions/NfwStatefulRuleProtocolType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'UDP,
+ 'TLS,
+ 'TFTP,
+ 'TCP,
+ 'SSH,
+ 'SMTP,
+ 'SMB,
+ 'NTP,
+ 'MSN,
+ 'KRB5,
+ 'IP,
+ 'IMAP,
+ 'IKEV2,
+ 'ICMP,
+ 'HTTP,
+ 'FTP,
+ 'DNS,
+ 'DHCP,
+ 'DCERPC
+ |]
+ ],
+ "_js2n__-:definitions/NfwStatelessRuleActionType!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "aws:pass", "aws:drop", "aws:forward_to_sfe" ]
+ ],
+ "_js2n__-:definitions/NfwStatelessRuleTcpFlagType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'CWR, 'ECE, 'URG, 'ACK, 'PSH, 'RST, 'SYN, 'FIN |]
+ ],
+ "_js2n__-:definitions/NfwTargetType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'HTTP_HOST, 'TLS_SNI |] ],
+ "_js2n__-:definitions/NlbProtocolEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'TCP_UDP, 'TLS, 'UDP, 'TCP |] ],
+ "_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ]),
+ "_js2n__-:definitions/NonEmptyString!predicate"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ],
+ "_js2n__-:definitions/Phase1DhGroupType!contract" =
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.enum
+ [ 2, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24 ]
+ ]),
+ "_js2n__-:definitions/Phase2DhGroupType!contract" =
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Number",
+ _js2n__-prdslib.enum
+ [ 2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24 ]
+ ]),
+ "_js2n__-:definitions/Region!contract"
+ | doc "AWS Region"
+ = std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'us-west-2,
+ 'us-west-1,
+ 'us-iso-west-1,
+ 'us-isob-east-1,
+ 'us-iso-east-1,
+ 'us-gov-east-1,
+ 'us-gov-west-1,
+ 'us-east-2,
+ 'us-east-1,
+ 'sa-east-1,
+ 'me-south-1,
+ 'me-central-1,
+ 'il-central-1,
+ 'eu-west-3,
+ 'eu-west-2,
+ 'eu-west-1,
+ 'eu-south-2,
+ 'eu-south-1,
+ 'eu-north-1,
+ 'eu-central-2,
+ 'eu-central-1,
+ 'cn-northwest-1,
+ 'cn-north-1,
+ 'ca-west-1,
+ 'ca-central-1,
+ 'ap-southeast-4,
+ 'ap-southeast-3,
+ 'ap-southeast-2,
+ 'ap-southeast-1,
+ 'ap-south-2,
+ 'ap-south-1,
+ 'ap-northeast-3,
+ 'ap-northeast-2,
+ 'ap-northeast-1,
+ 'ap-east-1,
+ 'af-south-1
+ |]
+ ],
+ "_js2n__-:definitions/Region!predicate"
+ | doc "AWS Region"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "af-south-1",
+ "ap-east-1",
+ "ap-northeast-1",
+ "ap-northeast-2",
+ "ap-northeast-3",
+ "ap-south-1",
+ "ap-south-2",
+ "ap-southeast-1",
+ "ap-southeast-2",
+ "ap-southeast-3",
+ "ap-southeast-4",
+ "ca-central-1",
+ "ca-west-1",
+ "cn-north-1",
+ "cn-northwest-1",
+ "eu-central-1",
+ "eu-central-2",
+ "eu-north-1",
+ "eu-south-1",
+ "eu-south-2",
+ "eu-west-1",
+ "eu-west-2",
+ "eu-west-3",
+ "il-central-1",
+ "me-central-1",
+ "me-south-1",
+ "sa-east-1",
+ "us-east-1",
+ "us-east-2",
+ "us-gov-west-1",
+ "us-gov-east-1",
+ "us-iso-east-1",
+ "us-isob-east-1",
+ "us-iso-west-1",
+ "us-west-1",
+ "us-west-2"
+ ]
+ ],
+ "_js2n__-:definitions/ResolverEndpointType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'OUTBOUND, 'INBOUND |] ],
+ "_js2n__-:definitions/RouteTableEntryType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'vpcPeering,
+ 'virtualPrivateGateway,
+ 'networkInterface,
+ 'networkFirewall,
+ 'gatewayLoadBalancerEndpoint,
+ 'gatewayEndpoint,
+ 'localGateway,
+ 'local,
+ 'egressOnlyIgw,
+ 'internetGateway,
+ 'natGateway,
+ 'transitGateway
+ |]
+ ],
+ "_js2n__-:definitions/RoutingHttpXffHeaderProcessingModeEnum!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'remove, 'preserve, 'append |] ],
+ "_js2n__-:definitions/RuleType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'SYSTEM, 'RECURSIVE, 'FORWARD |] ],
+ "_js2n__-:definitions/SecurityGroupRuleType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ALL,
+ 'ICMP,
+ 'UDP,
+ 'TCP,
+ 'ORACLE-RDS,
+ 'POSTGRESQL,
+ 'REDSHIFT,
+ '"MYSQL/AURORA",
+ 'MSSQL,
+ 'HTTPS,
+ 'HTTP,
+ 'SSH,
+ 'RDP
+ |]
+ ],
+ "_js2n__-:definitions/SslPolicyAlbEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ELBSecurityPolicy-2016-08,
+ 'ELBSecurityPolicy-FS-1-2-Res-2020-10,
+ 'ELBSecurityPolicy-2015-05,
+ 'ELBSecurityPolicy-FS-1-2-Res-2019-08,
+ 'ELBSecurityPolicy-FS-1-2-2019-08,
+ 'ELBSecurityPolicy-FS-1-1-2019-08,
+ 'ELBSecurityPolicy-FS-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-Ext-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-2017-01,
+ 'ELBSecurityPolicy-TLS-1-1-2017-01,
+ 'ELBSecurityPolicy-TLS-1-0-2015-04
+ |]
+ ],
+ "_js2n__-:definitions/SslPolicyNlbEnum!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ELBSecurityPolicy-2016-08,
+ 'ELBSecurityPolicy-TLS13-1-3-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-0-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-1-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-Res-2021-06,
+ 'ELBSecurityPolicy-TLS13-1-2-2021-06,
+ 'ELBSecurityPolicy-FS-1-2-Res-2020-10,
+ 'ELBSecurityPolicy-2015-05,
+ 'ELBSecurityPolicy-FS-1-2-Res-2019-08,
+ 'ELBSecurityPolicy-FS-1-2-2019-08,
+ 'ELBSecurityPolicy-FS-1-1-2019-08,
+ 'ELBSecurityPolicy-FS-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-Ext-2018-06,
+ 'ELBSecurityPolicy-TLS-1-2-2017-01,
+ 'ELBSecurityPolicy-TLS-1-1-2017-01,
+ 'ELBSecurityPolicy-TLS-1-0-2015-04
+ |]
+ ],
+ "_js2n__-:definitions/StartupActionType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'start, 'add |] ],
+ "_js2n__-:definitions/StorageClass!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ONEZONE_IA,
+ 'INTELLIGENT_TIERING,
+ 'STANDARD_IA,
+ 'GLACIER_IR,
+ 'GLACIER,
+ 'DEEP_ARCHIVE
+ |]
+ ],
+ "_js2n__-:definitions/TargetGroupAttributeAlgorithm!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'least_outstanding_requests, 'round_robin |]
+ ],
+ "_js2n__-:definitions/TargetGroupAttributeStickinessType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'source_ip_dest_ip_proto,
+ 'source_ip_dest_ip,
+ 'source_ip,
+ 'app_cookie,
+ 'lb_cookie
+ |]
+ ],
+ "_js2n__-:definitions/TargetGroupHealthCheckProtocolType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'TCP, 'HTTPS, 'HTTP |] ],
+ "_js2n__-:definitions/TargetGroupProtocolType!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'GENEVE, 'HTTPS, 'HTTP, 'TCP_UDP, 'UDP, 'TLS, 'TCP |]
+ ],
+ "_js2n__-:definitions/TargetGroupProtocolVersionType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'HTTP2, 'HTTP1, 'GRPC |] ],
+ "_js2n__-:definitions/TargetGroupTargetFailoverType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'rebalance, 'no_rebalance |] ],
+ "_js2n__-:definitions/TargetGroupType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'lambda, 'alb, 'ip, 'instance |] ],
+ "_js2n__-:definitions/TrafficType!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'REJECT, 'ACCEPT, 'ALL |] ],
+ "_js2n__-:definitions/VpnLoggingOutputFormatType!contract" =
+ std.contract.Sequence [ std.enum.TagOrString, [| 'text, 'json |] ],
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/INetworkConfig!contract"
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Organization Config.ncl b/out/Landing Zone Accelerator on AWS - Organization Config.ncl
new file mode 100644
index 0000000..f4e15f6
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Organization Config.ncl
@@ -0,0 +1,1055 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/IBackupPolicyConfig!contract"
+ | doc m%"
+ Organization backup policy
+
+ Backup policies enable you to deploy organization-wide backup plans to help ensure compliance across your organization's accounts.
+ Using policies helps ensure consistency in how you implement your backup plans
+ "%
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Backup policy deployment targets",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A description to assign to the policy.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name to assign to the policy. The regex pattern that is used to validate this parameter is a string of any of the characters in the ASCII character range.",
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Backup policy definition json file. This file must be present in config repository",
+ },
+ "_js2n__-:definitions/IDeploymentTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ excludedAccounts | Array (String) | optional,
+ excludedRegions | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/IOrganizationConfig!contract"
+ | doc "Organization configuration"
+ = {
+ backupPolicies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IBackupPolicyConfig!contract"
+ | doc "A Record of Backup Policy configurations",
+ enable | Bool | doc "Indicates whether AWS Organization enabled.",
+ organizationalUnitIds
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IOrganizationalUnitIdConfig!contract"
+ | doc "Optionally provide a list of Organizational Unit IDs to bypass the usage of the AWS Organizations Client lookup. This is not a readonly member since we will initialize it with values if it is not provided"
+ | optional,
+ organizationalUnits
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IOrganizationalUnitConfig!contract"
+ | doc "A Record of Organizational Unit configurations",
+ quarantineNewAccounts
+ | _js2n__-refsenv."_js2n__-:definitions/IQuarantineNewAccountsConfig!contract"
+ | doc "A record of Quarantine New Accounts configuration"
+ | optional,
+ serviceControlPolicies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IServiceControlPolicyConfig!contract"
+ | doc "A Record of Service Control Policy configurations",
+ taggingPolicies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITaggingPolicyConfig!contract"
+ | doc "A Record of Tagging Policy configurations",
+ },
+ "_js2n__-:definitions/IOrganizationalUnitConfig!contract"
+ | doc "AWS Organizational Unit (OU) configuration"
+ = {
+ ignore
+ | Bool
+ | doc "Optional property used to ignore organizational unit and the associated accounts Default value is false"
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The name and nested path that you want to assign to the OU. When referring to OU's in the other configuration files ensure that the name matches what has been provided here. For example if you wanted an OU directly off of root just supply the OU name. Always configure all of the OUs in the path. A nested OU configuration would be like this
+ - name: Sandbox
+ - name: Sandbox/Pipeline
+ - name: Sandbox/Development
+ - name: Sandbox/Development/Application1
+ "%,
+ },
+ "_js2n__-:definitions/IOrganizationalUnitIdConfig!contract"
+ | doc "Organizational unit id configuration"
+ = {
+ arn
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "OU arn",
+ id
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "OU id",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A name for the OU",
+ },
+ "_js2n__-:definitions/IQuarantineNewAccountsConfig!contract"
+ | doc "Quarantine SCP application configuration"
+ = {
+ enable
+ | Bool
+ | doc "Indicates where or not a Quarantine policy is applied when new accounts are created. If enabled all accounts created by any means will have the configured policy applied.",
+ scpPolicyName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The policy to apply to new accounts. This value must exist if the feature is enabled. The name must also match a policy that is defined in the serviceControlPolicy section."
+ | optional,
+ },
+ "_js2n__-:definitions/IServiceControlPolicyConfig!contract"
+ | doc "Service control policy configuration"
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Service control policy strategy. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_strategies.html",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A description to assign to the policy.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name to assign to the policy. The regex pattern that is used to validate this parameter is a string of any of the characters in the ASCII character range.",
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Service control definition json file. This file must be present in config repository",
+ strategy
+ | std.enum.TagOrString
+ | [| 'allow-list, 'deny-list |]
+ | doc "Service control policy deployment targets"
+ | optional,
+ type
+ | std.enum.TagOrString
+ | [| 'customerManaged, 'awsManaged |]
+ | doc "Kind of service control policy",
+ },
+ "_js2n__-:definitions/ITaggingPolicyConfig!contract"
+ | doc m%"
+ Organizations tag policy.
+
+ Tag policies help you standardize tags on all tagged resources across your organization.
+ You can use tag policies to define tag keys (including how they should be capitalized) and their allowed values.
+ "%
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Tagging policy deployment targets",
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A description to assign to the policy.",
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The friendly name to assign to the policy. The regex pattern that is used to validate this parameter is a string of any of the characters in the ASCII character range.",
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Tagging policy definition json file. This file must be present in config repository",
+ },
+ "_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ]),
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/IOrganizationConfig!contract"
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Replacements Config.ncl b/out/Landing Zone Accelerator on AWS - Replacements Config.ncl
new file mode 100644
index 0000000..a869ab1
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Replacements Config.ncl
@@ -0,0 +1,977 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/IParameterReplacement!predicate"
+ | doc m%"
+ Fixed replacement value to apply throughout config files. Loaded from SSM
+ parameters in the management account in the HOME_REGION.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "key", "path" ],
+ _js2n__-prdslib.records.record
+ {
+ key =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ path =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IParameterReplacementV2!predicate"
+ | doc m%"
+ Fixed replacement value to apply throughout config files. Loaded from SSM
+ parameters in the management account in the HOME_REGION.
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "key", "type" ],
+ _js2n__-prdslib.records.record
+ {
+ key =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ path =
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ type =
+ _js2n__-refsenv."_js2n__-:definitions/ParameterReplacementType!predicate",
+ value =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ]
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/IReplacementsConfig!contract"
+ | doc "Accelerator replacements configuration"
+ = {
+ globalReplacements
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/IParameterReplacement!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/IParameterReplacementV2!predicate"
+ ])
+ )
+ | doc "The set of placeholder parameters (key/path pairs) that will be merged with yaml configuration files."
+ | optional,
+ },
+ "_js2n__-:definitions/NonEmptyString!predicate"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ],
+ "_js2n__-:definitions/ParameterReplacementType!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "SSM", "String", "StringList" ]
+ ],
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/IReplacementsConfig!contract"
\ No newline at end of file
diff --git a/out/Landing Zone Accelerator on AWS - Security Config.ncl b/out/Landing Zone Accelerator on AWS - Security Config.ncl
new file mode 100644
index 0000000..0d04f1b
--- /dev/null
+++ b/out/Landing Zone Accelerator on AWS - Security Config.ncl
@@ -0,0 +1,2181 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/IAccessAnalyzerConfig!contract"
+ | doc "AWS AccessAnalyzer configuration"
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether AWS AccessAnalyzer enabled in your organization.",
+ },
+ "_js2n__-:definitions/IAlarmConfig!contract"
+ | doc "AWS CloudWatch Alarm configuration"
+ = {
+ alarmDescription
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Description for the alarm",
+ alarmName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the alarm",
+ comparisonOperator
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Comparison to use to check if metric is breaching",
+ evaluationPeriods
+ | Number
+ | doc "The number of periods over which data is compared to the specified threshold.",
+ metricName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the metric.",
+ namespace
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Namespace of the metric.",
+ period
+ | Number
+ | doc "The period over which the specified statistic is applied.",
+ snsAlertLevel
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Alert SNS notification level Deprecated"
+ | optional,
+ snsTopicName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) SNS Topic Name SNS Topic Name from global config"
+ | optional,
+ statistic
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ What functions to use for aggregating.
+
+ Can be one of the following:
+ - “Minimum” | “min”
+ - “Maximum” | “max”
+ - “Average” | “avg”
+ - “Sum” | “sum”
+ - “SampleCount | “n”
+ - “pNN.NN”
+ "%,
+ threshold
+ | Number
+ | doc "The value against which the specified statistic is compared.",
+ treatMissingData
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Sets how this alarm is to handle missing data points.",
+ },
+ "_js2n__-:definitions/IAlarmSetConfig!contract"
+ | doc "AWS CloudWatch Alarm sets"
+ = {
+ alarms
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAlarmConfig!contract"
+ | doc m%"
+ List of AWS CloudWatch Alarms
+
+ Following example will create CIS-1.1-RootAccountUsage alarm for RootAccountUsage metric with notification level low
+ "%,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Deployment targets for CloudWatch Alarms configuration",
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "AWS region names to configure CloudWatch Alarms"
+ | optional,
+ },
+ "_js2n__-:definitions/IAuditManagerConfig!contract"
+ | doc "Use this configuration to enable AWS Audit Manager for an AWS Organization."
+ = {
+ defaultReportsConfiguration
+ | _js2n__-refsenv."_js2n__-:definitions/IAuditManagerDefaultReportsDestinationConfig!contract"
+ | doc "AWS Audit Manager Default Reports configuration.",
+ enable | Bool | doc "Indicates whether AWS Audit Manager enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring AWS Audit Manager. Please ensure any regions enabled in the global configuration that do not support Audit Manager are added to the excluded regions list. {@link https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/ Supported services by region } ."
+ | optional,
+ lifecycleRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILifecycleRule!contract"
+ | doc "(OPTIONAL) Declaration of a S3 Lifecycle rule."
+ | optional,
+ },
+ "_js2n__-:definitions/IAuditManagerDefaultReportsDestinationConfig!contract"
+ | doc m%"
+ AWS Audit Manager Default Reports Destination configuration.
+ Use this configuration to enable a destination for reports generated by AWS Audit Manager.
+ "%
+ = {
+ destinationType
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.const "S3"
+ ])
+ | doc "The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported.",
+ enable
+ | Bool
+ | doc "Indicates whether AWS Audit Manager Default Reports enabled.",
+ },
+ "_js2n__-:definitions/IAwsConfig!contract"
+ | doc "AWS Config Recorder and Rules"
+ = {
+ aggregation
+ | _js2n__-refsenv."_js2n__-:definitions/IAwsConfigAggregation!contract"
+ | doc "Config Recorder Aggregation configuration"
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc m%"
+ (OPTIONAL) AWS Config deployment target.
+
+ Leaving `deploymentTargets` undefined will enable AWS Config across all accounts and enabled regions.
+
+ We highly recommend enabling AWS Config across all accounts and enabled regions within your organization. `deploymentTargets` should only be used when more granular control is required, not as a default configuration.
+
+ To enable AWS Config into Infrastructure organizational unit, you need to provide below value for this parameter.
+ "%
+ | optional,
+ enableConfigurationRecorder
+ | Bool
+ | doc m%"
+ Indicates whether AWS Config recorder enabled.
+
+ To enable AWS Config, you must create a configuration recorder
+
+ ConfigurationRecorder resource describes the AWS resource types for which AWS Config records configuration changes. The configuration recorder stores the configurations of the supported resources in your account as configuration items.
+ "%,
+ enableDeliveryChannel
+ | Bool
+ | doc m%"
+ Indicates whether delivery channel enabled.
+
+ AWS Config uses the delivery channel to deliver the configuration changes to your Amazon S3 bucket. DEPRECATED
+ "%
+ | optional,
+ overrideExisting
+ | Bool
+ | doc m%"
+ Indicates whether or not to override existing config recorder settings Must be enabled if any account and region combination has an existing config recorder, even if config recording is turned off The Landing Zone Accelerator will override the settings in all configured accounts and regions
+ ** Do not enable this setting if you have deployed LZA
+ ** successfully with enableConfigurationRecorder set to true
+ ** and overrideExisting either unset or set to false
+ ** Doing so will cause a resource conflict When the overrideExisting property is enabled ensure that any scp's are not blocking the passRole iam permission for the iam role name {acceleratorPrefix}Config
+ "%
+ | optional,
+ ruleSets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAwsConfigRuleSet!contract"
+ | doc "AWS Config rule sets"
+ | optional,
+ },
+ "_js2n__-:definitions/IAwsConfigAggregation!contract"
+ | doc m%"
+ AWS Config Aggregation Configuration
+ Not used in Control Tower environment
+ Aggregation will be configured in all enabled regions
+ unless specifically excluded
+ If the delegatedAdmin account is not provided
+ config will be aggregated to the management account
+ "%
+ = {
+ delegatedAdminAccount
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | optional,
+ enable | Bool,
+ },
+ "_js2n__-:definitions/IAwsConfigRuleSet!contract"
+ | doc "List of AWS Config rules"
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc m%"
+ Config ruleset deployment target.
+
+ To configure AWS Config rules into Root and Infrastructure organizational units, you need to provide below value for this parameter.
+ "%,
+ rules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IConfigRule!contract"
+ | doc m%"
+ AWS Config rule set
+
+ Following example will create a custom rule named accelerator-attach-ec2-instance-profile with remediation and a managed rule named accelerator-iam-user-group-membership-check without remediation
+ "%,
+ },
+ "_js2n__-:definitions/ICentralSecurityServicesConfig!contract"
+ | doc "AWS Accelerator central security services configuration"
+ = {
+ auditManager
+ | _js2n__-refsenv."_js2n__-:definitions/IAuditManagerConfig!contract"
+ | doc "(OPTIONAL) Amazon Audit Manager Configuration"
+ | optional,
+ delegatedAdminAccount
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Designated administrator account name for accelerator security services. AWS organizations designate a member account as a delegated administrator for the organization users and roles from that account can perform administrative actions for security services like Macie, GuardDuty, Detective and Security Hub. Without designated administrator account administrative tasks for security services are performed only by users or roles in the organization's management account. This helps you to separate management of the organization from management of these security services. Accelerator use Audit account as designated administrator account.",
+ detective
+ | _js2n__-refsenv."_js2n__-:definitions/IDetectiveConfig!contract"
+ | doc "(OPTIONAL) Amazon Detective Configuration"
+ | optional,
+ ebsDefaultVolumeEncryption
+ | _js2n__-refsenv."_js2n__-:definitions/IEbsDefaultVolumeEncryptionConfig!contract"
+ | doc m%"
+ AWS Elastic Block Store default encryption configuration
+
+ Accelerator use this parameter to configure EBS default encryption. Accelerator will create KMS key for every AWS environment (account and region), which will be used as default EBS encryption key.
+
+ To enable EBS default encryption in every region accelerator implemented, you need to provide below value for this parameter.
+ "%,
+ guardduty
+ | _js2n__-refsenv."_js2n__-:definitions/IGuardDutyConfig!contract"
+ | doc "Amazon GuardDuty Configuration",
+ macie
+ | _js2n__-refsenv."_js2n__-:definitions/IMacieConfig!contract"
+ | doc m%"
+ Amazon Macie Configuration
+
+ Accelerator use this parameter to define AWS Macie configuration.
+
+ To enable Macie in every region accelerator implemented and set fifteen minutes of frequency to publish updates to policy findings for the account with publishing sensitive data findings to Security Hub. you need to provide below value for this parameter.
+ "%,
+ s3PublicAccessBlock
+ | _js2n__-refsenv."_js2n__-:definitions/IS3PublicAccessBlockConfig!contract"
+ | doc m%"
+ AWS S3 public access block configuration
+
+ Accelerator use this parameter to block AWS S3 public access
+
+ To enable S3 public access blocking in every region accelerator implemented, you need to provide below value for this parameter.
+ "%,
+ scpRevertChangesConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IScpRevertChangesConfig!contract"
+ | doc "(OPTIONAL) AWS Service Control Policies Revert Manual Changes configuration"
+ | optional,
+ securityHub
+ | _js2n__-refsenv."_js2n__-:definitions/ISecurityHubConfig!contract"
+ | doc m%"
+ AWS Security Hub configuration
+
+ Accelerator use this parameter to define AWS Security Hub configuration.
+
+ To enable AWS Security Hub for all regions and enable "AWS Foundational Security Best Practices v1.0.0" security standard, deployment targets and disable controls you need provide below value for this parameter.
+ "%,
+ snsSubscriptions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISnsSubscriptionConfig!contract"
+ | doc m%"
+ AWS SNS subscription configuration Deprecated
+
+ NOTICE: The configuration of SNS topics is being moved to the Global Config. This block is deprecated and will be removed in a future release
+
+ Accelerator use this parameter to define AWS SNS notification configuration.
+
+ To enable high, medium and low SNS notifications, you need to provide below value for this parameter.
+ "%
+ | optional,
+ ssmAutomation
+ | _js2n__-refsenv."_js2n__-:definitions/ISsmAutomationConfig!contract"
+ | doc m%"
+ AWS Systems Manager Document configuration
+
+ Accelerator use this parameter to define AWS Systems Manager documents configuration. SSM documents are created in designated administrator account for security services, i.e. Audit account.
+
+ To create a SSM document named as "SSM-ELB-Enable-Logging" in every region accelerator implemented and share this document with Root organizational unit(OU), you need to provide below value for this parameter. To share document to specific account uncomment accounts list. A valid SSM document template file ssm-documents/ssm-elb-enable-logging.yaml must be present in Accelerator config repository. Accelerator will use this template file to create the document.
+ "%,
+ },
+ "_js2n__-:definitions/ICloudWatchConfig!contract"
+ | doc "AWS CloudWatch configuration"
+ = {
+ alarmSets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IAlarmSetConfig!contract"
+ | doc m%"
+ List AWS CloudWatch Alarms configuration
+
+ Following example will create CIS-1.1-RootAccountUsage alarm for RootAccountUsage metric with notification level low
+ "%,
+ logGroups
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILogGroupsConfig!contract"
+ | doc m%"
+ (OPTIONAL) List CloudWatch Logs configuration
+
+ The Following is an example of deploying CloudWatch Logs to multiple regions
+ "%
+ | optional,
+ metricSets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IMetricSetConfig!contract"
+ | doc m%"
+ List AWS CloudWatch Metrics configuration
+
+ Following example will create metric filter RootAccountMetricFilter for aws-controltower/CloudTrailLogs log group
+ "%,
+ },
+ "_js2n__-:definitions/IConfigRule!contract"
+ | doc "AWS ConfigRule configuration"
+ = {
+ complianceResourceTypes
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Defines which resources trigger an evaluation for an AWS Config rule."
+ | optional,
+ customRule
+ | _js2n__-refsenv."_js2n__-:definitions/ICustomRuleConfigType!contract"
+ | doc "(OPTIONAL) A custom config rule is backed by AWS Lambda function. This is required when creating custom config rule."
+ | optional,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description about this AWS Config rule."
+ | optional,
+ identifier
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The identifier of the AWS managed rule."
+ | optional,
+ inputParameters
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {} {} true
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!predicate"
+ ],
+ _js2n__-prdslib.isType 'Null
+ ])
+ | doc "(OPTIONAL) Input parameter values that are passed to the AWS Config rule."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A name for the AWS Config rule.",
+ remediation
+ | _js2n__-refsenv."_js2n__-:definitions/IConfigRuleRemediationType!contract"
+ | doc "A remediation for the config rule, auto remediation to automatically remediate noncompliant resources."
+ | optional,
+ tags
+ | Array _js2n__-refsenv."_js2n__-:definitions/ITag!contract"
+ | doc "(OPTIONAL) Tags for the config rule"
+ | optional,
+ type
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Config rule type Managed or Custom. For custom config rule, this parameter value is Custom, when creating managed config rule this parameter value can be undefined or empty string"
+ | optional,
+ },
+ "_js2n__-:definitions/IConfigRuleRemediationType!contract" =
+ {
+ automatic
+ | Bool
+ | doc "The remediation is triggered automatically.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "List of AWS Region names to be excluded from applying remediation"
+ | optional,
+ maximumAutomaticAttempts
+ | Number
+ | doc m%"
+ The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.
+
+ For example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.
+ "%
+ | optional,
+ parameters
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IRemediationParametersConfigType!contract"
+ | doc "List of remediation parameters"
+ | optional,
+ retryAttemptSeconds
+ | Number
+ | doc m%"
+ Maximum time in seconds that AWS Config runs auto-remediation. If you do not select a number, the default is 60 seconds.
+
+ For example, if you specify RetryAttemptSeconds as 50 seconds and MaximumAutomaticAttempts as 5, AWS Config will run auto-remediations 5 times within 50 seconds before throwing an exception.
+ "%
+ | optional,
+ rolePolicyFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ Remediation assume role policy definition json file. This file must be present in config repository.
+
+ Create your own custom remediation actions using AWS Systems Manager Automation documents. When a role needed to be created to perform custom remediation actions, role permission needs to be defined in this file.
+ "%,
+ targetAccountName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the account owning the public document to perform custom remediation actions. Accelerator creates these documents in Audit account and shared with other accounts."
+ | optional,
+ targetDocumentLambda
+ | _js2n__-refsenv."_js2n__-:definitions/ICustomRuleLambdaType!contract"
+ | doc "Target SSM document remediation lambda function"
+ | optional,
+ targetId
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ Target ID is the name of the public document.
+
+ The name of the AWS SSM document to perform custom remediation actions.
+ "%,
+ targetVersion
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ Version of the target. For example, version of the SSM document.
+
+ If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.
+ "%
+ | optional,
+ },
+ "_js2n__-:definitions/ICustomRuleConfigType!contract" =
+ {
+ configurationChanges
+ | Bool
+ | doc m%"
+ Whether to run the rule on configuration changes.
+
+ Default: false
+ "%
+ | optional,
+ lambda
+ | _js2n__-refsenv."_js2n__-:definitions/ICustomRuleLambdaType!contract"
+ | doc "The Lambda function to run.",
+ maximumExecutionFrequency
+ | String
+ | doc m%"
+ The maximum frequency at which the AWS Config rule runs evaluations.
+
+ Default: MaximumExecutionFrequency.TWENTY_FOUR_HOURS
+ "%,
+ periodic
+ | Bool
+ | doc "Whether to run the rule on a fixed frequency."
+ | optional,
+ triggeringResources
+ | _js2n__-refsenv."_js2n__-:definitions/ITriggeringResourceType!contract"
+ | doc "Defines which resources trigger an evaluation for an AWS Config rule.",
+ },
+ "_js2n__-:definitions/ICustomRuleLambdaType!contract" =
+ {
+ handler
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the method within your code that Lambda calls to execute your function. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-features.html#gettingstarted-features-programmingmodel.",
+ rolePolicyFile
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Lambda execution role policy definition file",
+ runtime
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The runtime environment for the Lambda function that you are uploading. For valid values, see the Runtime property in the AWS Lambda Developer Guide.",
+ sourceFilePath
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The source code file path of your Lambda function. This is a zip file containing lambda function, this file must be available in config repository.",
+ timeout
+ | Number
+ | doc "Lambda function execution timeout in seconds"
+ | optional,
+ },
+ "_js2n__-:definitions/IDeploymentTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ excludedAccounts | Array (String) | optional,
+ excludedRegions | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/IDetectiveConfig!contract"
+ | doc m%"
+ Use this configuration to enable Amazon Detective for an AWS Organization that allows users to analyze, investigate, and
+ quickly identify the root cause of security findings or suspicious activities.
+ "%
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether Amazon Detective is enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring Amazon Detective. Please ensure any regions enabled in the global configuration that do not support Amazon Detective are added to the excluded regions list. {@link https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/ Supported services by region } ."
+ | optional,
+ },
+ "_js2n__-:definitions/IDocumentConfig!contract"
+ | doc m%"
+ Use this configuration to define AWS System Manager documents (SSM documents) that can be used on managed instances in an
+ environment.
+ "%
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of document to be created",
+ targetType
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: /AWS::EC2::Instance. If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see AWS resource and property types reference in the AWS CloudFormation User Guide. Ref: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html Length Constraints: Maximum length of 200. Pattern: ^\\/[\\w\\.\\-\\:\\/]*$"
+ | optional,
+ template
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Document template file path. This file must be available in accelerator config repository.",
+ },
+ "_js2n__-:definitions/IDocumentSetConfig!contract"
+ | doc "AWS Systems Manager document sharing configuration"
+ = {
+ documents
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDocumentConfig!contract"
+ | doc "List of the documents to be shared",
+ shareTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IShareTargets!contract"
+ | doc "Document share target, valid value should be any organizational unit. Document will be shared with every account within the given OU",
+ },
+ "_js2n__-:definitions/IEbsDefaultVolumeEncryptionConfig!contract"
+ | doc "Use this configuration to enable enforced encryption of new EBS volumes and snapshots created in an AWS environment."
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "(OPTIONAL) Deployment targets for EBS default volume encryption"
+ | optional,
+ enable
+ | Bool
+ | doc "Indicates whether AWS EBS volume have default encryption enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring AWS EBS volume default encryption"
+ | optional,
+ kmsKey
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) KMS key to encrypt EBS volume."
+ | optional,
+ },
+ "_js2n__-:definitions/IEncryptionConfig!contract"
+ | doc "Use this configuration to enable encryption for a log group."
+ = {
+ kmsKeyArn
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Reference the KMS Key Arn that is used to encrypt the AWS CloudWatch Logs Group. This should be a KMS Key that is not managed by Landing Zone Accelerator."
+ | optional,
+ kmsKeyName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Use this property to reference a KMS Key Name that is created by Landing Zone Accelerator."
+ | optional,
+ useLzaManagedKey
+ | Bool
+ | doc "(OPTIONAL) Set this property to `true` if you would like to use the default CloudWatch Logs KMS CMK that is deployed by Landing Zone Accelerator."
+ | optional,
+ },
+ "_js2n__-:definitions/IGuardDutyConfig!contract"
+ | doc m%"
+ AWS GuardDuty configuration
+ Use this configuration to enable Amazon GuardDuty for an AWS Organization, as well as other modular
+ feature protections.
+ "%
+ = {
+ autoEnableOrgMembers
+ | Bool
+ | doc m%"
+ (OPTIONAL) Enables/disables the auto enabling of GuardDuty for any account including the new accounts joining the organization
+
+ It is recommended to set the value to `false` when using the `deploymentTargets` property to enable GuardDuty only on targeted accounts mentioned in the deploymentTargets. If you do not define or do not set it to `false` any new accounts joining the organization will automatically be enabled with GuardDuty.
+ "%
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc m%"
+ (OPTIONAL) Deployment targets for GuardDuty
+
+ We highly recommend enabling GuardDuty across all accounts and enabled regions within your organization. `deploymentTargets` should only be used when more granular control is required, not as a default configuration Please only specify one of the `deploymentTargets` or `excludeRegions` properties.
+ "%
+ | optional,
+ eksProtection
+ | _js2n__-refsenv."_js2n__-:definitions/IGuardDutyEksProtectionConfig!contract"
+ | doc "(OPTIONAL) AWS GuardDuty EKS Protection configuration."
+ | optional,
+ enable | Bool | doc "Indicates whether AWS GuardDuty enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc m%"
+ (OPTIONAL) List of AWS Region names to be excluded from configuring Amazon GuardDuty
+
+ Please only specify one of the `excludeRegions` or `deploymentTargets` properties.
+ "%
+ | optional,
+ exportConfiguration
+ | _js2n__-refsenv."_js2n__-:definitions/IGuardDutyExportFindingsConfig!contract"
+ | doc "AWS GuardDuty Export Findings configuration.",
+ lifecycleRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILifecycleRule!contract"
+ | doc "(OPTIONAL) Declaration of a S3 Lifecycle rule."
+ | optional,
+ s3Protection
+ | _js2n__-refsenv."_js2n__-:definitions/IGuardDutyS3ProtectionConfig!contract"
+ | doc "AWS GuardDuty S3 Protection configuration.",
+ },
+ "_js2n__-:definitions/IGuardDutyEksProtectionConfig!contract"
+ | doc "AWS GuardDuty EKS Protection configuration."
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether AWS GuardDuty EKS Protection enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring Amazon GuardDuty EKS Protection"
+ | optional,
+ },
+ "_js2n__-:definitions/IGuardDutyExportFindingsConfig!contract"
+ | doc "Use this configuration to export Amazon GuardDuty findings to Amazon CloudWatch Events, and, optionally, to an Amazon S3 bucket."
+ = {
+ destinationType
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.const "S3"
+ ])
+ | doc "The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported.",
+ enable
+ | Bool
+ | doc "Indicates whether AWS GuardDuty Export Findings enabled.",
+ exportFrequency
+ | std.enum.TagOrString
+ | [| 'SIX_HOURS, 'ONE_HOUR, 'FIFTEEN_MINUTES |]
+ | doc "An enum value that specifies how frequently findings are exported, such as to CloudWatch Events. Possible values FIFTEEN_MINUTES, ONE_HOUR, or SIX_HOURS",
+ overrideExisting
+ | Bool
+ | doc "(OPTIONAL) Indicates whether AWS GuardDuty Export Findings can be overwritten."
+ | optional,
+ overrideGuardDutyPrefix
+ | _js2n__-refsenv."_js2n__-:definitions/IPrefixConfig!contract"
+ | doc "(OPTIONAL) AWS GuardDuty Prefix for centralized logging path."
+ | optional,
+ },
+ "_js2n__-:definitions/IGuardDutyS3ProtectionConfig!contract"
+ | doc m%"
+ Use this configuration to enable S3 Protection with Amazon GuardDuty to monitor object-level API operations for potential
+ security risks for data within Amazon S3 buckets.
+ "%
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether AWS GuardDuty S3 Protection enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring Amazon GuardDuty S3 Protection"
+ | optional,
+ },
+ "_js2n__-:definitions/IIamPasswordPolicyConfig!contract"
+ | doc "IAM password policy configuration"
+ = {
+ allowUsersToChangePassword
+ | Bool
+ | doc "Allows all IAM users in your account to use the AWS Management Console to change their own passwords.",
+ hardExpiry
+ | Bool
+ | doc "Prevents IAM users who are accessing the account via the AWS Management Console from setting a new console password after their password has expired. The IAM user cannot access the console until an administrator resets the password.",
+ maxPasswordAge
+ | Number
+ | doc m%"
+ The number of days that an IAM user password is valid.
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of 0. The result is that IAM user passwords never expire.
+ "%,
+ minimumPasswordLength
+ | Number
+ | doc m%"
+ The minimum number of characters allowed in an IAM user password.
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of 6.
+ "%,
+ passwordReusePrevention
+ | Number
+ | doc m%"
+ Specifies the number of previous passwords that IAM users are prevented from reusing.
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of 0. The result is that IAM users are not prevented from reusing previous passwords.
+ "%,
+ requireLowercaseCharacters
+ | Bool
+ | doc m%"
+ Specifies whether IAM user passwords must contain at least one lowercase character from the ISO basic Latin alphabet (a to z).
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one lowercase character.
+ "%,
+ requireNumbers
+ | Bool
+ | doc m%"
+ Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one numeric character.
+ "%,
+ requireSymbols
+ | Bool
+ | doc m%"
+ Specifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters:
+
+ ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one symbol character.
+ "%,
+ requireUppercaseCharacters
+ | Bool
+ | doc m%"
+ Specifies whether IAM user passwords must contain at least one uppercase character from the ISO basic Latin alphabet (A to Z).
+
+ Note: If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one uppercase character.
+ "%,
+ },
+ "_js2n__-:definitions/IKeyConfig!contract"
+ | doc m%"
+ Use this configuration to define your customer managed key (CMK) and where it's deployed to along with
+ it's management properties.
+ "%
+ = {
+ alias
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) Initial alias to add to the key"
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc m%"
+ This configuration determines which accounts and/or OUs the CMK is deployed to.
+
+ To deploy KMS key into Root and Infrastructure organizational units, you need to provide below value for this parameter.
+ "%,
+ description
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) A description of the key."
+ | optional,
+ enableKeyRotation
+ | Bool
+ | doc "(OPTIONAL) Indicates whether AWS KMS rotates the key."
+ | optional,
+ enabled
+ | Bool
+ | doc "(OPTIONAL) Indicates whether the key is available for use."
+ | optional,
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Unique Key name for logical reference",
+ policy
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL)Key policy file path. This file must be available in accelerator config repository."
+ | optional,
+ removalPolicy
+ | std.enum.TagOrString
+ | [| 'snapshot, 'retain, 'destroy |]
+ | doc "(OPTIONAL) Whether the encryption key should be retained when it is removed from the Stack."
+ | optional,
+ },
+ "_js2n__-:definitions/IKeyManagementServiceConfig!contract"
+ | doc " KMS key management service configuration"
+ = {
+ keySets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IKeyConfig!contract",
+ },
+ "_js2n__-:definitions/ILifecycleRule!contract"
+ | doc "S3 bucket life cycle rules object."
+ = {
+ abortIncompleteMultipartUpload
+ | Number
+ | doc "Specifies a lifecycle rule that aborts incomplete multipart uploads to an Amazon S3 bucket."
+ | optional,
+ enabled | Bool | doc "Whether this rule is enabled." | optional,
+ expiration
+ | Number
+ | doc "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon Glacier."
+ | optional,
+ expiredObjectDeleteMarker
+ | Bool
+ | doc "Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired."
+ | optional,
+ id
+ | String
+ | doc "Friendly name for the rule. Rule name must be unique."
+ | optional,
+ noncurrentVersionExpiration
+ | Number
+ | doc "Time between when a new version of the object is uploaded to the bucket and when old versions of the object expire."
+ | optional,
+ noncurrentVersionTransitions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransition!contract"
+ | doc "One or more transition rules that specify when non-current objects transition to a specified storage class."
+ | optional,
+ prefix
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Object key prefix that identifies one or more objects to which this rule applies."
+ | optional,
+ transitions
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ITransition!contract"
+ | doc "One or more transition rules that specify when an object transitions to a specified storage class."
+ | optional,
+ },
+ "_js2n__-:definitions/ILogGroupsConfig!contract"
+ | doc m%"
+ Use this configuration to deploy CloudWatch log groups to your environment.
+ You can also import existing log groups into your accelerator configuration.
+ Log groups define groups of log streams that share the same retention, monitoring, and access control settings.
+ "%
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Deployment targets for CloudWatch Logs",
+ encryption
+ | _js2n__-refsenv."_js2n__-:definitions/IEncryptionConfig!contract"
+ | doc "(OPTIONAL) The encryption configuration of the AWS CloudWatch Logs Group."
+ | optional,
+ logGroupName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the CloudWatch log group",
+ logRetentionInDays
+ | Number
+ | doc m%"
+ (OPTIONAL) How long, in days, the log contents will be retained.
+
+ To retain all logs, set this value to undefined.
+ "%,
+ terminationProtected
+ | Bool
+ | doc "(OPTIONAL) Set this property to `false` if you would like the log group to be deleted if it is removed from the solution configuration file."
+ | optional,
+ },
+ "_js2n__-:definitions/IMacieConfig!contract"
+ | doc m%"
+ Amazon Macie Configuration
+ Use this configuration to enable Amazon Macie within your AWS Organization along with it's reporting configuration.
+ "%
+ = {
+ enable | Bool | doc "Indicates whether AWS Macie enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "List of AWS Region names to be excluded from configuring Amazon Macie"
+ | optional,
+ lifecycleRules
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ILifecycleRule!contract"
+ | doc "(OPTIONAL) Declaration of a S3 Lifecycle rule."
+ | optional,
+ policyFindingsPublishingFrequency
+ | std.enum.TagOrString
+ | [| 'SIX_HOURS, 'ONE_HOUR, 'FIFTEEN_MINUTES |]
+ | doc "(OPTIONAL) Specifies how often to publish updates to policy findings for the account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). An enum value that specifies how frequently findings are published Possible values FIFTEEN_MINUTES, ONE_HOUR, or SIX_HOURS"
+ | optional,
+ publishSensitiveDataFindings
+ | Bool
+ | doc "Specifies whether to publish sensitive data findings to Security Hub. If you set this value to true, Amazon Macie automatically publishes all sensitive data findings that weren't suppressed by a findings filter. The default value is false.",
+ },
+ "_js2n__-:definitions/IMetricConfig!contract"
+ | doc "AWS CloudWatch Metric configuration"
+ = {
+ filterName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Metric filter name",
+ filterPattern
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Pattern to search for log events.",
+ logGroupName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The log group to create the filter on.",
+ metricName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The name of the metric to emit.",
+ metricNamespace
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "The namespace of the metric to emit.",
+ metricValue
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc m%"
+ The value to emit for the metric.
+
+ Can either be a literal number (typically “1”), or the name of a field in the structure to take the value from the matched event. If you are using a field value, the field value must have been matched using the pattern.
+ "%,
+ treatMissingData
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Sets how this alarm is to handle missing data points."
+ | optional,
+ },
+ "_js2n__-:definitions/IMetricSetConfig!contract"
+ | doc "AWS CloudWatch Metric set configuration"
+ = {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "Deployment targets for CloudWatch Metrics configuration"
+ | optional,
+ metrics
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IMetricConfig!contract"
+ | doc m%"
+ AWS CloudWatch Metric list
+
+ Following example will create metric filter RootAccountMetricFilter for aws-controltower/CloudTrailLogs log group
+ "%,
+ regions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) AWS region names to configure CloudWatch Metrics"
+ | optional,
+ },
+ "_js2n__-:definitions/INetworkPerimeterConfig!contract"
+ | doc m%"
+ Network Perimeter Config.
+
+ If managedVpcOnly is true, all the VPCs in accounts will be included while parameter `ACCEL_LOOKUP:VPC|VPC_ID:XX` is used.
+ If managedVpcOnly is false, only the VPC created by LZA will be included while parameter `ACCEL_LOOKUP:VPC|VPC_ID:XX` is used.
+ "%
+ = { managedVpcOnly | Bool | optional, },
+ "_js2n__-:definitions/IPrefixConfig!contract" =
+ {
+ customOverride
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(Optional) Prefix to be used for Centralized Logging Path"
+ | optional,
+ useCustomPrefix
+ | Bool
+ | doc "Indicates whether or not to add a custom prefix to LZA Default Centralized Logging location. If useCustomPrefix is set to true, logs will be stored in the Centralized Logging Bucket prefix.",
+ },
+ "_js2n__-:definitions/IRemediationParametersConfigType!contract"
+ | doc "Config rule remediation input parameter configuration type"
+ = {
+ name
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Name of the parameter",
+ type
+ | std.enum.TagOrString
+ | [| 'StringList, '"String" |]
+ | doc "Data type of the parameter, allowed value (StringList or String)",
+ value
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Parameter value",
+ },
+ "_js2n__-:definitions/IResourcePolicyConfig!contract" =
+ {
+ document
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract",
+ resourceType
+ | std.enum.TagOrString
+ | [|
+ 'LAMBDA_FUNCTION,
+ 'CERTIFICATE_AUTHORITY,
+ 'CODEARTIFACT_REPOSITORY,
+ 'BACKUP_VAULT,
+ 'EVENTBRIDGE_EVENTBUS,
+ 'EFS_FILE_SYSTEM,
+ 'LEX_BOT,
+ 'APIGATEWAY_REST_API,
+ 'SQS_QUEUE,
+ 'SNS_TOPIC,
+ 'OPENSEARCH_DOMAIN,
+ 'ECR_REPOSITORY,
+ 'SECRETS_MANAGER_SECRET,
+ 'IAM_ROLE,
+ 'KMS_KEY,
+ 'S3_BUCKET
+ |],
+ },
+ "_js2n__-:definitions/IResourcePolicyEnforcementConfig!contract"
+ | doc m%"
+ Resource Policy Enforcement Config. The configuration allows you to deploy AWS Config rules to
+ automatically apply resource-based policies to AWS resources including S3 buckets, IAM roles, and KMS keys etc.
+ AWS Organization is required to support it.
+
+ Here are a list of supported service {@link SecurityConfigTypes.resourceTypeEnum }
+ "%
+ = {
+ enable | Bool,
+ networkPerimeter
+ | _js2n__-refsenv."_js2n__-:definitions/INetworkPerimeterConfig!contract"
+ | optional,
+ policySets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IResourcePolicySetConfig!contract",
+ remediation
+ | _js2n__-refsenv."_js2n__-:definitions/IResourcePolicyRemediation!contract",
+ },
+ "_js2n__-:definitions/IResourcePolicyRemediation!contract" =
+ {
+ automatic
+ | Bool
+ | doc "The remediation is triggered automatically.",
+ maximumAutomaticAttempts
+ | Number
+ | doc "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5."
+ | optional,
+ retryAttemptSeconds
+ | Number
+ | doc "Maximum time in seconds that AWS Config runs auto-remediation. If you do not select a number, the default is 60 seconds."
+ | optional,
+ },
+ "_js2n__-:definitions/IResourcePolicySetConfig!contract" =
+ {
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "The deployment targets - accounts/OUs where the config rule and remediation action will be deployed to",
+ inputParameters
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {} {} true
+ (_js2n__-prdslib.isType '"String")
+ ])
+ | doc m%"
+ The input parameters which will be set as environment variable in Custom Config Rule Lambda and Remediation lambda
+
+ Meanwhile, 'SourceAccount' is a reserved parameters for allow-only resource policy -- Lambda_Function and CERTIFICATE_AUTHORITY. For example, 'SourceAccount: 123456789012,987654321098' means requests from these two accounts can be allowed. Apart from these two, No other external accounts can access a lambda function or Certificate Authority.
+ "%
+ | optional,
+ resourcePolicies
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IResourcePolicyConfig!contract"
+ | doc "A list of resource policy templates for different types of resources",
+ },
+ "_js2n__-:definitions/IS3PublicAccessBlockConfig!contract"
+ | doc "This will create the Public Access Block configuration for the AWS account."
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether AWS S3 block public access is enabled.",
+ excludeAccounts
+ | Array (String)
+ | doc "List of AWS Account names to be excluded from configuring S3 PublicAccessBlock"
+ | optional,
+ },
+ "_js2n__-:definitions/IScpRevertChangesConfig!contract"
+ | doc "AWS Service Control Policies Revert Manual Changes configuration"
+ = {
+ enable
+ | Bool
+ | doc "Indicates whether manual changes to Service Control Policies are automatically reverted.",
+ snsTopicName
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) The name of the SNS Topic to send alerts to when SCPs are changed manually"
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityConfig!contract"
+ | doc "Accelerator security configuration"
+ = {
+ accessAnalyzer
+ | _js2n__-refsenv."_js2n__-:definitions/IAccessAnalyzerConfig!contract",
+ awsConfig
+ | _js2n__-refsenv."_js2n__-:definitions/IAwsConfig!contract",
+ centralSecurityServices
+ | _js2n__-refsenv."_js2n__-:definitions/ICentralSecurityServicesConfig!contract"
+ | doc "Central security configuration",
+ cloudWatch
+ | _js2n__-refsenv."_js2n__-:definitions/ICloudWatchConfig!contract",
+ homeRegion
+ | _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "Accelerator home region name."
+ | optional,
+ iamPasswordPolicy
+ | _js2n__-refsenv."_js2n__-:definitions/IIamPasswordPolicyConfig!contract",
+ keyManagementService
+ | _js2n__-refsenv."_js2n__-:definitions/IKeyManagementServiceConfig!contract"
+ | optional,
+ resourcePolicyEnforcement
+ | _js2n__-refsenv."_js2n__-:definitions/IResourcePolicyEnforcementConfig!contract"
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityHubConfig!contract"
+ | doc "Use this configuration to enable Amazon Security Hub for an AWS Organization along with it's auditing configuration."
+ = {
+ enable | Bool | doc "Indicates whether AWS Security Hub enabled.",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring Security Hub"
+ | optional,
+ logging
+ | _js2n__-refsenv."_js2n__-:definitions/ISecurityHubLoggingConfig!contract"
+ | doc "(OPTIONAL) Security Hub logs are sent to CloudWatch logs by default. This option can enable or disable the logging."
+ | optional,
+ notificationLevel
+ | String
+ | doc "(OPTIONAL) Security Hub notification level"
+ | optional,
+ regionAggregation
+ | Bool
+ | doc "(OPTIONAL) Indicates whether Security Hub results are aggregated in the Home Region."
+ | optional,
+ snsTopicName
+ | String
+ | doc "(OPTIONAL) SNS Topic for Security Hub notifications."
+ | optional,
+ standards
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityHubStandardConfig!contract"
+ | doc "Security Hub standards configuration",
+ },
+ "_js2n__-:definitions/ISecurityHubLoggingCloudwatchConfig!contract"
+ | doc "Security Hub Logging CloudWatch Config"
+ = {
+ enable
+ | Bool
+ | doc "Security hub to cloudwatch logging is enabled by default.",
+ logGroupName
+ | String
+ | doc "(OPTIONAL) CloudWatch Log Group Name"
+ | optional,
+ logLevel
+ | _js2n__-refsenv."_js2n__-:definitions/SecurityHubSeverityLevel!contract"
+ | doc "(OPTIONAL) Security Hub logging level"
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityHubLoggingConfig!contract"
+ | doc "Security Hub Logging Config"
+ = {
+ cloudWatch
+ | _js2n__-refsenv."_js2n__-:definitions/ISecurityHubLoggingCloudwatchConfig!contract"
+ | doc "Data store to ship the Security Hub logs to."
+ | optional,
+ },
+ "_js2n__-:definitions/ISecurityHubStandardConfig!contract"
+ | doc m%"
+ Use this configuration to define the security standard(s) that are enabled through Amazon Security Hub and which accounts and/or
+ organization units that the controls are deployed to.
+ "%
+ = {
+ controlsToDisable
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "(OPTIONAL) An array of control names to be disabled for the given security standards"
+ | optional,
+ deploymentTargets
+ | _js2n__-refsenv."_js2n__-:definitions/IDeploymentTargets!contract"
+ | doc "(OPTIONAL) Deployment targets for AWS Security Hub standard."
+ | optional,
+ enable
+ | Bool
+ | doc "Indicates whether given AWS Security Hub standard enabled.",
+ name
+ | std.enum.TagOrString
+ | [|
+ '"",
+ '"PCI DSS v3.2.1",
+ '"NIST Special Publication 800-53 Revision 5",
+ '"CIS AWS Foundations Benchmark v1.4.0",
+ '"CIS AWS Foundations Benchmark v1.2.0",
+ '"AWS Foundational Security Best Practices v1.0.0"
+ |]
+ | doc "An enum value that specifies one of three security standards supported by Security Hub Possible values are 'AWS Foundational Security Best Practices v1.0.0', 'CIS AWS Foundations Benchmark v1.2.0', 'CIS AWS Foundations Benchmark v1.4.0', 'NIST Special Publication 800-53 Revision 5, and 'PCI DSS v3.2.1'",
+ },
+ "_js2n__-:definitions/IShareTargets!contract" =
+ {
+ accounts | Array (String) | optional,
+ organizationalUnits | Array (String) | optional,
+ },
+ "_js2n__-:definitions/ISnsSubscriptionConfig!contract"
+ | doc m%"
+ AWS SNS Notification subscription configuration
+ ***Deprecated***
+ Replaced by snsTopics in global config
+ "%
+ = {
+ email
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Subscribing email address",
+ level
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Notification level high, medium or low",
+ },
+ "_js2n__-:definitions/ISsmAutomationConfig!contract"
+ | doc "AWS Systems Manager automation configuration"
+ = {
+ documentSets
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/IDocumentSetConfig!contract"
+ | doc "List of documents for automation",
+ excludeRegions
+ | Array _js2n__-refsenv."_js2n__-:definitions/Region!contract"
+ | doc "(OPTIONAL) List of AWS Region names to be excluded from configuring block S3 public access"
+ | optional,
+ },
+ "_js2n__-:definitions/ITag!contract" = { key | String, value | String, },
+ "_js2n__-:definitions/ITransition!contract" =
+ {
+ storageClass
+ | _js2n__-refsenv."_js2n__-:definitions/StorageClass!contract",
+ transitionAfter | Number,
+ },
+ "_js2n__-:definitions/ITriggeringResourceType!contract" =
+ {
+ lookupKey
+ | _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Resource lookup type, resource can be lookup by tag or types. When resource needs to lookup by tag, this field will have tag name.",
+ lookupType
+ | String
+ | doc m%"
+ An enum to identify triggering resource types. Possible values ResourceId, Tag, or ResourceTypes
+
+ Triggering resource can be lookup by resource id, tags or resource types.
+ "%,
+ lookupValue
+ | Array
+ _js2n__-refsenv."_js2n__-:definitions/NonEmptyString!contract"
+ | doc "Resource lookup value, when resource lookup using tag, this field will have tag value to search resource.",
+ },
+ "_js2n__-:definitions/NonEmptyString!contract"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ]),
+ "_js2n__-:definitions/NonEmptyString!predicate"
+ | doc "A string that has at least 1 character"
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ],
+ "_js2n__-:definitions/Region!contract"
+ | doc "AWS Region"
+ = std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'us-west-2,
+ 'us-west-1,
+ 'us-iso-west-1,
+ 'us-isob-east-1,
+ 'us-iso-east-1,
+ 'us-gov-east-1,
+ 'us-gov-west-1,
+ 'us-east-2,
+ 'us-east-1,
+ 'sa-east-1,
+ 'me-south-1,
+ 'me-central-1,
+ 'il-central-1,
+ 'eu-west-3,
+ 'eu-west-2,
+ 'eu-west-1,
+ 'eu-south-2,
+ 'eu-south-1,
+ 'eu-north-1,
+ 'eu-central-2,
+ 'eu-central-1,
+ 'cn-northwest-1,
+ 'cn-north-1,
+ 'ca-west-1,
+ 'ca-central-1,
+ 'ap-southeast-4,
+ 'ap-southeast-3,
+ 'ap-southeast-2,
+ 'ap-southeast-1,
+ 'ap-south-2,
+ 'ap-south-1,
+ 'ap-northeast-3,
+ 'ap-northeast-2,
+ 'ap-northeast-1,
+ 'ap-east-1,
+ 'af-south-1
+ |]
+ ],
+ "_js2n__-:definitions/SecurityHubSeverityLevel!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'INFORMATIONAL, 'LOW, 'MEDIUM, 'HIGH, 'CRITICAL |]
+ ],
+ "_js2n__-:definitions/StorageClass!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [|
+ 'ONEZONE_IA,
+ 'INTELLIGENT_TIERING,
+ 'STANDARD_IA,
+ 'GLACIER_IR,
+ 'GLACIER,
+ 'DEEP_ARCHIVE
+ |]
+ ],
+ }
+ in
+ _js2n__-refsenv."_js2n__-:definitions/ISecurityConfig!contract"
\ No newline at end of file
diff --git a/out/MongoDB Atlas Search Index Definition.ncl b/out/MongoDB Atlas Search Index Definition.ncl
index ac952b7..4e69232 100644
--- a/out/MongoDB Atlas Search Index Definition.ncl
+++ b/out/MongoDB Atlas Search Index Definition.ncl
@@ -1090,7 +1090,9 @@ let rec _js2n__-refsenv
"numberFacet",
"objectId",
"string",
- "stringFacet"
+ "stringFacet",
+ "token",
+ "uuid"
]
],
} {} false _js2n__-prdslib.never,
diff --git a/out/Network-as-Code Data Model.ncl b/out/Network-as-Code Data Model.ncl
index f8db361..ac2b9ee 100644
--- a/out/Network-as-Code Data Model.ncl
+++ b/out/Network-as-Code Data Model.ncl
@@ -38210,7 +38210,7 @@ let rec _js2n__-refsenv
| optional,
meraki
| {
- regions
+ domains
| Array
{
name | String | doc "Name (String)",
@@ -38218,81 +38218,80 @@ let rec _js2n__-refsenv
| Array
{
administrators
- | Array
- {
- authentication_method
- | std.enum.TagOrString
- | [| 'Email, '"Cisco SecureX Sign-On" |]
- | doc m%"
- Authentication Method (String)
- - Allowed values: Cisco SecureX Sign-On, Email
- "%
- | optional,
- email | String | doc "Email (String)",
- name | String | doc "Name (String)",
- networks
- | Array
- {
- access
- | std.enum.TagOrString
- | [|
- 'monitor-only,
- 'guest-ambassador,
- 'read-only,
- 'full
- |]
- | doc m%"
- Access (String)
- - Allowed values: full, read-only, guest-ambassador, monitor-only
- "%
- | optional,
- name | String | doc "Name (String)",
- }
- | doc m%"
- Networks (List - Object)
-
- Elements:
- - name (required)
- - access
- "%
- | optional,
- organization_access
- | std.enum.TagOrString
- | [| 'read-only, 'none, 'full, 'enterprise |]
- | doc m%"
- Organization Access (String)
- - Allowed values: enterprise, full, none, read-only
- "%
- | optional,
- tags
- | Array
- {
- access
- | std.enum.TagOrString
- | [|
- 'monitor-only,
- 'guest-ambassador,
- 'read-only,
- 'full
- |]
- | doc m%"
- Access (String)
- - Allowed values: full, read-only, guest-ambassador, monitor-only
- "%
- | optional,
- name | String | doc "Name (String)",
- }
- | doc m%"
- Tags (List - Object)
-
- Elements:
- - name (required)
- - access
- "%
- | optional,
- }
+ | {
+ authentication_method
+ | std.enum.TagOrString
+ | [| 'Email, '"Cisco SecureX Sign-On" |]
+ | doc m%"
+ Authentication Method (String)
+ - Allowed values: Cisco SecureX Sign-On, Email
+ "%
+ | optional,
+ email | String | doc "Email (String)",
+ name | String | doc "Name (String)",
+ networks
+ | Array
+ {
+ access
+ | std.enum.TagOrString
+ | [|
+ 'monitor-only,
+ 'guest-ambassador,
+ 'read-only,
+ 'full
+ |]
+ | doc m%"
+ Access (String)
+ - Allowed values: full, read-only, guest-ambassador, monitor-only
+ "%
+ | optional,
+ name | String | doc "Name (String)",
+ }
+ | doc m%"
+ Networks (List - Object)
+
+ Elements:
+ - name (required)
+ - access
+ "%
+ | optional,
+ organization_access
+ | std.enum.TagOrString
+ | [| 'read-only, 'none, 'full, 'enterprise |]
+ | doc m%"
+ Organization Access (String)
+ - Allowed values: enterprise, full, none, read-only
+ "%
+ | optional,
+ tags
+ | Array
+ {
+ access
+ | std.enum.TagOrString
+ | [|
+ 'monitor-only,
+ 'guest-ambassador,
+ 'read-only,
+ 'full
+ |]
+ | doc m%"
+ Access (String)
+ - Allowed values: full, read-only, guest-ambassador, monitor-only
+ "%
+ | optional,
+ name | String | doc "Name (String)",
+ }
+ | doc m%"
+ Tags (List - Object)
+
+ Elements:
+ - name (required)
+ - access
+ "%
+ | optional,
+ }
| doc m%"
- Administrators (List - Object)
+ Administrators (Object)
Elements:
- name (required)
@@ -38303,6 +38302,74 @@ let rec _js2n__-refsenv
- tags
"%
| optional,
+ login_security
+ | {
+ account_lockout_attempts
+ | std.number.Integer
+ | doc "Account Lockout Attempts (Integer)"
+ | optional,
+ enforce_account_lockout
+ | Bool
+ | doc "Enforce Account Lockout (Boolean)"
+ | optional,
+ enforce_different_passwords
+ | Bool
+ | doc "Enforce Different Passwords (Boolean)"
+ | optional,
+ enforce_idle_timeout
+ | Bool
+ | doc "Enforce Idle Timeout (Boolean)"
+ | optional,
+ enforce_login_ip_ranges
+ | Bool
+ | doc "Enforce Login IP Ranges (Boolean)"
+ | optional,
+ enforce_password_expiration
+ | Bool
+ | doc "Enforce Password Expiration (Boolean)"
+ | optional,
+ enforce_strong_passwords
+ | Bool
+ | doc "Enforce Strong Passwords (Boolean)"
+ | optional,
+ enforce_two_factor_auth
+ | Bool
+ | doc "Enforce Two Factor Auth (Boolean)"
+ | optional,
+ idle_timeout_minutes
+ | std.number.Integer
+ | doc "Idle Timeout Minutes (Integer)"
+ | optional,
+ login_ip_ranges
+ | Array (String)
+ | doc "Login IP Ranges (List - String)",
+ num_different_passwords
+ | std.number.Integer
+ | doc "Num Different Passwords (Integer)"
+ | optional,
+ password_expiration_days
+ | std.number.Integer
+ | doc "Password Expiration Days (Integer)"
+ | optional,
+ }
+ | doc m%"
+ Login Security (Object)
+
+ Elements:
+ - enforce_password_expiration
+ - password_expiration_days
+ - enforce_different_passwords
+ - num_different_passwords
+ - enforce_strong_passwords
+ - enforce_account_lockout
+ - account_lockout_attempts
+ - enforce_idle_timeout
+ - idle_timeout_minutes
+ - enforce_two_factor_auth
+ - enforce_login_ip_ranges
+ - login_ip_ranges (required)
+ "%
+ | optional,
name | String | doc "Name (String)",
networks
| Array
@@ -38311,72 +38378,7 @@ let rec _js2n__-refsenv
| String
| doc "Description (String)"
| optional,
- devices
- | Array
- {
- claimed
- | Bool
- | doc "Claimed (Boolean)"
- | optional,
- device_templates
- | {
- name | String | doc "Name (String)",
- product_type
- | std.enum.TagOrString
- | [|
- 'sensor,
- 'camera,
- 'wireless,
- 'switch,
- 'appliance
- |]
- | doc m%"
- Product Type (String)
- - Allowed values: appliance, switch, wireless, camera, sensor
- "%,
- tags
- | Array (String)
- | doc "Tags (List - String)"
- | optional,
- }
- | doc m%"
- Device Templates (Object)
-
- Elements:
- - name (required)
- - product_type (required)
- - tags
- "%,
- model | String | doc "Model (String)",
- name | String | doc "Name (String)",
- serial | String | doc "Serial (String)",
- tags
- | Array (String)
- | doc "Tags (List - String)"
- | optional,
- }
- | doc m%"
- Devices (List - Object)
-
- Elements:
- - name (required)
- - serial (required)
- - model (required)
- - tags
- - claimed
- - device_templates (required)
- "%
- | optional,
name | String | doc "Name (String)",
- network_template
- | { name | String | doc "Name (String)", }
- | doc m%"
- Network Template (Object)
-
- Elements:
- - name (required)
- "%
- | optional,
notes | String | doc "Notes (String)" | optional,
product_types
| _js2n__-prdslib.contract_from_predicate
@@ -38396,75 +38398,6 @@ let rec _js2n__-refsenv
])
])
| doc "Product Types (List - String)",
- switch_stacks
- | Array
- {
- devices
- | Array
- {
- claimed
- | Bool
- | doc "Claimed (Boolean)"
- | optional,
- device_templates
- | {
- name | String | doc "Name (String)",
- product_type
- | std.enum.TagOrString
- | [|
- 'sensor,
- 'camera,
- 'wireless,
- 'switch,
- 'appliance
- |]
- | doc m%"
- Product Type (String)
- - Allowed values: appliance, switch, wireless, camera, sensor
- "%,
- tags
- | Array (String)
- | doc "Tags (List - String)"
- | optional,
- }
- | doc m%"
- Device Templates (Object)
-
- Elements:
- - name (required)
- - product_type (required)
- - tags
- "%,
- model | String | doc "Model (String)",
- name | String | doc "Name (String)",
- serial | String | doc "Serial (String)",
- tags
- | Array (String)
- | doc "Tags (List - String)"
- | optional,
- }
- | doc m%"
- Devices (List - Object)
-
- Elements:
- - name (required)
- - serial (required)
- - model (required)
- - tags
- - claimed
- - device_templates (required)
- "%
- | optional,
- name | String | doc "Name (String)",
- }
- | doc m%"
- Switch Stacks (List - Object)
-
- Elements:
- - name (required)
- - devices
- "%
- | optional,
tags
| Array (String)
| doc "Tags (List - String)"
@@ -38484,9 +38417,57 @@ let rec _js2n__-refsenv
- timezone
- product_types (required)
- tags
- - devices
- - switch_stacks
- - network_template
+ "%
+ | optional,
+ snmp
+ | {
+ peer_ips
+ | Array (String)
+ | doc "Peer IPs (List - String)",
+ v2c_enabled
+ | Bool
+ | doc "V2C Enabled (Boolean)"
+ | optional,
+ v3_auth_mode
+ | std.enum.TagOrString
+ | [| 'SHA, 'MD5 |]
+ | doc m%"
+ V3 Auth Mode (String)
+ - Allowed values: MD5, SHA
+ "%
+ | optional,
+ v3_auth_pass
+ | String
+ | doc "V3 Auth Pass (String)"
+ | optional,
+ v3_enabled
+ | Bool
+ | doc "V3 Enabled (Boolean)"
+ | optional,
+ v3_priv_mode
+ | std.enum.TagOrString
+ | [| 'DES, 'AES128 |]
+ | doc m%"
+ V3 Priv Mode (String)
+ - Allowed values: AES128, DES
+ "%
+ | optional,
+ v3_priv_pass
+ | String
+ | doc "V3 Priv Pass (String)"
+ | optional,
+ }
+ | doc m%"
+ SNMP (Object)
+
+ Elements:
+ - v2c_enabled
+ - v3_enabled
+ - v3_auth_mode
+ - v3_auth_pass
+ - v3_priv_mode
+ - v3_priv_pass
+ - peer_ips (required)
"%
| optional,
}
@@ -38497,11 +38478,13 @@ let rec _js2n__-refsenv
- name (required)
- networks
- administrators
+ - login_security
+ - snmp
"%
| optional,
}
| doc m%"
- Regions (List - Object)
+ Domains (List - Object)
Elements:
- name (required)
@@ -38513,7 +38496,7 @@ let rec _js2n__-refsenv
Meraki (Object)
Elements:
- - regions
+ - domains
"%
| optional,
modules
@@ -64991,1845 +64974,5402 @@ let rec _js2n__-refsenv
- config
"%
| optional,
- }
- | doc m%"
- Feature Profiles (Object)
-
- Elements:
- - cli_profiles
- "%
- | optional,
- localized_policies
- | {
- definitions
- | {
- ipv4_access_control_lists
- | Array
- {
- default_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
- | doc m%"
- Default Action (String)
- - Allowed values: accept, drop
- "%,
- description | String | doc "Description (String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- sequences
+ system_profiles
+ | Array
+ {
+ aaa
+ | {
+ accounting_rules
| Array
{
- actions
- | {
- class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Class (String)"
- | optional,
- counter_name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.maxLength 20,
- _js2n__-prdslib.strings.minLength 1
- ])
- | doc m%"
- Counter Name (String)
- - Minimum length: 1
- - Maximum length: 20
- "%
- | optional,
- dscp
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- DSCP (Integer)
- - Maximum value: 63
- "%
- | optional,
- log | Bool | doc "Log (Boolean)" | optional,
- mirror_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Mirror List (String)"
- | optional,
- next_hop
- | String
- | doc m%"
- Next Hop (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- policer
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Policer (String)"
- | optional,
- }
+ groups
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ )
+ | doc "Groups (List - String)",
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32
+ ])
| doc m%"
- Actions (Object)
-
- Elements:
- - counter_name
- - class
- - dscp
- - log
- - mirror_list
- - next_hop
- - policer
+ ID (String)
+ - Maximum length: 32
+ "%,
+ level
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.enum [ 1, 15 ]
+ ])
+ | doc m%"
+ Level (Integer)
+ - Allowed values: 1, 15
"%
| optional,
- base_action
+ method
| std.enum.TagOrString
- | [| 'drop, 'accept |]
+ | [| 'system, 'network, 'exec, 'commands |]
| doc m%"
- Base Action (String)
- - Allowed values: accept, drop
+ Method (String)
+ - Allowed values: commands, exec, network, system
"%,
+ start_stop
+ | Bool
+ | doc "Start Stop (Boolean)"
+ | optional,
+ start_stop_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Start Stop Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Accounting Rules (List - Object)
+
+ Elements:
+ - groups (required)
+ - id (required)
+ - level
+ - method (required)
+ - start_stop
+ - start_stop_variable
+ "%
+ | optional,
+ auth_order
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 220,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ )
+ | doc "Auth Order (List - String)"
+ | optional,
+ authorization_config_commands
+ | Bool
+ | doc "Authorization Config Commands (Boolean)"
+ | optional,
+ authorization_config_commands_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authorization Config Commands Variable (String)"
+ | optional,
+ authorization_console
+ | Bool
+ | doc "Authorization Console (Boolean)"
+ | optional,
+ authorization_console_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authorization Console Variable (String)"
+ | optional,
+ authorization_rules
+ | Array
+ {
+ authenticated
+ | Bool
+ | doc "Authenticated (Boolean)"
+ | optional,
+ groups
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ )
+ | doc "Groups (List - String)",
id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32
+ ])
+ | doc m%"
+ ID (String)
+ - Maximum length: 32
+ "%,
+ level
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65534,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.enum [ 1, 15 ]
])
| doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 65534
+ Level (Integer)
+ - Allowed values: 1, 15
+ "%
+ | optional,
+ method
+ | std.enum.TagOrString
+ | [| 'commands |]
+ | doc m%"
+ Method (String)
+ - Allowed values: commands
"%,
- match_criterias
- | {
- class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Class (String)"
- | optional,
- destination_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Destination Data Prefix List (String)"
- | optional,
- destination_ip_prefix
- | String
- | doc m%"
- Destination IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- destination_port_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 65535
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 65535
- "%,
- }
- | doc m%"
- Destination Port Ranges (List - Object)
-
- Elements:
- - from (required)
- - to (required)
- "%
- | optional,
- destination_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- )
- | doc "Destination Ports (List - Integer)"
- | optional,
- dscp
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- DSCP (Integer)
- - Maximum value: 63
- "%
- | optional,
- packet_length
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65535
- ])
- | doc m%"
- Packet Length (Integer)
- - Maximum value: 65535
- "%
- | optional,
- "priority"
- | std.enum.TagOrString
- | [| 'low, 'high |]
- | doc m%"
- Priority (String)
- - Allowed values: high, low
- "%
- | optional,
- protocols
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 255
- ])
- )
- | doc "Protocols (List - Integer)"
- | optional,
- source_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Source Data Prefix List (String)"
- | optional,
- source_ip_prefix
- | String
- | doc m%"
- Source IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- source_port_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 65535
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 65535
- "%,
- }
- | doc m%"
- Source Port Ranges (List - Object)
-
- Elements:
- - from (required)
- - to (required)
- "%
- | optional,
- source_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- )
- | doc "Source Ports (List - Integer)"
- | optional,
- tcp
- | std.enum.TagOrString
- | [| 'syn |]
- | doc m%"
- Tcp (String)
- - Allowed values: syn
- "%
- | optional,
- }
- | doc m%"
- Match Criterias (Object)
-
- Elements:
- - class
- - destination_data_prefix_list
- - destination_ip_prefix
- - destination_ports
- - destination_port_ranges
- - dscp
- - packet_length
- - priority
- - protocols
- - source_data_prefix_list
- - source_ip_prefix
- - source_ports
- - source_port_ranges
- - tcp
- "%
- | optional,
- name | String | doc "Name (String)" | optional,
}
| doc m%"
- Sequences (List - Object)
+ Authorization Rules (List - Object)
Elements:
+ - authenticated
+ - groups (required)
- id (required)
- - name
- - base_action (required)
- - match_criterias
- - actions
+ - level
+ - method (required)
"%
| optional,
- }
- | doc m%"
- Ipv4 Access Control Lists (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - default_action (required)
- - sequences
- "%
- | optional,
- ipv4_device_access_policies
- | Array
- {
- default_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
- | doc m%"
- Default Action (String)
- - Allowed values: accept, drop
- "%,
- description | String | doc "Description (String)",
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ dot1x_accounting
+ | Bool
+ | doc "Dot1X Accounting (Boolean)"
+ | optional,
+ dot1x_accounting_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Dot1X Accounting Variable (String)"
+ | optional,
+ dot1x_authentication
+ | Bool
+ | doc "Dot1X Authentication (Boolean)"
+ | optional,
+ dot1x_authentication_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Dot1X Authentication Variable (String)"
+ | optional,
name
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^[^&<>! \"]{1,128}$"
])
- | doc "Name (String)",
- sequences
+ | doc "Name (String)"
+ | optional,
+ radius_groups
| Array
{
- base_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
- | doc m%"
- Base Action (String)
- - Allowed values: accept, drop
- "%,
- counter_name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.maxLength 20,
- _js2n__-prdslib.strings.minLength 1
- ])
- | doc m%"
- Counter Name (String)
- - Minimum length: 1
- - Maximum length: 20
- "%
- | optional,
- id
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65534,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 65534
- "%,
- match_criterias
- | {
- destination_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Destination Data Prefix List (String)"
- | optional,
- destination_ip_prefix
- | String
- | doc m%"
- Destination IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- destination_port
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.enum [ 22, 161 ]
- ])
- | doc m%"
- Destination Port (Integer)
- - Allowed values: 22, 161
- "%,
- source_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Source Data Prefix List (String)"
- | optional,
- source_ip_prefix
- | String
- | doc m%"
- Source IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- source_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ servers
+ | Array
+ {
+ accounting_port
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
_js2n__-prdslib.numbers.maximum
- 65535
+ 65534,
+ _js2n__-prdslib.numbers.minimum 1
])
- )
- | doc "Source Ports (List - Integer)"
- | optional,
- }
+ | doc m%"
+ Accounting Port (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%
+ | optional,
+ accounting_port_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Accounting Port Variable (String)"
+ | optional,
+ address
+ | String
+ | doc m%"
+ Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ authentication_port
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Authentication Port (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%
+ | optional,
+ authentication_port_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authentication Port Variable (String)"
+ | optional,
+ key
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Key (String)
+ - Minimum length: 1
+ "%,
+ key_type
+ | std.enum.TagOrString
+ | [| 'pac, 'key |]
+ | doc m%"
+ Key Type (String)
+ - Allowed values: key, pac
+ "%
+ | optional,
+ key_type_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Key Type Variable (String)"
+ | optional,
+ retransmit
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 100,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Retransmit (Integer)
+ - Minimum value: 1
+ - Maximum value: 100
+ "%
+ | optional,
+ retransmit_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Retransmit Variable (String)"
+ | optional,
+ secret_key
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 150,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Secret Key (String)
+ - Minimum length: 1
+ - Maximum length: 150
+ "%
+ | optional,
+ secret_key_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Secret Key Variable (String)"
+ | optional,
+ timeout
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 1000,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Timeout (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
+ "%
+ | optional,
+ timeout_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Timeout Variable (String)"
+ | optional,
+ }
| doc m%"
- Match Criterias (Object)
+ Servers (List - Object)
Elements:
- - destination_data_prefix_list
- - destination_ip_prefix
- - destination_port (required)
- - source_data_prefix_list
- - source_ip_prefix
- - source_ports
+ - accounting_port
+ - accounting_port_variable
+ - address (required)
+ - authentication_port
+ - authentication_port_variable
+ - key (required)
+ - key_type
+ - key_type_variable
+ - retransmit
+ - retransmit_variable
+ - secret_key
+ - secret_key_variable
+ - timeout
+ - timeout_variable
"%,
- name | String | doc "Name (String)" | optional,
+ source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32
+ ])
+ | doc m%"
+ Source Interface (String)
+ - Maximum length: 32
+ "%
+ | optional,
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ vpn
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ | doc m%"
+ VPN (Integer)
+ - Maximum value: 65530
+ "%
+ | optional,
}
| doc m%"
- Sequences (List - Object)
+ Radius Groups (List - Object)
Elements:
- - id (required)
- - name
- - base_action (required)
- - match_criterias (required)
- - counter_name
+ - servers (required)
+ - source_interface
+ - source_interface_variable
+ - vpn
"%
| optional,
- }
- | doc m%"
- Ipv4 Device Access Policies (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - default_action (required)
- - sequences
- "%
- | optional,
- ipv6_access_control_lists
- | Array
- {
- default_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
- | doc m%"
- Default Action (String)
- - Allowed values: accept, drop
- "%,
- description | String | doc "Description (String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- sequences
+ tacacs_groups
| Array
{
- actions
- | {
- class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Class (String)"
- | optional,
- counter_name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.maxLength 20,
- _js2n__-prdslib.strings.minLength 1
- ])
- | doc m%"
- Counter Name (String)
- - Minimum length: 1
- - Maximum length: 20
- "%
- | optional,
- log | Bool | doc "Log (Boolean)" | optional,
- mirror_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Mirror List (String)"
- | optional,
- next_hop
- | String
- | doc m%"
- Next Hop (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- policer
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Policer (String)"
- | optional,
- traffic_class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- Traffic Class (Integer)
- - Maximum value: 63
- "%
- | optional,
- }
+ servers
+ | Array
+ {
+ address
+ | String
+ | doc m%"
+ Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ key
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Key (String)
+ - Minimum length: 1
+ "%,
+ port
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Port (Integer)
+ - Minimum value: 1
+ - Maximum value: 65535
+ "%
+ | optional,
+ port_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Port Variable (String)"
+ | optional,
+ secret_key
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 150,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Secret Key (String)
+ - Minimum length: 1
+ - Maximum length: 150
+ "%,
+ timeout
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 1000,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Timeout (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
+ "%
+ | optional,
+ timeout_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Timeout Variable (String)"
+ | optional,
+ }
| doc m%"
- Actions (Object)
+ Servers (List - Object)
Elements:
- - class
- - counter_name
- - log
- - mirror_list
- - next_hop
- - policer
- - traffic_class
+ - address (required)
+ - key (required)
+ - port
+ - port_variable
+ - secret_key (required)
+ - timeout
+ - timeout_variable
+ "%,
+ source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 32
+ ])
+ | doc m%"
+ Source Interface (String)
+ - Maximum length: 32
"%
| optional,
- base_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ vpn
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
| doc m%"
- Base Action (String)
- - Allowed values: accept, drop
- "%,
- id
+ VPN (Integer)
+ - Maximum value: 65530
+ "%
+ | optional,
+ }
+ | doc m%"
+ Tacacs Groups (List - Object)
+
+ Elements:
+ - servers (required)
+ - source_interface
+ - source_interface_variable
+ - vpn
+ "%
+ | optional,
+ users
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 64,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Name (String)
+ - Minimum length: 1
+ - Maximum length: 64
+ "%
+ | optional,
+ name_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Name Variable (String)"
+ | optional,
+ password
+ | String
+ | doc "Password (String)"
+ | optional,
+ password_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Password Variable (String)"
+ | optional,
+ privilege
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65534,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.enum [ 1, 15 ]
])
| doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 65534
- "%,
- match_criterias
- | {
- class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Class (String)"
- | optional,
- destination_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Destination Data Prefix List (String)"
- | optional,
- destination_ip_prefix
- | String
- | doc m%"
- Destination IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- destination_port_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 65535
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 65535
- "%,
- }
- | doc m%"
- Destination Port Ranges (List - Object)
-
- Elements:
- - from (required)
- - to (required)
- "%
- | optional,
- destination_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ Privilege (Integer)
+ - Allowed values: 1, 15
+ "%
+ | optional,
+ privilege_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Privilege Variable (String)"
+ | optional,
+ public_key_chains
+ | Array
+ {
+ key_string
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 1024,
+ _js2n__-prdslib.strings.minLength 1
])
- )
- | doc "Destination Ports (List - Integer)"
- | optional,
- next_header
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 255
- ])
- | doc m%"
- Next Header (Integer)
- - Maximum value: 255
- "%
- | optional,
- packet_length
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65535
- ])
- | doc m%"
- Packet Length (Integer)
- - Maximum value: 65535
- "%
- | optional,
- "priority"
- | std.enum.TagOrString
- | [| 'low, 'high |]
- | doc m%"
- Priority (String)
- - Allowed values: high, low
- "%
- | optional,
- source_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Source Data Prefix List (String)"
- | optional,
- source_ip_prefix
- | String
- | doc m%"
- Source IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- source_port_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 65535
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 65535
- "%,
- }
- | doc m%"
- Source Port Ranges (List - Object)
-
- Elements:
- - from (required)
- - to (required)
- "%
- | optional,
- source_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ | doc m%"
+ Key String (String)
+ - Minimum length: 1
+ - Maximum length: 1024
+ "%,
+ key_type
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 32,
+ _js2n__-prdslib.strings.minLength 1
])
- )
- | doc "Source Ports (List - Integer)"
- | optional,
- tcp
- | std.enum.TagOrString
- | [| 'syn |]
- | doc m%"
- Tcp (String)
- - Allowed values: syn
- "%
- | optional,
- traffic_class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- Traffic Class (Integer)
- - Maximum value: 63
- "%,
- }
+ | doc m%"
+ Key Type (String)
+ - Minimum length: 1
+ - Maximum length: 32
+ "%
+ | optional,
+ key_type_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Key Type Variable (String)"
+ | optional,
+ }
| doc m%"
- Match Criterias (Object)
+ Public Key Chains (List - Object)
Elements:
- - class
- - destination_data_prefix_list
- - destination_ip_prefix
- - destination_port_ranges
- - destination_ports
- - next_header
- - packet_length
- - priority
- - source_data_prefix_list
- - source_ip_prefix
- - source_port_ranges
- - source_ports
- - tcp
- - traffic_class (required)
+ - key_type
+ - key_type_variable
+ - key_string (required)
"%
| optional,
- name | String | doc "Name (String)" | optional,
}
| doc m%"
- Sequences (List - Object)
+ Users (List - Object)
Elements:
- - id (required)
- name
- - base_action (required)
- - match_criterias
- - actions
+ - name_variable
+ - password
+ - password_variable
+ - privilege
+ - privilege_variable
+ - public_key_chains
+ "%,
+ }
+ | doc m%"
+ AAA (Object)
+
+ Elements:
+ - name
+ - description
+ - accounting_rules
+ - auth_order
+ - authorization_config_commands
+ - authorization_config_commands_variable
+ - authorization_console
+ - authorization_console_variable
+ - authorization_rules
+ - dot1x_accounting
+ - dot1x_accounting_variable
+ - dot1x_authentication
+ - dot1x_authentication_variable
+ - radius_groups
+ - tacacs_groups
+ - users (required)
+ "%
+ | optional,
+ banner
+ | {
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ login
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 2048,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Login (String)
+ - Minimum length: 1
+ - Maximum length: 2048
"%
| optional,
- }
- | doc m%"
- IPv6 Access Control Lists (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - default_action (required)
- - sequences
- "%
- | optional,
- ipv6_device_access_policies
- | Array
- {
- default_action
- | std.enum.TagOrString
- | [| 'drop, 'accept |]
+ login_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Login Variable (String)"
+ | optional,
+ motd
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 2048,
+ _js2n__-prdslib.strings.minLength 1
+ ])
| doc m%"
- Default Action (String)
- - Allowed values: accept, drop
- "%,
- description | String | doc "Description (String)",
+ Motd (String)
+ - Minimum length: 1
+ - Maximum length: 2048
+ "%
+ | optional,
+ motd_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Motd Variable (String)"
+ | optional,
name
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^[^&<>! \"]{1,128}$"
])
- | doc "Name (String)",
- sequences
+ | doc "Name (String)"
+ | optional,
+ }
+ | doc m%"
+ Banner (Object)
+
+ Elements:
+ - name
+ - description
+ - login
+ - login_variable
+ - motd
+ - motd_variable
+ "%
+ | optional,
+ bfd
+ | {
+ colors
| Array
{
- base_action
+ color
| std.enum.TagOrString
- | [| 'drop, 'accept |]
+ | [|
+ 'private6,
+ 'private5,
+ 'private4,
+ 'private3,
+ 'private2,
+ 'private1,
+ 'custom3,
+ 'custom2,
+ 'custom1,
+ 'bronze,
+ 'silver,
+ 'gold,
+ 'blue,
+ 'green,
+ 'red,
+ '"3g",
+ 'lte,
+ 'public-internet,
+ 'biz-internet,
+ 'metro-ethernet,
+ 'mpls,
+ '"default"
+ |]
| doc m%"
- Base Action (String)
- - Allowed values: accept, drop
- "%,
- counter_name
+ Color (String)
+ - Allowed values: default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6
+ "%
+ | optional,
+ color_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.maxLength 20,
- _js2n__-prdslib.strings.minLength 1
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
])
- | doc m%"
- Counter Name (String)
- - Minimum length: 1
- - Maximum length: 20
- "%
+ | doc "Color Variable (String)"
| optional,
- id
+ default_dscp
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65534,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.numbers.maximum 63
])
| doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 65534
- "%,
- match_criterias
- | {
- destination_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Destination Data Prefix List (String)"
- | optional,
- destination_ip_prefix
- | String
- | doc m%"
- Destination IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- destination_port
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.enum [ 22, 161 ]
- ])
- | doc m%"
- Destination Port (Integer)
- - Allowed values: 22, 161
- "%,
- source_data_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Source Data Prefix List (String)"
- | optional,
- source_ip_prefix
- | String
- | doc m%"
- Source IP Prefix (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- source_ports
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 65535
- ])
- )
- | doc "Source Ports (List - Integer)"
- | optional,
- }
- | doc m%"
- Match Criterias (Object)
-
- Elements:
- - destination_data_prefix_list
- - destination_ip_prefix
- - destination_port (required)
- - source_data_prefix_list
- - source_ip_prefix
- - source_ports
- "%,
- name | String | doc "Name (String)" | optional,
- }
- | doc m%"
- Sequences (List - Object)
-
- Elements:
- - id (required)
- - name
- - base_action (required)
- - match_criterias (required)
- - counter_name
- "%
- | optional,
- }
- | doc m%"
- IPv6 Device Access Policies (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - default_action (required)
- - sequences
- "%
- | optional,
- qos_maps
- | Array
- {
- description | String | doc "Description (String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- qos_schedulers
- | Array
- {
- bandwidth_percent
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 100,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- Bandwidth Percent (Integer)
- - Minimum value: 1
- - Maximum value: 100
- "%,
- buffer_percent
+ Default DSCP (Integer)
+ - Maximum value: 63
+ "%
+ | optional,
+ default_dscp_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 100,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
])
- | doc m%"
- Buffer Percent (Integer)
- - Minimum value: 1
- - Maximum value: 100
- "%,
- burst_bytes
+ | doc "Default DSCP Variable (String)"
+ | optional,
+ hello_interval
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 10000000,
- _js2n__-prdslib.numbers.minimum 5000
+ _js2n__-prdslib.numbers.maximum 300000,
+ _js2n__-prdslib.numbers.minimum 100
])
| doc m%"
- Burst Bytes (Integer)
- - Minimum value: 5000
- - Maximum value: 10000000
+ Hello Interval (Integer)
+ - Minimum value: 100
+ - Maximum value: 300000
"%
| optional,
- class_map
+ hello_interval_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
])
- | doc "Class Map (String)",
- drop_type
- | std.enum.TagOrString
- | [| 'red-drop, 'tail-drop |]
- | doc m%"
- Drop Type (String)
- - Allowed values: tail-drop, red-drop
- "%,
- queue
+ | doc "Hello Interval Variable (String)"
+ | optional,
+ multiplier
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 7
+ _js2n__-prdslib.numbers.maximum 60,
+ _js2n__-prdslib.numbers.minimum 1
])
| doc m%"
- Queue (Integer)
- - Maximum value: 7
- "%,
- scheduling_type
- | std.enum.TagOrString
- | [| 'wrr, 'llq |]
- | doc m%"
- Scheduling Type (String)
- - Allowed values: llq, wrr
- "%,
- }
- | doc m%"
- QoS Schedulers (List - Object)
-
- Elements:
- - queue (required)
- - bandwidth_percent (required)
- - buffer_percent (required)
- - burst_bytes
- - scheduling_type (required)
- - drop_type (required)
- - class_map (required)
- "%,
- }
- | doc m%"
- QoS Maps (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - qos_schedulers (required)
- "%
- | optional,
- rewrite_rules
- | Array
- {
- description | String | doc "Description (String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- rules
- | Array
- {
- class
+ Multiplier (Integer)
+ - Minimum value: 1
+ - Maximum value: 60
+ "%
+ | optional,
+ multiplier_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Class (String)",
- dscp
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
])
- | doc m%"
- DSCP (Integer)
- - Maximum value: 63
- "%,
- layer2_cos
+ | doc "Multiplier Variable (String)"
+ | optional,
+ path_mtu_discovery
+ | Bool
+ | doc "Path MTU Discovery (Boolean)"
+ | optional,
+ path_mtu_discovery_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 7
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
])
- | doc m%"
- Layer2 CoS (Integer)
- - Maximum value: 7
- "%
+ | doc "Path MTU Discovery Variable (String)"
| optional,
- "priority"
- | std.enum.TagOrString
- | [| 'low, 'high |]
- | doc m%"
- Priority (String)
- - Allowed values: high, low
- "%,
}
| doc m%"
- Rules (List - Object)
+ Colors (List - Object)
Elements:
- - class (required)
- - dscp (required)
- - layer2_cos
- - priority (required)
- "%,
- }
- | doc m%"
- Rewrite Rules (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - rules (required)
- "%
- | optional,
- route_policies
- | Array
- {
- default_action
+ - color
+ - color_variable
+ - default_dscp
+ - default_dscp_variable
+ - hello_interval
+ - hello_interval_variable
+ - multiplier
+ - multiplier_variable
+ - path_mtu_discovery
+ - path_mtu_discovery_variable
+ "%
+ | optional,
+ default_dscp
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ Default DSCP (Integer)
+ - Maximum value: 63
+ "%
+ | optional,
+ default_dscp_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Default DSCP Variable (String)"
+ | optional,
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ multiplier
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 6,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Multiplier (Integer)
+ - Minimum value: 1
+ - Maximum value: 6
+ "%
+ | optional,
+ multiplier_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Multiplier Variable (String)"
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)"
+ | optional,
+ poll_interval
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Poll Interval (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ poll_interval_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Poll Interval Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ BFD (Object)
+
+ Elements:
+ - name
+ - description
+ - colors
+ - default_dscp
+ - default_dscp_variable
+ - multiplier
+ - multiplier_variable
+ - poll_interval
+ - poll_interval_variable
+ "%
+ | optional,
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ flexible_port_speed
+ | {
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)"
+ | optional,
+ port_type
| std.enum.TagOrString
- | [| 'reject, 'accept |]
+ | [|
+ '"3 ports of 40GE + 1port of 100GE",
+ '"8 ports of 1/10GE + 1 port of 40GE + 1 port of 100GE",
+ '"12 ports of 1/10GE + 1 port of 100GE",
+ '"2 ports of 100 GE",
+ '"8 ports of 1/10GE + 4 ports of 40GE",
+ '"12 ports of 1/10GE + 3 ports 40GE"
+ |]
| doc m%"
- Default Action (String)
- - Allowed values: accept, reject
- "%,
- description | String | doc "Description (String)",
+ Port Type (String)
+ - Allowed values: 12 ports of 1/10GE + 3 ports 40GE, 8 ports of 1/10GE + 4 ports of 40GE, 2 ports of 100 GE, 12 ports of 1/10GE + 1 port of 100GE, 8 ports of 1/10GE + 1 port of 40GE + 1 port of 100GE, 3 ports of 40GE + 1port of 100GE
+ "%
+ | optional,
+ port_type_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Port Type Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Flexible Port Speed (Object)
+
+ Elements:
+ - name
+ - description
+ - port_type
+ - port_type_variable
+ "%
+ | optional,
+ global
+ | {
+ arp_proxy | Bool | doc "ARP Proxy (Boolean)" | optional,
+ arp_proxy_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "ARP Proxy Variable (String)"
+ | optional,
+ cdp | Bool | doc "CDP (Boolean)" | optional,
+ cdp_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "CDP Variable (String)"
+ | optional,
+ console_logging
+ | Bool
+ | doc "Console Logging (Boolean)"
+ | optional,
+ console_logging_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Console Logging Variable (String)"
+ | optional,
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ domain_lookup
+ | Bool
+ | doc "Domain Lookup (Boolean)"
+ | optional,
+ domain_lookup_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Domain Lookup Variable (String)"
+ | optional,
+ ftp_passive
+ | Bool
+ | doc "Ftp Passive (Boolean)"
+ | optional,
+ ftp_passive_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Ftp Passive Variable (String)"
+ | optional,
+ http_authentication
+ | std.enum.TagOrString
+ | [| 'aaa, 'local |]
+ | doc m%"
+ Http Authentication (String)
+ - Allowed values: local, aaa
+ "%
+ | optional,
+ http_authentication_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Http Authentication Variable (String)"
+ | optional,
+ http_server
+ | Bool
+ | doc "Http Server (Boolean)"
+ | optional,
+ http_server_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Http Server Variable (String)"
+ | optional,
+ https_server
+ | Bool
+ | doc "Https Server (Boolean)"
+ | optional,
+ https_server_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Https Server Variable (String)"
+ | optional,
+ ignore_bootp
+ | Bool
+ | doc "Ignore Bootp (Boolean)"
+ | optional,
+ ignore_bootp_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Ignore Bootp Variable (String)"
+ | optional,
+ ip_source_routing
+ | Bool
+ | doc "IP Source Routing (Boolean)"
+ | optional,
+ ip_source_routing_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "IP Source Routing Variable (String)"
+ | optional,
+ lldp | Bool | doc "LLDP (Boolean)" | optional,
+ lldp_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "LLDP Variable (String)"
+ | optional,
name
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^[^&<>! \"]{1,128}$"
])
- | doc "Name (String)",
- sequences
- | Array
- {
- actions
- | {
- aggregator
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Aggregator (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- aggregator_ip
- | String
- | doc m%"
- Aggregator IP (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- atomic_aggregate
- | Bool
- | doc "Atomic Aggregate (Boolean)"
- | optional,
- communities
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.anyOf
- [
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ],
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.strings.pattern
- "^[0-9]{1,5}(:)[0-9]{1,5}$"
- ],
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType
- '"String",
- _js2n__-prdslib.enum
- [ "internet", "local-AS" ]
- ]
- ])
- )
- | doc "Communities (List - String)"
- | optional,
- community_additive
- | Bool
- | doc "Community Additive (Boolean)"
- | optional,
- exclude_as_paths
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- )
- | doc "Exclude AS Paths (List - Integer)"
- | optional,
- local_preference
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
+ | doc "Name (String)"
+ | optional,
+ nat64_tcp_timeout
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 536870,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Nat64 Tcp Timeout (Integer)
+ - Minimum value: 1
+ - Maximum value: 536870
+ "%
+ | optional,
+ nat64_tcp_timeout_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Nat64 Tcp Timeout Variable (String)"
+ | optional,
+ nat64_udp_timeout
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 536870,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Nat64 Udp Timeout (Integer)
+ - Minimum value: 1
+ - Maximum value: 536870
+ "%
+ | optional,
+ nat64_udp_timeout_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Nat64 Udp Timeout Variable (String)"
+ | optional,
+ rsh_rcp | Bool | doc "Rsh Rcp (Boolean)" | optional,
+ rsh_rcp_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Rsh Rcp Variable (String)"
+ | optional,
+ snmp_ifindex_persist
+ | Bool
+ | doc "SNMP Ifindex Persist (Boolean)"
+ | optional,
+ snmp_ifindex_persist_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "SNMP Ifindex Persist Variable (String)"
+ | optional,
+ source_interface
+ | String
+ | doc "Source Interface (String)"
+ | optional,
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ ssh_version
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 2,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ SSH Version (Integer)
+ - Minimum value: 1
+ - Maximum value: 2
+ "%
+ | optional,
+ ssh_version_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "SSH Version Variable (String)"
+ | optional,
+ tcp_keepalives_in
+ | Bool
+ | doc "Tcp Keepalives In (Boolean)"
+ | optional,
+ tcp_keepalives_in_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Tcp Keepalives In Variable (String)"
+ | optional,
+ tcp_keepalives_out
+ | Bool
+ | doc "Tcp Keepalives Out (Boolean)"
+ | optional,
+ tcp_keepalives_out_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Tcp Keepalives Out Variable (String)"
+ | optional,
+ tcp_small_servers
+ | Bool
+ | doc "Tcp Small Servers (Boolean)"
+ | optional,
+ tcp_small_servers_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Tcp Small Servers Variable (String)"
+ | optional,
+ telnet_outbound
+ | Bool
+ | doc "Telnet Outbound (Boolean)"
+ | optional,
+ telnet_outbound_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Telnet Outbound Variable (String)"
+ | optional,
+ udp_small_servers
+ | Bool
+ | doc "Udp Small Servers (Boolean)"
+ | optional,
+ udp_small_servers_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Udp Small Servers Variable (String)"
+ | optional,
+ vty_logging
+ | Bool
+ | doc "Vty Logging (Boolean)"
+ | optional,
+ vty_logging_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Vty Logging Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Global (Object)
+
+ Elements:
+ - name
+ - description
+ - arp_proxy
+ - arp_proxy_variable
+ - cdp
+ - cdp_variable
+ - console_logging
+ - console_logging_variable
+ - domain_lookup
+ - domain_lookup_variable
+ - ftp_passive
+ - ftp_passive_variable
+ - http_authentication
+ - http_authentication_variable
+ - http_server
+ - http_server_variable
+ - https_server
+ - https_server_variable
+ - ignore_bootp
+ - ignore_bootp_variable
+ - ip_source_routing
+ - ip_source_routing_variable
+ - lldp
+ - lldp_variable
+ - nat64_udp_timeout
+ - nat64_udp_timeout_variable
+ - nat64_tcp_timeout
+ - nat64_tcp_timeout_variable
+ - rsh_rcp
+ - rsh_rcp_variable
+ - snmp_ifindex_persist
+ - snmp_ifindex_persist_variable
+ - source_interface
+ - source_interface_variable
+ - ssh_version
+ - ssh_version_variable
+ - tcp_keepalives_in
+ - tcp_keepalives_in_variable
+ - tcp_keepalives_out
+ - tcp_keepalives_out_variable
+ - tcp_small_servers
+ - tcp_small_servers_variable
+ - telnet_outbound
+ - telnet_outbound_variable
+ - udp_small_servers
+ - udp_small_servers_variable
+ - vty_logging
+ - vty_logging_variable
+ "%
+ | optional,
+ logging
+ | {
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ disk_file_rotate
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 10,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Disk File Rotate (Integer)
+ - Minimum value: 1
+ - Maximum value: 10
+ "%
+ | optional,
+ disk_file_rotate_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Disk File Rotate Variable (String)"
+ | optional,
+ disk_file_size
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 20,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Disk File Size (Integer)
+ - Minimum value: 1
+ - Maximum value: 20
+ "%
+ | optional,
+ disk_file_size_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Disk File Size Variable (String)"
+ | optional,
+ ipv4_servers
+ | Array
+ {
+ hostname_ip
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Local Preference (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- metric
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Metric (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- metric_type
- | std.enum.TagOrString
- | [| 'type2, 'type1 |]
- | doc m%"
- Metric Type (String)
- - Allowed values: type1, type2
- "%
- | optional,
- next_hop
- | String
- | doc m%"
- Next Hop (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- omp_tag
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Omp Tag (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- origin
- | std.enum.TagOrString
- | [| 'incomplete, 'igp, 'egp |]
- | doc m%"
- Origin (String)
- - Allowed values: egp, igp, incomplete
- "%
- | optional,
- originator
- | String
- | doc m%"
- Originator (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- ospf_tag
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- OSPF Tag (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- prepend_as_paths
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- )
- | doc "Prepend AS Paths (List - Integer)"
- | optional,
- weight
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Weight (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- }
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$"
+ ]
+ ])
+ | doc "Hostname IP (String, String)"
+ | optional,
+ hostname_ip_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Hostname IP Variable (String)"
+ | optional,
+ severity
+ | std.enum.TagOrString
+ | [|
+ 'emergency,
+ 'alert,
+ 'critical,
+ 'error,
+ 'warn,
+ 'notice,
+ 'debugging,
+ 'informational
+ |]
| doc m%"
- Actions (Object)
-
- Elements:
- - aggregator
- - aggregator_ip
- - atomic_aggregate
- - communities
- - community_additive
- - exclude_as_paths
- - local_preference
- - metric
- - metric_type
- - next_hop
- - omp_tag
- - origin
- - originator
- - ospf_tag
- - prepend_as_paths
- - weight
+ Severity (String)
+ - Allowed values: informational, debugging, notice, warn, error, critical, alert, emergency
"%
| optional,
- base_action
- | std.enum.TagOrString
- | [| 'reject, 'accept |]
+ severity_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Severity Variable (String)"
+ | optional,
+ source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(GigabitEthernet|Loopback|TenGigabitEthernet|TwoGigabitEthernet|FortyGigabitEthernet|HundredGigE|Vlan)(([1-9]\\d|\\d)/){0,2}(0|[1-9]\\d*)([:|\\.][1-9]\\d*)?"
+ ])
+ | doc "Source Interface (String)"
+ | optional,
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ tls_enable
+ | Bool
+ | doc "TLS Enable (Boolean)"
+ | optional,
+ tls_enable_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Enable Variable (String)"
+ | optional,
+ tls_properties_custom_profile
+ | Bool
+ | doc "TLS Properties Custom Profile (Boolean)"
+ | optional,
+ tls_properties_custom_profile_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Properties Custom Profile Variable (String)"
+ | optional,
+ tls_properties_profile
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
| doc m%"
- Base Action (String)
- - Allowed values: accept, reject
- "%,
- id
+ TLS Properties Profile (String)
+ - Minimum length: 1
+ "%
+ | optional,
+ tls_properties_profile_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Properties Profile Variable (String)"
+ | optional,
+ vpn_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ | doc m%"
+ VPN ID (Integer)
+ - Maximum value: 65530
+ "%
+ | optional,
+ vpn_id_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "VPN ID Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Ipv4 Servers (List - Object)
+
+ Elements:
+ - hostname_ip
+ - hostname_ip_variable
+ - severity
+ - severity_variable
+ - source_interface
+ - source_interface_variable
+ - tls_enable
+ - tls_enable_variable
+ - tls_properties_custom_profile
+ - tls_properties_custom_profile_variable
+ - tls_properties_profile
+ - tls_properties_profile_variable
+ - vpn_id
+ - vpn_id_variable
+ "%
+ | optional,
+ ipv6_servers
+ | Array
+ {
+ hostname_ip
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$"
+ ]
+ ])
+ | doc "Hostname IP (String, String)"
+ | optional,
+ hostname_ip_variable
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65534,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 65534
- "%,
- ip_type
- | std.enum.TagOrString
- | [| 'both, 'ipv6, 'ipv4 |]
- | doc m%"
- IP Type (String)
- - Allowed values: ipv4, ipv6, both
- "%,
- match_criterias
- | {
- as_path_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "AS Path List (String)"
- | optional,
- bgp_local_preference
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- BGP Local Preference (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- expanded_community_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Expanded Community List (String)"
- | optional,
- extended_community_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Extended Community List (String)"
- | optional,
- metric
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Metric (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- next_hop_prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Next Hop Prefix List (String)"
- | optional,
- omp_tag
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- Omp Tag (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- origin
- | std.enum.TagOrString
- | [| 'incomplete, 'igp, 'egp |]
- | doc m%"
- Origin (String)
- - Allowed values: egp, igp, incomplete
- "%
- | optional,
- ospf_tag
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum
- 4294967295
- ])
- | doc m%"
- OSPF Tag (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- peer
- | String
- | doc m%"
- Peer (String)
- - IPv4 or IPv6 address
- "%
- | optional,
- prefix_list
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Prefix List (String)"
- | optional,
- standard_community_lists
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- )
- | doc "Standard Community Lists (List - String)"
- | optional,
- standard_community_lists_criteria
- | std.enum.TagOrString
- | [| 'exact, 'and, 'or |]
- | doc m%"
- Standard Community Lists Criteria (String)
- - Allowed values: or, and, exact
- "%
- | optional,
- }
- | doc m%"
- Match Criterias (Object)
-
- Elements:
- - as_path_list
- - bgp_local_preference
- - expanded_community_list
- - extended_community_list
- - metric
- - next_hop_prefix_list
- - omp_tag
- - origin
- - ospf_tag
- - peer
- - prefix_list
- - standard_community_lists
- - standard_community_lists_criteria
- "%
- | optional,
- name | String | doc "Name (String)" | optional,
- }
- | doc m%"
- Sequences (List - Object)
-
- Elements:
- - id (required)
- - name
- - ip_type (required)
- - base_action (required)
- - match_criterias
- - actions
- "%
- | optional,
- }
- | doc m%"
- Route Policies (List - Object)
-
- Elements:
- - name (required)
- - description (required)
- - default_action (required)
- - sequences
- "%
- | optional,
- }
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Hostname IP Variable (String)"
+ | optional,
+ severity
+ | std.enum.TagOrString
+ | [|
+ 'emergency,
+ 'alert,
+ 'critical,
+ 'error,
+ 'warn,
+ 'notice,
+ 'debugging,
+ 'informational
+ |]
+ | doc m%"
+ Severity (String)
+ - Allowed values: informational, debugging, notice, warn, error, critical, alert, emergency
+ "%
+ | optional,
+ severity_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Severity Variable (String)"
+ | optional,
+ source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(GigabitEthernet|Loopback|TenGigabitEthernet|TwoGigabitEthernet|FortyGigabitEthernet|HundredGigE|Vlan)(([1-9]\\d|\\d)/){0,2}(0|[1-9]\\d*)([:|\\.][1-9]\\d*)?"
+ ])
+ | doc "Source Interface (String)"
+ | optional,
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ tls_enable
+ | Bool
+ | doc "TLS Enable (Boolean)"
+ | optional,
+ tls_enable_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Enable Variable (String)"
+ | optional,
+ tls_properties_custom_profile
+ | Bool
+ | doc "TLS Properties Custom Profile (Boolean)"
+ | optional,
+ tls_properties_custom_profile_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Properties Custom Profile Variable (String)"
+ | optional,
+ tls_properties_profile
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ TLS Properties Profile (String)
+ - Minimum length: 1
+ "%
+ | optional,
+ tls_properties_profile_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Properties Profile Variable (String)"
+ | optional,
+ vpn_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ | doc m%"
+ VPN ID (Integer)
+ - Maximum value: 65530
+ "%
+ | optional,
+ vpn_id_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "VPN ID Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ IPv6 Servers (List - Object)
+
+ Elements:
+ - hostname_ip
+ - hostname_ip_variable
+ - severity
+ - severity_variable
+ - source_interface
+ - source_interface_variable
+ - tls_enable
+ - tls_enable_variable
+ - tls_properties_custom_profile
+ - tls_properties_custom_profile_variable
+ - tls_properties_profile
+ - tls_properties_profile_variable
+ - vpn_id
+ - vpn_id_variable
+ "%
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)"
+ | optional,
+ tls_profiles
+ | Array
+ {
+ cipher_suites
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "aes-128-cbc-sha",
+ "aes-256-cbc-sha",
+ "dhe-aes-cbc-sha2",
+ "dhe-aes-gcm-sha2",
+ "ecdhe-ecdsa-aes-gcm-sha2",
+ "ecdhe-rsa-aes-cbc-sha2",
+ "ecdhe-rsa-aes-gcm-sha2",
+ "rsa-aes-cbc-sha2",
+ "rsa-aes-gcm-sha2"
+ ]
+ ])
+ ])
+ | doc "Cipher Suites (List - String)"
+ | optional,
+ cipher_suites_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Cipher Suites Variable (String)"
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Name (String)
+ - Minimum length: 1
+ "%
+ | optional,
+ name_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Name Variable (String)"
+ | optional,
+ tls_version
+ | std.enum.TagOrString
+ | [| '"TLSv1.2", '"TLSv1.1" |]
+ | doc m%"
+ TLS Version (String)
+ - Allowed values: TLSv1.1, TLSv1.2
+ "%
+ | optional,
+ tls_version_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "TLS Version Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ TLS Profiles (List - Object)
+
+ Elements:
+ - cipher_suites
+ - cipher_suites_variable
+ - name
+ - name_variable
+ - tls_version
+ - tls_version_variable
+ "%
+ | optional,
+ }
+ | doc m%"
+ Logging (Object)
+
+ Elements:
+ - name
+ - description
+ - disk_file_size
+ - disk_file_size_variable
+ - disk_file_rotate
+ - disk_file_rotate_variable
+ - ipv4_servers
+ - ipv6_servers
+ - tls_profiles
+ "%
+ | optional,
+ mrf
+ | {
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ migration_bgp_community
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Migration BGP Community (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ migration_to_mrf
+ | std.enum.TagOrString
+ | [| 'enabled-from-bgp-core, 'enabled |]
+ | doc m%"
+ Migration To Mrf (String)
+ - Allowed values: enabled, enabled-from-bgp-core
+ "%
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)"
+ | optional,
+ region_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Region ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 63
+ "%
+ | optional,
+ role
+ | std.enum.TagOrString
+ | [| 'border-router, 'edge-router |]
+ | doc m%"
+ Role (String)
+ - Allowed values: edge-router, border-router
+ "%
+ | optional,
+ role_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Role Variable (String)"
+ | optional,
+ secondary_region_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Secondary Region ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 63
+ "%
+ | optional,
+ secondary_region_id_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Secondary Region ID Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Mrf (Object)
+
+ Elements:
+ - name
+ - description
+ - migration_to_mrf
+ - migration_bgp_community
+ - region_id
+ - role
+ - role_variable
+ - secondary_region_id
+ - secondary_region_id_variable
+ "%
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)",
+ ntp
+ | {
+ authentication_keys
+ | Array
+ {
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65535
+ "%
+ | optional,
+ id_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "ID Variable (String)"
+ | optional,
+ md5_value
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ MD5 Value (String)
+ - Minimum length: 1
+ "%
+ | optional,
+ md5_value_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "MD5 Value Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Authentication Keys (List - Object)
+
+ Elements:
+ - id
+ - id_variable
+ - md5_value
+ - md5_value_variable
+ "%
+ | optional,
+ authoritative_ntp_server
+ | Bool
+ | doc "Authoritative NTP Server (Boolean)"
+ | optional,
+ authoritative_ntp_server_source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(GigabitEthernet|Loopback|TenGigabitEthernet|TwoGigabitEthernet|FortyGigabitEthernet|HundredGigE|Vlan)(([1-9]\\d|\\d)/){0,2}(0|[1-9]\\d*)([:|\\.][1-9]\\d*)?"
+ ])
+ | doc "Authoritative NTP Server Source Interface (String)"
+ | optional,
+ authoritative_ntp_server_source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authoritative NTP Server Source Interface Variable (String)"
+ | optional,
+ authoritative_ntp_server_stratum
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 15,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Authoritative NTP Server Stratum (Integer)
+ - Minimum value: 1
+ - Maximum value: 15
+ "%
+ | optional,
+ authoritative_ntp_server_stratum_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authoritative NTP Server Stratum Variable (String)"
+ | optional,
+ authoritative_ntp_server_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authoritative NTP Server Variable (String)"
+ | optional,
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^&<>! \"]{1,128}$"
+ ])
+ | doc "Name (String)"
+ | optional,
+ servers
+ | Array
+ {
+ authentication_key
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Authentication Key (Integer)
+ - Minimum value: 1
+ - Maximum value: 65535
+ "%
+ | optional,
+ authentication_key_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Authentication Key Variable (String)"
+ | optional,
+ hostname_ip
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$"
+ ]
+ ])
+ | doc "Hostname IP (String, String)"
+ | optional,
+ hostname_ip_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Hostname IP Variable (String)"
+ | optional,
+ ntp_version
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4
+ ])
+ | doc m%"
+ NTP Version (Integer)
+ - Maximum value: 4
+ "%
+ | optional,
+ ntp_version_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "NTP Version Variable (String)"
+ | optional,
+ prefer | Bool | doc "Prefer (Boolean)" | optional,
+ prefer_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Prefer Variable (String)"
+ | optional,
+ source_interface
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(GigabitEthernet|Loopback|TenGigabitEthernet|TwoGigabitEthernet|FortyGigabitEthernet|HundredGigE|Vlan)(([1-9]\\d|\\d)/){0,2}(0|[1-9]\\d*)([:|\\.][1-9]\\d*)?"
+ ])
+ | doc "Source Interface (String)"
+ | optional,
+ source_interface_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Source Interface Variable (String)"
+ | optional,
+ vpn_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ | doc m%"
+ VPN ID (Integer)
+ - Maximum value: 65530
+ "%
+ | optional,
+ vpn_id_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "VPN ID Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ Servers (List - Object)
+
+ Elements:
+ - authentication_key
+ - authentication_key_variable
+ - hostname_ip
+ - hostname_ip_variable
+ - prefer
+ - prefer_variable
+ - source_interface
+ - source_interface_variable
+ - ntp_version
+ - ntp_version_variable
+ - vpn_id
+ - vpn_id_variable
+ "%
+ | optional,
+ trusted_keys
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ )
+ | doc "Trusted Keys (List - Integer)"
+ | optional,
+ trusted_keys_variable
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[./\\[\\]a-zA-Z0-9_-]{1,64}$"
+ ])
+ | doc "Trusted Keys Variable (String)"
+ | optional,
+ }
+ | doc m%"
+ NTP (Object)
+
+ Elements:
+ - name
+ - description
+ - authentication_keys
+ - authoritative_ntp_server
+ - authoritative_ntp_server_variable
+ - authoritative_ntp_server_source_interface
+ - authoritative_ntp_server_source_interface_variable
+ - authoritative_ntp_server_stratum
+ - authoritative_ntp_server_stratum_variable
+ - servers
+ - trusted_keys
+ - trusted_keys_variable
+ "%
+ | optional,
+ }
+ | doc m%"
+ System Profiles (List - Object)
+
+ Elements:
+ - name (required)
+ - description
+ - aaa
+ - banner
+ - bfd
+ - flexible_port_speed
+ - global
+ - logging
+ - mrf
+ - ntp
+ "%
+ | optional,
+ }
+ | doc m%"
+ Feature Profiles (Object)
+
+ Elements:
+ - cli_profiles
+ - system_profiles
+ "%
+ | optional,
+ localized_policies
+ | {
+ definitions
+ | {
+ ipv4_access_control_lists
+ | Array
+ {
+ default_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Default Action (String)
+ - Allowed values: accept, drop
+ "%,
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ sequences
+ | Array
+ {
+ actions
+ | {
+ class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class (String)"
+ | optional,
+ counter_name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 20,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Counter Name (String)
+ - Minimum length: 1
+ - Maximum length: 20
+ "%
+ | optional,
+ dscp
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ DSCP (Integer)
+ - Maximum value: 63
+ "%
+ | optional,
+ log | Bool | doc "Log (Boolean)" | optional,
+ mirror_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Mirror List (String)"
+ | optional,
+ next_hop
+ | String
+ | doc m%"
+ Next Hop (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ policer
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Policer (String)"
+ | optional,
+ }
+ | doc m%"
+ Actions (Object)
+
+ Elements:
+ - counter_name
+ - class
+ - dscp
+ - log
+ - mirror_list
+ - next_hop
+ - policer
+ "%
+ | optional,
+ base_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Base Action (String)
+ - Allowed values: accept, drop
+ "%,
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%,
+ match_criterias
+ | {
+ class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class (String)"
+ | optional,
+ destination_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Destination Data Prefix List (String)"
+ | optional,
+ destination_ip_prefix
+ | String
+ | doc m%"
+ Destination IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ destination_port_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ From (Integer)
+ - Maximum value: 65535
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ To (Integer)
+ - Maximum value: 65535
+ "%,
+ }
+ | doc m%"
+ Destination Port Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ destination_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Destination Ports (List - Integer)"
+ | optional,
+ dscp
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ DSCP (Integer)
+ - Maximum value: 63
+ "%
+ | optional,
+ packet_length
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535
+ ])
+ | doc m%"
+ Packet Length (Integer)
+ - Maximum value: 65535
+ "%
+ | optional,
+ "priority"
+ | std.enum.TagOrString
+ | [| 'low, 'high |]
+ | doc m%"
+ Priority (String)
+ - Allowed values: high, low
+ "%
+ | optional,
+ protocols
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 255
+ ])
+ )
+ | doc "Protocols (List - Integer)"
+ | optional,
+ source_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Source Data Prefix List (String)"
+ | optional,
+ source_ip_prefix
+ | String
+ | doc m%"
+ Source IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ source_port_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ From (Integer)
+ - Maximum value: 65535
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ To (Integer)
+ - Maximum value: 65535
+ "%,
+ }
+ | doc m%"
+ Source Port Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ source_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Source Ports (List - Integer)"
+ | optional,
+ tcp
+ | std.enum.TagOrString
+ | [| 'syn |]
+ | doc m%"
+ Tcp (String)
+ - Allowed values: syn
+ "%
+ | optional,
+ }
+ | doc m%"
+ Match Criterias (Object)
+
+ Elements:
+ - class
+ - destination_data_prefix_list
+ - destination_ip_prefix
+ - destination_ports
+ - destination_port_ranges
+ - dscp
+ - packet_length
+ - priority
+ - protocols
+ - source_data_prefix_list
+ - source_ip_prefix
+ - source_ports
+ - source_port_ranges
+ - tcp
+ "%
+ | optional,
+ name | String | doc "Name (String)" | optional,
+ }
+ | doc m%"
+ Sequences (List - Object)
+
+ Elements:
+ - id (required)
+ - name
+ - base_action (required)
+ - match_criterias
+ - actions
+ "%
+ | optional,
+ }
+ | doc m%"
+ Ipv4 Access Control Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - default_action (required)
+ - sequences
+ "%
+ | optional,
+ ipv4_device_access_policies
+ | Array
+ {
+ default_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Default Action (String)
+ - Allowed values: accept, drop
+ "%,
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ sequences
+ | Array
+ {
+ base_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Base Action (String)
+ - Allowed values: accept, drop
+ "%,
+ counter_name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 20,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Counter Name (String)
+ - Minimum length: 1
+ - Maximum length: 20
+ "%
+ | optional,
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%,
+ match_criterias
+ | {
+ destination_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Destination Data Prefix List (String)"
+ | optional,
+ destination_ip_prefix
+ | String
+ | doc m%"
+ Destination IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ destination_port
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.enum [ 22, 161 ]
+ ])
+ | doc m%"
+ Destination Port (Integer)
+ - Allowed values: 22, 161
+ "%,
+ source_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Source Data Prefix List (String)"
+ | optional,
+ source_ip_prefix
+ | String
+ | doc m%"
+ Source IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ source_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Source Ports (List - Integer)"
+ | optional,
+ }
+ | doc m%"
+ Match Criterias (Object)
+
+ Elements:
+ - destination_data_prefix_list
+ - destination_ip_prefix
+ - destination_port (required)
+ - source_data_prefix_list
+ - source_ip_prefix
+ - source_ports
+ "%,
+ name | String | doc "Name (String)" | optional,
+ }
+ | doc m%"
+ Sequences (List - Object)
+
+ Elements:
+ - id (required)
+ - name
+ - base_action (required)
+ - match_criterias (required)
+ - counter_name
+ "%
+ | optional,
+ }
+ | doc m%"
+ Ipv4 Device Access Policies (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - default_action (required)
+ - sequences
+ "%
+ | optional,
+ ipv6_access_control_lists
+ | Array
+ {
+ default_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Default Action (String)
+ - Allowed values: accept, drop
+ "%,
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ sequences
+ | Array
+ {
+ actions
+ | {
+ class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class (String)"
+ | optional,
+ counter_name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 20,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Counter Name (String)
+ - Minimum length: 1
+ - Maximum length: 20
+ "%
+ | optional,
+ log | Bool | doc "Log (Boolean)" | optional,
+ mirror_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Mirror List (String)"
+ | optional,
+ next_hop
+ | String
+ | doc m%"
+ Next Hop (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ policer
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Policer (String)"
+ | optional,
+ traffic_class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ Traffic Class (Integer)
+ - Maximum value: 63
+ "%
+ | optional,
+ }
+ | doc m%"
+ Actions (Object)
+
+ Elements:
+ - class
+ - counter_name
+ - log
+ - mirror_list
+ - next_hop
+ - policer
+ - traffic_class
+ "%
+ | optional,
+ base_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Base Action (String)
+ - Allowed values: accept, drop
+ "%,
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%,
+ match_criterias
+ | {
+ class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class (String)"
+ | optional,
+ destination_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Destination Data Prefix List (String)"
+ | optional,
+ destination_ip_prefix
+ | String
+ | doc m%"
+ Destination IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ destination_port_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ From (Integer)
+ - Maximum value: 65535
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ To (Integer)
+ - Maximum value: 65535
+ "%,
+ }
+ | doc m%"
+ Destination Port Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ destination_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Destination Ports (List - Integer)"
+ | optional,
+ next_header
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 255
+ ])
+ | doc m%"
+ Next Header (Integer)
+ - Maximum value: 255
+ "%
+ | optional,
+ packet_length
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535
+ ])
+ | doc m%"
+ Packet Length (Integer)
+ - Maximum value: 65535
+ "%
+ | optional,
+ "priority"
+ | std.enum.TagOrString
+ | [| 'low, 'high |]
+ | doc m%"
+ Priority (String)
+ - Allowed values: high, low
+ "%
+ | optional,
+ source_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Source Data Prefix List (String)"
+ | optional,
+ source_ip_prefix
+ | String
+ | doc m%"
+ Source IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ source_port_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ From (Integer)
+ - Maximum value: 65535
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ | doc m%"
+ To (Integer)
+ - Maximum value: 65535
+ "%,
+ }
+ | doc m%"
+ Source Port Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ source_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Source Ports (List - Integer)"
+ | optional,
+ tcp
+ | std.enum.TagOrString
+ | [| 'syn |]
+ | doc m%"
+ Tcp (String)
+ - Allowed values: syn
+ "%
+ | optional,
+ traffic_class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ Traffic Class (Integer)
+ - Maximum value: 63
+ "%,
+ }
+ | doc m%"
+ Match Criterias (Object)
+
+ Elements:
+ - class
+ - destination_data_prefix_list
+ - destination_ip_prefix
+ - destination_port_ranges
+ - destination_ports
+ - next_header
+ - packet_length
+ - priority
+ - source_data_prefix_list
+ - source_ip_prefix
+ - source_port_ranges
+ - source_ports
+ - tcp
+ - traffic_class (required)
+ "%
+ | optional,
+ name | String | doc "Name (String)" | optional,
+ }
+ | doc m%"
+ Sequences (List - Object)
+
+ Elements:
+ - id (required)
+ - name
+ - base_action (required)
+ - match_criterias
+ - actions
+ "%
+ | optional,
+ }
+ | doc m%"
+ IPv6 Access Control Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - default_action (required)
+ - sequences
+ "%
+ | optional,
+ ipv6_device_access_policies
+ | Array
+ {
+ default_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Default Action (String)
+ - Allowed values: accept, drop
+ "%,
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ sequences
+ | Array
+ {
+ base_action
+ | std.enum.TagOrString
+ | [| 'drop, 'accept |]
+ | doc m%"
+ Base Action (String)
+ - Allowed values: accept, drop
+ "%,
+ counter_name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength 20,
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ | doc m%"
+ Counter Name (String)
+ - Minimum length: 1
+ - Maximum length: 20
+ "%
+ | optional,
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%,
+ match_criterias
+ | {
+ destination_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Destination Data Prefix List (String)"
+ | optional,
+ destination_ip_prefix
+ | String
+ | doc m%"
+ Destination IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ destination_port
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.enum [ 22, 161 ]
+ ])
+ | doc m%"
+ Destination Port (Integer)
+ - Allowed values: 22, 161
+ "%,
+ source_data_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Source Data Prefix List (String)"
+ | optional,
+ source_ip_prefix
+ | String
+ | doc m%"
+ Source IP Prefix (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ source_ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 65535
+ ])
+ )
+ | doc "Source Ports (List - Integer)"
+ | optional,
+ }
+ | doc m%"
+ Match Criterias (Object)
+
+ Elements:
+ - destination_data_prefix_list
+ - destination_ip_prefix
+ - destination_port (required)
+ - source_data_prefix_list
+ - source_ip_prefix
+ - source_ports
+ "%,
+ name | String | doc "Name (String)" | optional,
+ }
+ | doc m%"
+ Sequences (List - Object)
+
+ Elements:
+ - id (required)
+ - name
+ - base_action (required)
+ - match_criterias (required)
+ - counter_name
+ "%
+ | optional,
+ }
+ | doc m%"
+ IPv6 Device Access Policies (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - default_action (required)
+ - sequences
+ "%
+ | optional,
+ qos_maps
+ | Array
+ {
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ qos_schedulers
+ | Array
+ {
+ bandwidth_percent
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 100,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Bandwidth Percent (Integer)
+ - Minimum value: 1
+ - Maximum value: 100
+ "%,
+ buffer_percent
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 100,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Buffer Percent (Integer)
+ - Minimum value: 1
+ - Maximum value: 100
+ "%,
+ burst_bytes
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 10000000,
+ _js2n__-prdslib.numbers.minimum 5000
+ ])
+ | doc m%"
+ Burst Bytes (Integer)
+ - Minimum value: 5000
+ - Maximum value: 10000000
+ "%
+ | optional,
+ class_map
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class Map (String)",
+ drop_type
+ | std.enum.TagOrString
+ | [| 'red-drop, 'tail-drop |]
+ | doc m%"
+ Drop Type (String)
+ - Allowed values: tail-drop, red-drop
+ "%,
+ queue
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 7
+ ])
+ | doc m%"
+ Queue (Integer)
+ - Maximum value: 7
+ "%,
+ scheduling_type
+ | std.enum.TagOrString
+ | [| 'wrr, 'llq |]
+ | doc m%"
+ Scheduling Type (String)
+ - Allowed values: llq, wrr
+ "%,
+ }
+ | doc m%"
+ QoS Schedulers (List - Object)
+
+ Elements:
+ - queue (required)
+ - bandwidth_percent (required)
+ - buffer_percent (required)
+ - burst_bytes
+ - scheduling_type (required)
+ - drop_type (required)
+ - class_map (required)
+ "%,
+ }
+ | doc m%"
+ QoS Maps (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - qos_schedulers (required)
+ "%
+ | optional,
+ rewrite_rules
+ | Array
+ {
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ rules
+ | Array
+ {
+ class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Class (String)",
+ dscp
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ DSCP (Integer)
+ - Maximum value: 63
+ "%,
+ layer2_cos
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 7
+ ])
+ | doc m%"
+ Layer2 CoS (Integer)
+ - Maximum value: 7
+ "%
+ | optional,
+ "priority"
+ | std.enum.TagOrString
+ | [| 'low, 'high |]
+ | doc m%"
+ Priority (String)
+ - Allowed values: high, low
+ "%,
+ }
+ | doc m%"
+ Rules (List - Object)
+
+ Elements:
+ - class (required)
+ - dscp (required)
+ - layer2_cos
+ - priority (required)
+ "%,
+ }
+ | doc m%"
+ Rewrite Rules (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - rules (required)
+ "%
+ | optional,
+ route_policies
+ | Array
+ {
+ default_action
+ | std.enum.TagOrString
+ | [| 'reject, 'accept |]
+ | doc m%"
+ Default Action (String)
+ - Allowed values: accept, reject
+ "%,
+ description | String | doc "Description (String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ sequences
+ | Array
+ {
+ actions
+ | {
+ aggregator
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Aggregator (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ aggregator_ip
+ | String
+ | doc m%"
+ Aggregator IP (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ atomic_aggregate
+ | Bool
+ | doc "Atomic Aggregate (Boolean)"
+ | optional,
+ communities
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[0-9]{1,5}(:)[0-9]{1,5}$"
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [ "internet", "local-AS" ]
+ ]
+ ])
+ )
+ | doc "Communities (List - String)"
+ | optional,
+ community_additive
+ | Bool
+ | doc "Community Additive (Boolean)"
+ | optional,
+ exclude_as_paths
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ )
+ | doc "Exclude AS Paths (List - Integer)"
+ | optional,
+ local_preference
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Local Preference (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ metric
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Metric (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ metric_type
+ | std.enum.TagOrString
+ | [| 'type2, 'type1 |]
+ | doc m%"
+ Metric Type (String)
+ - Allowed values: type1, type2
+ "%
+ | optional,
+ next_hop
+ | String
+ | doc m%"
+ Next Hop (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ omp_tag
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Omp Tag (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ origin
+ | std.enum.TagOrString
+ | [| 'incomplete, 'igp, 'egp |]
+ | doc m%"
+ Origin (String)
+ - Allowed values: egp, igp, incomplete
+ "%
+ | optional,
+ originator
+ | String
+ | doc m%"
+ Originator (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ ospf_tag
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ OSPF Tag (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ prepend_as_paths
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ )
+ | doc "Prepend AS Paths (List - Integer)"
+ | optional,
+ weight
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Weight (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ }
+ | doc m%"
+ Actions (Object)
+
+ Elements:
+ - aggregator
+ - aggregator_ip
+ - atomic_aggregate
+ - communities
+ - community_additive
+ - exclude_as_paths
+ - local_preference
+ - metric
+ - metric_type
+ - next_hop
+ - omp_tag
+ - origin
+ - originator
+ - ospf_tag
+ - prepend_as_paths
+ - weight
+ "%
+ | optional,
+ base_action
+ | std.enum.TagOrString
+ | [| 'reject, 'accept |]
+ | doc m%"
+ Base Action (String)
+ - Allowed values: accept, reject
+ "%,
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65534,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 65534
+ "%,
+ ip_type
+ | std.enum.TagOrString
+ | [| 'both, 'ipv6, 'ipv4 |]
+ | doc m%"
+ IP Type (String)
+ - Allowed values: ipv4, ipv6, both
+ "%,
+ match_criterias
+ | {
+ as_path_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "AS Path List (String)"
+ | optional,
+ bgp_local_preference
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ BGP Local Preference (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ expanded_community_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Expanded Community List (String)"
+ | optional,
+ extended_community_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Extended Community List (String)"
+ | optional,
+ metric
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Metric (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ next_hop_prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Next Hop Prefix List (String)"
+ | optional,
+ omp_tag
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ Omp Tag (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ origin
+ | std.enum.TagOrString
+ | [| 'incomplete, 'igp, 'egp |]
+ | doc m%"
+ Origin (String)
+ - Allowed values: egp, igp, incomplete
+ "%
+ | optional,
+ ospf_tag
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ])
+ | doc m%"
+ OSPF Tag (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ peer
+ | String
+ | doc m%"
+ Peer (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ prefix_list
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Prefix List (String)"
+ | optional,
+ standard_community_lists
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "Standard Community Lists (List - String)"
+ | optional,
+ standard_community_lists_criteria
+ | std.enum.TagOrString
+ | [| 'exact, 'and, 'or |]
+ | doc m%"
+ Standard Community Lists Criteria (String)
+ - Allowed values: or, and, exact
+ "%
+ | optional,
+ }
+ | doc m%"
+ Match Criterias (Object)
+
+ Elements:
+ - as_path_list
+ - bgp_local_preference
+ - expanded_community_list
+ - extended_community_list
+ - metric
+ - next_hop_prefix_list
+ - omp_tag
+ - origin
+ - ospf_tag
+ - peer
+ - prefix_list
+ - standard_community_lists
+ - standard_community_lists_criteria
+ "%
+ | optional,
+ name | String | doc "Name (String)" | optional,
+ }
+ | doc m%"
+ Sequences (List - Object)
+
+ Elements:
+ - id (required)
+ - name
+ - ip_type (required)
+ - base_action (required)
+ - match_criterias
+ - actions
+ "%
+ | optional,
+ }
+ | doc m%"
+ Route Policies (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - default_action (required)
+ - sequences
+ "%
+ | optional,
+ }
+ | doc m%"
+ Definitions (Object)
+
+ Elements:
+ - ipv4_access_control_lists
+ - ipv4_device_access_policies
+ - ipv6_access_control_lists
+ - ipv6_device_access_policies
+ - rewrite_rules
+ - route_policies
+ - qos_maps
+ "%
+ | optional,
+ feature_policies
+ | Array
+ {
+ definitions
+ | {
+ ipv4_access_control_lists
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "Ipv4 Access Control Lists (List - String)"
+ | optional,
+ ipv4_device_access_policies
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "Ipv4 Device Access Policies (List - String)"
+ | optional,
+ ipv6_access_control_lists
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "IPv6 Access Control Lists (List - String)"
+ | optional,
+ ipv6_device_access_policies
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "IPv6 Device Access Policies (List - String)"
+ | optional,
+ qos_maps
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "QoS Maps (List - String)"
+ | optional,
+ rewrite_rules
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "Rewrite Rules (List - String)"
+ | optional,
+ route_policies
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ )
+ | doc "Route Policies (List - String)"
+ | optional,
+ }
+ | doc m%"
+ Definitions (Object)
+
+ Elements:
+ - ipv4_access_control_lists
+ - ipv4_device_access_policies
+ - ipv6_access_control_lists
+ - ipv6_device_access_policies
+ - rewrite_rules
+ - route_policies
+ - qos_maps
+ "%
+ | optional,
+ description | String | doc "Description (String)",
+ implicit_acl_logging
+ | Bool
+ | doc "Implicit ACL Logging (Boolean)"
+ | optional,
+ ipv4_application_visibility
+ | Bool
+ | doc "Ipv4 Application Visibility (Boolean)"
+ | optional,
+ ipv4_flow_visibility
+ | Bool
+ | doc "Ipv4 Flow Visibility (Boolean)"
+ | optional,
+ ipv4_visibility_cache_entries
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 2000000,
+ _js2n__-prdslib.numbers.minimum 16
+ ])
+ | doc m%"
+ Ipv4 Visibility Cache Entries (Integer)
+ - Minimum value: 16
+ - Maximum value: 2000000
+ "%
+ | optional,
+ ipv6_application_visibility
+ | Bool
+ | doc "IPv6 Application Visibility (Boolean)"
+ | optional,
+ ipv6_flow_visibility
+ | Bool
+ | doc "IPv6 Flow Visibility (Boolean)"
+ | optional,
+ ipv6_visibility_cache_entries
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 2000000,
+ _js2n__-prdslib.numbers.minimum 16
+ ])
+ | doc m%"
+ IPv6 Visibility Cache Entries (Integer)
+ - Minimum value: 16
+ - Maximum value: 2000000
+ "%
+ | optional,
+ log_frequency
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 2147483647,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Log Frequency (Integer)
+ - Minimum value: 1
+ - Maximum value: 2147483647
+ "%
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Feature Policies (List - Object)
+
+ Elements:
+ - name (required)
+ - description (required)
+ - definitions
+ - implicit_acl_logging
+ - ipv4_application_visibility
+ - ipv4_flow_visibility
+ - ipv4_visibility_cache_entries
+ - ipv6_application_visibility
+ - ipv6_flow_visibility
+ - ipv6_visibility_cache_entries
+ - log_frequency
+ "%
+ | optional,
+ }
+ | doc m%"
+ Localized Policies (Object)
+
+ Elements:
+ - definitions
+ - feature_policies
+ "%
+ | optional,
+ multi_region_fabric
+ | { enabled | Bool | doc "Enabled (Boolean)", }
+ | doc m%"
+ Multi Region Fabric (Object)
+
+ Elements:
+ - enabled (required)
+ "%
+ | optional,
+ policy_objects
+ | {
+ app_probe_classes
+ | Array
+ {
+ forwarding_class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^<>!&$@\\\\/\"() ]{1,128}$"
+ ])
+ | doc "Forwarding Class (String)",
+ mappings
+ | Array
+ {
+ color
+ | std.enum.TagOrString
+ | [|
+ 'private6,
+ 'private5,
+ 'private4,
+ 'private3,
+ 'private2,
+ 'private1,
+ 'custom3,
+ 'custom2,
+ 'custom1,
+ 'bronze,
+ 'silver,
+ 'gold,
+ 'blue,
+ 'green,
+ 'red,
+ '"3g",
+ 'lte,
+ 'public-internet,
+ 'biz-internet,
+ 'metro-ethernet,
+ 'mpls,
+ '"default"
+ |]
+ | doc m%"
+ Color (String)
+ - Allowed values: default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6
+ "%,
+ dscp
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ | doc m%"
+ DSCP (Integer)
+ - Maximum value: 63
+ "%,
+ }
+ | doc m%"
+ Mappings (List - Object)
+
+ Elements:
+ - color (required)
+ - dscp (required)
+ "%,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ App Probe Classes (List - Object)
+
+ Elements:
+ - name (required)
+ - forwarding_class (required)
+ - mappings (required)
+ "%
+ | optional,
+ application_lists
+ | Array
+ {
+ application_families
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "application-service",
+ "audio-video",
+ "authentication",
+ "behavioral",
+ "database",
+ "encrypted",
+ "erp",
+ "file-server",
+ "file-transfer",
+ "forum",
+ "game",
+ "instant-messaging",
+ "mail",
+ "microsoft-office",
+ "middleware",
+ "network-management",
+ "network-service",
+ "peer-to-peer",
+ "printer",
+ "routing",
+ "security-service",
+ "terminal",
+ "thin-client",
+ "tunneling",
+ "web",
+ "webmail"
+ ]
+ ])
+ ])
+ | doc "Application Families (List - String)"
+ | optional,
+ applications
+ | Array (String)
+ | doc "Applications (List - String)"
+ | optional,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Application Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - applications
+ - application_families
+ "%
+ | optional,
+ as_path_lists
+ | Array
+ {
+ as_paths | Array (String) | doc "AS Paths (List - String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ AS Path Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - as_paths (required)
+ "%
+ | optional,
+ class_maps
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ queue
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 7
+ ])
+ | doc m%"
+ Queue (Integer)
+ - Maximum value: 7
+ "%,
+ }
+ | doc m%"
+ Class Maps (List - Object)
+
+ Elements:
+ - name (required)
+ - queue (required)
+ "%
+ | optional,
+ color_lists
+ | Array
+ {
+ colors
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "default",
+ "mpls",
+ "metro-ethernet",
+ "biz-internet",
+ "public-internet",
+ "lte",
+ "3g",
+ "red",
+ "green",
+ "blue",
+ "gold",
+ "silver",
+ "bronze",
+ "custom1",
+ "custom2",
+ "custom3",
+ "private1",
+ "private2",
+ "private3",
+ "private4",
+ "private5",
+ "private6"
+ ]
+ ])
+ ])
+ | doc "Colors (List - String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Color Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - colors (required)
+ "%
+ | optional,
+ expanded_community_lists
+ | Array
+ {
+ expanded_communities
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[0-9]{1,5}(:)[0-9]{1,5}$"
+ ])
+ )
+ | doc "Expanded Communities (List - String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Expanded Community Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - expanded_communities (required)
+ "%
+ | optional,
+ extended_community_lists
+ | Array
+ {
+ extended_communities
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern "(soo|rt).*$"
+ ])
+ )
+ | doc "Extended Communities (List - String)",
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Extended Community Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - extended_communities (required)
+ "%
+ | optional,
+ ipv4_data_prefix_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ prefixes | Array (String) | doc "Prefixes (List - String)",
+ }
+ | doc m%"
+ Ipv4 Data Prefix Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - prefixes (required)
+ "%
+ | optional,
+ ipv4_prefix_lists
+ | Array
+ {
+ entries
+ | Array
+ {
+ ge
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 32
+ ])
+ | doc m%"
+ Ge (Integer)
+ - Maximum value: 32
+ "%
+ | optional,
+ le
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 32
+ ])
+ | doc m%"
+ Le (Integer)
+ - Maximum value: 32
+ "%
+ | optional,
+ prefix
+ | String
+ | doc m%"
+ Prefix (String)
+ - IPv4 or IPv6 address
+ "%,
+ }
+ | doc m%"
+ Entries (List - Object)
+
+ Elements:
+ - prefix (required)
+ - le
+ - ge
+ "%,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Ipv4 Prefix Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - entries (required)
+ "%
+ | optional,
+ ipv6_data_prefix_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ prefixes | Array (String) | doc "Prefixes (List - String)",
+ }
+ | doc m%"
+ IPv6 Data Prefix Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - prefixes (required)
+ "%
+ | optional,
+ ipv6_prefix_lists
+ | Array
+ {
+ entries
+ | Array
+ {
+ ge
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 128
+ ])
+ | doc m%"
+ Ge (Integer)
+ - Maximum value: 128
+ "%
+ | optional,
+ le
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 128
+ ])
+ | doc m%"
+ Le (Integer)
+ - Maximum value: 128
+ "%
+ | optional,
+ prefix
+ | String
+ | doc m%"
+ Prefix (String)
+ - IPv4 or IPv6 address
+ "%,
+ }
+ | doc m%"
+ Entries (List - Object)
+
+ Elements:
+ - prefix (required)
+ - le
+ - ge
+ "%,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ IPv6 Prefix Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - entries (required)
+ "%
+ | optional,
+ mirror_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ remote_destination_ip
+ | String
+ | doc m%"
+ Remote Destination IP (String)
+ - IPv4 or IPv6 address
+ "%,
+ source_ip
+ | String
+ | doc m%"
+ Source IP (String)
+ - IPv4 or IPv6 address
+ "%,
+ }
+ | doc m%"
+ Mirror Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - remote_destination_ip (required)
+ - source_ip (required)
+ "%
+ | optional,
+ policers
+ | Array
+ {
+ burst_bytes
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 10000000,
+ _js2n__-prdslib.numbers.minimum 15000
+ ])
+ | doc m%"
+ Burst Bytes (Integer)
+ - Minimum value: 15000
+ - Maximum value: 10000000
+ "%,
+ exceed_action
+ | std.enum.TagOrString
+ | [| 'remark, 'drop |]
+ | doc m%"
+ Exceed Action (String)
+ - Allowed values: drop, remark
+ "%,
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ rate_bps
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 100000000000,
+ _js2n__-prdslib.numbers.minimum 8
+ ])
+ | doc m%"
+ Rate Bps (Integer)
+ - Minimum value: 8
+ - Maximum value: 100000000000
+ "%,
+ }
+ | doc m%"
+ Policers (List - Object)
+
+ Elements:
+ - name (required)
+ - burst_bytes (required)
+ - exceed_action (required)
+ - rate_bps (required)
+ "%
+ | optional,
+ preferred_color_groups
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ primary_colors
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "default",
+ "mpls",
+ "metro-ethernet",
+ "biz-internet",
+ "public-internet",
+ "lte",
+ "3g",
+ "red",
+ "green",
+ "blue",
+ "gold",
+ "silver",
+ "bronze",
+ "custom1",
+ "custom2",
+ "custom3",
+ "private1",
+ "private2",
+ "private3",
+ "private4",
+ "private5",
+ "private6"
+ ]
+ ])
+ ])
+ | doc "Primary Colors (List - String)",
+ primary_path
+ | std.enum.TagOrString
+ | [| 'all-paths, 'multi-hop-path, 'direct-path |]
+ | doc m%"
+ Primary Path (String)
+ - Allowed values: direct-path, multi-hop-path, all-paths
+ "%
+ | optional,
+ secondary_colors
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "default",
+ "mpls",
+ "metro-ethernet",
+ "biz-internet",
+ "public-internet",
+ "lte",
+ "3g",
+ "red",
+ "green",
+ "blue",
+ "gold",
+ "silver",
+ "bronze",
+ "custom1",
+ "custom2",
+ "custom3",
+ "private1",
+ "private2",
+ "private3",
+ "private4",
+ "private5",
+ "private6"
+ ]
+ ])
+ ])
+ | doc "Secondary Colors (List - String)"
+ | optional,
+ secondary_path
+ | std.enum.TagOrString
+ | [| 'all-paths, 'multi-hop-path, 'direct-path |]
+ | doc m%"
+ Secondary Path (String)
+ - Allowed values: direct-path, multi-hop-path, all-paths
+ "%
+ | optional,
+ tertiary_colors
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "default",
+ "mpls",
+ "metro-ethernet",
+ "biz-internet",
+ "public-internet",
+ "lte",
+ "3g",
+ "red",
+ "green",
+ "blue",
+ "gold",
+ "silver",
+ "bronze",
+ "custom1",
+ "custom2",
+ "custom3",
+ "private1",
+ "private2",
+ "private3",
+ "private4",
+ "private5",
+ "private6"
+ ]
+ ])
+ ])
+ | doc "Tertiary Colors (List - String)"
+ | optional,
+ tertiary_path
+ | std.enum.TagOrString
+ | [| 'all-paths, 'multi-hop-path, 'direct-path |]
+ | doc m%"
+ Tertiary Path (String)
+ - Allowed values: direct-path, multi-hop-path, all-paths
+ "%
+ | optional,
+ }
| doc m%"
- Definitions (Object)
+ Preferred Color Groups (List - Object)
Elements:
- - ipv4_access_control_lists
- - ipv4_device_access_policies
- - ipv6_access_control_lists
- - ipv6_device_access_policies
- - rewrite_rules
- - route_policies
- - qos_maps
+ - name (required)
+ - primary_colors (required)
+ - primary_path
+ - secondary_colors
+ - secondary_path
+ - tertiary_colors
+ - tertiary_path
"%
| optional,
- feature_policies
+ region_lists
| Array
{
- definitions
- | {
- ipv4_access_control_lists
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- )
- | doc "Ipv4 Access Control Lists (List - String)"
- | optional,
- ipv4_device_access_policies
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- )
- | doc "Ipv4 Device Access Policies (List - String)"
- | optional,
- ipv6_access_control_lists
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- )
- | doc "IPv6 Access Control Lists (List - String)"
- | optional,
- ipv6_device_access_policies
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ region_id_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
])
- )
- | doc "IPv6 Device Access Policies (List - String)"
- | optional,
- qos_maps
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ | doc m%"
+ From (Integer)
+ - Maximum value: 63
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
])
- )
- | doc "QoS Maps (List - String)"
- | optional,
- rewrite_rules
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ | doc m%"
+ To (Integer)
+ - Maximum value: 63
+ "%,
+ }
+ | doc m%"
+ Region ID Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ region_ids
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 63
+ ])
+ )
+ | doc "Region Ids (List - Integer)"
+ | optional,
+ }
+ | doc m%"
+ Region Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - region_ids
+ - region_id_ranges
+ "%
+ | optional,
+ site_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ site_id_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
])
- )
- | doc "Rewrite Rules (List - String)"
- | optional,
- route_policies
- | Array (
- _js2n__-prdslib.contract_from_predicate
+ | doc m%"
+ From (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%,
+ to
+ | _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
])
- )
- | doc "Route Policies (List - String)"
- | optional,
- }
+ | doc m%"
+ To (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%,
+ }
+ | doc m%"
+ Site ID Ranges (List - Object)
+
+ Elements:
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ site_ids
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ )
+ | doc "Site Ids (List - Integer)"
+ | optional,
+ }
+ | doc m%"
+ Site Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - site_ids
+ - site_id_ranges
+ "%
+ | optional,
+ sla_classes
+ | Array
+ {
+ app_probe_class
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^<>!&$@\\\\/\"() ]{1,128}$"
+ ])
+ | doc "App Probe Class (String)"
+ | optional,
+ fallback_best_tunnel_criteria
+ | std.enum.TagOrString
+ | [|
+ 'jitter-loss-latency,
+ 'jitter-latency-loss,
+ 'latency-jitter-loss,
+ 'latency-loss-jitter,
+ 'loss-jitter-latency,
+ 'loss-latency-jitter,
+ 'jitter-loss,
+ 'jitter-latency,
+ 'latency-jitter,
+ 'latency-loss,
+ 'loss-jitter,
+ 'loss-latency,
+ 'jitter,
+ 'latency,
+ 'loss
+ |]
| doc m%"
- Definitions (Object)
-
- Elements:
- - ipv4_access_control_lists
- - ipv4_device_access_policies
- - ipv6_access_control_lists
- - ipv6_device_access_policies
- - rewrite_rules
- - route_policies
- - qos_maps
+ Fallback Best Tunnel Criteria (String)
+ - Allowed values: loss, latency, jitter, loss-latency, loss-jitter, latency-loss, latency-jitter, jitter-latency, jitter-loss, loss-latency-jitter, loss-jitter-latency, latency-loss-jitter, latency-jitter-loss, jitter-latency-loss, jitter-loss-latency
"%
| optional,
- description | String | doc "Description (String)",
- implicit_acl_logging
- | Bool
- | doc "Implicit ACL Logging (Boolean)"
- | optional,
- ipv4_application_visibility
- | Bool
- | doc "Ipv4 Application Visibility (Boolean)"
- | optional,
- ipv4_flow_visibility
- | Bool
- | doc "Ipv4 Flow Visibility (Boolean)"
+ fallback_best_tunnel_jitter
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1000,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Fallback Best Tunnel Jitter (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
+ "%
| optional,
- ipv4_visibility_cache_entries
+ fallback_best_tunnel_latency
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 2000000,
- _js2n__-prdslib.numbers.minimum 16
+ _js2n__-prdslib.numbers.maximum 1000,
+ _js2n__-prdslib.numbers.minimum 1
])
| doc m%"
- Ipv4 Visibility Cache Entries (Integer)
- - Minimum value: 16
- - Maximum value: 2000000
+ Fallback Best Tunnel Latency (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
"%
| optional,
- ipv6_application_visibility
- | Bool
- | doc "IPv6 Application Visibility (Boolean)"
+ fallback_best_tunnel_loss
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 100,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Fallback Best Tunnel Loss (Integer)
+ - Minimum value: 1
+ - Maximum value: 100
+ "%
| optional,
- ipv6_flow_visibility
- | Bool
- | doc "IPv6 Flow Visibility (Boolean)"
+ jitter_ms
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1000,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Jitter MS (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
+ "%
| optional,
- ipv6_visibility_cache_entries
+ latency_ms
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 2000000,
- _js2n__-prdslib.numbers.minimum 16
+ _js2n__-prdslib.numbers.maximum 1000,
+ _js2n__-prdslib.numbers.minimum 1
])
| doc m%"
- IPv6 Visibility Cache Entries (Integer)
- - Minimum value: 16
- - Maximum value: 2000000
+ Latency MS (Integer)
+ - Minimum value: 1
+ - Maximum value: 1000
"%
| optional,
- log_frequency
+ loss_percentage
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 2147483647,
+ _js2n__-prdslib.numbers.maximum 100,
_js2n__-prdslib.numbers.minimum 1
])
| doc m%"
- Log Frequency (Integer)
+ Loss Percentage (Integer)
- Minimum value: 1
- - Maximum value: 2147483647
+ - Maximum value: 100
"%
| optional,
name
@@ -66843,55 +70383,65 @@ let rec _js2n__-refsenv
| doc "Name (String)",
}
| doc m%"
- Feature Policies (List - Object)
+ Sla Classes (List - Object)
Elements:
- name (required)
- - description (required)
- - definitions
- - implicit_acl_logging
- - ipv4_application_visibility
- - ipv4_flow_visibility
- - ipv4_visibility_cache_entries
- - ipv6_application_visibility
- - ipv6_flow_visibility
- - ipv6_visibility_cache_entries
- - log_frequency
+ - jitter_ms
+ - latency_ms
+ - loss_percentage
+ - app_probe_class
+ - fallback_best_tunnel_criteria
+ - fallback_best_tunnel_jitter
+ - fallback_best_tunnel_latency
+ - fallback_best_tunnel_loss
"%
| optional,
- }
- | doc m%"
- Localized Policies (Object)
-
- Elements:
- - definitions
- - feature_policies
- "%
- | optional,
- multi_region_fabric
- | { enabled | Bool | doc "Enabled (Boolean)", }
- | doc m%"
- Multi Region Fabric (Object)
-
- Elements:
- - enabled (required)
- "%
- | optional,
- policy_objects
- | {
- app_probe_classes
+ standard_community_lists
| Array
{
- forwarding_class
+ name
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[^<>!&$@\\\\/\"() ]{1,128}$"
+ "^[A-Za-z0-9-_]{1,128}$"
])
- | doc "Forwarding Class (String)",
- mappings
+ | doc "Name (String)",
+ standard_communities
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[0-9]{1,5}(:)[0-9]{1,5}$"
+ ])
+ )
+ | doc "Standard Communities (List - String)",
+ }
+ | doc m%"
+ Standard Community Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - standard_communities (required)
+ "%
+ | optional,
+ tloc_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ tlocs
| Array
{
color
@@ -66921,150 +70471,436 @@ let rec _js2n__-refsenv
'"default"
|]
| doc m%"
- Color (String)
- - Allowed values: default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6
+ Color (String)
+ - Allowed values: default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6
+ "%,
+ encapsulation
+ | std.enum.TagOrString
+ | [| 'gre, 'ipsec |]
+ | doc m%"
+ Encapsulation (String)
+ - Allowed values: ipsec, gre
+ "%,
+ preference
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295
+ ])
+ | doc m%"
+ Preference (Integer)
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ tloc_ip
+ | String
+ | doc m%"
+ Tloc IP (String)
+ - IPv4 or IPv6 address
+ "%,
+ }
+ | doc m%"
+ Tlocs (List - Object)
+
+ Elements:
+ - color (required)
+ - encapsulation (required)
+ - tloc_ip (required)
+ - preference
+ "%,
+ }
+ | doc m%"
+ Tloc Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - tlocs (required)
+ "%
+ | optional,
+ vpn_lists
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[A-Za-z0-9-_]{1,128}$"
+ ])
+ | doc "Name (String)",
+ vpn_id_ranges
+ | Array
+ {
+ from
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ | doc m%"
+ From (Integer)
+ - Maximum value: 65530
"%,
- dscp
+ to
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
+ _js2n__-prdslib.numbers.maximum 65530
])
| doc m%"
- DSCP (Integer)
- - Maximum value: 63
+ To (Integer)
+ - Maximum value: 65530
"%,
}
| doc m%"
- Mappings (List - Object)
+ VPN ID Ranges (List - Object)
Elements:
- - color (required)
- - dscp (required)
- "%,
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
+ - from (required)
+ - to (required)
+ "%
+ | optional,
+ vpn_ids
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65530
+ ])
+ )
+ | doc "VPN Ids (List - Integer)"
+ | optional,
}
| doc m%"
- App Probe Classes (List - Object)
-
- Elements:
- - name (required)
- - forwarding_class (required)
- - mappings (required)
+ VPN Lists (List - Object)
+
+ Elements:
+ - name (required)
+ - vpn_ids
+ - vpn_id_ranges
+ "%
+ | optional,
+ }
+ | doc m%"
+ Policy Objects (Object)
+
+ Elements:
+ - app_probe_classes
+ - application_lists
+ - as_path_lists
+ - class_maps
+ - color_lists
+ - expanded_community_lists
+ - extended_community_lists
+ - ipv4_data_prefix_lists
+ - ipv4_prefix_lists
+ - ipv6_data_prefix_lists
+ - ipv6_prefix_lists
+ - mirror_lists
+ - policers
+ - preferred_color_groups
+ - region_lists
+ - site_lists
+ - sla_classes
+ - standard_community_lists
+ - tloc_lists
+ - vpn_lists
+ "%
+ | optional,
+ sites
+ | Array
+ {
+ id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%,
+ routers
+ | Array
+ {
+ chassis_id | String | doc "Chassis ID (String)",
+ device_template
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[^<>!&\" ]{1,128}$"
+ ])
+ | doc "Device Template (String)",
+ device_variables
+ | { .. }
+ | doc m%"
+ Device Variables (Object)
+ - Map (key-value pairs)
+ "%
+ | optional,
+ model
+ | std.enum.TagOrString
+ | [|
+ 'ISR1100X-6G-XE,
+ 'ISR1100X-4G-XE,
+ 'ISR1100-6G-XE,
+ 'ISR1100-4GLTENA-XE,
+ 'ISR1100-4GLTEGB-XE,
+ 'ISR1100-4G-XE,
+ 'ISR-4461,
+ 'ISR-4451-X,
+ 'ISR-4431,
+ 'ISR-4351,
+ 'ISR-4331,
+ 'ISR-4321,
+ 'ISR-4221X,
+ 'ISR-4221,
+ 'IR-8340,
+ 'IR-8140H-P,
+ 'IR-8140H,
+ 'IR-1835,
+ 'IR-1833,
+ 'IR-1831,
+ 'IR-1821,
+ 'IR-1101,
+ 'C8500L-8S4X,
+ 'C8500-20X6C,
+ 'C8500-12X4QC,
+ 'C8500-12X,
+ 'C8300-2N2S-6T,
+ 'C8300-2N2S-4T2X,
+ 'C8300-1N1S-6T,
+ 'C8300-1N1S-4T2X,
+ 'C8200L-1N-4T,
+ 'C8200-1N-4T,
+ 'C8000V,
+ 'C1161X-8PLTEP,
+ 'C1161X-8P,
+ 'C1161-8PLTEP,
+ 'C1161-8P,
+ 'C1131X-8PW,
+ 'C1131X-8PLTEPW,
+ 'C1131-8PW,
+ 'C1131-8PLTEPW,
+ 'C1128-8PLTEP,
+ 'C1127X-8PMLTEP,
+ 'C1127X-8PLTEP,
+ 'C1127-8PMLTEP,
+ 'C1127-8PLTEP,
+ 'C1126X-8PLTEP,
+ 'C1126-8PLTEP,
+ 'C1121X-8PLTEPW,
+ 'C1121X-8PLTEP,
+ 'C1121X-8P,
+ 'C1121-8PLTEPW,
+ 'C1121-8PLTEP,
+ 'C1121-8P,
+ 'C1121-4PLTEP,
+ 'C1121-4P,
+ 'C1118-8P,
+ 'C1117-4PW,
+ 'C1117-4PMWE,
+ 'C1117-4PMLTEEAWE,
+ 'C1117-4PMLTEEA,
+ 'C1117-4PM,
+ 'C1117-4PLTELAWZ,
+ 'C1117-4PLTELA,
+ 'C1117-4PLTEEAW,
+ 'C1117-4PLTEEA,
+ 'C1117-4P,
+ 'C1116-4PWE,
+ 'C1116-4PLTEEAWE,
+ 'C1116-4PLTEEA,
+ 'C1116-4P,
+ 'C1113-8PW,
+ 'C1113-8PMWE,
+ 'C1113-8PMLTEEA,
+ 'C1113-8PM,
+ 'C1113-8PLTEW,
+ 'C1113-8PLTELAWZ,
+ 'C1113-8PLTELA,
+ 'C1113-8PLTEEAW,
+ 'C1113-8PLTEEA,
+ 'C1113-8P,
+ 'C1112-8PWE,
+ 'C1112-8PLTEEAWE,
+ 'C1112-8PLTEEA,
+ 'C1112-8P,
+ 'C1111X-8P,
+ 'C1111-8PW,
+ 'C1111-8PLTELAW,
+ 'C1111-8PLTELA,
+ 'C1111-8PLTEEAW,
+ 'C1111-8PLTEEA,
+ 'C1111-8P,
+ 'C1111-4PW,
+ 'C1111-4PLTELA,
+ 'C1111-4PLTEEA,
+ 'C1111-4P,
+ 'C1109-4PLTE2PW,
+ 'C1109-4PLTE2P,
+ 'C1109-2PLTEVZ,
+ 'C1109-2PLTEUS,
+ 'C1109-2PLTEGB,
+ 'C1101-4PLTEPW,
+ 'C1101-4PLTEP,
+ 'C1101-4P,
+ 'ASR-1006-X,
+ 'ASR-1002-X,
+ 'ASR-1002-HX,
+ 'ASR-1001-X,
+ 'ASR-1001-HX
+ |]
+ | doc m%"
+ Model (String)
+ - Allowed values: ASR-1001-HX, ASR-1001-X, ASR-1002-HX, ASR-1002-X, ASR-1006-X, C1101-4P, C1101-4PLTEP, C1101-4PLTEPW, C1109-2PLTEGB, C1109-2PLTEUS, C1109-2PLTEVZ, C1109-4PLTE2P, C1109-4PLTE2PW, C1111-4P, C1111-4PLTEEA, C1111-4PLTELA, C1111-4PW, C1111-8P, C1111-8PLTEEA, C1111-8PLTEEAW, C1111-8PLTELA, C1111-8PLTELAW, C1111-8PW, C1111X-8P, C1112-8P, C1112-8PLTEEA, C1112-8PLTEEAWE, C1112-8PWE, C1113-8P, C1113-8PLTEEA, C1113-8PLTEEAW, C1113-8PLTELA, C1113-8PLTELAWZ, C1113-8PLTEW, C1113-8PM, C1113-8PMLTEEA, C1113-8PMWE, C1113-8PW, C1116-4P, C1116-4PLTEEA, C1116-4PLTEEAWE, C1116-4PWE, C1117-4P, C1117-4PLTEEA, C1117-4PLTEEAW, C1117-4PLTELA, C1117-4PLTELAWZ, C1117-4PM, C1117-4PMLTEEA, C1117-4PMLTEEAWE, C1117-4PMWE, C1117-4PW, C1118-8P, C1121-4P, C1121-4PLTEP, C1121-8P, C1121-8PLTEP, C1121-8PLTEPW, C1121X-8P, C1121X-8PLTEP, C1121X-8PLTEPW, C1126-8PLTEP, C1126X-8PLTEP, C1127-8PLTEP, C1127-8PMLTEP, C1127X-8PLTEP, C1127X-8PMLTEP, C1128-8PLTEP, C1131-8PLTEPW, C1131-8PW, C1131X-8PLTEPW, C1131X-8PW, C1161-8P, C1161-8PLTEP, C1161X-8P, C1161X-8PLTEP, C8000V, C8200-1N-4T, C8200L-1N-4T, C8300-1N1S-4T2X, C8300-1N1S-6T, C8300-2N2S-4T2X, C8300-2N2S-6T, C8500-12X, C8500-12X4QC, C8500-20X6C, C8500L-8S4X, IR-1101, IR-1821, IR-1831, IR-1833, IR-1835, IR-8140H, IR-8140H-P, IR-8340, ISR-4221, ISR-4221X, ISR-4321, ISR-4331, ISR-4351, ISR-4431, ISR-4451-X, ISR-4461, ISR1100-4G-XE, ISR1100-4GLTEGB-XE, ISR1100-4GLTENA-XE, ISR1100-6G-XE, ISR1100X-4G-XE, ISR1100X-6G-XE
+ "%,
+ }
+ | doc m%"
+ Routers (List - Object)
+
+ Elements:
+ - chassis_id (required)
+ - model (required)
+ - device_template (required)
+ - device_variables
+ "%,
+ }
+ | doc m%"
+ Sites (List - Object)
+
+ Elements:
+ - id (required)
+ - routers (required)
+ "%
+ | optional,
+ }
+ | doc m%"
+ Sdwan (Object)
+
+ Elements:
+ - edge_feature_templates
+ - policy_objects
+ - localized_policies
+ - edge_device_templates
+ - sites
+ - multi_region_fabric
+ - centralized_policies
+ - feature_profiles
+ "%
+ | optional,
+ vxlan
+ | {
+ global
+ | {
+ anycast_gateway_mac
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$"
+ ])
+ | doc m%"
+ Anycast Gateway MAC (String)
+ - Default value: 20:20:00:00:00:aa
+ - MAC address (XX:XX:XX:XX:XX:XX)
"%
| optional,
- application_lists
+ auth_proto
+ | std.enum.TagOrString
+ | [| 'SHA_AES, 'SHA_DES, 'MD5_AES, 'MD5_DES, 'SHA, 'MD5 |]
+ | doc m%"
+ Auth Proto (String)
+ - Default value: MD5
+ - Allowed values: MD5, SHA, MD5_DES, MD5_AES, SHA_DES, SHA_AES
+ "%
+ | optional,
+ bgp_asn
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ BGP Asn (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%,
+ dns_servers
| Array
{
- application_families
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [
- "application-service",
- "audio-video",
- "authentication",
- "behavioral",
- "database",
- "encrypted",
- "erp",
- "file-server",
- "file-transfer",
- "forum",
- "game",
- "instant-messaging",
- "mail",
- "microsoft-office",
- "middleware",
- "network-management",
- "network-service",
- "peer-to-peer",
- "printer",
- "routing",
- "security-service",
- "terminal",
- "thin-client",
- "tunneling",
- "web",
- "webmail"
- ]
- ])
- ])
- | doc "Application Families (List - String)"
- | optional,
- applications
- | Array (String)
- | doc "Applications (List - String)"
- | optional,
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
+ ip_address
+ | String
+ | doc m%"
+ IP Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ vrf | String | doc "VRF (String)" | optional,
}
| doc m%"
- Application Lists (List - Object)
+ DNS Servers (List - Object)
Elements:
- - name (required)
- - applications
- - application_families
+ - ip_address (required)
+ - vrf
"%
| optional,
- as_path_lists
+ name | String | doc "Name (String)",
+ ntp_servers
| Array
{
- as_paths | Array (String) | doc "AS Paths (List - String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
+ ip_address
+ | String
+ | doc m%"
+ IP Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ vrf | String | doc "VRF (String)" | optional,
}
| doc m%"
- AS Path Lists (List - Object)
+ NTP Servers (List - Object)
Elements:
- - name (required)
- - as_paths (required)
+ - ip_address (required)
+ - vrf
"%
| optional,
- class_maps
+ route_reflectors
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Route Reflectors (Integer)
+ - Default value: 2
+ - Minimum value: 1
+ "%
+ | optional,
+ syslog_servers
| Array
{
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- queue
+ ip_address
+ | String
+ | doc m%"
+ IP Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ severity
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
@@ -67072,781 +70908,1930 @@ let rec _js2n__-refsenv
_js2n__-prdslib.numbers.maximum 7
])
| doc m%"
- Queue (Integer)
+ Severity (Integer)
- Maximum value: 7
- "%,
+ "%
+ | optional,
+ vrf | String | doc "VRF (String)" | optional,
}
| doc m%"
- Class Maps (List - Object)
+ Syslog Servers (List - Object)
Elements:
- - name (required)
- - queue (required)
+ - ip_address (required)
+ - vrf
+ - severity
"%
| optional,
- color_lists
- | Array
- {
- colors
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [
- "default",
- "mpls",
- "metro-ethernet",
- "biz-internet",
- "public-internet",
- "lte",
- "3g",
- "red",
- "green",
- "blue",
- "gold",
- "silver",
- "bronze",
- "custom1",
- "custom2",
- "custom3",
- "private1",
- "private2",
- "private3",
- "private4",
- "private5",
- "private6"
- ]
- ])
- ])
- | doc "Colors (List - String)",
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- }
+ vpc
+ | {
+ advertise_pip
+ | Bool
+ | doc m%"
+ Advertise Pip (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ advertise_pip_border_only
+ | Bool
+ | doc m%"
+ Advertise Pip Border Only (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ auto_recovery_time
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 3600,
+ _js2n__-prdslib.numbers.minimum 240
+ ])
+ | doc m%"
+ Auto Recovery Time (Integer)
+ - Default value: 360
+ - Minimum value: 240
+ - Maximum value: 3600
+ "%
+ | optional,
+ delay_restore_time
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 3600,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Delay Restore Time (Integer)
+ - Default value: 150
+ - Minimum value: 1
+ - Maximum value: 3600
+ "%
+ | optional,
+ domain_id_range
+ | String
+ | doc m%"
+ Domain ID Range (String)
+ - Default value: 1-1000
+ "%
+ | optional,
+ peer_keep_alive
+ | std.enum.TagOrString
+ | [| 'management, 'loopback |]
+ | doc m%"
+ Peer Keep Alive (String)
+ - Default value: management
+ - Allowed values: loopback, management
+ "%
+ | optional,
+ peer_link_port_channel_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4096,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Peer Link Port Channel ID (Integer)
+ - Default value: 500
+ - Minimum value: 1
+ - Maximum value: 4096
+ "%
+ | optional,
+ peer_link_vlan
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4094,
+ _js2n__-prdslib.numbers.minimum 2
+ ])
+ | doc m%"
+ Peer Link Vlan (Integer)
+ - Default value: 3600
+ - Minimum value: 2
+ - Maximum value: 4094
+ "%
+ | optional,
+ }
| doc m%"
- Color Lists (List - Object)
+ vPC (Object)
Elements:
- - name (required)
- - colors (required)
+ - peer_link_vlan
+ - peer_keep_alive
+ - auto_recovery_time
+ - delay_restore_time
+ - peer_link_port_channel_id
+ - advertise_pip
+ - advertise_pip_border_only
+ - domain_id_range
"%
| optional,
- expanded_community_lists
+ }
+ | doc m%"
+ Global (Object)
+
+ Elements:
+ - name (required)
+ - bgp_asn (required)
+ - route_reflectors
+ - anycast_gateway_mac
+ - vpc
+ - auth_proto
+ - dns_servers
+ - ntp_servers
+ - syslog_servers
+ "%
+ | optional,
+ overlay_extensions
+ | {
+ vrf_lites
| Array
{
- expanded_communities
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[0-9]{1,5}(:)[0-9]{1,5}$"
- ])
- )
- | doc "Expanded Communities (List - String)",
- name
+ dot1q
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4094,
+ _js2n__-prdslib.numbers.minimum 1
])
- | doc "Name (String)",
- }
- | doc m%"
- Expanded Community Lists (List - Object)
-
- Elements:
- - name (required)
- - expanded_communities (required)
- "%
- | optional,
- extended_community_lists
- | Array
- {
- extended_communities
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern "(soo|rt).*$"
- ])
- )
- | doc "Extended Communities (List - String)",
- name
+ | doc m%"
+ Dot1Q (Integer)
+ - Minimum value: 1
+ - Maximum value: 4094
+ "%,
+ interface
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
])
- | doc "Name (String)",
+ | doc "Interface (String)",
+ neighbor_ipv4
+ | String
+ | doc m%"
+ Neighbor Ipv4 (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ neighbor_ipv6
+ | String
+ | doc m%"
+ Neighbor IPv6 (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ remote_asn
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Remote Asn (Integer)
+ - Minimum value: 1
+ - Maximum value: 4294967295
+ "%,
+ vrf_name | String | doc "VRF Name (String)",
}
| doc m%"
- Extended Community Lists (List - Object)
+ VRF Lites (List - Object)
Elements:
- - name (required)
- - extended_communities (required)
+ - interface (required)
+ - vrf_name (required)
+ - dot1q (required)
+ - remote_asn (required)
+ - neighbor_ipv4
+ - neighbor_ipv6
"%
| optional,
- ipv4_data_prefix_lists
+ }
+ | doc m%"
+ Overlay Extensions (Object)
+
+ Elements:
+ - vrf_lites
+ "%
+ | optional,
+ overlay_services
+ | {
+ network_attach_groups
| Array
{
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- prefixes | Array (String) | doc "Prefixes (List - String)",
+ name | String | doc "Name (String)",
+ switches
+ | Array
+ {
+ hostname | String | doc "Hostname (String)",
+ ports
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(po|port-channel)([1-9]|[1-9][0-9]{1,3}|[1-3][0-9]{3}|40([0-8][0-9]|9[0-6]))$"
+ ]
+ ])
+ )
+ | doc "Ports (List - String)"
+ | optional,
+ }
+ | doc m%"
+ Switches (List - Object)
+
+ Elements:
+ - hostname (required)
+ - ports
+ "%
+ | optional,
}
| doc m%"
- Ipv4 Data Prefix Lists (List - Object)
+ Network Attach Groups (List - Object)
Elements:
- name (required)
- - prefixes (required)
+ - switches
"%
| optional,
- ipv4_prefix_lists
+ networks
| Array
{
- entries
+ arp_suppress
+ | Bool
+ | doc "ARP Suppress (Boolean)"
+ | optional,
+ attach_group
+ | String
+ | doc "Attach Group (String)"
+ | optional,
+ dhcp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ DHCP Loopback ID (Integer)
+ - Maximum value: 1023
+ "%
+ | optional,
+ dhcp_servers
| Array
{
- ge
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 32
- ])
- | doc m%"
- Ge (Integer)
- - Maximum value: 32
- "%
- | optional,
- le
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 32
- ])
- | doc m%"
- Le (Integer)
- - Maximum value: 32
- "%
- | optional,
- prefix
+ ip_address
| String
| doc m%"
- Prefix (String)
+ IP Address (String)
- IPv4 or IPv6 address
"%,
+ vrf | String | doc "VRF (String)",
}
| doc m%"
- Entries (List - Object)
+ DHCP Servers (List - Object)
Elements:
- - prefix (required)
- - le
- - ge
- "%,
- name
+ - ip_address (required)
+ - vrf (required)
+ "%
+ | optional,
+ gw_ip_address
+ | String
+ | doc m%"
+ Gw IP Address (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ gw_ipv6_address
+ | String
+ | doc "Gw IPv6 Address (String)"
+ | optional,
+ int_desc | String | doc "Int Desc (String)" | optional,
+ is_l2_only
+ | Bool
+ | doc m%"
+ Is L2 Only (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ l3gw_on_border
+ | Bool
+ | doc m%"
+ L3Gw On Border (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ mtu_l3intf
+ | std.number.Integer
+ | doc m%"
+ MTU L3Intf (Integer)
+ - Default value: 9216
+ "%
+ | optional,
+ multicast_group_address
+ | String
+ | doc m%"
+ Multicast Group Address (String)
+ - Default value: 239.1.1.1
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ name | String | doc "Name (String)",
+ net_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1677215,
+ _js2n__-prdslib.numbers.minimum 4096
])
- | doc "Name (String)",
- }
- | doc m%"
- Ipv4 Prefix Lists (List - Object)
-
- Elements:
- - name (required)
- - entries (required)
- "%
- | optional,
- ipv6_data_prefix_lists
- | Array
- {
- name
+ | doc m%"
+ Net ID (Integer)
+ - Minimum value: 4096
+ - Maximum value: 1677215
+ "%
+ | optional,
+ netflow_enable
+ | Bool
+ | doc m%"
+ Netflow Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ route_tag
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295
])
- | doc "Name (String)",
- prefixes | Array (String) | doc "Prefixes (List - String)",
- }
- | doc m%"
- IPv6 Data Prefix Lists (List - Object)
-
- Elements:
- - name (required)
- - prefixes (required)
- "%
- | optional,
- ipv6_prefix_lists
- | Array
- {
- entries
+ | doc m%"
+ Route Tag (Integer)
+ - Default value: 12345
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ route_target_both
+ | Bool
+ | doc m%"
+ Route Target Both (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ secondary_ip_addresses
| Array
{
- ge
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 128
- ])
+ ip_address
+ | String
| doc m%"
- Ge (Integer)
- - Maximum value: 128
- "%
- | optional,
- le
+ IP Address (String)
+ - IPv4 or IPv6 address
+ "%,
+ route_tag
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 128
+ _js2n__-prdslib.numbers.maximum 4294967295
])
| doc m%"
- Le (Integer)
- - Maximum value: 128
+ Route Tag (Integer)
+ - Maximum value: 4294967295
"%
| optional,
- prefix
- | String
- | doc m%"
- Prefix (String)
- - IPv4 or IPv6 address
- "%,
}
| doc m%"
- Entries (List - Object)
+ Secondary IP Addresses (List - Object)
Elements:
- - prefix (required)
- - le
- - ge
- "%,
- name
+ - ip_address (required)
+ - route_tag
+ "%
+ | optional,
+ trm_enable
+ | Bool
+ | doc m%"
+ Trm Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ vlan_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4094,
+ _js2n__-prdslib.numbers.minimum 1
])
- | doc "Name (String)",
+ | doc m%"
+ Vlan ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 4094
+ "%
+ | optional,
+ vlan_name | String | doc "Vlan Name (String)" | optional,
+ vlan_netflow_monitor
+ | String
+ | doc "Vlan Netflow Monitor (String)"
+ | optional,
+ vrf_name | String | doc "VRF Name (String)" | optional,
}
| doc m%"
- IPv6 Prefix Lists (List - Object)
+ Networks (List - Object)
Elements:
- name (required)
- - entries (required)
+ - is_l2_only
+ - vrf_name
+ - net_id
+ - vlan_id
+ - vlan_name
+ - gw_ip_address
+ - arp_suppress
+ - dhcp_loopback_id
+ - dhcp_servers
+ - gw_ipv6_address
+ - int_desc
+ - l3gw_on_border
+ - mtu_l3intf
+ - multicast_group_address
+ - netflow_enable
+ - route_target_both
+ - route_tag
+ - secondary_ip_addresses
+ - trm_enable
+ - vlan_netflow_monitor
+ - attach_group
"%
| optional,
- mirror_lists
+ vrf_attach_groups
| Array
{
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- remote_destination_ip
- | String
- | doc m%"
- Remote Destination IP (String)
- - IPv4 or IPv6 address
- "%,
- source_ip
- | String
+ name | String | doc "Name (String)",
+ switches
+ | Array { hostname | String | doc "Hostname (String)", }
| doc m%"
- Source IP (String)
- - IPv4 or IPv6 address
- "%,
+ Switches (List - Object)
+
+ Elements:
+ - hostname (required)
+ "%
+ | optional,
}
| doc m%"
- Mirror Lists (List - Object)
+ VRF Attach Groups (List - Object)
Elements:
- name (required)
- - remote_destination_ip (required)
- - source_ip (required)
+ - switches
"%
| optional,
- policers
+ vrfs
| Array
{
- burst_bytes
+ adv_default_routes
+ | Bool
+ | doc m%"
+ Adv Default Routes (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ adv_host_routes
+ | Bool
+ | doc m%"
+ Adv Host Routes (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ attach_group
+ | String
+ | doc "Attach Group (String)"
+ | optional,
+ bgp_password
+ | String
+ | doc "BGP Password (String)"
+ | optional,
+ bgp_password_encryption_type
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 10000000,
- _js2n__-prdslib.numbers.minimum 15000
+ _js2n__-prdslib.enum [ 3, 7 ]
])
| doc m%"
- Burst Bytes (Integer)
- - Minimum value: 15000
- - Maximum value: 10000000
- "%,
- exceed_action
- | std.enum.TagOrString
- | [| 'remark, 'drop |]
+ BGP Password Encryption Type (Integer)
+ - Allowed values: 3, 7
+ "%
+ | optional,
+ disable_rt_auto
+ | Bool
+ | doc m%"
+ Disable Rt Auto (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ export_evpn_rt
+ | String
+ | doc "Export Evpn Rt (String)"
+ | optional,
+ export_mvpn_rt
+ | String
+ | doc "Export Mvpn Rt (String)"
+ | optional,
+ export_vpn_rt
+ | String
+ | doc "Export VPN Rt (String)"
+ | optional,
+ import_evpn_rt
+ | String
+ | doc "Import Evpn Rt (String)"
+ | optional,
+ import_mvpn_rt
+ | String
+ | doc "Import Mvpn Rt (String)"
+ | optional,
+ import_vpn_rt
+ | String
+ | doc "Import VPN Rt (String)"
+ | optional,
+ ipv6_linklocal_enable
+ | Bool
+ | doc m%"
+ IPv6 Linklocal Enable (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ loopback_route_tag
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4294967295
+ ])
+ | doc m%"
+ Loopback Route Tag (Integer)
+ - Default value: 12345
+ - Maximum value: 4294967295
+ "%
+ | optional,
+ max_bgp_paths
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 128,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Max BGP Paths (Integer)
+ - Default value: 1
+ - Minimum value: 1
+ - Maximum value: 128
+ "%
+ | optional,
+ max_ibgp_paths
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 128,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Max Ibgp Paths (Integer)
+ - Default value: 2
+ - Minimum value: 1
+ - Maximum value: 128
+ "%
+ | optional,
+ name | String | doc "Name (String)",
+ netflow_enable
+ | Bool
+ | doc m%"
+ Netflow Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ netflow_monitor
+ | String
+ | doc "Netflow Monitor (String)"
+ | optional,
+ no_rp
+ | Bool
+ | doc m%"
+ No Rp (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ overlay_multicast_group
+ | String
+ | doc "Overlay Multicast Group (String)"
+ | optional,
+ redist_direct_routemap
+ | String
+ | doc m%"
+ Redist Direct Routemap (String)
+ - Default value: FABRIC-RMAP-REDIST-SUBNET
+ "%
+ | optional,
+ rp_address
+ | String
+ | doc m%"
+ Rp Address (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ rp_external | Bool | doc "Rp External (Boolean)" | optional,
+ rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Rp Loopback ID (Integer)
+ - Maximum value: 1023
+ "%
+ | optional,
+ static_default_route
+ | Bool
+ | doc m%"
+ Static Default Route (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ trm_bgw_msite
+ | Bool
+ | doc m%"
+ Trm Bgw Msite (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ trm_enable
+ | Bool
+ | doc m%"
+ Trm Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ underlay_mcast_ip
+ | String
+ | doc m%"
+ Underlay Mcast IP (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ vlan_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4094,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ Vlan ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 4094
+ "%
+ | optional,
+ vrf_description
+ | String
| doc m%"
- Exceed Action (String)
- - Allowed values: drop, remark
- "%,
- name
+ VRF Description (String)
+ - Default value: Configured by Ansible NetAsCode
+ "%
+ | optional,
+ vrf_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1677215,
+ _js2n__-prdslib.numbers.minimum 4096
])
- | doc "Name (String)",
- rate_bps
+ | doc m%"
+ VRF ID (Integer)
+ - Minimum value: 4096
+ - Maximum value: 1677215
+ "%
+ | optional,
+ vrf_int_mtu
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 100000000000,
- _js2n__-prdslib.numbers.minimum 8
+ _js2n__-prdslib.numbers.maximum 9216,
+ _js2n__-prdslib.numbers.minimum 1500
])
| doc m%"
- Rate Bps (Integer)
- - Minimum value: 8
- - Maximum value: 100000000000
- "%,
+ VRF Int MTU (Integer)
+ - Default value: 9216
+ - Minimum value: 1500
+ - Maximum value: 9216
+ "%
+ | optional,
+ vrf_intf_desc
+ | String
+ | doc "VRF Intf Desc (String)"
+ | optional,
+ vrf_vlan_name
+ | String
+ | doc "VRF Vlan Name (String)"
+ | optional,
}
| doc m%"
- Policers (List - Object)
+ VRFs (List - Object)
Elements:
- name (required)
- - burst_bytes (required)
- - exceed_action (required)
- - rate_bps (required)
+ - vrf_id
+ - vlan_id
+ - vrf_vlan_name
+ - vrf_intf_desc
+ - vrf_description
+ - vrf_int_mtu
+ - loopback_route_tag
+ - max_bgp_paths
+ - max_ibgp_paths
+ - ipv6_linklocal_enable
+ - adv_host_routes
+ - adv_default_routes
+ - static_default_route
+ - bgp_password
+ - bgp_password_encryption_type
+ - disable_rt_auto
+ - export_evpn_rt
+ - export_mvpn_rt
+ - export_vpn_rt
+ - import_evpn_rt
+ - import_mvpn_rt
+ - import_vpn_rt
+ - netflow_enable
+ - netflow_monitor
+ - no_rp
+ - overlay_multicast_group
+ - redist_direct_routemap
+ - rp_address
+ - rp_external
+ - rp_loopback_id
+ - trm_enable
+ - trm_bgw_msite
+ - underlay_mcast_ip
+ - attach_group
"%
| optional,
- preferred_color_groups
+ }
+ | doc m%"
+ Overlay Services (Object)
+
+ Elements:
+ - vrfs
+ - networks
+ - vrf_attach_groups
+ - network_attach_groups
+ "%
+ | optional,
+ topology
+ | {
+ edge_connections
| Array
{
- name
+ dest_device | String | doc "Dest Device (String)",
+ dest_fabric | String | doc "Dest Fabric (String)",
+ dest_interface | String | doc "Dest Interface (String)",
+ source_device | String | doc "Source Device (String)",
+ source_interface | String | doc "Source Interface (String)",
+ }
+ | doc m%"
+ Edge Connections (List - Object)
+
+ Elements:
+ - dest_fabric (required)
+ - source_device (required)
+ - dest_device (required)
+ - source_interface (required)
+ - dest_interface (required)
+ "%
+ | optional,
+ fabric_links
+ | Array
+ {
+ dest_device | String | doc "Dest Device (String)",
+ dest_interface
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
])
- | doc "Name (String)",
- primary_colors
+ | doc "Dest Interface (String)",
+ source_device | String | doc "Source Device (String)",
+ source_interface
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [
- "default",
- "mpls",
- "metro-ethernet",
- "biz-internet",
- "public-internet",
- "lte",
- "3g",
- "red",
- "green",
- "blue",
- "gold",
- "silver",
- "bronze",
- "custom1",
- "custom2",
- "custom3",
- "private1",
- "private2",
- "private3",
- "private4",
- "private5",
- "private6"
- ]
- ])
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
])
- | doc "Primary Colors (List - String)",
- primary_path
- | std.enum.TagOrString
- | [| 'all-paths, 'multi-hop-path, 'direct-path |]
+ | doc "Source Interface (String)",
+ }
+ | doc m%"
+ Fabric Links (List - Object)
+
+ Elements:
+ - source_device (required)
+ - source_interface (required)
+ - dest_device (required)
+ - dest_interface (required)
+ "%
+ | optional,
+ switches
+ | Array
+ {
+ freeforms
+ | Array
+ {
+ description
+ | String
+ | doc "Description (String)"
+ | optional,
+ file_path
+ | String
+ | doc "File Path (String)"
+ | optional,
+ }
| doc m%"
- Primary Path (String)
- - Allowed values: direct-path, multi-hop-path, all-paths
+ Freeforms (List - Object)
+
+ Elements:
+ - description
+ - file_path
"%
| optional,
- secondary_colors
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
+ interfaces
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ access_vlan =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enable_bpdu_guard =
+ _js2n__-prdslib.isType '"Bool",
+ enabled = _js2n__-prdslib.isType '"Bool",
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "access" ]
+ ],
+ mtu =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [ "default", "jumbo" ]
+ ]
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ],
+ spanning_tree_portfast =
+ _js2n__-prdslib.isType '"Bool",
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enable_bpdu_guard =
+ _js2n__-prdslib.isType '"Bool",
+ enabled = _js2n__-prdslib.isType '"Bool",
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "trunk" ]
+ ],
+ mtu =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [ "default", "jumbo" ]
+ ]
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ],
+ spanning_tree_portfast =
+ _js2n__-prdslib.isType '"Bool",
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ trunk_allowed_vlans =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "from" ],
+ _js2n__-prdslib.records.record
+ {
+ from =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum
+ 1
+ ],
+ to =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum
+ 1
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "members", "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ access_vlan =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enable_bpdu_guard =
+ _js2n__-prdslib.isType '"Bool",
+ enabled = _js2n__-prdslib.isType '"Bool",
+ members =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ])
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "access" ]
+ ],
+ mtu =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [ "default", "jumbo" ]
+ ]
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(po|port-channel)([1-9]|[1-9][0-9]{1,3}|[1-3][0-9]{3}|40([0-8][0-9]|9[0-6]))$"
+ ],
+ pc_mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "active", "on", "passive" ]
+ ],
+ spanning_tree_portfast =
+ _js2n__-prdslib.isType '"Bool",
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ vpc_id =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4906,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [
- "default",
- "mpls",
- "metro-ethernet",
- "biz-internet",
- "public-internet",
- "lte",
- "3g",
- "red",
- "green",
- "blue",
- "gold",
- "silver",
- "bronze",
- "custom1",
- "custom2",
- "custom3",
- "private1",
- "private2",
- "private3",
- "private4",
- "private5",
- "private6"
- ]
- ])
- ])
- | doc "Secondary Colors (List - String)"
- | optional,
- secondary_path
- | std.enum.TagOrString
- | [| 'all-paths, 'multi-hop-path, 'direct-path |]
- | doc m%"
- Secondary Path (String)
- - Allowed values: direct-path, multi-hop-path, all-paths
- "%
- | optional,
- tertiary_colors
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "members", "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enable_bpdu_guard =
+ _js2n__-prdslib.isType '"Bool",
+ enabled = _js2n__-prdslib.isType '"Bool",
+ members =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ])
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "trunk" ]
+ ],
+ mtu =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.enum
+ [ "default", "jumbo" ]
+ ]
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(po|port-channel)([1-9]|[1-9][0-9]{1,3}|[1-3][0-9]{3}|40([0-8][0-9]|9[0-6]))$"
+ ],
+ pc_mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "active", "on", "passive" ]
+ ],
+ spanning_tree_portfast =
+ _js2n__-prdslib.isType '"Bool",
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ trunk_allowed_vlans =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "from" ],
+ _js2n__-prdslib.records.record
+ {
+ from =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum
+ 1
+ ],
+ to =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4094,
+ _js2n__-prdslib.numbers.minimum
+ 1
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ vpc_id =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4906,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [
- "default",
- "mpls",
- "metro-ethernet",
- "biz-internet",
- "public-internet",
- "lte",
- "3g",
- "red",
- "green",
- "blue",
- "gold",
- "silver",
- "bronze",
- "custom1",
- "custom2",
- "custom3",
- "private1",
- "private2",
- "private3",
- "private4",
- "private5",
- "private6"
- ]
- ])
- ])
- | doc "Tertiary Colors (List - String)"
- | optional,
- tertiary_path
- | std.enum.TagOrString
- | [| 'all-paths, 'multi-hop-path, 'direct-path |]
- | doc m%"
- Tertiary Path (String)
- - Allowed values: direct-path, multi-hop-path, all-paths
- "%
- | optional,
- }
- | doc m%"
- Preferred Color Groups (List - Object)
-
- Elements:
- - name (required)
- - primary_colors (required)
- - primary_path
- - secondary_colors
- - secondary_path
- - tertiary_colors
- - tertiary_path
- "%
- | optional,
- region_lists
- | Array
- {
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- region_id_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enabled = _js2n__-prdslib.isType '"Bool",
+ ipv4_address =
+ _js2n__-prdslib.isType '"String",
+ ipv4_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ ipv6_address =
+ _js2n__-prdslib.isType '"String",
+ ipv6_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "routed" ]
+ ],
+ mtu =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ],
+ secondary_ipv4_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ secondary_ipv6_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ vrf = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 63
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "dot1q_id", "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ dot1q_id =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4096,
+ _js2n__-prdslib.numbers.minimum 1
+ ],
+ enabled = _js2n__-prdslib.isType '"Bool",
+ ipv4_address =
+ _js2n__-prdslib.isType '"String",
+ ipv4_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ ipv6_address =
+ _js2n__-prdslib.isType '"String",
+ ipv6_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "routed_sub" ]
+ ],
+ mtu =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}\\.\\d{1,4}$"
+ ],
+ secondary_ipv4_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ secondary_ipv6_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ vrf = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 63
- "%,
- }
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enabled = _js2n__-prdslib.isType '"Bool",
+ ipv4_address =
+ _js2n__-prdslib.isType '"String",
+ ipv4_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ ipv6_address =
+ _js2n__-prdslib.isType '"String",
+ ipv6_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ members =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ])
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "routed_po" ]
+ ],
+ mtu =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 9216,
+ _js2n__-prdslib.numbers.minimum
+ 1500
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(po|port-channel)([1-9]|[1-9][0-9]{1,3}|[1-3][0-9]{3}|40([0-8][0-9]|9[0-6]))$"
+ ],
+ pc_mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "active", "on", "passive" ]
+ ],
+ secondary_ipv4_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ secondary_ipv6_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ speed =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(auto|100mb|1gb|10gb|25gb|40gb|100gb|200gb|400gb|800gb)$"
+ ],
+ vrf = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [ "mode", "name" ],
+ _js2n__-prdslib.records.record
+ {
+ description =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.maxLength
+ 256
+ ],
+ enabled = _js2n__-prdslib.isType '"Bool",
+ ipv4_address =
+ _js2n__-prdslib.isType '"String",
+ ipv4_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ ipv6_address =
+ _js2n__-prdslib.isType '"String",
+ ipv6_route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ mode =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [
+ "loopback",
+ "fabric_loopback",
+ "mpls_loopback"
+ ]
+ ],
+ name =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "(?i)^(lo|loopback)([0-9]|[1-9][0-9]{1,2}|10[0-1][0-9]|102[0-3])$"
+ ],
+ secondary_ipv4_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ secondary_ipv6_addresses =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.required
+ [ "ip_address" ],
+ _js2n__-prdslib.records.record
+ {
+ ip_address =
+ _js2n__-prdslib.isType
+ '"String",
+ route_tag =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Integer,
+ _js2n__-prdslib.numbers.maximum
+ 4294967295
+ ],
+ } {} false
+ _js2n__-prdslib.never
+ ])
+ ],
+ vrf = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ]
+ ])
+ )
| doc m%"
- Region ID Ranges (List - Object)
+ Interfaces (List - Object)
Elements:
- - from (required)
- - to (required)
+ - name (required)
+ - mode (required)
+ - description
+ - mtu
+ - speed
+ - enabled
+ - access_vlan
+ - spanning_tree_portfast
+ - enable_bpdu_guard
+ - trunk_allowed_vlans
+ - vpc_id
+ - pc_mode
+ - members (required)
+ - vrf
+ - ipv4_address
+ - ipv4_route_tag
+ - secondary_ipv4_addresses
+ - ipv6_address
+ - ipv6_route_tag
+ - secondary_ipv6_addresses
+ - dot1q_id (required)
"%
| optional,
- region_ids
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 63
- ])
- )
- | doc "Region Ids (List - Integer)"
- | optional,
- }
- | doc m%"
- Region Lists (List - Object)
-
- Elements:
- - name (required)
- - region_ids
- - region_id_ranges
- "%
- | optional,
- site_lists
- | Array
- {
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- site_id_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 4294967295,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- From (Integer)
- - Minimum value: 1
- - Maximum value: 4294967295
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 4294967295,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- To (Integer)
- - Minimum value: 1
- - Maximum value: 4294967295
- "%,
- }
+ management
+ | {
+ default_gateway_v4
+ | String
+ | doc m%"
+ Default Gateway V4 (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ default_gateway_v6
+ | String
+ | doc m%"
+ Default Gateway V6 (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ management_ipv4_address
+ | String
+ | doc m%"
+ Management Ipv4 Address (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ management_ipv6_address
+ | String
+ | doc m%"
+ Management IPv6 Address (String)
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ }
| doc m%"
- Site ID Ranges (List - Object)
+ Management (Object)
Elements:
- - from (required)
- - to (required)
+ - default_gateway_v4
+ - default_gateway_v6
+ - management_ipv4_address
+ - management_ipv6_address
"%
| optional,
- site_ids
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 4294967295,
- _js2n__-prdslib.numbers.minimum 1
- ])
- )
- | doc "Site Ids (List - Integer)"
- | optional,
- }
- | doc m%"
- Site Lists (List - Object)
-
- Elements:
- - name (required)
- - site_ids
- - site_id_ranges
- "%
- | optional,
- sla_classes
- | Array
- {
- app_probe_class
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[^<>!&$@\\\\/\"() ]{1,128}$"
- ])
- | doc "App Probe Class (String)"
- | optional,
- fallback_best_tunnel_criteria
+ name | String | doc "Name (String)",
+ role
| std.enum.TagOrString
| [|
- 'jitter-loss-latency,
- 'jitter-latency-loss,
- 'latency-jitter-loss,
- 'latency-loss-jitter,
- 'loss-jitter-latency,
- 'loss-latency-jitter,
- 'jitter-loss,
- 'jitter-latency,
- 'latency-jitter,
- 'latency-loss,
- 'loss-jitter,
- 'loss-latency,
- 'jitter,
- 'latency,
- 'loss
+ 'tor,
+ 'border_gateway_super_spine,
+ 'border_super_spine,
+ 'super_spine,
+ 'border_gateway_spine,
+ 'border_gateway,
+ 'boder_spine,
+ 'border,
+ 'leaf,
+ 'spine
|]
| doc m%"
- Fallback Best Tunnel Criteria (String)
- - Allowed values: loss, latency, jitter, loss-latency, loss-jitter, latency-loss, latency-jitter, jitter-latency, jitter-loss, loss-latency-jitter, loss-jitter-latency, latency-loss-jitter, latency-jitter-loss, jitter-latency-loss, jitter-loss-latency
+ Role (String)
+ - Allowed values: spine, leaf, border, boder_spine, border_gateway, border_gateway_spine, super_spine, border_super_spine, border_gateway_super_spine, tor
"%
| optional,
- fallback_best_tunnel_jitter
+ routing_loopback_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 1000,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.numbers.maximum 1023
])
| doc m%"
- Fallback Best Tunnel Jitter (Integer)
- - Minimum value: 1
- - Maximum value: 1000
+ Routing Loopback ID (Integer)
+ - Maximum value: 1023
"%
| optional,
- fallback_best_tunnel_latency
+ serial_number
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 1000,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^[a-zA-Z0-9_.:-]{1,16}$"
])
- | doc m%"
- Fallback Best Tunnel Latency (Integer)
- - Minimum value: 1
- - Maximum value: 1000
- "%
+ | doc "Serial Number (String)"
| optional,
- fallback_best_tunnel_loss
+ vtep_loopback_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 100,
- _js2n__-prdslib.numbers.minimum 1
+ _js2n__-prdslib.numbers.maximum 1023
])
| doc m%"
- Fallback Best Tunnel Loss (Integer)
- - Minimum value: 1
- - Maximum value: 100
+ Vtep Loopback ID (Integer)
+ - Default value: 1
+ - Maximum value: 1023
"%
| optional,
- jitter_ms
+ }
+ | doc m%"
+ Switches (List - Object)
+
+ Elements:
+ - name (required)
+ - serial_number
+ - role
+ - management
+ - routing_loopback_id
+ - vtep_loopback_id
+ - freeforms
+ - interfaces
+ "%
+ | optional,
+ vpc_peers
+ | Array
+ {
+ domain_id
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
[
@@ -67855,464 +72840,733 @@ let rec _js2n__-refsenv
_js2n__-prdslib.numbers.minimum 1
])
| doc m%"
- Jitter MS (Integer)
+ Domain ID (Integer)
+ - Default value: 1
- Minimum value: 1
- Maximum value: 1000
"%
| optional,
- latency_ms
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 1000,
- _js2n__-prdslib.numbers.minimum 1
- ])
+ fabric_peering
+ | Bool
+ | doc "Fabric Peering (Boolean)"
+ | optional,
+ peer1 | String | doc "Peer1 (String)",
+ peer1_peerlink_interfaces
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Peer1 Peerlink Interfaces (List - Object)
+
+ Elements:
+ - name (required)
+ "%
+ | optional,
+ peer2 | String | doc "Peer2 (String)",
+ peer2_peerlink_interfaces
+ | Array
+ {
+ name
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern
+ "^(?:e|eth(?:ernet)?)\\d(?:\\/\\d+){1,2}$"
+ ])
+ | doc "Name (String)",
+ }
+ | doc m%"
+ Peer2 Peerlink Interfaces (List - Object)
+
+ Elements:
+ - name (required)
+ "%
+ | optional,
+ vpc_interfaces
+ | Array
+ {
+ vpc_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 4096,
+ _js2n__-prdslib.numbers.minimum 1
+ ])
+ | doc m%"
+ vPC ID (Integer)
+ - Minimum value: 1
+ - Maximum value: 4096
+ "%,
+ }
| doc m%"
- Latency MS (Integer)
- - Minimum value: 1
- - Maximum value: 1000
+ vPC Interfaces (List - Object)
+
+ Elements:
+ - vpc_id (required)
"%
| optional,
- loss_percentage
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 100,
- _js2n__-prdslib.numbers.minimum 1
- ])
+ vtep_vip
+ | String
| doc m%"
- Loss Percentage (Integer)
- - Minimum value: 1
- - Maximum value: 100
+ Vtep Vip (String)
+ - IPv4 or IPv6 address
"%
| optional,
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
}
| doc m%"
- Sla Classes (List - Object)
+ vPC Peers (List - Object)
Elements:
- - name (required)
- - jitter_ms
- - latency_ms
- - loss_percentage
- - app_probe_class
- - fallback_best_tunnel_criteria
- - fallback_best_tunnel_jitter
- - fallback_best_tunnel_latency
- - fallback_best_tunnel_loss
+ - peer1 (required)
+ - peer1_peerlink_interfaces
+ - peer2 (required)
+ - peer2_peerlink_interfaces
+ - fabric_peering
+ - domain_id
+ - vtep_vip
+ - vpc_interfaces
"%
| optional,
- standard_community_lists
- | Array
- {
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- standard_communities
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[0-9]{1,5}(:)[0-9]{1,5}$"
- ])
- )
- | doc "Standard Communities (List - String)",
- }
+ }
+ | doc m%"
+ Topology (Object)
+
+ Elements:
+ - switches
+ - vpc_peers
+ - fabric_links
+ - edge_connections
+ "%
+ | optional,
+ underlay
+ | {
+ bfd
+ | {
+ authentication_enable
+ | Bool
+ | doc m%"
+ Authentication Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ authentication_key
+ | String
+ | doc "Authentication Key (String)"
+ | optional,
+ authentication_key_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 65535
+ ])
+ | doc m%"
+ Authentication Key ID (Integer)
+ - Default value: 100
+ - Maximum value: 65535
+ "%
+ | optional,
+ enable
+ | Bool
+ | doc m%"
+ Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ ibgp
+ | Bool
+ | doc m%"
+ Ibgp (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ isis
+ | Bool
+ | doc m%"
+ ISIS (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ ospf
+ | Bool
+ | doc m%"
+ OSPF (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ pim
+ | Bool
+ | doc m%"
+ Pim (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ }
+ | doc m%"
+ BFD (Object)
+
+ Elements:
+ - enable
+ - ibgp
+ - ospf
+ - isis
+ - pim
+ - authentication_enable
+ - authentication_key_id
+ - authentication_key
+ "%
+ | optional,
+ bgp
+ | {
+ authentication_enable
+ | Bool
+ | doc m%"
+ Authentication Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ authentication_key
+ | String
+ | doc "Authentication Key (String)"
+ | optional,
+ authentication_key_type
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.enum [ 3, 7 ]
+ ])
+ | doc m%"
+ Authentication Key Type (Integer)
+ - Default value: 3
+ - Allowed values: 3, 7
+ "%
+ | optional,
+ }
+ | doc m%"
+ BGP (Object)
+
+ Elements:
+ - authentication_enable
+ - authentication_key_type
+ - authentication_key
+ "%
+ | optional,
+ general
+ | {
+ enable_ipv6_underlay
+ | Bool
+ | doc m%"
+ Enable IPv6 Underlay (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ fabric_interface_numbering
+ | std.enum.TagOrString
+ | [| 'unnumbered, 'p2p |]
+ | doc m%"
+ Fabric Interface Numbering (String)
+ - Default value: p2p
+ - Allowed values: p2p, unnumbered
+ "%
+ | optional,
+ intra_fabric_interface_mtu
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 9216
+ ])
+ | doc m%"
+ Intra Fabric Interface MTU (Integer)
+ - Default value: 9216
+ - Maximum value: 9216
+ "%
+ | optional,
+ layer2_host_interfacde_mtu
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 9216
+ ])
+ | doc m%"
+ Layer2 Host Interfacde MTU (Integer)
+ - Default value: 9216
+ - Maximum value: 9216
+ "%
+ | optional,
+ manual_underlay_allocation
+ | Bool
+ | doc m%"
+ Manual Underlay Allocation (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ replication_mode
+ | std.enum.TagOrString
+ | [| 'ingress, 'multicast |]
+ | doc m%"
+ Replication Mode (String)
+ - Default value: multicast
+ - Allowed values: multicast, ingress
+ "%
+ | optional,
+ routing_protocol
+ | std.enum.TagOrString
+ | [| 'bgp, 'is-is, 'ospf |]
+ | doc m%"
+ Routing Protocol (String)
+ - Default value: ospf
+ - Allowed values: ospf, is-is, bgp
+ "%
+ | optional,
+ subnet_mask
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 31,
+ _js2n__-prdslib.numbers.minimum 30
+ ])
+ | doc m%"
+ Subnet Mask (Integer)
+ - Default value: 30
+ - Minimum value: 30
+ - Maximum value: 31
+ "%
+ | optional,
+ underlay_routing_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Routing Loopback ID (Integer)
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_routing_protocol_tag
+ | String
+ | doc m%"
+ Underlay Routing Protocol Tag (String)
+ - Default value: UNDERLAY
+ "%
+ | optional,
+ underlay_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Rp Loopback ID (Integer)
+ - Default value: 254
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_vtep_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Vtep Loopback ID (Integer)
+ - Default value: 1
+ - Maximum value: 1023
+ "%
+ | optional,
+ unshut_host_interfaces
+ | Bool
+ | doc m%"
+ Unshut Host Interfaces (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ }
+ | doc m%"
+ General (Object)
+
+ Elements:
+ - routing_protocol
+ - enable_ipv6_underlay
+ - replication_mode
+ - fabric_interface_numbering
+ - subnet_mask
+ - manual_underlay_allocation
+ - underlay_routing_loopback_id
+ - underlay_vtep_loopback_id
+ - underlay_routing_protocol_tag
+ - underlay_rp_loopback_id
+ - intra_fabric_interface_mtu
+ - layer2_host_interfacde_mtu
+ - unshut_host_interfaces
+ "%
+ | optional,
+ ipv4
+ | {
+ underlay_routing_loopback_ip_range
+ | String
+ | doc m%"
+ Underlay Routing Loopback IP Range (String)
+ - Default value: 10.2.0.0/22
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ underlay_rp_loopback_ip_range
+ | String
+ | doc m%"
+ Underlay Rp Loopback IP Range (String)
+ - Default value: 10.254.254.0/24
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ underlay_subnet_ip_range
+ | String
+ | doc m%"
+ Underlay Subnet IP Range (String)
+ - Default value: 10.4.0.0/16
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ underlay_vtep_loopback_ip_range
+ | String
+ | doc m%"
+ Underlay Vtep Loopback IP Range (String)
+ - Default value: 10.3.0.0/22
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ }
| doc m%"
- Standard Community Lists (List - Object)
+ Ipv4 (Object)
Elements:
- - name (required)
- - standard_communities (required)
+ - underlay_routing_loopback_ip_range
+ - underlay_vtep_loopback_ip_range
+ - underlay_rp_loopback_ip_range
+ - underlay_subnet_ip_range
"%
| optional,
- tloc_lists
- | Array
- {
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- tlocs
- | Array
- {
- color
- | std.enum.TagOrString
- | [|
- 'private6,
- 'private5,
- 'private4,
- 'private3,
- 'private2,
- 'private1,
- 'custom3,
- 'custom2,
- 'custom1,
- 'bronze,
- 'silver,
- 'gold,
- 'blue,
- 'green,
- 'red,
- '"3g",
- 'lte,
- 'public-internet,
- 'biz-internet,
- 'metro-ethernet,
- 'mpls,
- '"default"
- |]
- | doc m%"
- Color (String)
- - Allowed values: default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6
- "%,
- encapsulation
- | std.enum.TagOrString
- | [| 'gre, 'ipsec |]
- | doc m%"
- Encapsulation (String)
- - Allowed values: ipsec, gre
- "%,
- preference
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 4294967295
- ])
- | doc m%"
- Preference (Integer)
- - Maximum value: 4294967295
- "%
- | optional,
- tloc_ip
- | String
- | doc m%"
- Tloc IP (String)
- - IPv4 or IPv6 address
- "%,
- }
- | doc m%"
- Tlocs (List - Object)
-
- Elements:
- - color (required)
- - encapsulation (required)
- - tloc_ip (required)
- - preference
- "%,
- }
+ ipv6
+ | {
+ enable_ipv6_link_local_address
+ | Bool
+ | doc m%"
+ Enable IPv6 Link Local Address (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ underlay_subnet_mask
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 128,
+ _js2n__-prdslib.numbers.minimum 16
+ ])
+ | doc m%"
+ Underlay Subnet Mask (Integer)
+ - Default value: 126
+ - Minimum value: 16
+ - Maximum value: 128
+ "%
+ | optional,
+ }
| doc m%"
- Tloc Lists (List - Object)
+ IPv6 (Object)
Elements:
- - name (required)
- - tlocs (required)
+ - enable_ipv6_link_local_address
+ - underlay_subnet_mask
"%
| optional,
- vpn_lists
- | Array
- {
- name
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[A-Za-z0-9-_]{1,128}$"
- ])
- | doc "Name (String)",
- vpn_id_ranges
- | Array
- {
- from
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65530
- ])
- | doc m%"
- From (Integer)
- - Maximum value: 65530
- "%,
- to
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65530
- ])
- | doc m%"
- To (Integer)
- - Maximum value: 65530
- "%,
- }
- | doc m%"
- VPN ID Ranges (List - Object)
-
- Elements:
- - from (required)
- - to (required)
- "%
- | optional,
- vpn_ids
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 65530
- ])
- )
- | doc "VPN Ids (List - Integer)"
- | optional,
- }
+ isis
+ | {
+ authentication_enable
+ | Bool
+ | doc m%"
+ Authentication Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ authentication_key
+ | String
+ | doc "Authentication Key (String)"
+ | optional,
+ authentication_key_id
+ | std.number.Integer
+ | doc m%"
+ Authentication Key ID (Integer)
+ - Default value: 127
+ "%
+ | optional,
+ level
+ | std.enum.TagOrString
+ | [| 'level-2, 'level-1 |]
+ | doc m%"
+ Level (String)
+ - Default value: level-2
+ - Allowed values: level-1, level-2
+ "%
+ | optional,
+ network_point_to_point
+ | Bool
+ | doc m%"
+ Network Point To Point (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ overload_bit
+ | Bool
+ | doc m%"
+ Overload Bit (Boolean)
+ - Default value: true
+ "%
+ | optional,
+ overload_bit_elapsed_time
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 86400,
+ _js2n__-prdslib.numbers.minimum 5
+ ])
+ | doc m%"
+ Overload Bit Elapsed Time (Integer)
+ - Default value: 60
+ - Minimum value: 5
+ - Maximum value: 86400
+ "%
+ | optional,
+ }
+ | doc m%"
+ ISIS (Object)
+
+ Elements:
+ - level
+ - network_point_to_point
+ - authentication_enable
+ - authentication_key_id
+ - authentication_key
+ - overload_bit
+ - overload_bit_elapsed_time
+ "%
+ | optional,
+ multicast
+ | {
+ group_subnet
+ | String
+ | doc m%"
+ Group Subnet (String)
+ - Default value: 239.1.1.0/25
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ rendezvous_points
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.enum [ 2, 4 ]
+ ])
+ | doc m%"
+ Rendezvous Points (Integer)
+ - Default value: 2
+ - Allowed values: 2, 4
+ "%
+ | optional,
+ rp_mode
+ | std.enum.TagOrString
+ | [| 'bidr, 'asm |]
+ | doc m%"
+ Rp Mode (String)
+ - Default value: asm
+ - Allowed values: asm, bidr
+ "%
+ | optional,
+ trm_default_group
+ | String
+ | doc m%"
+ Trm Default Group (String)
+ - Default value: 239.1.1.0
+ - IPv4 or IPv6 address
+ "%
+ | optional,
+ trm_enable
+ | Bool
+ | doc m%"
+ Trm Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ underlay_backup_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Backup Rp Loopback ID (Integer)
+ - Default value: 3
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_primary_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Primary Rp Loopback ID (Integer)
+ - Default value: 2
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Rp Loopback ID (Integer)
+ - Default value: 254
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_second_backup_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Second Backup Rp Loopback ID (Integer)
+ - Default value: 4
+ - Maximum value: 1023
+ "%
+ | optional,
+ underlay_third_backup_rp_loopback_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 1023
+ ])
+ | doc m%"
+ Underlay Third Backup Rp Loopback ID (Integer)
+ - Default value: 5
+ - Maximum value: 1023
+ "%
+ | optional,
+ }
| doc m%"
- VPN Lists (List - Object)
+ Multicast (Object)
Elements:
- - name (required)
- - vpn_ids
- - vpn_id_ranges
+ - group_subnet
+ - rendezvous_points
+ - rp_mode
+ - underlay_rp_loopback_id
+ - trm_enable
+ - trm_default_group
+ - underlay_primary_rp_loopback_id
+ - underlay_backup_rp_loopback_id
+ - underlay_second_backup_rp_loopback_id
+ - underlay_third_backup_rp_loopback_id
+ "%
+ | optional,
+ ospf
+ | {
+ area_id
+ | String
+ | doc m%"
+ Area ID (String)
+ - Default value: 0.0.0.0
+ "%
+ | optional,
+ authentication_enable
+ | Bool
+ | doc m%"
+ Authentication Enable (Boolean)
+ - Default value: false
+ "%
+ | optional,
+ authentication_key
+ | String
+ | doc "Authentication Key (String)"
+ | optional,
+ authentication_key_id
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.numbers.maximum 255
+ ])
+ | doc m%"
+ Authentication Key ID (Integer)
+ - Default value: 127
+ - Maximum value: 255
+ "%
+ | optional,
+ }
+ | doc m%"
+ OSPF (Object)
+
+ Elements:
+ - area_id
+ - authentication_enable
+ - authentication_key_id
+ - authentication_key
"%
| optional,
}
| doc m%"
- Policy Objects (Object)
-
- Elements:
- - app_probe_classes
- - application_lists
- - as_path_lists
- - class_maps
- - color_lists
- - expanded_community_lists
- - extended_community_lists
- - ipv4_data_prefix_lists
- - ipv4_prefix_lists
- - ipv6_data_prefix_lists
- - ipv6_prefix_lists
- - mirror_lists
- - policers
- - preferred_color_groups
- - region_lists
- - site_lists
- - sla_classes
- - standard_community_lists
- - tloc_lists
- - vpn_lists
- "%
- | optional,
- sites
- | Array
- {
- id
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.numbers.maximum 4294967295,
- _js2n__-prdslib.numbers.minimum 1
- ])
- | doc m%"
- ID (Integer)
- - Minimum value: 1
- - Maximum value: 4294967295
- "%,
- routers
- | Array
- {
- chassis_id | String | doc "Chassis ID (String)",
- device_template
- | _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern
- "^[^<>!&\" ]{1,128}$"
- ])
- | doc "Device Template (String)",
- device_variables
- | { .. }
- | doc m%"
- Device Variables (Object)
- - Map (key-value pairs)
- "%
- | optional,
- model
- | std.enum.TagOrString
- | [|
- 'ISR1100X-6G-XE,
- 'ISR1100X-4G-XE,
- 'ISR1100-6G-XE,
- 'ISR1100-4GLTENA-XE,
- 'ISR1100-4GLTEGB-XE,
- 'ISR1100-4G-XE,
- 'ISR-4461,
- 'ISR-4451-X,
- 'ISR-4431,
- 'ISR-4351,
- 'ISR-4331,
- 'ISR-4321,
- 'ISR-4221X,
- 'ISR-4221,
- 'IR-8340,
- 'IR-8140H-P,
- 'IR-8140H,
- 'IR-1835,
- 'IR-1833,
- 'IR-1831,
- 'IR-1821,
- 'IR-1101,
- 'C8500L-8S4X,
- 'C8500-20X6C,
- 'C8500-12X4QC,
- 'C8500-12X,
- 'C8300-2N2S-6T,
- 'C8300-2N2S-4T2X,
- 'C8300-1N1S-6T,
- 'C8300-1N1S-4T2X,
- 'C8200L-1N-4T,
- 'C8200-1N-4T,
- 'C8000V,
- 'C1161X-8PLTEP,
- 'C1161X-8P,
- 'C1161-8PLTEP,
- 'C1161-8P,
- 'C1131X-8PW,
- 'C1131X-8PLTEPW,
- 'C1131-8PW,
- 'C1131-8PLTEPW,
- 'C1128-8PLTEP,
- 'C1127X-8PMLTEP,
- 'C1127X-8PLTEP,
- 'C1127-8PMLTEP,
- 'C1127-8PLTEP,
- 'C1126X-8PLTEP,
- 'C1126-8PLTEP,
- 'C1121X-8PLTEPW,
- 'C1121X-8PLTEP,
- 'C1121X-8P,
- 'C1121-8PLTEPW,
- 'C1121-8PLTEP,
- 'C1121-8P,
- 'C1121-4PLTEP,
- 'C1121-4P,
- 'C1118-8P,
- 'C1117-4PW,
- 'C1117-4PMWE,
- 'C1117-4PMLTEEAWE,
- 'C1117-4PMLTEEA,
- 'C1117-4PM,
- 'C1117-4PLTELAWZ,
- 'C1117-4PLTELA,
- 'C1117-4PLTEEAW,
- 'C1117-4PLTEEA,
- 'C1117-4P,
- 'C1116-4PWE,
- 'C1116-4PLTEEAWE,
- 'C1116-4PLTEEA,
- 'C1116-4P,
- 'C1113-8PW,
- 'C1113-8PMWE,
- 'C1113-8PMLTEEA,
- 'C1113-8PM,
- 'C1113-8PLTEW,
- 'C1113-8PLTELAWZ,
- 'C1113-8PLTELA,
- 'C1113-8PLTEEAW,
- 'C1113-8PLTEEA,
- 'C1113-8P,
- 'C1112-8PWE,
- 'C1112-8PLTEEAWE,
- 'C1112-8PLTEEA,
- 'C1112-8P,
- 'C1111X-8P,
- 'C1111-8PW,
- 'C1111-8PLTELAW,
- 'C1111-8PLTELA,
- 'C1111-8PLTEEAW,
- 'C1111-8PLTEEA,
- 'C1111-8P,
- 'C1111-4PW,
- 'C1111-4PLTELA,
- 'C1111-4PLTEEA,
- 'C1111-4P,
- 'C1109-4PLTE2PW,
- 'C1109-4PLTE2P,
- 'C1109-2PLTEVZ,
- 'C1109-2PLTEUS,
- 'C1109-2PLTEGB,
- 'C1101-4PLTEPW,
- 'C1101-4PLTEP,
- 'C1101-4P,
- 'ASR-1006-X,
- 'ASR-1002-X,
- 'ASR-1002-HX,
- 'ASR-1001-X,
- 'ASR-1001-HX
- |]
- | doc m%"
- Model (String)
- - Allowed values: ASR-1001-HX, ASR-1001-X, ASR-1002-HX, ASR-1002-X, ASR-1006-X, C1101-4P, C1101-4PLTEP, C1101-4PLTEPW, C1109-2PLTEGB, C1109-2PLTEUS, C1109-2PLTEVZ, C1109-4PLTE2P, C1109-4PLTE2PW, C1111-4P, C1111-4PLTEEA, C1111-4PLTELA, C1111-4PW, C1111-8P, C1111-8PLTEEA, C1111-8PLTEEAW, C1111-8PLTELA, C1111-8PLTELAW, C1111-8PW, C1111X-8P, C1112-8P, C1112-8PLTEEA, C1112-8PLTEEAWE, C1112-8PWE, C1113-8P, C1113-8PLTEEA, C1113-8PLTEEAW, C1113-8PLTELA, C1113-8PLTELAWZ, C1113-8PLTEW, C1113-8PM, C1113-8PMLTEEA, C1113-8PMWE, C1113-8PW, C1116-4P, C1116-4PLTEEA, C1116-4PLTEEAWE, C1116-4PWE, C1117-4P, C1117-4PLTEEA, C1117-4PLTEEAW, C1117-4PLTELA, C1117-4PLTELAWZ, C1117-4PM, C1117-4PMLTEEA, C1117-4PMLTEEAWE, C1117-4PMWE, C1117-4PW, C1118-8P, C1121-4P, C1121-4PLTEP, C1121-8P, C1121-8PLTEP, C1121-8PLTEPW, C1121X-8P, C1121X-8PLTEP, C1121X-8PLTEPW, C1126-8PLTEP, C1126X-8PLTEP, C1127-8PLTEP, C1127-8PMLTEP, C1127X-8PLTEP, C1127X-8PMLTEP, C1128-8PLTEP, C1131-8PLTEPW, C1131-8PW, C1131X-8PLTEPW, C1131X-8PW, C1161-8P, C1161-8PLTEP, C1161X-8P, C1161X-8PLTEP, C8000V, C8200-1N-4T, C8200L-1N-4T, C8300-1N1S-4T2X, C8300-1N1S-6T, C8300-2N2S-4T2X, C8300-2N2S-6T, C8500-12X, C8500-12X4QC, C8500-20X6C, C8500L-8S4X, IR-1101, IR-1821, IR-1831, IR-1833, IR-1835, IR-8140H, IR-8140H-P, IR-8340, ISR-4221, ISR-4221X, ISR-4321, ISR-4331, ISR-4351, ISR-4431, ISR-4451-X, ISR-4461, ISR1100-4G-XE, ISR1100-4GLTEGB-XE, ISR1100-4GLTENA-XE, ISR1100-6G-XE, ISR1100X-4G-XE, ISR1100X-6G-XE
- "%,
- }
- | doc m%"
- Routers (List - Object)
-
- Elements:
- - chassis_id (required)
- - model (required)
- - device_template (required)
- - device_variables
- "%,
- }
- | doc m%"
- Sites (List - Object)
+ Underlay (Object)
Elements:
- - id (required)
- - routers (required)
+ - general
+ - ipv4
+ - ipv6
+ - ospf
+ - bgp
+ - isis
+ - multicast
+ - bfd
"%
| optional,
}
| doc m%"
- Sdwan (Object)
+ Vxlan (Object)
Elements:
- - edge_feature_templates
- - policy_objects
- - localized_policies
- - edge_device_templates
- - sites
- - multi_region_fabric
- - centralized_policies
- - feature_profiles
+ - global
+ - topology
+ - underlay
+ - overlay_services
+ - overlay_extensions
"%
| optional,
}
\ No newline at end of file
diff --git a/out/OSS Review Toolkit configuration.ncl b/out/OSS Review Toolkit configuration.ncl
index 6d2bb67..62af8f1 100644
--- a/out/OSS Review Toolkit configuration.ncl
+++ b/out/OSS Review Toolkit configuration.ncl
@@ -1134,7 +1134,6 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/Archive!predicate",
config =
_js2n__-refsenv."_js2n__-:definitions/ScannerConfig!predicate",
- createMissingArchives = _js2n__-prdslib.isType '"Bool",
detectedLicenseMapping =
_js2n__-refsenv."_js2n__-:definitions/DetectedLicenseMapping!predicate",
fileListStorage =
diff --git a/out/Open Data Contract Standard (ODCS)).ncl b/out/Open Data Contract Standard (ODCS)).ncl
new file mode 100644
index 0000000..8f9f70f
--- /dev/null
+++ b/out/Open Data Contract Standard (ODCS)).ncl
@@ -0,0 +1,1021 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {}
+ in
+ {
+ apiVersion
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.pattern "^v[0-9]+\\.[0-9]+\\.[0-9]+"
+ ])
+ | doc "Version of the standard used to build data contract. Default value is v2.2.2."
+ | optional,
+ database
+ | String
+ | doc "The database where the dataset resides."
+ | optional,
+ dataset | Array (Dyn),
+ datasetDomain
+ | String
+ | doc "Name of the logical domain dataset the contract describes. This field is only required for output data contracts."
+ | optional,
+ datasetKind
+ | String
+ | doc "The kind of dataset being cataloged; Expected values are `virtualDataset` or `managedDataset`."
+ | optional,
+ datasetName
+ | String
+ | doc "May be required in cloud instance like GCP BigQuery dataset name.",
+ description
+ | {
+ limitations | String | doc "Limitations of the dataset." | optional,
+ purpose | String | doc "Purpose of the dataset." | optional,
+ usage | String | doc "Intended usage of the dataset." | optional,
+ ..
+ }
+ | doc "High level description of the dataset."
+ | optional,
+ driver
+ | String
+ | doc "The connection driver required to connect to the dataset."
+ | optional,
+ driverVersion
+ | String
+ | doc "The version of the connection driver to be used to connect to the dataset."
+ | optional,
+ kind
+ | std.enum.TagOrString
+ | [| 'DataContract |]
+ | doc "The kind of file this is. Valid value is `DataContract`.",
+ password
+ | String
+ | doc "User credentials for connecting to the dataset; how the credentials will be stored/passed is out of the scope of this contract."
+ | optional,
+ price | Dyn | optional,
+ productDl
+ | String
+ | doc "The email distribution list (DL) of the persons or team responsible for maintaining the dataset."
+ | optional,
+ productFeedbackUrl
+ | String
+ | doc "The URL for submitting feedback to the team responsible for maintaining the dataset."
+ | optional,
+ productSlackChannel
+ | String
+ | doc "Slack channel of the team responsible for maintaining the dataset."
+ | optional,
+ project
+ | String
+ | doc "Associated project name, can be used for billing or administrative purpose. Used to be datasetProject."
+ | optional,
+ quantumName
+ | String
+ | doc "The name of the data quantum or data product.",
+ roles
+ | Array (Dyn)
+ | doc "A list of roles that will provide user access to the dataset."
+ | optional,
+ server | String | doc "The server where the dataset resides." | optional,
+ slaDefaultColumn
+ | String
+ | doc "Columns (using the Table.Column notation) to do the checks on. By default, it is the partition column."
+ | optional,
+ slaProperties
+ | Array (Dyn)
+ | doc "A list of key/value pairs for SLA specific properties. There is no limit on the type of properties (more details to come)."
+ | optional,
+ sourcePlatform
+ | String
+ | doc "The platform where the dataset resides. Expected value is GoogleCloudPlatform, IBMCloud, Azure..."
+ | optional,
+ sourceSystem
+ | String
+ | doc "The system where the dataset resides. Expected value can be BigQuery."
+ | optional,
+ stakeholders | Array (Dyn) | optional,
+ status
+ | String
+ | doc "Current status of the dataset. Valid values are `production`, `test`, or `development`.",
+ tags
+ | Array (String)
+ | doc "A list of tags that may be assigned to the dataset, table or column; the `tags` keyword may appear at any level."
+ | optional,
+ tenant
+ | String
+ | doc "Indicates the property the data is primarily associated with. Value is case insensitive."
+ | optional,
+ type
+ | String
+ | doc "Identifies the types of objects in the dataset. For BigQuery or any other database, the expected value would be Tables.",
+ userConsumptionMode
+ | String
+ | doc "List of data modes for which the dataset may be used. Expected sample values might be `analytical` or `operational`.
Note: in the future, this will probably be replaced by ports."
+ | optional,
+ username
+ | String
+ | doc "User credentials for connecting to the dataset; how the credentials will be stored/passed is outside of the scope of the contract."
+ | optional,
+ uuid
+ | String
+ | doc "A unique identifier used to reduce the risk of dataset name collisions; initially the UUID will be created using a UUID generator tool ([example](https://www.uuidgenerator.net/)). However, we may want to develop a method that accepts a seed value using a combination of fields–such as name, kind and source–to create a repeatable value.",
+ version | String | doc "Current version of the data contract.",
+ ..
+ }
\ No newline at end of file
diff --git a/out/Read the Docs.ncl b/out/Read the Docs.ncl
index 82343c5..3dcc342 100644
--- a/out/Read the Docs.ncl
+++ b/out/Read the Docs.ncl
@@ -944,6 +944,7 @@ let rec _js2n__-refsenv
"1.19",
"1.20",
"1.21",
+ "1.22",
"latest"
],
nodejs =
@@ -963,9 +964,11 @@ let rec _js2n__-refsenv
"3.12",
"latest",
"miniconda3-4.7",
+ "miniconda3-3.12-24.1",
"miniconda-latest",
"mambaforge-4.10",
"mambaforge-22.9",
+ "mambaforge-23.11",
"mambaforge-latest"
],
ruby = _js2n__-prdslib.enum [ "3.3", "latest" ],
@@ -977,6 +980,7 @@ let rec _js2n__-refsenv
"1.64",
"1.70",
"1.75",
+ "1.78",
"latest"
],
} {} false _js2n__-prdslib.never
diff --git a/out/Renovate.ncl b/out/Renovate.ncl
index 69327ca..1c8ab89 100644
--- a/out/Renovate.ncl
+++ b/out/Renovate.ncl
@@ -3267,6 +3267,7 @@ let rec _js2n__-refsenv
"debian",
"docker",
"git",
+ "glasskube",
"go-mod-directive",
"gradle",
"hashicorp",
diff --git a/out/Ruff.ncl b/out/Ruff.ncl
index 83c6ac0..db0a025 100644
--- a/out/Ruff.ncl
+++ b/out/Ruff.ncl
@@ -2585,7 +2585,7 @@ let rec _js2n__-refsenv
[
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.enum
- [ "py37", "py38", "py39", "py310", "py311", "py312" ]
+ [ "py37", "py38", "py39", "py310", "py311", "py312", "py313" ]
],
"_js2n__-:definitions/Quote!predicate" =
_js2n__-prdslib.oneOf
@@ -2674,6 +2674,8 @@ let rec _js2n__-refsenv
"ASYNC100",
"ASYNC101",
"ASYNC102",
+ "ASYNC11",
+ "ASYNC116",
"B",
"B0",
"B00",
@@ -2716,6 +2718,7 @@ let rec _js2n__-refsenv
"B035",
"B9",
"B90",
+ "B901",
"B904",
"B905",
"B909",
@@ -3053,6 +3056,7 @@ let rec _js2n__-refsenv
"FURB148",
"FURB15",
"FURB152",
+ "FURB154",
"FURB157",
"FURB16",
"FURB161",
@@ -3218,6 +3222,7 @@ let rec _js2n__-refsenv
"PLC02",
"PLC020",
"PLC0205",
+ "PLC0206",
"PLC0208",
"PLC04",
"PLC041",
@@ -3563,10 +3568,14 @@ let rec _js2n__-refsenv
"PYI054",
"PYI055",
"PYI056",
+ "PYI057",
"PYI058",
"PYI059",
"PYI06",
"PYI062",
+ "PYI063",
+ "PYI064",
+ "PYI066",
"Q",
"Q0",
"Q00",
@@ -3933,6 +3942,7 @@ let rec _js2n__-refsenv
"github",
"gitlab",
"pylint",
+ "rdjson",
"azure",
"sarif"
]
diff --git a/out/SauceCTL Configuration.ncl b/out/SauceCTL Configuration.ncl
index 1637a68..7cfa4c3 100644
--- a/out/SauceCTL Configuration.ncl
+++ b/out/SauceCTL Configuration.ncl
@@ -3421,6 +3421,9 @@ let rec _js2n__-refsenv
],
_js2n__-prdslib.records.record
{
+ armRequired =
+ _js2n__-prdslib.isType
+ '"Bool",
name =
_js2n__-prdslib.isType
'"String",
diff --git a/out/Semantic Data Fabric (SDF) file.ncl b/out/Semantic Data Fabric (SDF) file.ncl
index 8595d34..ac2537c 100644
--- a/out/Semantic Data Fabric (SDF) file.ncl
+++ b/out/Semantic Data Fabric (SDF) file.ncl
@@ -1142,13 +1142,6 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.isType 'Null
],
- bucket-region-map =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.record {} {} true
- (_js2n__-prdslib.isType '"String")
- ],
default-region =
_js2n__-prdslib.anyOf
[
@@ -1179,6 +1172,12 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.isType 'Null
],
+ session-token =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Null
+ ],
type =
_js2n__-prdslib.allOf
[
@@ -1209,7 +1208,7 @@ let rec _js2n__-refsenv
} {} true _js2n__-prdslib.always
]
],
- _js2n__-prdslib.records.required [ "name" ],
+ _js2n__-prdslib.records.required [ "name", "source-locations" ],
_js2n__-prdslib.records.record
{
description =
@@ -1228,6 +1227,22 @@ let rec _js2n__-refsenv
],
} {} true _js2n__-prdslib.always
],
+ "_js2n__-:definitions/DataBucket!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "uri" ],
+ _js2n__-prdslib.records.record
+ {
+ region =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Null
+ ],
+ uri = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
"_js2n__-:definitions/Defaults!predicate" =
_js2n__-prdslib.allOf
[
@@ -1738,7 +1753,7 @@ let rec _js2n__-refsenv
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum [ "append", "merge" ]
+ _js2n__-prdslib.enum [ "append", "merge", "delete+insert" ]
],
"_js2n__-:definitions/IndexMethod!predicate" =
_js2n__-prdslib.allOf
@@ -1952,28 +1967,11 @@ let rec _js2n__-refsenv
_js2n__-prdslib.enum
[ "none", "jinja", "sql-vars", "sql-logic-test", "all" ]
],
- "_js2n__-:definitions/ProviderNamespace!predicate"
- | doc "A target defines a view on a workspace/environment renaming all modified tables"
- = _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.required [ "target" ],
- _js2n__-prdslib.records.record
- {
- rename-as =
- _js2n__-prdslib.anyOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.isType 'Null
- ],
- target = _js2n__-prdslib.isType '"String",
- } {} false _js2n__-prdslib.never
- ],
"_js2n__-:definitions/ProviderType!predicate" =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum [ "glue", "redshift", "snowflake" ]
+ _js2n__-prdslib.enum [ "glue", "redshift", "snowflake", "s3" ]
],
"_js2n__-:definitions/Reclassify!predicate" =
_js2n__-prdslib.allOf
@@ -2022,8 +2020,21 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType 'Record,
_js2n__-prdslib.records.required [ "pattern" ],
_js2n__-prdslib.records.record
- { pattern = _js2n__-prdslib.isType '"String", } {} false
- _js2n__-prdslib.never
+ {
+ pattern = _js2n__-prdslib.isType '"String",
+ preload =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"Bool",
+ _js2n__-prdslib.isType 'Null
+ ],
+ rename-from =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Null
+ ],
+ } {} false _js2n__-prdslib.never
],
"_js2n__-:definitions/SyncType!predicate" =
_js2n__-prdslib.oneOf
@@ -2356,7 +2367,7 @@ let rec _js2n__-refsenv
} {} false _js2n__-prdslib.never
],
"_js2n__-:definitions/TargetProvider!predicate"
- | doc "Table providers manage tables in in catalogs"
+ | doc "Table providers manage tables in in catalogs (OLD_PROVIDERS)"
= _js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
@@ -2373,6 +2384,13 @@ let rec _js2n__-refsenv
],
_js2n__-prdslib.numbers.minimum 0
],
+ buckets =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/DataBucket!predicate"
+ ],
cluster-identifier =
_js2n__-prdslib.anyOf
[
@@ -2385,13 +2403,6 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType '"String",
_js2n__-prdslib.isType 'Null
],
- namespaces =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- _js2n__-refsenv."_js2n__-:definitions/ProviderNamespace!predicate"
- ],
sources =
_js2n__-prdslib.allOf
[
diff --git a/out/Shopware 6 Configuration.ncl b/out/Shopware 6 Configuration.ncl
index 2dbef87..68c1f31 100644
--- a/out/Shopware 6 Configuration.ncl
+++ b/out/Shopware 6 Configuration.ncl
@@ -1458,6 +1458,19 @@ let rec _js2n__-refsenv
enable_url_validation | Bool | optional,
url_upload_max_size | String | optional,
},
+ "_js2n__-:definitions/messenger!contract" =
+ {
+ routing_overwrite
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String"),
+ _js2n__-prdslib.arrays.uniqueItems
+ ])
+ | optional,
+ },
"_js2n__-:definitions/number_range!contract" =
{
config | { dsn | String | optional, } | optional,
@@ -1611,6 +1624,9 @@ let rec _js2n__-refsenv
media
| _js2n__-refsenv."_js2n__-:definitions/media!contract"
| optional,
+ messenger
+ | _js2n__-refsenv."_js2n__-:definitions/messenger!contract"
+ | optional,
number_range
| _js2n__-refsenv."_js2n__-:definitions/number_range!contract"
| optional,
@@ -1632,6 +1648,7 @@ let rec _js2n__-refsenv
store
| _js2n__-refsenv."_js2n__-:definitions/shopware_store!contract"
| optional,
+ system_config | { .. } | optional,
twig
| _js2n__-refsenv."_js2n__-:definitions/twig!contract"
| optional,
diff --git a/out/UET BuildConfig.json.ncl b/out/UET BuildConfig.json.ncl
index eb86952..df58afd 100644
--- a/out/UET BuildConfig.json.ncl
+++ b/out/UET BuildConfig.json.ncl
@@ -909,6 +909,136 @@ let rec _js2n__-refsenv
{ UETVersion = _js2n__-prdslib.const "BleedingEdge", } {} true
_js2n__-prdslib.always) _js2n__-prdslib.always
_js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1167.643", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.989", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.818", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.535", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.422", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.362", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1166.360", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.1212", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.1160", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.1019", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.978", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.920", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.908", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.873", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.830", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.806", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.794", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.761", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.743", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.713", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.640", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.574", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.466", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.417", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1165.392", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
+ _js2n__-prdslib.ifThenElse
+ (_js2n__-prdslib.records.record
+ { UETVersion = _js2n__-prdslib.const "2024.1164.341", } {}
+ true _js2n__-prdslib.always) _js2n__-prdslib.always
+ _js2n__-prdslib.always,
_js2n__-prdslib.ifThenElse
(_js2n__-prdslib.records.record
{ UETVersion = _js2n__-prdslib.const "2024.1155.941", } {}
@@ -1861,6 +1991,32 @@ let rec _js2n__-refsenv
_js2n__-prdslib.enum
[
"BleedingEdge",
+ "2024.1167.643",
+ "2024.1166.989",
+ "2024.1166.818",
+ "2024.1166.535",
+ "2024.1166.422",
+ "2024.1166.362",
+ "2024.1166.360",
+ "2024.1165.1212",
+ "2024.1165.1160",
+ "2024.1165.1019",
+ "2024.1165.978",
+ "2024.1165.920",
+ "2024.1165.908",
+ "2024.1165.873",
+ "2024.1165.830",
+ "2024.1165.806",
+ "2024.1165.794",
+ "2024.1165.761",
+ "2024.1165.743",
+ "2024.1165.713",
+ "2024.1165.640",
+ "2024.1165.574",
+ "2024.1165.466",
+ "2024.1165.417",
+ "2024.1165.392",
+ "2024.1164.341",
"2024.1155.941",
"2024.1140.783",
"2024.1140.692",
diff --git a/out/bitrise.ncl b/out/bitrise.ncl
index da091f8..cbf2aeb 100644
--- a/out/bitrise.ncl
+++ b/out/bitrise.ncl
@@ -901,19 +901,7 @@ let rec _js2n__-refsenv
{
description | String | optional,
envs
- | Array (
- _js2n__-prdslib.contract_from_predicate
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.record {}
- {
- ".*" =
- _js2n__-prdslib.records.record {} {} true
- _js2n__-prdslib.always,
- } true _js2n__-prdslib.always
- ])
- )
+ | _js2n__-refsenv."_js2n__-:definitions/EnvModel!contract"
| optional,
summary | String | optional,
title | String | optional,
@@ -941,6 +929,18 @@ let rec _js2n__-refsenv
app
| _js2n__-refsenv."_js2n__-:definitions/AppModel!contract"
| optional,
+ containers
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-refsenv."_js2n__-:definitions/ContainerModel!predicate",
+ } true _js2n__-prdslib.always
+ ])
+ | optional,
default_step_lib_source | String | optional,
description | String | optional,
format_version | String,
@@ -970,6 +970,18 @@ let rec _js2n__-refsenv
])
| optional,
project_type | String | optional,
+ services
+ | _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-refsenv."_js2n__-:definitions/ContainerModel!predicate",
+ } true _js2n__-prdslib.always
+ ])
+ | optional,
stages
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
@@ -1019,6 +1031,28 @@ let rec _js2n__-refsenv
{ name = _js2n__-prdslib.isType '"String", } {} false
_js2n__-prdslib.never
],
+ "_js2n__-:definitions/ContainerModel!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "image" ],
+ _js2n__-prdslib.records.record
+ {
+ credentials =
+ _js2n__-refsenv."_js2n__-:definitions/DockerCredentialModel!predicate",
+ envs =
+ _js2n__-refsenv."_js2n__-:definitions/EnvModel!predicate",
+ image = _js2n__-prdslib.isType '"String",
+ options = _js2n__-prdslib.isType '"String",
+ ports =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ } {} false _js2n__-prdslib.never
+ ],
"_js2n__-:definitions/DepsModel!predicate" =
_js2n__-prdslib.allOf
[
@@ -1048,6 +1082,48 @@ let rec _js2n__-refsenv
],
} {} false _js2n__-prdslib.never
],
+ "_js2n__-:definitions/DockerCredentialModel!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "password", "username" ],
+ _js2n__-prdslib.records.record
+ {
+ password = _js2n__-prdslib.isType '"String",
+ server = _js2n__-prdslib.isType '"String",
+ username = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/EnvModel!contract" =
+ Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-prdslib.records.record {} {} true
+ _js2n__-prdslib.always,
+ } true _js2n__-prdslib.always
+ ])
+ ),
+ "_js2n__-:definitions/EnvModel!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record {}
+ {
+ ".*" =
+ _js2n__-prdslib.records.record {} {} true
+ _js2n__-prdslib.always,
+ } true _js2n__-prdslib.always
+ ])
+ ],
"_js2n__-:definitions/GoStepToolkitModel!predicate" =
_js2n__-prdslib.allOf
[
@@ -1136,21 +1212,7 @@ let rec _js2n__-refsenv
(_js2n__-prdslib.isType '"String")
],
inputs =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.record {}
- {
- ".*" =
- _js2n__-prdslib.records.record {} {} true
- _js2n__-prdslib.always,
- } true _js2n__-prdslib.always
- ])
- ],
+ _js2n__-refsenv."_js2n__-:definitions/EnvModel!predicate",
is_always_run = _js2n__-prdslib.isType '"Bool",
is_requires_admin_user = _js2n__-prdslib.isType '"Bool",
is_skippable = _js2n__-prdslib.isType '"Bool",
@@ -1167,21 +1229,7 @@ let rec _js2n__-refsenv
],
no_output_timeout = _js2n__-prdslib.isType 'Integer,
outputs =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.record {}
- {
- ".*" =
- _js2n__-prdslib.records.record {} {} true
- _js2n__-prdslib.always,
- } true _js2n__-prdslib.always
- ])
- ],
+ _js2n__-refsenv."_js2n__-:definitions/EnvModel!predicate",
project_type_tags =
_js2n__-prdslib.allOf
[
@@ -1317,28 +1365,22 @@ let rec _js2n__-refsenv
{ regex = _js2n__-prdslib.isType '"String", } {} false
_js2n__-prdslib.never
],
- "_js2n__-:definitions/WorkflowModel!predicate" =
+ "_js2n__-:definitions/WithModel!predicate" =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "steps" ],
_js2n__-prdslib.records.record
{
- after_run =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.isType '"String")
- ],
- before_run =
+ container = _js2n__-prdslib.isType '"String",
+ services =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"Array",
_js2n__-prdslib.arrays.arrayOf
(_js2n__-prdslib.isType '"String")
],
- description = _js2n__-prdslib.isType '"String",
- envs =
+ steps =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"Array",
@@ -1349,11 +1391,35 @@ let rec _js2n__-refsenv
_js2n__-prdslib.records.record {}
{
".*" =
- _js2n__-prdslib.records.record {} {} true
- _js2n__-prdslib.always,
+ _js2n__-refsenv."_js2n__-:definitions/StepModel!predicate",
} true _js2n__-prdslib.always
])
],
+ } {} false _js2n__-prdslib.never
+ ],
+ "_js2n__-:definitions/WorkflowModel!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ after_run =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ before_run =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ description = _js2n__-prdslib.isType '"String",
+ envs =
+ _js2n__-refsenv."_js2n__-:definitions/EnvModel!predicate",
meta =
_js2n__-prdslib.allOf
[
@@ -1377,6 +1443,8 @@ let rec _js2n__-refsenv
{
".*" =
_js2n__-refsenv."_js2n__-:definitions/StepModel!predicate",
+ "^with$" =
+ _js2n__-refsenv."_js2n__-:definitions/WithModel!predicate",
} true _js2n__-prdslib.always
])
],
diff --git a/out/dvc.yaml.ncl b/out/dvc.yaml.ncl
index 8460597..f8fe8e3 100644
--- a/out/dvc.yaml.ncl
+++ b/out/dvc.yaml.ncl
@@ -944,7 +944,7 @@ let rec _js2n__-refsenv
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern "^\\${.*?}$"
+ _js2n__-prdslib.strings.pattern "^\\$\\{.*?\\}$"
],
_js2n__-prdslib.allOf
[
@@ -996,7 +996,8 @@ let rec _js2n__-refsenv
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.pattern "^\\${.*?}$"
+ _js2n__-prdslib.strings.pattern
+ "^\\$\\{.*?\\}$"
]
])
],
diff --git a/out/fly.io Configuration.ncl b/out/fly.io Configuration.ncl
index 3c1a2ab..b1e0ff0 100644
--- a/out/fly.io Configuration.ncl
+++ b/out/fly.io Configuration.ncl
@@ -897,6 +897,107 @@ let _js2n__-prdslib
in
let rec _js2n__-refsenv
= {
+ "_js2n__-:definitions/http_checks!predicate"
+ | doc "HTTP-based health checks run against the `internal_port`. These checks will pass when receiving a 2xx response. Any other response is considered a failure."
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ grace_period =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.isType '"String"
+ ],
+ headers = _js2n__-prdslib.isType 'Record,
+ interval =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.isType '"String"
+ ],
+ method = _js2n__-prdslib.isType '"String",
+ path = _js2n__-prdslib.isType '"String",
+ protocol =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum [ "http", "https" ]
+ ],
+ restart_limit = _js2n__-prdslib.isType 'Integer,
+ timeout =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.isType 'Integer,
+ _js2n__-prdslib.isType '"String"
+ ],
+ tls_skip_verify = _js2n__-prdslib.isType '"Bool",
+ } {} true _js2n__-prdslib.always
+ ])
+ ],
+ "_js2n__-:definitions/metrics!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ path = _js2n__-prdslib.isType '"String",
+ port = _js2n__-prdslib.isType 'Integer,
+ processes =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ "_js2n__-:definitions/mounts!predicate"
+ | doc m%"
+ Mount [persistent storage volumes](https://fly.io/docs/reference/volumes) previously setup via `flyctl`. Both settings are required. Example:
+
+ ```toml
+ [mounts]
+ source = "myapp_data"
+ destination = "/data"
+ ```
+ "%
+ = _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "destination", "source" ],
+ _js2n__-prdslib.records.record
+ {
+ auto_extend_size_increment = _js2n__-prdslib.isType '"String",
+ auto_extend_size_limit = _js2n__-prdslib.isType '"String",
+ auto_extend_size_threshold = _js2n__-prdslib.isType 'Integer,
+ destination = _js2n__-prdslib.isType '"String",
+ initial_size =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Integer
+ ],
+ processes =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.strings.minLength 1
+ ])
+ ],
+ snapshot_retention = _js2n__-prdslib.isType 'Integer,
+ source = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
"_js2n__-:definitions/services!predicate"
| doc m%"
Configure the mapping of ports from the public Fly proxy to your application.
@@ -931,6 +1032,9 @@ let rec _js2n__-refsenv
} {} true _js2n__-prdslib.always
],
http_checks =
+ _js2n__-refsenv."_js2n__-:definitions/http_checks!predicate",
+ internal_port = _js2n__-prdslib.isType 'Integer,
+ machine_checks =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"Array",
@@ -938,44 +1042,43 @@ let rec _js2n__-refsenv
(_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required
+ [
+ "command",
+ "entrypoint",
+ "image",
+ "kill_signal",
+ "kill_timeout"
+ ],
_js2n__-prdslib.records.record
{
- grace_period =
- _js2n__-prdslib.oneOf
+ command =
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.isType '"String"
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
],
- headers = _js2n__-prdslib.isType 'Record,
- interval =
- _js2n__-prdslib.oneOf
+ entrypoint =
+ _js2n__-prdslib.allOf
[
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.isType '"String"
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
],
- method = _js2n__-prdslib.isType '"String",
- path = _js2n__-prdslib.isType '"String",
- protocol =
+ image = _js2n__-prdslib.isType '"String",
+ kill_signal =
+ _js2n__-prdslib.isType '"String",
+ kill_timeout =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType '"String",
- _js2n__-prdslib.enum
- [ "http", "https" ]
+ _js2n__-prdslib.strings.pattern
+ "^\\d+s$"
],
- restart_limit =
- _js2n__-prdslib.isType 'Integer,
- timeout =
- _js2n__-prdslib.oneOf
- [
- _js2n__-prdslib.isType 'Integer,
- _js2n__-prdslib.isType '"String"
- ],
- tls_skip_verify =
- _js2n__-prdslib.isType '"Bool",
} {} true _js2n__-prdslib.always
])
],
- internal_port = _js2n__-prdslib.isType 'Integer,
min_machines_running = _js2n__-prdslib.isType 'Integer,
ports =
_js2n__-prdslib.allOf
@@ -1199,12 +1302,14 @@ let rec _js2n__-refsenv
image = _js2n__-prdslib.isType '"String",
} {} false _js2n__-prdslib.never
],
+ console_command = _js2n__-prdslib.isType '"String",
deploy =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
_js2n__-prdslib.records.record
{
+ max_unavailable = _js2n__-prdslib.isType '"Number",
release_command = _js2n__-prdslib.isType '"String",
strategy =
_js2n__-prdslib.allOf
@@ -1259,6 +1364,139 @@ let rec _js2n__-refsenv
private_network = _js2n__-prdslib.isType '"Bool",
} {} true _js2n__-prdslib.always
],
+ files =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "guest_path" ],
+ _js2n__-prdslib.records.record
+ {
+ guest_path = _js2n__-prdslib.isType '"String",
+ local_path = _js2n__-prdslib.isType '"String",
+ processes =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ raw_value = _js2n__-prdslib.isType '"String",
+ secret_name = _js2n__-prdslib.isType '"String",
+ } {} true _js2n__-prdslib.always
+ ])
+ ],
+ host_dedication_id = _js2n__-prdslib.isType '"String",
+ http_checks =
+ _js2n__-refsenv."_js2n__-:definitions/http_checks!predicate",
+ http_service =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ auto_start_machines = _js2n__-prdslib.isType '"Bool",
+ auto_stop_machines = _js2n__-prdslib.isType '"Bool",
+ checks =
+ _js2n__-refsenv."_js2n__-:definitions/http_checks!predicate",
+ concurrency =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ hard_limit =
+ _js2n__-prdslib.isType 'Integer,
+ soft_limit =
+ _js2n__-prdslib.isType 'Integer,
+ type =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.enum
+ [ "connections", "requests" ]
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ force_https = _js2n__-prdslib.isType '"Bool",
+ http_options =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ h2_backend =
+ _js2n__-prdslib.isType '"Bool",
+ response =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ headers =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ 'Record,
+ _js2n__-prdslib.records.record
+ {} {} true
+ (_js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.isType
+ '"Bool",
+ _js2n__-prdslib.isType
+ '"String",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType
+ '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType
+ '"String")
+ ]
+ ])
+ ],
+ pristine =
+ _js2n__-prdslib.isType
+ '"Bool",
+ } {} true _js2n__-prdslib.always
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ internal_port = _js2n__-prdslib.isType 'Integer,
+ min_machines_running =
+ _js2n__-prdslib.isType 'Integer,
+ tls_options =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.record
+ {
+ alpn =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType
+ '"String")
+ ],
+ default_self_signed =
+ _js2n__-prdslib.isType '"Bool",
+ versions =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType
+ '"String")
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
+ } {} true _js2n__-prdslib.always
+ ],
kill_signal =
_js2n__-prdslib.allOf
[
@@ -1280,40 +1518,35 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType 'Integer,
_js2n__-prdslib.isType '"String"
],
+ metrics =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/metrics!predicate"
+ ],
+ _js2n__-refsenv."_js2n__-:definitions/metrics!predicate"
+ ],
mounts =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-refsenv."_js2n__-:definitions/mounts!predicate",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ _js2n__-refsenv."_js2n__-:definitions/mounts!predicate"
+ ]
+ ],
+ primary_region = _js2n__-prdslib.isType '"String",
+ processes =
_js2n__-prdslib.allOf
[
_js2n__-prdslib.isType 'Record,
- _js2n__-prdslib.records.required
- [ "destination", "source" ],
- _js2n__-prdslib.records.record
- {
- auto_extend_size_increment =
- _js2n__-prdslib.isType '"String",
- auto_extend_size_limit =
- _js2n__-prdslib.isType '"String",
- auto_extend_size_threshold =
- _js2n__-prdslib.isType 'Integer,
- destination = _js2n__-prdslib.isType '"String",
- initial_size =
- _js2n__-prdslib.anyOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.isType 'Integer
- ],
- processes =
- _js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"Array",
- _js2n__-prdslib.arrays.arrayOf
- (_js2n__-prdslib.allOf
- [
- _js2n__-prdslib.isType '"String",
- _js2n__-prdslib.strings.minLength 1
- ])
- ],
- source = _js2n__-prdslib.isType '"String",
- } {} false _js2n__-prdslib.never
+ _js2n__-prdslib.records.record {} {} true
+ (_js2n__-prdslib.isType '"String")
],
services =
_js2n__-prdslib.oneOf
@@ -1327,7 +1560,7 @@ let rec _js2n__-refsenv
]
],
statics =
- _js2n__-prdslib.anyOf
+ _js2n__-prdslib.oneOf
[
_js2n__-refsenv."_js2n__-:definitions/statics!predicate",
_js2n__-prdslib.allOf
@@ -1337,6 +1570,7 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/statics!predicate"
]
],
+ swap_size_mb = _js2n__-prdslib.isType 'Integer,
vm =
_js2n__-prdslib.allOf
[
@@ -1380,7 +1614,17 @@ let rec _js2n__-refsenv
],
host_dedication_id =
_js2n__-prdslib.isType '"String",
- kernel_args = _js2n__-prdslib.isType '"String",
+ kernel_args =
+ _js2n__-prdslib.oneOf
+ [
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType '"Array",
+ _js2n__-prdslib.arrays.arrayOf
+ (_js2n__-prdslib.isType '"String")
+ ],
+ _js2n__-prdslib.isType '"String"
+ ],
memory =
_js2n__-prdslib.oneOf
[
diff --git a/out/latexindent configuration.ncl b/out/latexindent configuration.ncl
index 44159e1..06f7cf3 100644
--- a/out/latexindent configuration.ncl
+++ b/out/latexindent configuration.ncl
@@ -1140,10 +1140,14 @@ let rec _js2n__-refsenv
| String
| doc "regular expression for what can come after %"
| optional,
- notPreceededBy
+ notPrecededBy
| String
| doc "regular expression for what can NOT come before %, for example \\%"
| optional,
+ notPreceededBy
+ | String
+ | doc "please use notPrecededBy instead"
+ | optional,
..
}
| doc "fine tuning, for trailing comments"
diff --git a/out/lazygit.ncl b/out/lazygit.ncl
index 1d90726..40d17e0 100644
--- a/out/lazygit.ncl
+++ b/out/lazygit.ncl
@@ -1279,6 +1279,15 @@ let rec _js2n__-refsenv
])
| doc "Height of the command log view"
| optional,
+ commitAuthorFormat
+ | std.enum.TagOrString
+ | [| 'full, 'short, 'auto |]
+ | doc m%"
+ Whether to show full author names or their shortened form in the commit graph.
+ One of 'auto' (default) | 'full' | 'short'
+ If 'auto', initials will be shown in small windows, and full names - in larger ones.
+ "%
+ | optional,
commitHashLength
| _js2n__-prdslib.contract_from_predicate
(_js2n__-prdslib.allOf
diff --git a/out/mirrord config.ncl b/out/mirrord config.ncl
index 1c275c1..89f6aba 100644
--- a/out/mirrord config.ncl
+++ b/out/mirrord config.ncl
@@ -923,7 +923,7 @@ let rec _js2n__-refsenv
For more information, check the file operations [technical reference](https://mirrord.dev/docs/reference/fileops/).
- ```json { "feature": { "fs": { "mode": "write", "read_write": ".+\.json" , "read_only": [ ".+\.yaml", ".+important-file\.txt" ], "local": [ ".+\.js", ".+\.mjs" ], "not_found": [ "\.config/gcloud" ] } } } ```
+ ```json { "feature": { "fs": { "mode": "write", "read_write": ".+\\.json" , "read_only": [ ".+\\.yaml", ".+important-file\\.txt" ], "local": [ ".+\\.js", ".+\\.mjs" ], "not_found": [ "\\.config/gcloud" ] } } } ```
"%
= _js2n__-prdslib.allOf
[
@@ -968,7 +968,7 @@ let rec _js2n__-refsenv
We provide sane defaults for this option, so you don't have to set up anything here.
- ```json { "agent": { "log_level": "info", "json_log": false, "namespace": "default", "image": "ghcr.io/metalbear-co/mirrord:latest", "image_pull_policy": "IfNotPresent", "image_pull_secrets": [ { "secret-key": "secret" } ], "ttl": 30, "ephemeral": false, "communication_timeout": 30, "startup_timeout": 360, "network_interface": "eth0", "flush_connections": false, } } ```
+ ```json { "agent": { "log_level": "info", "json_log": false, "namespace": "default", "image": "ghcr.io/metalbear-co/mirrord:latest", "image_pull_policy": "IfNotPresent", "image_pull_secrets": [ { "secret-key": "secret" } ], "ttl": 30, "ephemeral": false, "communication_timeout": 30, "startup_timeout": 360, "network_interface": "eth0", "flush_connections": false } } ```
"%
= _js2n__-prdslib.allOf
[
@@ -1227,6 +1227,22 @@ let rec _js2n__-refsenv
} {} false _js2n__-prdslib.never
]
],
+ "_js2n__-:definitions/CronJobTarget!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "cron_job" ],
+ _js2n__-prdslib.records.record
+ {
+ container =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Null
+ ],
+ cron_job = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
"_js2n__-:definitions/DeploymentTarget!predicate"
| doc " Mirror the deployment specified by [`DeploymentTarget::deployment`]."
= _js2n__-prdslib.allOf
@@ -1303,6 +1319,12 @@ let rec _js2n__-refsenv
_js2n__-prdslib.isType 'Record,
_js2n__-prdslib.records.record
{
+ readlink =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"Bool",
+ _js2n__-prdslib.isType 'Null
+ ],
tcp_ping4_mock =
_js2n__-prdslib.anyOf
[
@@ -1319,7 +1341,7 @@ let rec _js2n__-refsenv
The [`env`](#feature-env), [`fs`](#feature-fs) and [`network`](#feature-network) options have support for a shortened version, that you can see [here](#root-shortened).
- ```json { "feature": { "env": { "include": "DATABASE_USER;PUBLIC_ENV", "exclude": "DATABASE_PASSWORD;SECRET_ENV", "override": { "DATABASE_CONNECTION": "db://localhost:7777/my-db", "LOCAL_BEAR": "panda" } }, "fs": { "mode": "write", "read_write": ".+\.json" , "read_only": [ ".+\.yaml", ".+important-file\.txt" ], "local": [ ".+\.js", ".+\.mjs" ] }, "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] }, "outgoing": { "tcp": true, "udp": true, "filter": { "local": ["tcp://1.1.1.0/24:1337", "1.1.5.0/24", "google.com", ":53"] }, "ignore_localhost": false, "unix_streams": "bear.+" }, "dns": false }, "copy_target": false, "hostname": true } } ```
+ ```json { "feature": { "env": { "include": "DATABASE_USER;PUBLIC_ENV", "exclude": "DATABASE_PASSWORD;SECRET_ENV", "override": { "DATABASE_CONNECTION": "db://localhost:7777/my-db", "LOCAL_BEAR": "panda" } }, "fs": { "mode": "write", "read_write": ".+\\.json" , "read_only": [ ".+\\.yaml", ".+important-file\\.txt" ], "local": [ ".+\\.js", ".+\\.mjs" ] }, "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] }, "outgoing": { "tcp": true, "udp": true, "filter": { "local": ["tcp://1.1.1.0/24:1337", "1.1.5.0/24", "google.com", ":53"] }, "ignore_localhost": false, "unix_streams": "bear.+" }, "dns": false }, "copy_target": false, "hostname": true } } ```
"%
= _js2n__-prdslib.allOf
[
@@ -1431,7 +1453,7 @@ let rec _js2n__-refsenv
### Advanced `fs` config {#fs-advanced}
- ```json { "feature": { "fs": { "mode": "write", "read_write": ".+\.json" , "read_only": [ ".+\.yaml", ".+important-file\.txt" ], "local": [ ".+\.js", ".+\.mjs" ] } } } ```
+ ```json { "feature": { "fs": { "mode": "write", "read_write": ".+\\.json" , "read_only": [ ".+\\.yaml", ".+important-file\\.txt" ], "local": [ ".+\\.js", ".+\\.mjs" ] } } } ```
"%
= _js2n__-prdslib.anyOf
[
@@ -1446,13 +1468,13 @@ let rec _js2n__-refsenv
Only does something when [`feature.network.incoming.mode`](#feature-network-incoming-mode) is set as `"steal"`, ignored otherwise.
- For example, to filter based on header: ```json { "header_filter": "host: api\..+", } ``` Setting that filter will make mirrord only steal requests with the `host` header set to hosts that start with "api", followed by a dot, and then at least one more character.
+ For example, to filter based on header: ```json { "header_filter": "host: api\\..+" } ``` Setting that filter will make mirrord only steal requests with the `host` header set to hosts that start with "api", followed by a dot, and then at least one more character.
- For example, to filter based on path: ```json { "path_filter": "^/api/", } ``` Setting this filter will make mirrord only steal requests to URIs starting with "/api/".
+ For example, to filter based on path: ```json { "path_filter": "^/api/" } ``` Setting this filter will make mirrord only steal requests to URIs starting with "/api/".
- This can be useful for filtering out Kubernetes liveness, readiness and startup probes. For example, for avoiding stealing any probe sent by kubernetes, you can set this filter: ```json { "header_filter": "^User-Agent: (?!kube-probe)", } ``` Setting this filter will make mirrord only steal requests that **do** have a user agent that **does not** begin with "kube-probe".
+ This can be useful for filtering out Kubernetes liveness, readiness and startup probes. For example, for avoiding stealing any probe sent by kubernetes, you can set this filter: ```json { "header_filter": "^User-Agent: (?!kube-probe)" } ``` Setting this filter will make mirrord only steal requests that **do** have a user agent that **does not** begin with "kube-probe".
- Similarly, you can exclude certain paths using a negative look-ahead: ```json { "path_filter": "^(?!/health/)", } ``` Setting this filter will make mirrord only steal requests to URIs that do not start with "/health/".
+ Similarly, you can exclude certain paths using a negative look-ahead: ```json { "path_filter": "^(?!/health/)" } ``` Setting this filter will make mirrord only steal requests to URIs that do not start with "/health/".
"%
= _js2n__-prdslib.allOf
[
@@ -1618,7 +1640,7 @@ let rec _js2n__-refsenv
### Advanced `incoming` config
- ```json { "feature": { "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] "listen_ports": [[80, 8111]] } } } } ```
+ ```json { "feature": { "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] "listen_ports": [[80, 8111]] } } } } ```
"%
= _js2n__-prdslib.anyOf
[
@@ -1665,7 +1687,7 @@ let rec _js2n__-refsenv
This is seldom used, but if you get `ConnectionRefused` errors, you might want to increase the timeouts a bit.
- ```json { "internal_proxy": { "start_idle_timeout": 30, "idle_timeout": 5, } } ```
+ ```json { "internal_proxy": { "start_idle_timeout": 30, "idle_timeout": 5 } } ```
"%
= _js2n__-prdslib.allOf
[
@@ -1735,7 +1757,7 @@ let rec _js2n__-refsenv
See the network traffic [reference](https://mirrord.dev/docs/reference/traffic/) for more details.
- ```json { "feature": { "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] }, "outgoing": { "tcp": true, "udp": true, "filter": { "local": ["tcp://1.1.1.0/24:1337", "1.1.5.0/24", "google.com", ":53"] }, "ignore_localhost": false, "unix_streams": "bear.+" }, "dns": false } } } ```
+ ```json { "feature": { "network": { "incoming": { "mode": "steal", "http_filter": { "header_filter": "host: api\\..+" }, "port_mapping": [[ 7777, 8888 ]], "ignore_localhost": false, "ignore_ports": [9999, 10000] }, "outgoing": { "tcp": true, "udp": true, "filter": { "local": ["tcp://1.1.1.0/24:1337", "1.1.5.0/24", "google.com", ":53"] }, "ignore_localhost": false, "unix_streams": "bear.+" }, "dns": false } } } ```
"%
= _js2n__-prdslib.allOf
[
@@ -1897,13 +1919,29 @@ let rec _js2n__-refsenv
rollout = _js2n__-prdslib.isType '"String",
} {} false _js2n__-prdslib.never
],
+ "_js2n__-:definitions/StatefulSetTarget!predicate" =
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "stateful_set" ],
+ _js2n__-prdslib.records.record
+ {
+ container =
+ _js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.isType 'Null
+ ],
+ stateful_set = _js2n__-prdslib.isType '"String",
+ } {} false _js2n__-prdslib.never
+ ],
"_js2n__-:definitions/Target!predicate"
| doc m%"
## path
Specifies the running pod (or deployment) to mirror.
- Supports: - `pod/{sample-pod}`; - `podname/{sample-pod}`; - `deployment/{sample-deployment}`; - `container/{sample-container}`; - `containername/{sample-container}`. - `job/{sample-job}`;
+ Supports: - `pod/{sample-pod}`; - `podname/{sample-pod}`; - `deployment/{sample-deployment}`; - `container/{sample-container}`; - `containername/{sample-container}`. - `job/{sample-job}`; - `cronjob/{sample-cronjob}`; - `statefulset/{sample-statefulset}`;
"%
= _js2n__-prdslib.anyOf
[
@@ -1911,6 +1949,8 @@ let rec _js2n__-refsenv
_js2n__-refsenv."_js2n__-:definitions/PodTarget!predicate",
_js2n__-refsenv."_js2n__-:definitions/RolloutTarget!predicate",
_js2n__-refsenv."_js2n__-:definitions/JobTarget!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/CronJobTarget!predicate",
+ _js2n__-refsenv."_js2n__-:definitions/StatefulSetTarget!predicate",
_js2n__-prdslib.isType 'Null
],
"_js2n__-:definitions/TargetFileConfig!predicate" =
diff --git a/out/mkdocs.yml.ncl b/out/mkdocs.yml.ncl
new file mode 100644
index 0000000..a6d6366
--- /dev/null
+++ b/out/mkdocs.yml.ncl
@@ -0,0 +1,1226 @@
+# DO NOT EDIT
+# This file was automatically generated using json-schema-to-nickel
+let _js2n__-prdslib
+ = {
+ allOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `allOf preds` succeeds if all of the predicates in `preds` succeed
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.1]
+ "%
+ = fun
+ preds
+ x
+ =>
+ std.array.fold_right
+ (fun pred acc => (match { 'Ok => acc, 'Err s => 'Err s, }) (pred x))
+ 'Ok preds,
+ always : Dyn -> [| 'Ok, 'Err String |] = std.function.const 'Ok,
+ anyOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `anyOf preds` succeeds if at least one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.2]
+ "%
+ = fun
+ preds
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ anyOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ pred
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) preds),
+ arrays =
+ {
+ additionalItems
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.2]"
+ = fun
+ pred
+ start
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let value_length
+ = std.array.length x
+ in
+ if start >= value_length then
+ 'Ok
+ else
+ arrayOf pred
+ ((std.array.slice start value_length x)
+ | Dyn),
+ arrayOf
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Apply a predicate to all elements of an array, succeeding if all
+ applications succeed.
+ "%
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match { 'Ok => acc, 'Err msg => 'Err msg, }) (pred x))
+ 'Ok x,
+ contains
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.6]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ 'Err
+ m%"
+ contains: no elements matched
+ %{std.string.join
+ m%"
+
+
+ "% msgs}
+ "%,
+ })
+ (std.array.fold_right
+ (fun
+ x
+ acc
+ =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Errs
+ msgs =>
+ (match {
+ 'Ok =>
+ 'Ok,
+ 'Err
+ msg =>
+ 'Errs ([ " - %{msg}" ] @ msgs),
+ }) (pred x),
+ }) acc) ('Errs [ ]) x),
+ items
+ : Array (Dyn -> [| 'Ok, 'Err String |])
+ -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.1]"
+ = fun
+ preds
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let x
+ | Array Dyn
+ = x
+ in
+ let length_to_check
+ = std.number.min (std.array.length preds)
+ (std.array.length x)
+ in
+ std.array.fold_right
+ (fun
+ i
+ acc
+ =>
+ (match { 'Err msg => 'Err msg, 'Ok => acc, })
+ (std.array.at i preds (std.array.at i x))) 'Ok
+ (std.array.range 0 length_to_check),
+ maxItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxItems n x` fails if `x` is an array of length strictly greater than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.3]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) > n then
+ 'Err
+ "array is longer than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ minItems
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minItems n x` fails if `x` is an array of length strictly smaller than `n` and succeeds otherwise.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.4]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ if (std.array.length (x | Array Dyn)) < n then
+ 'Err
+ "array is shorter than %{std.string.from_number n} items"
+ else
+ 'Ok,
+ uniqueItems
+ : Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ Succeeds for any array if its elements are pairwise distinct.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.4.5]
+ "%
+ = let find_duplicate
+ : Array Dyn
+ -> {
+ has_duplicate : Bool,
+ duplicate : Dyn,
+ seen : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ elt
+ acc
+ =>
+ if acc.has_duplicate then
+ acc
+ else
+ let index
+ = std.serialize 'Json elt
+ in
+ if std.record.has_field index acc.seen then
+ {
+ duplicate = elt,
+ has_duplicate = true,
+ seen = acc.seen,
+ }
+ else
+ {
+ duplicate = null,
+ has_duplicate = false,
+ seen = std.record.insert index true acc.seen,
+ })
+ { duplicate = null, has_duplicate = false, seen = {}, }
+ in
+ fun
+ x
+ =>
+ if !(std.is_array x) then
+ 'Ok
+ else
+ let { has_duplicate, duplicate, .. }
+ = find_duplicate (x | Array Dyn)
+ in
+ if has_duplicate then
+ 'Err "duplicate found: %{std.serialize 'Json duplicate}"
+ else
+ 'Ok,
+ },
+ const
+ : Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `const value x` succeeds if and only if `x` is equal to `value`
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.3]
+ "%
+ = fun
+ value
+ x
+ =>
+ if x == value then
+ 'Ok
+ else
+ 'Err "expected %{std.serialize 'Json value}",
+ contract_from_predicate
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> Dyn -> Dyn
+ = fun
+ predicate
+ label
+ value
+ =>
+ (match {
+ 'Ok =>
+ value,
+ 'Err
+ msg =>
+ (std.contract.blame_with_message msg label)
+ | Dyn,
+ }) (predicate value),
+ enum
+ : Array Dyn -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `enum values x` succeeds if and only if `x` is equal to one of the elements of `values`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.1.2]
+ "%
+ = let checkEqual
+ = fun
+ input
+ variant
+ =>
+ (input == variant)
+ || ((std.is_enum input)
+ && (((std.string.from_enum input) == variant)
+ | Bool))
+ in
+ fun
+ values
+ x
+ =>
+ std.array.fold_right
+ (fun value acc => if checkEqual x value then 'Ok else acc)
+ ('Err "expected one of %{std.serialize 'Json (values | Dyn)}")
+ values,
+ from_simple_predicate
+ : String -> (Dyn -> Bool) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Convert a simple boolean predicate into a predicate supporting error messages"
+ = fun error' pred x => if pred x then 'Ok else 'Err error',
+ ifThenElse
+ : (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |])
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `ifThenElse i t e` first checks if the predicate `i` succeeds. If it does, it's equivalent to `t`, otherwise it's equivalent to `e`.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.6]
+ "%
+ = fun i t e x => (match { 'Ok => t x, 'Err msg => e x, }) (i x),
+ isType
+ : [| '"Array", '"Bool", 'Integer, 'Null, '"Number", 'Record, '"String" |]
+ -> Dyn -> [| 'Ok, 'Err String |]
+ = fun
+ t
+ =>
+ (match {
+ 'Null =>
+ from_simple_predicate "expected `null`" (fun x => x == null),
+ 'Integer =>
+ from_simple_predicate "expected an integer"
+ (fun
+ x
+ =>
+ (std.is_number x) && (std.number.is_integer (x | Number))),
+ _ =>
+ from_simple_predicate
+ "value is not of type %{std.string.from_enum t}"
+ (fun x => (std.typeof x) == t),
+ }) t,
+ never : Dyn -> [| 'Ok, 'Err String |] = std.function.const ('Err "never"),
+ not
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `not pred` succeeds if and only if `pred` fails
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.4]
+ "%
+ = fun
+ pred
+ x
+ =>
+ (match {
+ 'Ok =>
+ 'Err "Inverted predicate succeeded unexpectedly",
+ 'Err
+ msg =>
+ 'Ok,
+ }) (pred x),
+ numbers =
+ {
+ exclusiveMaximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.3]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) < limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive maximum of %{std.string.from_number
+ limit}",
+ exclusiveMinimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.5]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) > limit then
+ 'Ok
+ else
+ 'Err
+ "expected an exclusive minimum of %{std.string.from_number
+ limit}",
+ maximum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a maximum of %{std.string.from_number limit}",
+ minimum
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.4]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if (x | Number) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a minimum of %{std.string.from_number limit}",
+ multipleOf
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.2.1]"
+ = fun
+ mult
+ x
+ =>
+ if !(std.is_number x) then
+ 'Ok
+ else
+ if std.number.is_integer ((x | Number) / mult) then
+ 'Ok
+ else
+ 'Err
+ "expected a multiple of %{std.string.from_number mult}",
+ },
+ oneOf
+ : Array (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `oneOf preds` succeeds if precisely one of the predicates in `preds` succeeds
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.7.3]
+ "%
+ = fun
+ preds
+ x
+ =>
+ let count_ok
+ : Array [| 'Ok, 'Err String |] -> Number
+ = fun
+ results
+ =>
+ std.array.fold_left (fun n b => if b == 'Ok then n + 1 else n) 0
+ results
+ in
+ let results
+ = std.array.map (fun pred => pred x) preds
+ in
+ let count
+ = count_ok results
+ in
+ if count == 0 then
+ let errors
+ = std.array.flat_map
+ (fun
+ result
+ =>
+ (match { 'Ok => [ ], 'Err s => [ " - %{s}" ], })
+ result) results
+ in
+ 'Err
+ m%"
+ oneOf: none of the options matched
+ %{std.string.join
+ m%"
+
+
+ "% errors}
+ "%
+ else
+ if count > 1 then
+ 'Err "oneOf: more than one of the options matched"
+ else
+ 'Ok,
+ records =
+ {
+ dependencies
+ : { _ : Dyn } -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.7]"
+ = let mustHaveFields
+ : Array String -> { _ : Dyn } -> [| 'Ok, 'Err String |]
+ = fun
+ fields
+ x
+ =>
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ 'Err "expected field `%{field}`"
+ else
+ acc) 'Ok fields
+ in
+ fun
+ deps
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ let result
+ = if std.is_array value then
+ mustHaveFields (value | Array String) x
+ else
+ let pred
+ | Dyn -> [| 'Ok, 'Err String |]
+ = value
+ in
+ pred (x | Dyn)
+ in
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "dependency of `%{field}` failed: %{msg}",
+ 'Ok =>
+ acc,
+ }) result) 'Ok (std.record.to_array deps),
+ maxProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `maxProperties n x` fails if `x` is a record containing stricly more than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) > n then
+ 'Err
+ "record contains more than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ minProperties
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `minProperties n x` fails if `x` is a record containing stricly less than `n` fields.
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.1]
+ "%
+ = fun
+ n
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ if (std.record.length (x | { _ : Dyn })) < n then
+ 'Err
+ "record contains fewer than %{std.string.from_number
+ n} fields"
+ else
+ 'Ok,
+ propertyNames
+ : (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.8]"
+ = fun
+ pred
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` did not validate against `propertyNames` schema",
+ 'Ok =>
+ acc,
+ }) (pred (field | Dyn))) 'Ok
+ (std.record.fields (x | { _ : Dyn })),
+ record
+ : { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> { _ : Dyn -> [| 'Ok, 'Err String |] }
+ -> Bool
+ -> (Dyn -> [| 'Ok, 'Err String |]) -> Dyn -> [| 'Ok, 'Err String |]
+ | doc m%"
+ `record properties patternProperties additionalAllowed
+ additionalProperties x` is a combination of the `properties`,
+ `patternProperties` and `additionalProperties` validation keywords in
+ JSON schema.
+
+ Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5]
+ "%
+ = fun
+ properties
+ patternProperties
+ additionalAllowed
+ additionalProperties
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ let x
+ | { _ : Dyn }
+ = x
+ in
+ let check_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ if !(std.record.has_field field x) then
+ acc
+ else
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true acc.checked,
+ result = acc.result,
+ },
+ }) (value x."%{field}"))
+ { checked = {}, result = 'Ok, }
+ (std.record.to_array properties)
+ in
+ let matching_fields
+ : String -> { _ : Dyn }
+ = fun
+ pattern
+ =>
+ let matcher
+ = std.string.is_match pattern
+ in
+ std.array.fold_left
+ (fun
+ acc
+ =>
+ fun
+ { field, value, }
+ =>
+ if matcher field then
+ std.record.insert field value acc
+ else
+ acc) {} (std.record.to_array x)
+ in
+ let check_pattern_properties
+ : {
+ result : [| 'Ok, 'Err String |],
+ checked : { _ : Bool }
+ }
+ = std.array.fold_right
+ (fun
+ { field = pattern, value = pred, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ r @ { result = 'Err msg, .. } =>
+ r,
+ { result = 'Ok, checked = ch, } =>
+ {
+ checked =
+ std.array.fold_left
+ (fun
+ r
+ field
+ =>
+ if !(std.record.has_field field
+ r) then
+ std.record.insert field true r
+ else
+ r) acc.checked
+ (std.record.fields ch),
+ result = acc.result,
+ },
+ })
+ (std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ {
+ checked : { _ : Bool } = {},
+ result =
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ },
+ 'Ok =>
+ {
+ checked =
+ std.record.insert field true
+ acc.checked,
+ result = acc.result,
+ },
+ }) (pred value))
+ {
+ checked : { _ : Bool } = {},
+ result = 'Ok,
+ }
+ (std.record.to_array
+ (matching_fields pattern))))
+ { checked : { _ : Bool } = {}, result = 'Ok, }
+ (std.record.to_array patternProperties)
+ in
+ let remaining_fields
+ = std.array.fold_left
+ (fun
+ acc
+ field
+ =>
+ if !(std.record.has_field field acc) then
+ acc
+ else
+ std.record.remove field acc) x
+ ((std.record.fields check_properties.checked)
+ @ (std.record.fields
+ check_pattern_properties.checked))
+ in
+ let check_additional_properties
+ : [| 'Ok, 'Err String |]
+ = if (!additionalAllowed)
+ && (!(std.record.is_empty remaining_fields)) then
+ 'Err
+ "extra fields %{std.serialize 'Json
+ ((std.record.fields remaining_fields)
+ | Dyn)}"
+ else
+ std.array.fold_right
+ (fun
+ { field, value, }
+ =>
+ fun
+ acc
+ =>
+ (match {
+ 'Err
+ msg =>
+ 'Err
+ "field `%{field}` didn't validate: %{msg}",
+ 'Ok =>
+ acc,
+ }) (additionalProperties value)) 'Ok
+ (std.record.to_array remaining_fields)
+ in
+ (match {
+ 'Err
+ msg =>
+ check_properties.result,
+ 'Ok =>
+ (match {
+ 'Err
+ msg =>
+ check_pattern_properties.result,
+ 'Ok =>
+ check_additional_properties,
+ }) check_pattern_properties.result,
+ }) check_properties.result,
+ required
+ : Array String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.5.3]"
+ = fun
+ fields
+ x
+ =>
+ if !(std.is_record x) then
+ 'Ok
+ else
+ std.array.fold_right
+ (fun
+ field
+ acc
+ =>
+ if !(std.record.has_field field (x | { _ : Dyn })) then
+ 'Err "missing required field %{field}"
+ else
+ acc) 'Ok fields,
+ },
+ strings =
+ {
+ maxLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.1]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) <= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no larger than %{std.string.from_number
+ limit}",
+ minLength
+ : Number -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.2]"
+ = fun
+ limit
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if (std.string.length (x | String)) >= limit then
+ 'Ok
+ else
+ 'Err
+ "expected a string of length no smaller than %{std.string.from_number
+ limit}",
+ pattern
+ : String -> Dyn -> [| 'Ok, 'Err String |]
+ | doc "Cf. [https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-validation-01#section-6.3.3]"
+ = fun
+ pattern
+ x
+ =>
+ if !(std.is_string x) then
+ 'Ok
+ else
+ if std.string.is_match pattern (x | String) then
+ 'Ok
+ else
+ 'Err "expected a string matching the pattern `%{pattern}`",
+ },
+ }
+ in
+let rec _js2n__-refsenv
+ = {
+ "_js2n__-:definitions/validationAbsoluteLinkValues!contract" =
+ std.contract.Sequence
+ [
+ std.enum.TagOrString,
+ [| 'relative_to_docs, 'ignore, 'info, 'warn |]
+ ],
+ "_js2n__-:definitions/validationValues!contract" =
+ std.contract.Sequence
+ [ std.enum.TagOrString, [| 'ignore, 'info, 'warn |] ],
+ }
+ in
+ {
+ INHERIT
+ | String
+ | doc m%"
+ Define the parent for a configuration file. The path must be relative to the location of the primary file.
+ https://www.mkdocs.org/user-guide/configuration/#configuration-inheritance
+ "%
+ | optional,
+ copyright
+ | String
+ | doc m%"
+ Set the copyright information to be included in the documentation by the theme.
+ https://www.mkdocs.org/user-guide/configuration/#copyright
+ "%
+ | optional,
+ dev_addr
+ | String
+ | doc m%"
+ Determines the address used when running mkdocs serve. Must be of the format IP:PORT.
+ https://www.mkdocs.org/user-guide/configuration/#dev_addr
+ "%
+ | optional,
+ docs_dir
+ | String
+ | doc m%"
+ The directory containing the documentation source markdown files. This can either be a relative directory, in which case it is resolved relative to the directory containing your configuration file, or it can be an absolute directory path from the root of your local file system.
+ https://www.mkdocs.org/user-guide/configuration/#docs_dir
+ "%
+ | optional,
+ draft_docs
+ | String
+ | doc m%"
+ This config defines patterns of files (under docs_dir) to be treated as a draft. Draft files are available during mkdocs serve and include a "DRAFT" mark but will not be included in the build. To prevent this effect and make "serve" behave the same as "build", you can run mkdocs serve --clean.
+ https://www.mkdocs.org/user-guide/configuration/#draft_docs
+ "%
+ | optional,
+ edit_uri
+ | String
+ | doc m%"
+ The path from the base repo_url to the docs directory when directly viewing a page, accounting for specifics of the repository host (e.g. GitHub, Bitbucket, etc), the branch, and the docs directory itself.
+ https://www.mkdocs.org/user-guide/configuration/#edit_uri
+ "%
+ | optional,
+ edit_uri_template
+ | String
+ | doc m%"
+ The more flexible variant of edit_uri.
+ https://www.mkdocs.org/user-guide/configuration/#edit_uri_template
+ "%
+ | optional,
+ exclude_docs
+ | String
+ | doc m%"
+ This config defines patterns of files (under docs_dir) to not be picked up into the built site.
+ https://www.mkdocs.org/user-guide/configuration/#exclude_docs
+ "%
+ | optional,
+ extra
+ | { .. }
+ | doc m%"
+ A set of key-value pairs, where the values can be any valid YAML construct, that will be passed to the template. This allows for great flexibility when creating custom themes.
+ https://www.mkdocs.org/user-guide/configuration/#extra
+ "%
+ | optional,
+ extra_css
+ | Array (String)
+ | doc m%"
+ Set a list of CSS files (relative to docs_dir) to be included by the theme, typically as tags.
+ https://www.mkdocs.org/user-guide/configuration/#extra_css
+ "%
+ | optional,
+ extra_javascript
+ | Array (
+ _js2n__-prdslib.contract_from_predicate
+ (_js2n__-prdslib.anyOf
+ [
+ _js2n__-prdslib.isType '"String",
+ _js2n__-prdslib.allOf
+ [
+ _js2n__-prdslib.isType 'Record,
+ _js2n__-prdslib.records.required [ "path" ],
+ _js2n__-prdslib.records.record
+ {
+ async = _js2n__-prdslib.isType '"Bool",
+ defer = _js2n__-prdslib.isType '"Bool",
+ path = _js2n__-prdslib.isType '"String",
+ type = _js2n__-prdslib.isType '"String",
+ } {} true _js2n__-prdslib.always
+ ]
+ ])
+ )
+ | doc m%"
+ Set a list of JavaScript files in your docs_dir to be included by the theme, as