Network configuration items.

Hierarchy

  • NetworkConfigTypes

Constructors

Properties

centralNetworkServicesConfig certificateConfig certificateConfigTypeEnum certificateValidationEnum customerGatewayConfig defaultVpcsConfig dhcpOptsConfig dnsFirewallBlockResponseTypeEnum dnsFirewallManagedDomainListEnum dnsFirewallRuleActionTypeEnum dnsFirewallRuleGroupConfig dnsFirewallRulesConfig dnsQueryLogsConfig dpdTimeoutActionEnum dxGatewayConfig dxTransitGatewayAssociationConfig dxVirtualInterfaceConfig dxVirtualInterfaceTypeEnum elbAccountIdsConfig encryptionAlgorithmEnum endpointPolicyConfig firewallManagerNotificationChannelConfig firewallManagerServiceConfig gatewayEndpointConfig gatewayEndpointEnum gatewayEndpointServiceConfig gatewayRouteTableTypeEnum gwlbConfig gwlbEndpointConfig ikeVersionEnum instanceTenancyTypeEnum integrityAlgorithmEnum interfaceEndpointConfig interfaceEndpointServiceConfig ipAddressFamilyEnum ipVersionEnum ipamAllocationConfig ipamConfig ipamPoolConfig ipamScopeConfig loadBalancersConfig localGatewayConfig localGatewayRouteTableConfig mutationProtectionEnum natGatewayConfig netbiosNodeEnum networkAclConfig networkAclInboundRuleConfig networkAclOutboundRuleConfig networkAclSubnetSelection networkConfig nfwConfig nfwFirewallConfig nfwFirewallPolicyConfig nfwFirewallPolicyPolicyConfig nfwGeneratedRulesType nfwLogType nfwLoggingConfig nfwRuleGroupConfig nfwRuleGroupRuleConfig nfwRuleSourceConfig nfwRuleSourceCustomActionConfig nfwRuleSourceCustomActionDefinitionConfig nfwRuleSourceCustomActionDimensionConfig nfwRuleSourceListConfig nfwRuleSourceStatefulRuleConfig nfwRuleSourceStatefulRuleHeaderConfig nfwRuleSourceStatefulRuleOptionsConfig nfwRuleSourceStatelessMatchAttributesConfig nfwRuleSourceStatelessPortRangeConfig nfwRuleSourceStatelessRuleConfig nfwRuleSourceStatelessRuleDefinitionConfig nfwRuleSourceStatelessTcpFlagsConfig nfwRuleType nfwRuleVariableConfig nfwRuleVariableDefinitionConfig nfwStatefulDefaultActionType nfwStatefulRuleActionType nfwStatefulRuleDirectionType nfwStatefulRuleGroupReferenceConfig nfwStatefulRuleOptionsType nfwStatefulRuleProtocolType nfwStatelessRuleActionType nfwStatelessRuleGroupReferenceConfig nfwStatelessRuleTcpFlagType nfwStatelessRulesAndCustomActionsConfig nfwTargetType outpostsConfig phase1Config phase1DhGroupEnum phase2Config phase2DhGroupEnum prefixListConfig prefixListSourceConfig resolverConfig resolverEndpointConfig resolverEndpointTypeEnum resolverRuleConfig routeTableConfig routeTableEntryConfig routeTableEntryTypeEnum ruleTargetIps ruleTypeEnum securityGroupConfig securityGroupRuleConfig securityGroupRuleTypeEnum securityGroupSourceConfig startupActionEnum subnetConfig subnetSourceConfig transitGatewayAttachmentConfig transitGatewayAttachmentOptionsConfig transitGatewayAttachmentTargetConfig transitGatewayConfig transitGatewayPeeringAccepterConfig transitGatewayPeeringConfig transitGatewayPeeringRequesterConfig transitGatewayRouteEntryConfig transitGatewayRouteTableConfig transitGatewayRouteTableDxGatewayEntryConfig transitGatewayRouteTableTgwPeeringEntryConfig transitGatewayRouteTableVpcEntryConfig transitGatewayRouteTableVpnEntryConfig virtualPrivateGatewayConfig vpcConfig vpcDnsFirewallAssociationConfig vpcPeeringConfig vpcTemplatesConfig vpnConnectionConfig vpnLoggingConfig vpnLoggingOutputFormatEnum vpnTunnelOptionsSpecificationsConfig

Constructors

Properties

centralNetworkServicesConfig: TypeC<{
    delegatedAdminAccount: SizedType<string, Type<string, string, unknown>>;
    gatewayLoadBalancers: OptionalType<ArrayC<TypeC<{
        account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        crossZoneLoadBalancing: OptionalType<BooleanC>;
        deletionProtection: OptionalType<BooleanC>;
        endpoints: ArrayC<TypeC<{
            account: SizedType<string, Type<string, string, unknown>>;
            name: SizedType<string, Type<string, string, unknown>>;
            subnet: SizedType<string, Type<string, string, unknown>>;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>>;
        name: SizedType<string, Type<string, string, unknown>>;
        subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        targetGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        vpc: SizedType<string, Type<string, string, unknown>>;
    }>>>;
    ipams: OptionalType<ArrayC<TypeC<{
        description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        operatingRegions: OptionalType<ArrayC<EnumType<string>>>;
        pools: OptionalType<ArrayC<TypeC<{
            addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
            allocationDefaultNetmaskLength: OptionalType<NumberC>;
            allocationMaxNetmaskLength: OptionalType<NumberC>;
            allocationMinNetmaskLength: OptionalType<NumberC>;
            allocationResourceTags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            autoImport: OptionalType<BooleanC>;
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            locale: OptionalType<EnumType<string>>;
            name: SizedType<string, Type<string, string, unknown>>;
            provisionedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            publiclyAdvertisable: OptionalType<BooleanC>;
            scope: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
            sourceIpamPool: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        region: EnumType<string>;
        scopes: OptionalType<ArrayC<TypeC<{
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
    }>>>;
    networkFirewall: OptionalType<TypeC<{
        firewalls: ArrayC<TypeC<{
            deleteProtection: OptionalType<BooleanC>;
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            firewallPolicy: SizedType<string, Type<string, string, unknown>>;
            firewallPolicyChangeProtection: OptionalType<BooleanC>;
            loggingConfiguration: OptionalType<ArrayC<TypeC<{
                destination: EnumType<"s3" | "cloud-watch-logs">;
                type: EnumType<"ALERT" | "FLOW">;
            }>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            subnetChangeProtection: OptionalType<BooleanC>;
            subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>>;
        policies: ArrayC<TypeC<{
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            firewallPolicy: TypeC<{
                statefulDefaultActions: OptionalType<ArrayC<EnumType<"aws:drop_strict" | "aws:drop_established" | "aws:alert_strict" | "aws:alert_established">>>;
                statefulEngineOptions: OptionalType<EnumType<"STRICT_ORDER" | "DEFAULT_ACTION_ORDER">>;
                statefulRuleGroups: OptionalType<ArrayC<TypeC<{
                    name: SizedType<string, Type<string, string, unknown>>;
                    priority: OptionalType<NumberC>;
                }>>>;
                statelessCustomActions: OptionalType<ArrayC<TypeC<{
                    actionDefinition: TypeC<{
                        publishMetricAction: TypeC<{
                            dimensions: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        }>;
                    }>;
                    actionName: SizedType<string, Type<string, string, unknown>>;
                }>>>;
                statelessDefaultActions: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>;
                statelessFragmentDefaultActions: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>;
                statelessRuleGroups: OptionalType<ArrayC<TypeC<{
                    name: SizedType<string, Type<string, string, unknown>>;
                    priority: NumberC;
                }>>>;
            }>;
            name: SizedType<string, Type<string, string, unknown>>;
            regions: ArrayC<EnumType<string>>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>;
        rules: ArrayC<TypeC<{
            capacity: NumberC;
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            regions: ArrayC<EnumType<string>>;
            ruleGroup: OptionalType<TypeC<{
                ruleVariables: OptionalType<TypeC<{
                    ipSets: UnionC<[TypeC<{
                        definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        name: SizedType<string, Type<string, string, unknown>>;
                    }>, ArrayC<TypeC<{
                        definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        name: SizedType<string, Type<string, string, unknown>>;
                    }>>]>;
                    portSets: UnionC<[TypeC<{
                        definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        name: SizedType<string, Type<string, string, unknown>>;
                    }>, ArrayC<TypeC<{
                        definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        name: SizedType<string, Type<string, string, unknown>>;
                    }>>]>;
                }>>;
                rulesSource: TypeC<{
                    rulesFile: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    rulesSourceList: OptionalType<TypeC<{
                        generatedRulesType: EnumType<"ALLOWLIST" | "DENYLIST">;
                        targetTypes: ArrayC<EnumType<"TLS_SNI" | "HTTP_HOST">>;
                        targets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                    }>>;
                    rulesString: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    statefulRules: OptionalType<ArrayC<TypeC<{
                        action: EnumType<"PASS" | "DROP" | "ALERT">;
                        header: TypeC<{
                            destination: SizedType<string, Type<string, string, unknown>>;
                            destinationPort: SizedType<string, Type<string, string, unknown>>;
                            direction: EnumType<"ANY" | "FORWARD">;
                            protocol: EnumType<"DNS" | "HTTP" | "TCP" | "UDP" | "IP" | "TLS" | "SSH" | "SMB" | "DHCP" | "FTP" | "ICMP" | "DCERPC" | "SMTP" | "IMAP" | "MSN" | "KRB5" | "IKEV2" | "TFTP" | "NTP">;
                            source: SizedType<string, Type<string, string, unknown>>;
                            sourcePort: SizedType<string, Type<string, string, unknown>>;
                        }>;
                        ruleOptions: ArrayC<TypeC<{
                            keyword: SizedType<string, Type<string, string, unknown>>;
                            settings: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                        }>>;
                    }>>>;
                    statelessRulesAndCustomActions: OptionalType<TypeC<{
                        customActions: OptionalType<ArrayC<TypeC<{
                            actionDefinition: TypeC<{
                                publishMetricAction: TypeC<{
                                    dimensions: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                                }>;
                            }>;
                            actionName: SizedType<string, Type<string, string, unknown>>;
                        }>>>;
                        statelessRules: ArrayC<TypeC<{
                            priority: NumberC;
                            ruleDefinition: TypeC<{
                                actions: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">]>>;
                                matchAttributes: TypeC<{
                                    destinationPorts: OptionalType<ArrayC<TypeC<{
                                        fromPort: NumberC;
                                        toPort: NumberC;
                                    }>>>;
                                    destinations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                                    protocols: OptionalType<ArrayC<NumberC>>;
                                    sourcePorts: OptionalType<ArrayC<TypeC<{
                                        fromPort: NumberC;
                                        toPort: NumberC;
                                    }>>>;
                                    sources: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                                    tcpFlags: OptionalType<ArrayC<TypeC<{
                                        flags: ArrayC<EnumType<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">>;
                                        masks: ArrayC<EnumType<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">>;
                                    }>>>;
                                }>;
                            }>;
                        }>>;
                    }>>;
                }>;
                statefulRuleOptions: OptionalType<EnumType<"STRICT_ORDER" | "DEFAULT_ACTION_ORDER">>;
            }>>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            type: EnumType<"STATELESS" | "STATEFUL">;
        }>>;
    }>>;
    route53Resolver: OptionalType<TypeC<{
        endpoints: OptionalType<ArrayC<TypeC<{
            allowedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            rules: OptionalType<ArrayC<TypeC<{
                domainName: SizedType<string, Type<string, string, unknown>>;
                excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
                inboundEndpointTarget: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                ruleType: OptionalType<EnumType<"SYSTEM" | "FORWARD" | "RECURSIVE">>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                targetIps: OptionalType<ArrayC<TypeC<{
                    ip: SizedType<string, Type<string, string, unknown>>;
                    port: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                }>>>;
            }>>>;
            subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            type: EnumType<"INBOUND" | "OUTBOUND">;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>>>;
        firewallRuleGroups: OptionalType<ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            regions: ArrayC<EnumType<string>>;
            rules: ArrayC<TypeC<{
                action: EnumType<"BLOCK" | "ALLOW" | "ALERT">;
                blockOverrideDomain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                blockOverrideTtl: OptionalType<NumberC>;
                blockResponse: OptionalType<EnumType<"OVERRIDE" | "NODATA" | "NXDOMAIN">>;
                customDomainList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                managedDomainList: OptionalType<EnumType<"AWSManagedDomainsAggregateThreatList" | "AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList">>;
                name: SizedType<string, Type<string, string, unknown>>;
                priority: NumberC;
            }>>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        queryLogs: OptionalType<TypeC<{
            destinations: ArrayC<EnumType<"s3" | "cloud-watch-logs">>;
            excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
        }>>;
        rules: OptionalType<ArrayC<TypeC<{
            domainName: SizedType<string, Type<string, string, unknown>>;
            excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
            inboundEndpointTarget: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            ruleType: OptionalType<EnumType<"SYSTEM" | "FORWARD" | "RECURSIVE">>;
            shareTargets: OptionalType<TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            targetIps: OptionalType<ArrayC<TypeC<{
                ip: SizedType<string, Type<string, string, unknown>>;
                port: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>>;
        }>>>;
    }>>;
}> = ...
certificateConfig: TypeC<{
    cert: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    chain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    domain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    privKey: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    san: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    type: EnumType<"request" | "import">;
    validation: OptionalType<EnumType<"EMAIL" | "DNS">>;
}> = ...
certificateConfigTypeEnum: EnumType<"request" | "import"> = ...
certificateValidationEnum: EnumType<"EMAIL" | "DNS"> = ...
customerGatewayConfig: TypeC<{
    account: SizedType<string, Type<string, string, unknown>>;
    asn: NumberC;
    ipAddress: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
    region: EnumType<string>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
    vpnConnections: OptionalType<ArrayC<TypeC<{
        amazonIpv4NetworkCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        customerIpv4NetworkCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        enableVpnAcceleration: OptionalType<BooleanC>;
        name: SizedType<string, Type<string, string, unknown>>;
        routeTableAssociations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        routeTablePropagations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        staticRoutesOnly: OptionalType<BooleanC>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        transitGateway: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        tunnelSpecifications: OptionalType<ArrayC<TypeC<{
            dpdTimeoutAction: OptionalType<EnumType<"none" | "restart" | "clear">>;
            dpdTimeoutSeconds: OptionalType<NumberC>;
            ikeVersions: OptionalType<ArrayC<EnumType<2 | 1>>>;
            logging: OptionalType<TypeC<{
                enable: OptionalType<BooleanC>;
                logGroupName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                outputFormat: OptionalType<EnumType<"text" | "json">>;
            }>>;
            phase1: OptionalType<TypeC<{
                dhGroups: OptionalType<ArrayC<EnumType<2 | 22 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 24 | 23>>>;
                encryptionAlgorithms: OptionalType<ArrayC<EnumType<"AES256" | "AES128" | "AES128-GCM-16" | "AES256-GCM-16">>>;
                integrityAlgorithms: OptionalType<ArrayC<EnumType<"SHA1" | "SHA2-256" | "SHA2-384" | "SHA2-512">>>;
                lifetimeSeconds: OptionalType<NumberC>;
            }>>;
            phase2: OptionalType<TypeC<{
                dhGroups: OptionalType<ArrayC<EnumType<2 | 22 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 24 | 23>>>;
                encryptionAlgorithms: OptionalType<ArrayC<EnumType<"AES256" | "AES128" | "AES128-GCM-16" | "AES256-GCM-16">>>;
                integrityAlgorithms: OptionalType<ArrayC<EnumType<"SHA1" | "SHA2-256" | "SHA2-384" | "SHA2-512">>>;
                lifetimeSeconds: OptionalType<NumberC>;
            }>>;
            preSharedKey: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            rekeyFuzzPercentage: OptionalType<NumberC>;
            rekeyMarginTimeSeconds: OptionalType<NumberC>;
            replayWindowSize: OptionalType<NumberC>;
            startupAction: OptionalType<EnumType<"add" | "start">>;
            tunnelInsideCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            tunnelLifecycleControl: OptionalType<BooleanC>;
        }>>>;
        vpc: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    }>>>;
}> = ...
defaultVpcsConfig: TypeC<{
    delete: BooleanC;
    excludeAccounts: OptionalType<ArrayC<StringC>>;
    excludeRegions: OptionalType<ArrayC<EnumType<string>>>;
}> = ...
dhcpOptsConfig: TypeC<{
    accounts: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    domainName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    domainNameServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    netbiosNameServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    netbiosNodeType: OptionalType<EnumType<2 | 1 | 4 | 8>>;
    ntpServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    regions: ArrayC<EnumType<string>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
dnsFirewallBlockResponseTypeEnum: EnumType<"OVERRIDE" | "NODATA" | "NXDOMAIN"> = ...
dnsFirewallManagedDomainListEnum: EnumType<"AWSManagedDomainsAggregateThreatList" | "AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList"> = ...
dnsFirewallRuleActionTypeEnum: EnumType<"BLOCK" | "ALLOW" | "ALERT"> = ...
dnsFirewallRuleGroupConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    regions: ArrayC<EnumType<string>>;
    rules: ArrayC<TypeC<{
        action: EnumType<"BLOCK" | "ALLOW" | "ALERT">;
        blockOverrideDomain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        blockOverrideTtl: OptionalType<NumberC>;
        blockResponse: OptionalType<EnumType<"OVERRIDE" | "NODATA" | "NXDOMAIN">>;
        customDomainList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        managedDomainList: OptionalType<EnumType<"AWSManagedDomainsAggregateThreatList" | "AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList">>;
        name: SizedType<string, Type<string, string, unknown>>;
        priority: NumberC;
    }>>;
    shareTargets: OptionalType<TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
dnsFirewallRulesConfig: TypeC<{
    action: EnumType<"BLOCK" | "ALLOW" | "ALERT">;
    blockOverrideDomain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    blockOverrideTtl: OptionalType<NumberC>;
    blockResponse: OptionalType<EnumType<"OVERRIDE" | "NODATA" | "NXDOMAIN">>;
    customDomainList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    managedDomainList: OptionalType<EnumType<"AWSManagedDomainsAggregateThreatList" | "AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList">>;
    name: SizedType<string, Type<string, string, unknown>>;
    priority: NumberC;
}> = ...
dnsQueryLogsConfig: TypeC<{
    destinations: ArrayC<EnumType<"s3" | "cloud-watch-logs">>;
    excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    shareTargets: OptionalType<TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>;
}> = ...
dpdTimeoutActionEnum: EnumType<"none" | "restart" | "clear"> = ...
dxGatewayConfig: TypeC<{
    account: SizedType<string, Type<string, string, unknown>>;
    asn: NumberC;
    gatewayName: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
    transitGatewayAssociations: OptionalType<ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        allowedPrefixes: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        routeTableAssociations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        routeTablePropagations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>>;
    virtualInterfaces: OptionalType<ArrayC<TypeC<{
        addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
        amazonAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        connectionId: SizedType<string, Type<string, string, unknown>>;
        customerAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        customerAsn: NumberC;
        enableSiteLink: OptionalType<BooleanC>;
        interfaceName: SizedType<string, Type<string, string, unknown>>;
        jumboFrames: OptionalType<BooleanC>;
        name: SizedType<string, Type<string, string, unknown>>;
        ownerAccount: SizedType<string, Type<string, string, unknown>>;
        region: EnumType<string>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        type: EnumType<"private" | "transit">;
        vlan: NumberC;
    }>>>;
}> = ...
dxTransitGatewayAssociationConfig: TypeC<{
    account: SizedType<string, Type<string, string, unknown>>;
    allowedPrefixes: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    routeTableAssociations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    routeTablePropagations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
}> = ...
dxVirtualInterfaceConfig: TypeC<{
    addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
    amazonAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    connectionId: SizedType<string, Type<string, string, unknown>>;
    customerAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    customerAsn: NumberC;
    enableSiteLink: OptionalType<BooleanC>;
    interfaceName: SizedType<string, Type<string, string, unknown>>;
    jumboFrames: OptionalType<BooleanC>;
    name: SizedType<string, Type<string, string, unknown>>;
    ownerAccount: SizedType<string, Type<string, string, unknown>>;
    region: EnumType<string>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
    type: EnumType<"private" | "transit">;
    vlan: NumberC;
}> = ...
dxVirtualInterfaceTypeEnum: EnumType<"private" | "transit"> = ...
elbAccountIdsConfig: TypeC<{
    accountId: SizedType<string, Type<string, string, unknown>>;
    region: SizedType<string, Type<string, string, unknown>>;
}> = ...
encryptionAlgorithmEnum: EnumType<"AES256" | "AES128" | "AES128-GCM-16" | "AES256-GCM-16"> = ...
endpointPolicyConfig: TypeC<{
    document: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
}> = ...
firewallManagerNotificationChannelConfig: TypeC<{
    region: SizedType<string, Type<string, string, unknown>>;
    snsTopic: SizedType<string, Type<string, string, unknown>>;
}> = ...
firewallManagerServiceConfig: TypeC<{
    delegatedAdminAccount: SizedType<string, Type<string, string, unknown>>;
    notificationChannels: OptionalType<ArrayC<TypeC<{
        region: SizedType<string, Type<string, string, unknown>>;
        snsTopic: SizedType<string, Type<string, string, unknown>>;
    }>>>;
}> = ...
gatewayEndpointConfig: TypeC<{
    defaultPolicy: SizedType<string, Type<string, string, unknown>>;
    endpoints: ArrayC<TypeC<{
        applyPolicy: OptionalType<BooleanC>;
        policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        service: EnumType<"dynamodb" | "s3">;
        serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    }>>;
}> = ...
gatewayEndpointEnum: EnumType<"dynamodb" | "s3"> = ...
gatewayEndpointServiceConfig: TypeC<{
    applyPolicy: OptionalType<BooleanC>;
    policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    service: EnumType<"dynamodb" | "s3">;
    serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
}> = ...
gatewayRouteTableTypeEnum: EnumType<"virtualPrivateGateway" | "internetGateway"> = ...
gwlbConfig: TypeC<{
    account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    crossZoneLoadBalancing: OptionalType<BooleanC>;
    deletionProtection: OptionalType<BooleanC>;
    endpoints: ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
        subnet: SizedType<string, Type<string, string, unknown>>;
        vpc: SizedType<string, Type<string, string, unknown>>;
    }>>;
    name: SizedType<string, Type<string, string, unknown>>;
    subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
    targetGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    vpc: SizedType<string, Type<string, string, unknown>>;
}> = ...
gwlbEndpointConfig: TypeC<{
    account: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
    subnet: SizedType<string, Type<string, string, unknown>>;
    vpc: SizedType<string, Type<string, string, unknown>>;
}> = ...
ikeVersionEnum: EnumType<2 | 1> = ...
instanceTenancyTypeEnum: EnumType<"default" | "dedicated"> = ...
integrityAlgorithmEnum: EnumType<"SHA1" | "SHA2-256" | "SHA2-384" | "SHA2-512"> = ...
interfaceEndpointConfig: TypeC<{
    allowedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    central: OptionalType<BooleanC>;
    defaultPolicy: SizedType<string, Type<string, string, unknown>>;
    endpoints: ArrayC<TypeC<{
        applyPolicy: OptionalType<BooleanC>;
        policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        securityGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        service: SizedType<string, Type<string, string, unknown>>;
        serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    }>>;
    subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
}> = ...
interfaceEndpointServiceConfig: TypeC<{
    applyPolicy: OptionalType<BooleanC>;
    policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    securityGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    service: SizedType<string, Type<string, string, unknown>>;
    serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
}> = ...
ipAddressFamilyEnum: EnumType<"IPv4" | "IPv6"> = ...
ipVersionEnum: EnumType<"ipv4" | "ipv6"> = ...
ipamAllocationConfig: TypeC<{
    ipamPoolName: SizedType<string, Type<string, string, unknown>>;
    netmaskLength: NumberC;
}> = ...
ipamConfig: TypeC<{
    description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    operatingRegions: OptionalType<ArrayC<EnumType<string>>>;
    pools: OptionalType<ArrayC<TypeC<{
        addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
        allocationDefaultNetmaskLength: OptionalType<NumberC>;
        allocationMaxNetmaskLength: OptionalType<NumberC>;
        allocationMinNetmaskLength: OptionalType<NumberC>;
        allocationResourceTags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        autoImport: OptionalType<BooleanC>;
        description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        locale: OptionalType<EnumType<string>>;
        name: SizedType<string, Type<string, string, unknown>>;
        provisionedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        publiclyAdvertisable: OptionalType<BooleanC>;
        scope: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        shareTargets: OptionalType<TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
        sourceIpamPool: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
    }>>>;
    region: EnumType<string>;
    scopes: OptionalType<ArrayC<TypeC<{
        description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
    }>>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
ipamPoolConfig: TypeC<{
    addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
    allocationDefaultNetmaskLength: OptionalType<NumberC>;
    allocationMaxNetmaskLength: OptionalType<NumberC>;
    allocationMinNetmaskLength: OptionalType<NumberC>;
    allocationResourceTags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
    autoImport: OptionalType<BooleanC>;
    description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    locale: OptionalType<EnumType<string>>;
    name: SizedType<string, Type<string, string, unknown>>;
    provisionedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    publiclyAdvertisable: OptionalType<BooleanC>;
    scope: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    shareTargets: OptionalType<TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>;
    sourceIpamPool: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
ipamScopeConfig: TypeC<{
    description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
loadBalancersConfig: TypeC<{
    applicationLoadBalancers: OptionalType<ArrayC<TypeC<{
        attributes: OptionalType<TypeC<{
            deletionProtection: OptionalType<BooleanC>;
            http2Enabled: OptionalType<BooleanC>;
            idleTimeout: OptionalType<NumberC>;
            routingHttpDesyncMitigationMode: OptionalType<EnumType<"monitor" | "defensive" | "strictest">>;
            routingHttpDropInvalidHeader: OptionalType<BooleanC>;
            routingHttpXAmznTlsCipherEnable: OptionalType<BooleanC>;
            routingHttpXffClientPort: OptionalType<BooleanC>;
            routingHttpXffHeaderProcessingMode: OptionalType<EnumType<"remove" | "append" | "preserve">>;
            wafFailOpen: OptionalType<BooleanC>;
        }>>;
        listeners: OptionalType<ArrayC<TypeC<{
            certificate: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            fixedResponseConfig: OptionalType<TypeC<{
                contentType: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                messageBody: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                statusCode: SizedType<string, Type<string, string, unknown>>;
            }>>;
            forwardConfig: OptionalType<TypeC<{
                targetGroupStickinessConfig: OptionalType<TypeC<{
                    durationSeconds: OptionalType<NumberC>;
                    enabled: OptionalType<BooleanC>;
                }>>;
            }>>;
            name: SizedType<string, Type<string, string, unknown>>;
            order: OptionalType<NumberC>;
            port: NumberC;
            protocol: EnumType<"HTTP" | "HTTPS">;
            redirectConfig: OptionalType<TypeC<{
                host: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                port: OptionalType<NumberC>;
                protocol: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                query: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                statusCode: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
            sslPolicy: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-2016-08">>;
            targetGroup: SizedType<string, Type<string, string, unknown>>;
            type: EnumType<"forward" | "redirect" | "fixed-response">;
        }>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        scheme: OptionalType<EnumType<"internet-facing" | "internal">>;
        securityGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        shareTargets: OptionalType<TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
        subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    }>>>;
    networkLoadBalancers: OptionalType<ArrayC<TypeC<{
        crossZoneLoadBalancing: OptionalType<BooleanC>;
        deletionProtection: OptionalType<BooleanC>;
        listeners: OptionalType<ArrayC<TypeC<{
            alpnPolicy: OptionalType<EnumType<"None" | "HTTP1Only" | "HTTP2Only" | "HTTP2Optional" | "HTTP2Preferred">>;
            certificate: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            port: OptionalType<NumberC>;
            protocol: OptionalType<EnumType<"TCP" | "UDP" | "TLS" | "TCP_UDP">>;
            sslPolicy: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-TLS13-1-2-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Res-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06" | "ELBSecurityPolicy-TLS13-1-1-2021-06" | "ELBSecurityPolicy-TLS13-1-0-2021-06" | "ELBSecurityPolicy-TLS13-1-3-2021-06" | "ELBSecurityPolicy-2016-08">>;
            targetGroup: SizedType<string, Type<string, string, unknown>>;
        }>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        scheme: OptionalType<EnumType<"internet-facing" | "internal">>;
        subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    }>>>;
}> = ...
localGatewayConfig: TypeC<{
    id: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
    routeTables: ArrayC<TypeC<{
        id: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
    }>>;
}> = ...
localGatewayRouteTableConfig: TypeC<{
    id: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
}> = ...
mutationProtectionEnum: EnumType<"ENABLED" | "DISABLED"> = ...
natGatewayConfig: TypeC<{
    allocationId: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    private: OptionalType<BooleanC>;
    subnet: SizedType<string, Type<string, string, unknown>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
netbiosNodeEnum: EnumType<2 | 1 | 4 | 8> = ...
networkAclConfig: TypeC<{
    inboundRules: OptionalType<ArrayC<TypeC<{
        action: EnumType<"allow" | "deny">;
        fromPort: NumberC;
        protocol: NumberC;
        rule: NumberC;
        source: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
            account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            region: OptionalType<EnumType<string>>;
            subnet: SizedType<string, Type<string, string, unknown>>;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>]>;
        toPort: NumberC;
    }>>>;
    name: SizedType<string, Type<string, string, unknown>>;
    outboundRules: OptionalType<ArrayC<TypeC<{
        action: EnumType<"allow" | "deny">;
        destination: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
            account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            region: OptionalType<EnumType<string>>;
            subnet: SizedType<string, Type<string, string, unknown>>;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>]>;
        fromPort: NumberC;
        protocol: NumberC;
        rule: NumberC;
        toPort: NumberC;
    }>>>;
    subnetAssociations: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    tags: OptionalType<ArrayC<TypeC<{
        key: StringC;
        value: StringC;
    }>>>;
}> = ...
networkAclInboundRuleConfig: TypeC<{
    action: EnumType<"allow" | "deny">;
    fromPort: NumberC;
    protocol: NumberC;
    rule: NumberC;
    source: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
        account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        region: OptionalType<EnumType<string>>;
        subnet: SizedType<string, Type<string, string, unknown>>;
        vpc: SizedType<string, Type<string, string, unknown>>;
    }>]>;
    toPort: NumberC;
}> = ...
networkAclOutboundRuleConfig: TypeC<{
    action: EnumType<"allow" | "deny">;
    destination: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
        account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        region: OptionalType<EnumType<string>>;
        subnet: SizedType<string, Type<string, string, unknown>>;
        vpc: SizedType<string, Type<string, string, unknown>>;
    }>]>;
    fromPort: NumberC;
    protocol: NumberC;
    rule: NumberC;
    toPort: NumberC;
}> = ...
networkAclSubnetSelection: TypeC<{
    account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    region: OptionalType<EnumType<string>>;
    subnet: SizedType<string, Type<string, string, unknown>>;
    vpc: SizedType<string, Type<string, string, unknown>>;
}> = ...
networkConfig: TypeC<{
    accountVpcEndpointIds: OptionalType<RecordC<SizedType<string, Type<string, string, unknown>>, ArrayC<SizedType<string, Type<string, string, unknown>>>>>;
    accountVpcIds: OptionalType<RecordC<SizedType<string, Type<string, string, unknown>>, ArrayC<SizedType<string, Type<string, string, unknown>>>>>;
    centralNetworkServices: OptionalType<TypeC<{
        delegatedAdminAccount: SizedType<string, Type<string, string, unknown>>;
        gatewayLoadBalancers: OptionalType<ArrayC<TypeC<{
            account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            crossZoneLoadBalancing: OptionalType<BooleanC>;
            deletionProtection: OptionalType<BooleanC>;
            endpoints: ArrayC<TypeC<{
                account: SizedType<string, Type<string, string, unknown>>;
                name: SizedType<string, Type<string, string, unknown>>;
                subnet: SizedType<string, Type<string, string, unknown>>;
                vpc: SizedType<string, Type<string, string, unknown>>;
            }>>;
            name: SizedType<string, Type<string, string, unknown>>;
            subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            targetGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            vpc: SizedType<string, Type<string, string, unknown>>;
        }>>>;
        ipams: OptionalType<ArrayC<TypeC<{
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            operatingRegions: OptionalType<ArrayC<EnumType<string>>>;
            pools: OptionalType<ArrayC<TypeC<{
                addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
                allocationDefaultNetmaskLength: OptionalType<NumberC>;
                allocationMaxNetmaskLength: OptionalType<NumberC>;
                allocationMinNetmaskLength: OptionalType<NumberC>;
                allocationResourceTags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                autoImport: OptionalType<BooleanC>;
                description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                locale: OptionalType<EnumType<string>>;
                name: SizedType<string, Type<string, string, unknown>>;
                provisionedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                publiclyAdvertisable: OptionalType<BooleanC>;
                scope: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                sourceIpamPool: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
            }>>>;
            region: EnumType<string>;
            scopes: OptionalType<ArrayC<TypeC<{
                description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
            }>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        networkFirewall: OptionalType<TypeC<{
            firewalls: ArrayC<TypeC<{
                deleteProtection: OptionalType<BooleanC>;
                description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                firewallPolicy: SizedType<string, Type<string, string, unknown>>;
                firewallPolicyChangeProtection: OptionalType<BooleanC>;
                loggingConfiguration: OptionalType<ArrayC<TypeC<{
                    destination: EnumType<"s3" | "cloud-watch-logs">;
                    type: EnumType<"ALERT" | "FLOW">;
                }>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                subnetChangeProtection: OptionalType<BooleanC>;
                subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                vpc: SizedType<string, Type<string, string, unknown>>;
            }>>;
            policies: ArrayC<TypeC<{
                description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                firewallPolicy: TypeC<{
                    statefulDefaultActions: OptionalType<ArrayC<EnumType<"aws:drop_strict" | "aws:drop_established" | "aws:alert_strict" | "aws:alert_established">>>;
                    statefulEngineOptions: OptionalType<EnumType<"STRICT_ORDER" | "DEFAULT_ACTION_ORDER">>;
                    statefulRuleGroups: OptionalType<ArrayC<TypeC<{
                        name: SizedType<string, Type<string, string, unknown>>;
                        priority: OptionalType<NumberC>;
                    }>>>;
                    statelessCustomActions: OptionalType<ArrayC<TypeC<{
                        actionDefinition: TypeC<{
                            publishMetricAction: TypeC<{
                                dimensions: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                            }>;
                        }>;
                        actionName: SizedType<string, Type<string, string, unknown>>;
                    }>>>;
                    statelessDefaultActions: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>;
                    statelessFragmentDefaultActions: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>;
                    statelessRuleGroups: OptionalType<ArrayC<TypeC<{
                        name: SizedType<string, Type<string, string, unknown>>;
                        priority: NumberC;
                    }>>>;
                }>;
                name: SizedType<string, Type<string, string, unknown>>;
                regions: ArrayC<EnumType<string>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
            }>>;
            rules: ArrayC<TypeC<{
                capacity: NumberC;
                description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                regions: ArrayC<EnumType<string>>;
                ruleGroup: OptionalType<TypeC<{
                    ruleVariables: OptionalType<TypeC<{
                        ipSets: UnionC<[TypeC<{
                            definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                            name: SizedType<string, Type<string, string, unknown>>;
                        }>, ArrayC<TypeC<{
                            definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                            name: SizedType<string, Type<string, string, unknown>>;
                        }>>]>;
                        portSets: UnionC<[TypeC<{
                            definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                            name: SizedType<string, Type<string, string, unknown>>;
                        }>, ArrayC<TypeC<{
                            definition: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                            name: SizedType<string, Type<string, string, unknown>>;
                        }>>]>;
                    }>>;
                    rulesSource: TypeC<{
                        rulesFile: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        rulesSourceList: OptionalType<TypeC<{
                            generatedRulesType: EnumType<"ALLOWLIST" | "DENYLIST">;
                            targetTypes: ArrayC<EnumType<"TLS_SNI" | "HTTP_HOST">>;
                            targets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                        }>>;
                        rulesString: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        statefulRules: OptionalType<ArrayC<TypeC<{
                            action: EnumType<"PASS" | "DROP" | "ALERT">;
                            header: TypeC<{
                                destination: SizedType<string, Type<string, string, unknown>>;
                                destinationPort: SizedType<string, Type<string, string, unknown>>;
                                direction: EnumType<"ANY" | "FORWARD">;
                                protocol: EnumType<"DNS" | "HTTP" | "TCP" | "UDP" | "IP" | "TLS" | "SSH" | "SMB" | "DHCP" | "FTP" | "ICMP" | "DCERPC" | "SMTP" | "IMAP" | "MSN" | "KRB5" | "IKEV2" | "TFTP" | "NTP">;
                                source: SizedType<string, Type<string, string, unknown>>;
                                sourcePort: SizedType<string, Type<string, string, unknown>>;
                            }>;
                            ruleOptions: ArrayC<TypeC<{
                                keyword: SizedType<string, Type<string, string, unknown>>;
                                settings: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                            }>>;
                        }>>>;
                        statelessRulesAndCustomActions: OptionalType<TypeC<{
                            customActions: OptionalType<ArrayC<TypeC<{
                                actionDefinition: TypeC<{
                                    publishMetricAction: TypeC<{
                                        dimensions: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                                    }>;
                                }>;
                                actionName: SizedType<string, Type<string, string, unknown>>;
                            }>>>;
                            statelessRules: ArrayC<TypeC<{
                                priority: NumberC;
                                ruleDefinition: TypeC<{
                                    actions: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">]>>;
                                    matchAttributes: TypeC<{
                                        destinationPorts: OptionalType<ArrayC<TypeC<{
                                            fromPort: NumberC;
                                            toPort: NumberC;
                                        }>>>;
                                        destinations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                                        protocols: OptionalType<ArrayC<NumberC>>;
                                        sourcePorts: OptionalType<ArrayC<TypeC<{
                                            fromPort: NumberC;
                                            toPort: NumberC;
                                        }>>>;
                                        sources: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                                        tcpFlags: OptionalType<ArrayC<TypeC<{
                                            flags: ArrayC<EnumType<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">>;
                                            masks: ArrayC<EnumType<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">>;
                                        }>>>;
                                    }>;
                                }>;
                            }>>;
                        }>>;
                    }>;
                    statefulRuleOptions: OptionalType<EnumType<"STRICT_ORDER" | "DEFAULT_ACTION_ORDER">>;
                }>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                type: EnumType<"STATELESS" | "STATEFUL">;
            }>>;
        }>>;
        route53Resolver: OptionalType<TypeC<{
            endpoints: OptionalType<ArrayC<TypeC<{
                allowedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                rules: OptionalType<ArrayC<TypeC<{
                    domainName: SizedType<string, Type<string, string, unknown>>;
                    excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
                    inboundEndpointTarget: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    name: SizedType<string, Type<string, string, unknown>>;
                    ruleType: OptionalType<EnumType<"SYSTEM" | "FORWARD" | "RECURSIVE">>;
                    shareTargets: OptionalType<TypeC<{
                        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    }>>;
                    tags: OptionalType<ArrayC<TypeC<{
                        key: StringC;
                        value: StringC;
                    }>>>;
                    targetIps: OptionalType<ArrayC<TypeC<{
                        ip: SizedType<string, Type<string, string, unknown>>;
                        port: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    }>>>;
                }>>>;
                subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                type: EnumType<"INBOUND" | "OUTBOUND">;
                vpc: SizedType<string, Type<string, string, unknown>>;
            }>>>;
            firewallRuleGroups: OptionalType<ArrayC<TypeC<{
                name: SizedType<string, Type<string, string, unknown>>;
                regions: ArrayC<EnumType<string>>;
                rules: ArrayC<TypeC<{
                    action: EnumType<"BLOCK" | "ALLOW" | "ALERT">;
                    blockOverrideDomain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    blockOverrideTtl: OptionalType<NumberC>;
                    blockResponse: OptionalType<EnumType<"OVERRIDE" | "NODATA" | "NXDOMAIN">>;
                    customDomainList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    managedDomainList: OptionalType<EnumType<"AWSManagedDomainsAggregateThreatList" | "AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList">>;
                    name: SizedType<string, Type<string, string, unknown>>;
                    priority: NumberC;
                }>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
            }>>>;
            queryLogs: OptionalType<TypeC<{
                destinations: ArrayC<EnumType<"s3" | "cloud-watch-logs">>;
                excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
            }>>;
            rules: OptionalType<ArrayC<TypeC<{
                domainName: SizedType<string, Type<string, string, unknown>>;
                excludedRegions: OptionalType<ArrayC<EnumType<string>>>;
                inboundEndpointTarget: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                ruleType: OptionalType<EnumType<"SYSTEM" | "FORWARD" | "RECURSIVE">>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                tags: OptionalType<ArrayC<TypeC<{
                    key: StringC;
                    value: StringC;
                }>>>;
                targetIps: OptionalType<ArrayC<TypeC<{
                    ip: SizedType<string, Type<string, string, unknown>>;
                    port: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                }>>>;
            }>>>;
        }>>;
    }>>;
    certificates: OptionalType<ArrayC<TypeC<{
        cert: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        chain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        domain: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        privKey: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        san: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        type: EnumType<"request" | "import">;
        validation: OptionalType<EnumType<"EMAIL" | "DNS">>;
    }>>>;
    customerGateways: OptionalType<ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        asn: NumberC;
        ipAddress: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
        region: EnumType<string>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        vpnConnections: OptionalType<ArrayC<TypeC<{
            amazonIpv4NetworkCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            customerIpv4NetworkCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            enableVpnAcceleration: OptionalType<BooleanC>;
            name: SizedType<string, Type<string, string, unknown>>;
            routeTableAssociations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            routeTablePropagations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            staticRoutesOnly: OptionalType<BooleanC>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            transitGateway: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            tunnelSpecifications: OptionalType<ArrayC<TypeC<{
                dpdTimeoutAction: OptionalType<EnumType<"none" | "restart" | "clear">>;
                dpdTimeoutSeconds: OptionalType<NumberC>;
                ikeVersions: OptionalType<ArrayC<EnumType<2 | 1>>>;
                logging: OptionalType<TypeC<{
                    enable: OptionalType<BooleanC>;
                    logGroupName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    outputFormat: OptionalType<EnumType<"text" | "json">>;
                }>>;
                phase1: OptionalType<TypeC<{
                    dhGroups: OptionalType<ArrayC<EnumType<2 | 22 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 24 | 23>>>;
                    encryptionAlgorithms: OptionalType<ArrayC<EnumType<"AES256" | "AES128" | "AES128-GCM-16" | "AES256-GCM-16">>>;
                    integrityAlgorithms: OptionalType<ArrayC<EnumType<"SHA1" | "SHA2-256" | "SHA2-384" | "SHA2-512">>>;
                    lifetimeSeconds: OptionalType<NumberC>;
                }>>;
                phase2: OptionalType<TypeC<{
                    dhGroups: OptionalType<ArrayC<EnumType<2 | 22 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 24 | 23>>>;
                    encryptionAlgorithms: OptionalType<ArrayC<EnumType<"AES256" | "AES128" | "AES128-GCM-16" | "AES256-GCM-16">>>;
                    integrityAlgorithms: OptionalType<ArrayC<EnumType<"SHA1" | "SHA2-256" | "SHA2-384" | "SHA2-512">>>;
                    lifetimeSeconds: OptionalType<NumberC>;
                }>>;
                preSharedKey: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                rekeyFuzzPercentage: OptionalType<NumberC>;
                rekeyMarginTimeSeconds: OptionalType<NumberC>;
                replayWindowSize: OptionalType<NumberC>;
                startupAction: OptionalType<EnumType<"add" | "start">>;
                tunnelInsideCidr: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                tunnelLifecycleControl: OptionalType<BooleanC>;
            }>>>;
            vpc: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        }>>>;
    }>>>;
    defaultVpc: TypeC<{
        delete: BooleanC;
        excludeAccounts: OptionalType<ArrayC<StringC>>;
        excludeRegions: OptionalType<ArrayC<EnumType<string>>>;
    }>;
    dhcpOptions: OptionalType<ArrayC<TypeC<{
        accounts: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        domainName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        domainNameServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        name: SizedType<string, Type<string, string, unknown>>;
        netbiosNameServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        netbiosNodeType: OptionalType<EnumType<2 | 1 | 4 | 8>>;
        ntpServers: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        regions: ArrayC<EnumType<string>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
    }>>>;
    directConnectGateways: OptionalType<ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        asn: NumberC;
        gatewayName: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
        transitGatewayAssociations: OptionalType<ArrayC<TypeC<{
            account: SizedType<string, Type<string, string, unknown>>;
            allowedPrefixes: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            routeTableAssociations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            routeTablePropagations: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>>;
        virtualInterfaces: OptionalType<ArrayC<TypeC<{
            addressFamily: OptionalType<EnumType<"ipv4" | "ipv6">>;
            amazonAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            connectionId: SizedType<string, Type<string, string, unknown>>;
            customerAddress: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            customerAsn: NumberC;
            enableSiteLink: OptionalType<BooleanC>;
            interfaceName: SizedType<string, Type<string, string, unknown>>;
            jumboFrames: OptionalType<BooleanC>;
            name: SizedType<string, Type<string, string, unknown>>;
            ownerAccount: SizedType<string, Type<string, string, unknown>>;
            region: EnumType<string>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            type: EnumType<"private" | "transit">;
            vlan: NumberC;
        }>>>;
    }>>>;
    elbAccountIds: OptionalType<ArrayC<TypeC<{
        accountId: SizedType<string, Type<string, string, unknown>>;
        region: SizedType<string, Type<string, string, unknown>>;
    }>>>;
    endpointPolicies: ArrayC<TypeC<{
        document: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
    }>>;
    firewallManagerService: OptionalType<TypeC<{
        delegatedAdminAccount: SizedType<string, Type<string, string, unknown>>;
        notificationChannels: OptionalType<ArrayC<TypeC<{
            region: SizedType<string, Type<string, string, unknown>>;
            snsTopic: SizedType<string, Type<string, string, unknown>>;
        }>>>;
    }>>;
    prefixLists: OptionalType<ArrayC<TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        addressFamily: EnumType<"IPv4" | "IPv6">;
        deploymentTargets: OptionalType<TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
        entries: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        maxEntries: NumberC;
        name: SizedType<string, Type<string, string, unknown>>;
        regions: OptionalType<ArrayC<EnumType<string>>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
    }>>>;
    transitGatewayPeering: OptionalType<ArrayC<TypeC<{
        accepter: TypeC<{
            account: SizedType<string, Type<string, string, unknown>>;
            applyTags: OptionalType<BooleanC>;
            autoAccept: OptionalType<BooleanC>;
            region: EnumType<string>;
            routeTableAssociations: SizedType<string, Type<string, string, unknown>>;
            transitGatewayName: SizedType<string, Type<string, string, unknown>>;
        }>;
        name: SizedType<string, Type<string, string, unknown>>;
        requester: TypeC<{
            account: SizedType<string, Type<string, string, unknown>>;
            region: EnumType<string>;
            routeTableAssociations: SizedType<string, Type<string, string, unknown>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
            transitGatewayName: SizedType<string, Type<string, string, unknown>>;
        }>;
    }>>>;
    transitGateways: ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        asn: NumberC;
        autoAcceptSharingAttachments: EnumType<"enable" | "disable">;
        defaultRouteTableAssociation: EnumType<"enable" | "disable">;
        defaultRouteTablePropagation: EnumType<"enable" | "disable">;
        dnsSupport: EnumType<"enable" | "disable">;
        name: SizedType<string, Type<string, string, unknown>>;
        region: EnumType<string>;
        routeTables: ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            routes: ArrayC<TypeC<{
                attachment: OptionalType<UnionC<[TypeC<{
                    account: SizedType<string, Type<string, string, unknown>>;
                    vpcName: SizedType<string, Type<string, string, unknown>>;
                }>, TypeC<{
                    directConnectGatewayName: SizedType<string, Type<string, string, unknown>>;
                }>, TypeC<{
                    vpnConnectionName: SizedType<string, Type<string, string, unknown>>;
                }>, TypeC<{
                    transitGatewayPeeringName: SizedType<string, Type<string, string, unknown>>;
                }>]>>;
                blackhole: OptionalType<BooleanC>;
                destinationCidrBlock: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                destinationPrefixList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>;
        shareTargets: OptionalType<TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        vpnEcmpSupport: EnumType<"enable" | "disable">;
    }>>;
    vpcFlowLogs: OptionalType<TypeC<{
        customFields: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        defaultFormat: BooleanC;
        destinations: ArrayC<EnumType<"s3" | "cloud-watch-logs">>;
        destinationsConfig: OptionalType<TypeC<{
            cloudWatchLogs: OptionalType<TypeC<{
                kms: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                retentionInDays: OptionalType<NumberC>;
            }>>;
            s3: OptionalType<TypeC<{
                lifecycleRules: OptionalType<ArrayC<TypeC<{
                    abortIncompleteMultipartUpload: OptionalType<NumberC>;
                    enabled: OptionalType<BooleanC>;
                    expiration: OptionalType<NumberC>;
                    expiredObjectDeleteMarker: OptionalType<BooleanC>;
                    id: OptionalType<StringC>;
                    noncurrentVersionExpiration: OptionalType<NumberC>;
                    noncurrentVersionTransitions: OptionalType<ArrayC<TypeC<{
                        storageClass: EnumType<"STANDARD_IA" | "ONEZONE_IA" | "INTELLIGENT_TIERING" | "GLACIER" | "DEEP_ARCHIVE" | "GLACIER_IR" | "Value should be an AWS S3 Storage Class.">;
                        transitionAfter: NumberC;
                    }>>>;
                    prefix: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    transitions: OptionalType<ArrayC<TypeC<{
                        storageClass: EnumType<"STANDARD_IA" | "ONEZONE_IA" | "INTELLIGENT_TIERING" | "GLACIER" | "DEEP_ARCHIVE" | "GLACIER_IR" | "Value should be an AWS S3 Storage Class.">;
                        transitionAfter: NumberC;
                    }>>>;
                }>>>;
                overrideS3LogPath: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
        }>>;
        maxAggregationInterval: NumberC;
        trafficType: EnumType<"ALL" | "ACCEPT" | "REJECT">;
    }>>;
    vpcPeering: OptionalType<ArrayC<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        tags: OptionalType<ArrayC<TypeC<{
            key: StringC;
            value: StringC;
        }>>>;
        vpcs: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    }>>>;
    vpcTemplates: OptionalType<ArrayC<TypeC<{
        cidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        defaultSecurityGroupRulesDeletion: OptionalType<BooleanC>;
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        dhcpOptions: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        dnsFirewallRuleGroups: OptionalType<ArrayC<TypeC<{
            mutationProtection: OptionalType<EnumType<"ENABLED" | "DISABLED">>;
            name: SizedType<string, Type<string, string, unknown>>;
            priority: NumberC;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        enableDnsHostnames: OptionalType<BooleanC>;
        enableDnsSupport: OptionalType<BooleanC>;
        gatewayEndpoints: OptionalType<TypeC<{
            defaultPolicy: SizedType<string, Type<string, string, unknown>>;
            endpoints: ArrayC<TypeC<{
                applyPolicy: OptionalType<BooleanC>;
                policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                service: EnumType<"dynamodb" | "s3">;
                serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
        }>>;
        instanceTenancy: OptionalType<EnumType<"default" | "dedicated">>;
        interfaceEndpoints: OptionalType<TypeC<{
            allowedCidrs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            central: OptionalType<BooleanC>;
            defaultPolicy: SizedType<string, Type<string, string, unknown>>;
            endpoints: ArrayC<TypeC<{
                applyPolicy: OptionalType<BooleanC>;
                policy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                securityGroup: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                service: SizedType<string, Type<string, string, unknown>>;
                serviceName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
            subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        }>>;
        internetGateway: OptionalType<BooleanC>;
        ipamAllocations: OptionalType<ArrayC<TypeC<{
            ipamPoolName: SizedType<string, Type<string, string, unknown>>;
            netmaskLength: NumberC;
        }>>>;
        loadBalancers: OptionalType<TypeC<{
            applicationLoadBalancers: OptionalType<ArrayC<TypeC<{
                attributes: OptionalType<TypeC<{
                    deletionProtection: OptionalType<BooleanC>;
                    http2Enabled: OptionalType<BooleanC>;
                    idleTimeout: OptionalType<NumberC>;
                    routingHttpDesyncMitigationMode: OptionalType<EnumType<"monitor" | "defensive" | "strictest">>;
                    routingHttpDropInvalidHeader: OptionalType<BooleanC>;
                    routingHttpXAmznTlsCipherEnable: OptionalType<BooleanC>;
                    routingHttpXffClientPort: OptionalType<BooleanC>;
                    routingHttpXffHeaderProcessingMode: OptionalType<EnumType<"remove" | "append" | "preserve">>;
                    wafFailOpen: OptionalType<BooleanC>;
                }>>;
                listeners: OptionalType<ArrayC<TypeC<{
                    certificate: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    fixedResponseConfig: OptionalType<TypeC<{
                        contentType: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        messageBody: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        statusCode: SizedType<string, Type<string, string, unknown>>;
                    }>>;
                    forwardConfig: OptionalType<TypeC<{
                        targetGroupStickinessConfig: OptionalType<TypeC<{
                            durationSeconds: OptionalType<NumberC>;
                            enabled: OptionalType<BooleanC>;
                        }>>;
                    }>>;
                    name: SizedType<string, Type<string, string, unknown>>;
                    order: OptionalType<NumberC>;
                    port: NumberC;
                    protocol: EnumType<"HTTP" | "HTTPS">;
                    redirectConfig: OptionalType<TypeC<{
                        host: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        port: OptionalType<NumberC>;
                        protocol: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        query: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                        statusCode: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    }>>;
                    sslPolicy: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-2016-08">>;
                    targetGroup: SizedType<string, Type<string, string, unknown>>;
                    type: EnumType<"forward" | "redirect" | "fixed-response">;
                }>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                scheme: OptionalType<EnumType<"internet-facing" | "internal">>;
                securityGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                shareTargets: OptionalType<TypeC<{
                    accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                    organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                }>>;
                subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            }>>>;
            networkLoadBalancers: OptionalType<ArrayC<TypeC<{
                crossZoneLoadBalancing: OptionalType<BooleanC>;
                deletionProtection: OptionalType<BooleanC>;
                listeners: OptionalType<ArrayC<TypeC<{
                    alpnPolicy: OptionalType<EnumType<"None" | "HTTP1Only" | "HTTP2Only" | "HTTP2Optional" | "HTTP2Preferred">>;
                    certificate: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    name: SizedType<string, Type<string, string, unknown>>;
                    port: OptionalType<NumberC>;
                    protocol: OptionalType<EnumType<"TCP" | "UDP" | "TLS" | "TCP_UDP">>;
                    sslPolicy: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-TLS13-1-2-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Res-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06" | "ELBSecurityPolicy-TLS13-1-1-2021-06" | "ELBSecurityPolicy-TLS13-1-0-2021-06" | "ELBSecurityPolicy-TLS13-1-3-2021-06" | "ELBSecurityPolicy-2016-08">>;
                    targetGroup: SizedType<string, Type<string, string, unknown>>;
                }>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                scheme: OptionalType<EnumType<"internet-facing" | "internal">>;
                subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            }>>>;
        }>>;
        name: SizedType<string, Type<string, string, unknown>>;
        natGateways: OptionalType<ArrayC<TypeC<{
            allocationId: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            private: OptionalType<BooleanC>;
            subnet: SizedType<string, Type<string, string, unknown>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        networkAcls: OptionalType<ArrayC<TypeC<{
            inboundRules: OptionalType<ArrayC<TypeC<{
                action: EnumType<"allow" | "deny">;
                fromPort: NumberC;
                protocol: NumberC;
                rule: NumberC;
                source: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
                    account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    region: OptionalType<EnumType<string>>;
                    subnet: SizedType<string, Type<string, string, unknown>>;
                    vpc: SizedType<string, Type<string, string, unknown>>;
                }>]>;
                toPort: NumberC;
            }>>>;
            name: SizedType<string, Type<string, string, unknown>>;
            outboundRules: OptionalType<ArrayC<TypeC<{
                action: EnumType<"allow" | "deny">;
                destination: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
                    account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    region: OptionalType<EnumType<string>>;
                    subnet: SizedType<string, Type<string, string, unknown>>;
                    vpc: SizedType<string, Type<string, string, unknown>>;
                }>]>;
                fromPort: NumberC;
                protocol: NumberC;
                rule: NumberC;
                toPort: NumberC;
            }>>>;
            subnetAssociations: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        queryLogs: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        region: EnumType<string>;
        resolverRules: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        routeTables: OptionalType<ArrayC<TypeC<{
            gatewayAssociation: OptionalType<EnumType<"virtualPrivateGateway" | "internetGateway">>;
            name: SizedType<string, Type<string, string, unknown>>;
            routes: OptionalType<ArrayC<TypeC<{
                destination: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                destinationPrefixList: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
                target: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                targetAvailabilityZone: OptionalType<UnionC<[SizedType<string, Type<string, string, unknown>>, NumberC]>>;
                type: OptionalType<EnumType<"virtualPrivateGateway" | "transitGateway" | "natGateway" | "internetGateway" | "local" | "localGateway" | "gatewayEndpoint" | "gatewayLoadBalancerEndpoint" | "networkFirewall" | "networkInterface" | "vpcPeering">>;
            }>>>;
            tags: OptionalType<ArrayC<TypeC<{
                key: StringC;
                value: StringC;
            }>>>;
        }>>>;
        securityGroups: OptionalType<ArrayC<TypeC<{
            description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            inboundRules: ArrayC<TypeC<{
                description: SizedType<string, Type<string, string, unknown>>;
                fromPort: OptionalType<NumberC>;
                ipProtocols: OptionalType<ArrayC<StringC>>;
                sources: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
                    account: SizedType<string, Type<string, string, unknown>>;
                    subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                    vpc: SizedType<string, Type<string, string, unknown>>;
                }>, TypeC<{
                    securityGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                }>, TypeC<{
                    prefixLists: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                }>]>>;
                tcpPorts: OptionalType<ArrayC<NumberC>>;
                toPort: OptionalType<NumberC>;
                types: OptionalType<ArrayC<EnumType<"HTTP" | "ALL" | "TCP" | "UDP" | "REDSHIFT" | "HTTPS" | "SSH" | "POSTGRESQL" | "ICMP" | "RDP" | "MSSQL" | "MYSQL/AURORA" | "ORACLE-RDS">>>;
                udpPorts: OptionalType<ArrayC<NumberC>>;
            }>>;
            name: SizedType<string, Type<string, string, unknown>>;
            outboundRules: ArrayC<TypeC<{
                description: SizedType<string, Type<string, string, unknown>>;
                fromPort: OptionalType<NumberC>;
                ipProtocols: OptionalType<ArrayC<StringC>>;
                sources: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{
                    account: SizedType<string, Type<string, string, unknown>>;
                    subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                    vpc: SizedType<string, Type<string, string, unknown>>;
                }>, TypeC<{
                    securityGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                }>, TypeC<{
                    prefixLists: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                }>]>>;
                tcpPorts: OptionalType<ArrayC<NumberC>>;
                toPort: OptionalType<NumberC>;
                types: OptionalType<ArrayC<EnumType<"HTTP" | "ALL" | "TCP" | "UDP" | "REDSHIFT" |