network
Config
: TypeC<{ centralNetworkServices
: OptionalType<TypeC<{ delegatedAdminAccount
: SizedType<string, Type<string, string, unknown>>; gatewayLoadBalancers
: OptionalType<ArrayC<TypeC<{ crossZoneLoadBalancing
: OptionalType<BooleanC>; deletionProtection
: OptionalType<BooleanC>; endpoints
: ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; name
: SizedType<string, Type<string, string, unknown>>; subnet
: SizedType<string, Type<string, string, unknown>>; vpc
: SizedType<string, Type<string, string, unknown>> }>>; name
: SizedType<string, Type<string, string, unknown>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; targetGroup
: OptionalType<SizedType<string, Type<string, string, unknown>>>; vpc
: SizedType<string, Type<string, string, unknown>> }>>>; ipams
: OptionalType<ArrayC<TypeC<{ description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; operatingRegions
: OptionalType<ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>>; pools
: OptionalType<ArrayC<TypeC<{ addressFamily
: OptionalType<EnumType<"ipv4" | "ipv6">>; allocationDefaultNetmaskLength
: OptionalType<NumberC>; allocationMaxNetmaskLength
: OptionalType<NumberC>; allocationMinNetmaskLength
: OptionalType<NumberC>; allocationResourceTags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; autoImport
: OptionalType<BooleanC>; description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; locale
: OptionalType<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; name
: SizedType<string, Type<string, string, unknown>>; provisionedCidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; publiclyAdvertisable
: OptionalType<BooleanC>; scope
: OptionalType<SizedType<string, Type<string, string, unknown>>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; sourceIpamPool
: OptionalType<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; scopes
: OptionalType<ArrayC<TypeC<{ description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; networkFirewall
: OptionalType<TypeC<{ firewalls
: ArrayC<TypeC<{ deleteProtection
: OptionalType<BooleanC>; description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; firewallPolicy
: SizedType<string, Type<string, string, unknown>>; firewallPolicyChangeProtection
: OptionalType<BooleanC>; loggingConfiguration
: OptionalType<ArrayC<TypeC<{ destination
: EnumType<"s3" | "cloud-watch-logs">; type
: EnumType<"ALERT" | "FLOW"> }>>>; name
: SizedType<string, Type<string, string, unknown>>; subnetChangeProtection
: OptionalType<BooleanC>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; vpc
: SizedType<string, Type<string, string, unknown>> }>>; policies
: ArrayC<TypeC<{ description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; firewallPolicy
: TypeC<{ statefulDefaultActions
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; statefulEngineOptions
: OptionalType<EnumType<"DEFAULT_ACTION_ORDER" | "STRICT_ORDER">>; statefulRuleGroups
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; priority
: OptionalType<NumberC> }>>>; statelessCustomActions
: OptionalType<ArrayC<TypeC<{ actionDefinition
: TypeC<{ publishMetricAction
: TypeC<{ dimensions
: ArrayC<SizedType<string, Type<string, string, unknown>>> }> }>; actionName
: SizedType<string, Type<string, string, unknown>> }>>>; statelessDefaultActions
: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>; statelessFragmentDefaultActions
: ArrayC<UnionC<[EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">, SizedType<string, Type<string, string, unknown>>]>>; statelessRuleGroups
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; priority
: NumberC }>>> }>; name
: SizedType<string, Type<string, string, unknown>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>; rules
: ArrayC<TypeC<{ capacity
: NumberC; description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; ruleGroup
: OptionalType<TypeC<{ ruleVariables
: OptionalType<TypeC<{ ipSets
: TypeC<{ definition
: ArrayC<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>> }>; portSets
: TypeC<{ definition
: ArrayC<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>> }> }>>; rulesSource
: TypeC<{ rulesFile
: OptionalType<SizedType<string, Type<string, string, unknown>>>; rulesSourceList
: OptionalType<TypeC<{ generatedRulesType
: EnumType<"ALLOWLIST" | "DENYLIST">; targetTypes
: ArrayC<EnumType<"TLS_SNI" | "HTTP_HOST">>; targets
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>; rulesString
: OptionalType<SizedType<string, Type<string, string, unknown>>>; statefulRules
: OptionalType<ArrayC<TypeC<{ action
: EnumType<"ALERT" | "DROP" | "PASS">; header
: TypeC<{ destination
: SizedType<string, Type<string, string, unknown>>; destinationPort
: SizedType<string, Type<string, string, unknown>>; direction
: EnumType<"FORWARD" | "ANY">; protocol
: EnumType<"TCP" | "TLS" | "UDP" | "HTTP" | "SSH" | "ICMP" | "DCERPC" | "DHCP" | "DNS" | "FTP" | "IKEV2" | "IMAP" | "IP" | "KRB5" | "MSN" | "NTP" | "SMB" | "SMTP" | "TFTP">; source
: SizedType<string, Type<string, string, unknown>>; sourcePort
: SizedType<string, Type<string, string, unknown>> }>; ruleOptions
: ArrayC<TypeC<{ keyword
: SizedType<string, Type<string, string, unknown>>; settings
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>> }>>>; statelessRulesAndCustomActions
: OptionalType<TypeC<{ customActions
: OptionalType<ArrayC<TypeC<{ actionDefinition
: TypeC<{ publishMetricAction
: TypeC<{ dimensions
: ArrayC<SizedType<string, Type<string, string, unknown>>> }> }>; actionName
: SizedType<string, Type<string, string, unknown>> }>>>; statelessRules
: ArrayC<TypeC<{ priority
: NumberC; ruleDefinition
: TypeC<{ actions
: ArrayC<EnumType<"aws:pass" | "aws:drop" | "aws:forward_to_sfe">>; matchAttributes
: TypeC<{ destinationPorts
: OptionalType<ArrayC<TypeC<{ fromPort
: NumberC; toPort
: NumberC }>>>; destinations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; protocols
: OptionalType<ArrayC<NumberC>>; sourcePorts
: OptionalType<ArrayC<TypeC<{ fromPort
: NumberC; toPort
: NumberC }>>>; sources
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; tcpFlags
: OptionalType<ArrayC<TypeC<{ flags
: ArrayC<StringC>; masks
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>> }> }> }>> }>> }>; statefulRuleOptions
: OptionalType<EnumType<"DEFAULT_ACTION_ORDER" | "STRICT_ORDER">> }>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; type
: EnumType<"STATEFUL" | "STATELESS"> }>> }>>; route53Resolver
: OptionalType<TypeC<{ endpoints
: OptionalType<ArrayC<TypeC<{ allowedCidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; name
: SizedType<string, Type<string, string, unknown>>; rules
: OptionalType<ArrayC<TypeC<{ domainName
: SizedType<string, Type<string, string, unknown>>; excludedRegions
: OptionalType<ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>>; inboundEndpointTarget
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; ruleType
: OptionalType<EnumType<"FORWARD" | "RECURSIVE" | "SYSTEM">>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; targetIps
: OptionalType<ArrayC<TypeC<{ ip
: SizedType<string, Type<string, string, unknown>>; port
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>> }>>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; type
: EnumType<"INBOUND" | "OUTBOUND">; vpc
: SizedType<string, Type<string, string, unknown>> }>>>; firewallRuleGroups
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; rules
: ArrayC<TypeC<{ action
: EnumType<"ALLOW" | "ALERT" | "BLOCK">; blockOverrideDomain
: OptionalType<SizedType<string, Type<string, string, unknown>>>; blockOverrideTtl
: OptionalType<NumberC>; blockResponse
: OptionalType<EnumType<"NODATA" | "NXDOMAIN" | "OVERRIDE">>; customDomainList
: OptionalType<SizedType<string, Type<string, string, unknown>>>; managedDomainList
: OptionalType<EnumType<"AWSManagedDomainsBotnetCommandandControl" | "AWSManagedDomainsMalwareDomainList">>; name
: SizedType<string, Type<string, string, unknown>>; priority
: NumberC }>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; queryLogs
: OptionalType<TypeC<{ destinations
: ArrayC<EnumType<"s3" | "cloud-watch-logs">>; name
: SizedType<string, Type<string, string, unknown>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>> }>>; rules
: OptionalType<ArrayC<TypeC<{ domainName
: SizedType<string, Type<string, string, unknown>>; excludedRegions
: OptionalType<ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>>; inboundEndpointTarget
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; ruleType
: OptionalType<EnumType<"FORWARD" | "RECURSIVE" | "SYSTEM">>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; targetIps
: OptionalType<ArrayC<TypeC<{ ip
: SizedType<string, Type<string, string, unknown>>; port
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>> }>>> }>> }>>; certificates
: OptionalType<ArrayC<TypeC<{ cert
: OptionalType<SizedType<string, Type<string, string, unknown>>>; chain
: OptionalType<SizedType<string, Type<string, string, unknown>>>; deploymentTargets
: TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; excludedAccounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; excludedRegions
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>; domain
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; privKey
: OptionalType<SizedType<string, Type<string, string, unknown>>>; san
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; type
: EnumType<"import" | "request">; validation
: OptionalType<EnumType<"EMAIL" | "DNS">> }>>>; customerGateways
: OptionalType<ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; asn
: NumberC; ipAddress
: SizedType<string, Type<string, string, unknown>>; name
: SizedType<string, Type<string, string, unknown>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; vpnConnections
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; routeTableAssociations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; routeTablePropagations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; staticRoutesOnly
: OptionalType<BooleanC>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; transitGateway
: OptionalType<SizedType<string, Type<string, string, unknown>>>; tunnelSpecifications
: OptionalType<ArrayC<TypeC<{ preSharedKey
: OptionalType<SizedType<string, Type<string, string, unknown>>>; tunnelInsideCidr
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>>; vpc
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>> }>>>; defaultVpc
: TypeC<{ delete
: BooleanC; excludeAccounts
: OptionalType<ArrayC<StringC>> }>; dhcpOptions
: OptionalType<ArrayC<TypeC<{ accounts
: ArrayC<SizedType<string, Type<string, string, unknown>>>; domainName
: OptionalType<SizedType<string, Type<string, string, unknown>>>; domainNameServers
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; name
: SizedType<string, Type<string, string, unknown>>; netbiosNameServers
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; netbiosNodeType
: OptionalType<EnumType<1 | 2 | 4 | 8>>; ntpServers
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; directConnectGateways
: OptionalType<ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; asn
: NumberC; gatewayName
: SizedType<string, Type<string, string, unknown>>; name
: SizedType<string, Type<string, string, unknown>>; transitGatewayAssociations
: OptionalType<ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; allowedPrefixes
: ArrayC<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; routeTableAssociations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; routeTablePropagations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>>; virtualInterfaces
: OptionalType<ArrayC<TypeC<{ addressFamily
: OptionalType<EnumType<"ipv4" | "ipv6">>; amazonAddress
: OptionalType<SizedType<string, Type<string, string, unknown>>>; connectionId
: SizedType<string, Type<string, string, unknown>>; customerAddress
: OptionalType<SizedType<string, Type<string, string, unknown>>>; customerAsn
: NumberC; enableSiteLink
: OptionalType<BooleanC>; interfaceName
: SizedType<string, Type<string, string, unknown>>; jumboFrames
: OptionalType<BooleanC>; name
: SizedType<string, Type<string, string, unknown>>; ownerAccount
: SizedType<string, Type<string, string, unknown>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; type
: EnumType<"private" | "transit">; vlan
: NumberC }>>> }>>>; elbAccountIds
: OptionalType<ArrayC<TypeC<{ accountId
: SizedType<string, Type<string, string, unknown>>; region
: SizedType<string, Type<string, string, unknown>> }>>>; endpointPolicies
: ArrayC<TypeC<{ document
: SizedType<string, Type<string, string, unknown>>; name
: SizedType<string, Type<string, string, unknown>> }>>; firewallManagerService
: OptionalType<TypeC<{ delegatedAdminAccount
: SizedType<string, Type<string, string, unknown>>; notificationChannels
: OptionalType<ArrayC<TypeC<{ region
: SizedType<string, Type<string, string, unknown>>; snsTopic
: SizedType<string, Type<string, string, unknown>> }>>> }>>; prefixLists
: OptionalType<ArrayC<TypeC<{ accounts
: ArrayC<SizedType<string, Type<string, string, unknown>>>; addressFamily
: EnumType<"IPv4" | "IPv6">; entries
: ArrayC<SizedType<string, Type<string, string, unknown>>>; maxEntries
: NumberC; name
: SizedType<string, Type<string, string, unknown>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; transitGatewayPeering
: OptionalType<ArrayC<TypeC<{ accepter
: TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; applyTags
: OptionalType<BooleanC>; autoAccept
: OptionalType<BooleanC>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; routeTableAssociations
: SizedType<string, Type<string, string, unknown>>; transitGatewayName
: SizedType<string, Type<string, string, unknown>> }>; name
: SizedType<string, Type<string, string, unknown>>; requester
: TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; routeTableAssociations
: SizedType<string, Type<string, string, unknown>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; transitGatewayName
: SizedType<string, Type<string, string, unknown>> }> }>>>; transitGateways
: ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; asn
: NumberC; autoAcceptSharingAttachments
: EnumType<"enable" | "disable">; defaultRouteTableAssociation
: EnumType<"enable" | "disable">; defaultRouteTablePropagation
: EnumType<"enable" | "disable">; dnsSupport
: EnumType<"enable" | "disable">; name
: SizedType<string, Type<string, string, unknown>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; routeTables
: ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; routes
: ArrayC<TypeC<{ attachment
: OptionalType<UnionC<[TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; vpcName
: SizedType<string, Type<string, string, unknown>> }>, TypeC<{ directConnectGatewayName
: SizedType<string, Type<string, string, unknown>> }>, TypeC<{ vpnConnectionName
: SizedType<string, Type<string, string, unknown>> }>, TypeC<{ transitGatewayPeeringName
: SizedType<string, Type<string, string, unknown>> }>]>>; blackhole
: OptionalType<BooleanC>; destinationCidrBlock
: OptionalType<SizedType<string, Type<string, string, unknown>>>; destinationPrefixList
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; vpnEcmpSupport
: EnumType<"enable" | "disable"> }>>; vpcFlowLogs
: TypeC<{ customFields
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; defaultFormat
: BooleanC; destinations
: ArrayC<EnumType<"s3" | "cloud-watch-logs">>; destinationsConfig
: OptionalType<TypeC<{ cloudWatchLogs
: OptionalType<TypeC<{ kms
: OptionalType<SizedType<string, Type<string, string, unknown>>>; retentionInDays
: OptionalType<NumberC> }>>; s3
: OptionalType<TypeC<{ lifecycleRules
: OptionalType<ArrayC<TypeC<{ abortIncompleteMultipartUpload
: OptionalType<NumberC>; enabled
: OptionalType<BooleanC>; expiration
: OptionalType<NumberC>; expiredObjectDeleteMarker
: OptionalType<BooleanC>; id
: OptionalType<StringC>; noncurrentVersionExpiration
: OptionalType<NumberC>; noncurrentVersionTransitions
: OptionalType<ArrayC<TypeC<{ storageClass
: EnumType<"DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "STANDARD_IA" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "Value should be an AWS S3 Storage Class.">; transitionAfter
: NumberC }>>>; transitions
: OptionalType<ArrayC<TypeC<{ storageClass
: EnumType<"DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "STANDARD_IA" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "Value should be an AWS S3 Storage Class.">; transitionAfter
: NumberC }>>> }>>> }>> }>>; maxAggregationInterval
: NumberC; trafficType
: EnumType<"ALL" | "ACCEPT" | "REJECT"> }>; vpcPeering
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; vpcs
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>>; vpcTemplates
: OptionalType<ArrayC<TypeC<{ cidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; deploymentTargets
: TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; excludedAccounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; excludedRegions
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>; dhcpOptions
: OptionalType<SizedType<string, Type<string, string, unknown>>>; dnsFirewallRuleGroups
: OptionalType<ArrayC<TypeC<{ mutationProtection
: OptionalType<EnumType<"ENABLED" | "DISABLED">>; name
: SizedType<string, Type<string, string, unknown>>; priority
: NumberC; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; enableDnsHostnames
: OptionalType<BooleanC>; enableDnsSupport
: OptionalType<BooleanC>; gatewayEndpoints
: OptionalType<TypeC<{ defaultPolicy
: SizedType<string, Type<string, string, unknown>>; endpoints
: ArrayC<TypeC<{ policy
: OptionalType<SizedType<string, Type<string, string, unknown>>>; service
: EnumType<"s3" | "dynamodb"> }>> }>>; instanceTenancy
: OptionalType<EnumType<"default" | "dedicated">>; interfaceEndpoints
: OptionalType<TypeC<{ allowedCidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; central
: OptionalType<BooleanC>; defaultPolicy
: SizedType<string, Type<string, string, unknown>>; endpoints
: ArrayC<TypeC<{ policy
: OptionalType<SizedType<string, Type<string, string, unknown>>>; service
: SizedType<string, Type<string, string, unknown>>; serviceName
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>; internetGateway
: OptionalType<BooleanC>; ipamAllocations
: OptionalType<ArrayC<TypeC<{ ipamPoolName
: SizedType<string, Type<string, string, unknown>>; netmaskLength
: NumberC }>>>; loadBalancers
: OptionalType<TypeC<{ applicationLoadBalancers
: OptionalType<ArrayC<TypeC<{ attributes
: OptionalType<TypeC<{ deletionProtection
: OptionalType<BooleanC>; http2Enabled
: OptionalType<BooleanC>; idleTimeout
: OptionalType<NumberC>; routingHttpDesyncMitigationMode
: OptionalType<EnumType<"monitor" | "defensive" | "strictest">>; routingHttpDropInvalidHeader
: OptionalType<BooleanC>; routingHttpXAmznTlsCipherEnable
: OptionalType<BooleanC>; routingHttpXffClientPort
: OptionalType<BooleanC>; routingHttpXffHeaderProcessingMode
: OptionalType<EnumType<"append" | "preserve" | "remove">>; wafFailOpen
: OptionalType<BooleanC> }>>; listeners
: OptionalType<ArrayC<TypeC<{ certificate
: OptionalType<SizedType<string, Type<string, string, unknown>>>; fixedResponseConfig
: OptionalType<TypeC<{ contentType
: OptionalType<SizedType<string, Type<string, string, unknown>>>; messageBody
: OptionalType<SizedType<string, Type<string, string, unknown>>>; statusCode
: SizedType<string, Type<string, string, unknown>> }>>; forwardConfig
: OptionalType<TypeC<{ targetGroupStickinessConfig
: OptionalType<TypeC<{ durationSeconds
: OptionalType<NumberC>; enabled
: OptionalType<BooleanC> }>> }>>; name
: SizedType<string, Type<string, string, unknown>>; order
: OptionalType<NumberC>; port
: NumberC; protocol
: EnumType<"HTTP" | "HTTPS">; redirectConfig
: OptionalType<TypeC<{ host
: OptionalType<SizedType<string, Type<string, string, unknown>>>; path
: OptionalType<SizedType<string, Type<string, string, unknown>>>; port
: OptionalType<NumberC>; protocol
: OptionalType<SizedType<string, Type<string, string, unknown>>>; query
: OptionalType<SizedType<string, Type<string, string, unknown>>>; statusCode
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>; sslPolicy
: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-2016-08">>; targetGroup
: SizedType<string, Type<string, string, unknown>>; type
: EnumType<"fixed-response" | "forward" | "redirect"> }>>>; name
: SizedType<string, Type<string, string, unknown>>; scheme
: OptionalType<EnumType<"internet-facing" | "internal">>; securityGroups
: ArrayC<SizedType<string, Type<string, string, unknown>>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>>; networkLoadBalancers
: OptionalType<ArrayC<TypeC<{ crossZoneLoadBalancing
: OptionalType<BooleanC>; deletionProtection
: OptionalType<BooleanC>; listeners
: OptionalType<ArrayC<TypeC<{ alpnPolicy
: OptionalType<EnumType<"HTTP1Only" | "HTTP2Only" | "HTTP2Optional" | "HTTP2Preferred" | "None">>; certificate
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; port
: OptionalType<NumberC>; protocol
: OptionalType<EnumType<"TCP" | "TLS" | "UDP" | "TCP_UDP">>; sslPolicy
: OptionalType<EnumType<"ELBSecurityPolicy-TLS-1-0-2015-04" | "ELBSecurityPolicy-TLS-1-1-2017-01" | "ELBSecurityPolicy-TLS-1-2-2017-01" | "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" | "ELBSecurityPolicy-FS-2018-06" | "ELBSecurityPolicy-FS-1-1-2019-08" | "ELBSecurityPolicy-FS-1-2-2019-08" | "ELBSecurityPolicy-FS-1-2-Res-2019-08" | "ELBSecurityPolicy-2015-05" | "ELBSecurityPolicy-FS-1-2-Res-2020-10" | "ELBSecurityPolicy-TLS13-1-2-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Res-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06" | "ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06" | "ELBSecurityPolicy-TLS13-1-1-2021-06" | "ELBSecurityPolicy-TLS13-1-0-2021-06" | "ELBSecurityPolicy-TLS13-1-3-2021-06" | "ELBSecurityPolicy-2016-08">>; targetGroup
: SizedType<string, Type<string, string, unknown>> }>>>; name
: SizedType<string, Type<string, string, unknown>>; scheme
: OptionalType<EnumType<"internet-facing" | "internal">>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>> }>>; name
: SizedType<string, Type<string, string, unknown>>; natGateways
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; subnet
: SizedType<string, Type<string, string, unknown>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; networkAcls
: OptionalType<ArrayC<TypeC<{ inboundRules
: OptionalType<ArrayC<TypeC<{ action
: EnumType<"allow" | "deny">; fromPort
: NumberC; protocol
: NumberC; rule
: NumberC; source
: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{ account
: OptionalType<SizedType<string, Type<string, string, unknown>>>; subnet
: SizedType<string, Type<string, string, unknown>>; vpc
: SizedType<string, Type<string, string, unknown>> }>]>; toPort
: NumberC }>>>; name
: SizedType<string, Type<string, string, unknown>>; outboundRules
: OptionalType<ArrayC<TypeC<{ action
: EnumType<"allow" | "deny">; destination
: UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{ account
: OptionalType<SizedType<string, Type<string, string, unknown>>>; subnet
: SizedType<string, Type<string, string, unknown>>; vpc
: SizedType<string, Type<string, string, unknown>> }>]>; fromPort
: NumberC; protocol
: NumberC; rule
: NumberC; toPort
: NumberC }>>>; subnetAssociations
: ArrayC<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; prefixLists
: OptionalType<ArrayC<TypeC<{ accounts
: ArrayC<SizedType<string, Type<string, string, unknown>>>; addressFamily
: EnumType<"IPv4" | "IPv6">; entries
: ArrayC<SizedType<string, Type<string, string, unknown>>>; maxEntries
: NumberC; name
: SizedType<string, Type<string, string, unknown>>; regions
: ArrayC<EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; queryLogs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; region
: EnumType<"af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1">; resolverRules
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; routeTables
: OptionalType<ArrayC<TypeC<{ gatewayAssociation
: OptionalType<EnumType<"internetGateway" | "virtualPrivateGateway">>; name
: SizedType<string, Type<string, string, unknown>>; routes
: OptionalType<ArrayC<TypeC<{ destination
: OptionalType<SizedType<string, Type<string, string, unknown>>>; destinationPrefixList
: OptionalType<SizedType<string, Type<string, string, unknown>>>; name
: SizedType<string, Type<string, string, unknown>>; target
: OptionalType<SizedType<string, Type<string, string, unknown>>>; targetAvailabilityZone
: OptionalType<SizedType<string, Type<string, string, unknown>>>; type
: OptionalType<EnumType<"transitGateway" | "natGateway" | "internetGateway" | "local" | "localGateway" | "gatewayEndpoint" | "gatewayLoadBalancerEndpoint" | "networkInterface" | "networkFirewall" | "virtualPrivateGateway" | "vpcPeering">> }>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; securityGroups
: OptionalType<ArrayC<TypeC<{ description
: OptionalType<SizedType<string, Type<string, string, unknown>>>; inboundRules
: OptionalType<ArrayC<TypeC<{ description
: SizedType<string, Type<string, string, unknown>>; fromPort
: OptionalType<NumberC>; port
: OptionalType<NumberC>; sources
: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{ account
: OptionalType<SizedType<string, Type<string, string, unknown>>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; vpc
: SizedType<string, Type<string, string, unknown>> }>, TypeC<{ securityGroups
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>, TypeC<{ prefixLists
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>]>>; tcpPorts
: OptionalType<ArrayC<NumberC>>; toPort
: OptionalType<NumberC>; types
: OptionalType<ArrayC<EnumType<"ALL" | "TCP" | "UDP" | "HTTP" | "HTTPS" | "REDSHIFT" | "RDP" | "SSH" | "MYSQL" | "MYSQL/AURORA" | "POSTGRESQL" | "ORACLE-RDS" | "ICMP">>>; udpPorts
: OptionalType<ArrayC<NumberC>> }>>>; name
: SizedType<string, Type<string, string, unknown>>; outboundRules
: OptionalType<ArrayC<TypeC<{ description
: SizedType<string, Type<string, string, unknown>>; fromPort
: OptionalType<NumberC>; port
: OptionalType<NumberC>; sources
: ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{ account
: OptionalType<SizedType<string, Type<string, string, unknown>>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; vpc
: SizedType<string, Type<string, string, unknown>> }>, TypeC<{ securityGroups
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>, TypeC<{ prefixLists
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>]>>; tcpPorts
: OptionalType<ArrayC<NumberC>>; toPort
: OptionalType<NumberC>; types
: OptionalType<ArrayC<EnumType<"ALL" | "TCP" | "UDP" | "HTTP" | "HTTPS" | "REDSHIFT" | "RDP" | "SSH" | "MYSQL" | "MYSQL/AURORA" | "POSTGRESQL" | "ORACLE-RDS" | "ICMP">>>; udpPorts
: OptionalType<ArrayC<NumberC>> }>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; subnets
: OptionalType<ArrayC<TypeC<{ availabilityZone
: OptionalType<SizedType<string, Type<string, string, unknown>>>; ipamAllocation
: OptionalType<TypeC<{ ipamPoolName
: SizedType<string, Type<string, string, unknown>>; netmaskLength
: NumberC }>>; ipv4CidrBlock
: OptionalType<SizedType<string, Type<string, string, unknown>>>; mapPublicIpOnLaunch
: OptionalType<BooleanC>; name
: SizedType<string, Type<string, string, unknown>>; outpost
: OptionalType<SizedType<string, Type<string, string, unknown>>>; routeTable
: SizedType<string, Type<string, string, unknown>>; shareTargets
: OptionalType<TypeC<{ accounts
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; organizationalUnits
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>> }>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; targetGroups
: OptionalType<ArrayC<TypeC<{ attributes
: OptionalType<TypeC<{ algorithm
: OptionalType<EnumType<"round_robin" | "least_outstanding_requests">>; appCookieDuration
: OptionalType<NumberC>; appCookieName
: OptionalType<SizedType<string, Type<string, string, unknown>>>; connectionTermination
: OptionalType<BooleanC>; deregistrationDelay
: OptionalType<NumberC>; lbCookieDuration
: OptionalType<NumberC>; preserveClientIp
: OptionalType<BooleanC>; proxyProtocolV2
: OptionalType<BooleanC>; slowStart
: OptionalType<NumberC>; stickiness
: OptionalType<BooleanC>; stickinessType
: OptionalType<EnumType<"lb_cookie" | "app_cookie" | "source_ip" | "source_ip_dest_ip" | "source_ip_dest_ip_proto">>; targetFailover
: OptionalType<EnumType<"no_rebalance" | "rebalance">> }>>; healthCheck
: OptionalType<TypeC<{ interval
: OptionalType<NumberC>; path
: OptionalType<SizedType<string, Type<string, string, unknown>>>; port
: OptionalType<NumberC>; protocol
: OptionalType<EnumType<"TCP" | "HTTP" | "HTTPS">>; timeout
: OptionalType<NumberC> }>>; matcher
: OptionalType<TypeC<{ grpcCode
: OptionalType<SizedType<string, Type<string, string, unknown>>>; httpCode
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>; name
: SizedType<string, Type<string, string, unknown>>; port
: NumberC; protocol
: EnumType<"TCP" | "TLS" | "UDP" | "TCP_UDP" | "HTTP" | "HTTPS" | "GENEVE">; protocolVersion
: OptionalType<EnumType<"GRPC" | "HTTP1" | "HTTP2">>; targets
: OptionalType<ArrayC<UnionC<[SizedType<string, Type<string, string, unknown>>, TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; nlbName
: SizedType<string, Type<string, string, unknown>>; region
: SizedType<string, Type<string, string, unknown>> }>]>>>; threshold
: OptionalType<TypeC<{ healthy
: OptionalType<NumberC>; unhealthy
: OptionalType<NumberC> }>>; type
: EnumType<"instance" | "ip" | "alb"> }>>>; transitGatewayAttachments
: OptionalType<ArrayC<TypeC<{ name
: SizedType<string, Type<string, string, unknown>>; options
: OptionalType<TypeC<{ applianceModeSupport
: OptionalType<EnumType<"enable" | "disable">>; dnsSupport
: OptionalType<EnumType<"enable" | "disable">>; ipv6Support
: OptionalType<EnumType<"enable" | "disable">> }>>; routeTableAssociations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; routeTablePropagations
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>>; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>>; transitGateway
: TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; name
: SizedType<string, Type<string, string, unknown>> }> }>>>; useCentralEndpoints
: OptionalType<BooleanC>; virtualPrivateGateway
: OptionalType<TypeC<{ asn
: OptionalType<NumberC> }>>; vpcFlowLogs
: OptionalType<TypeC<{ customFields
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; defaultFormat
: BooleanC; destinations
: ArrayC<EnumType<"s3" | "cloud-watch-logs">>; destinationsConfig
: OptionalType<TypeC<{ cloudWatchLogs
: OptionalType<TypeC<{ kms
: OptionalType<SizedType<string, Type<string, string, unknown>>>; retentionInDays
: OptionalType<NumberC> }>>; s3
: OptionalType<TypeC<{ lifecycleRules
: OptionalType<ArrayC<TypeC<{ abortIncompleteMultipartUpload
: OptionalType<NumberC>; enabled
: OptionalType<BooleanC>; expiration
: OptionalType<NumberC>; expiredObjectDeleteMarker
: OptionalType<BooleanC>; id
: OptionalType<StringC>; noncurrentVersionExpiration
: OptionalType<NumberC>; noncurrentVersionTransitions
: OptionalType<ArrayC<TypeC<{ storageClass
: EnumType<"DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "STANDARD_IA" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "Value should be an AWS S3 Storage Class.">; transitionAfter
: NumberC }>>>; transitions
: OptionalType<ArrayC<TypeC<{ storageClass
: EnumType<"DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "STANDARD_IA" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "Value should be an AWS S3 Storage Class.">; transitionAfter
: NumberC }>>> }>>> }>> }>>; maxAggregationInterval
: NumberC; trafficType
: EnumType<"ALL" | "ACCEPT" | "REJECT"> }>> }>>>; vpcs
: ArrayC<TypeC<{ account
: SizedType<string, Type<string, string, unknown>>; cidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; dhcpOptions
: OptionalType<SizedType<string, Type<string, string, unknown>>>; dnsFirewallRuleGroups
: OptionalType<ArrayC<TypeC<{ mutationProtection
: OptionalType<EnumType<"ENABLED" | "DISABLED">>; name
: SizedType<string, Type<string, string, unknown>>; priority
: NumberC; tags
: OptionalType<ArrayC<TypeC<{ key
: StringC; value
: StringC }>>> }>>>; enableDnsHostnames
: OptionalType<BooleanC>; enableDnsSupport
: OptionalType<BooleanC>; gatewayEndpoints
: OptionalType<TypeC<{ defaultPolicy
: SizedType<string, Type<string, string, unknown>>; endpoints
: ArrayC<TypeC<{ policy
: OptionalType<SizedType<string, Type<string, string, unknown>>>; service
: EnumType<"s3" | "dynamodb"> }>> }>>; instanceTenancy
: OptionalType<EnumType<"default" | "dedicated">>; interfaceEndpoints
: OptionalType<TypeC<{ allowedCidrs
: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>; central
: OptionalType<BooleanC>; defaultPolicy
: SizedType<string, Type<string, string, unknown>>; endpoints
: ArrayC<TypeC<{ policy
: OptionalType<SizedType<string, Type<string, string, unknown>>>; service
: SizedType<string, Type<string, string, unknown>>; serviceName
: OptionalType<SizedType<string, Type<string, string, unknown>>> }>>; subnets
: ArrayC<SizedType<string, Type<string, string, unknown>>> }>>; internetGateway
: OptionalType<BooleanC>; ipamAllocations
: OptionalType<ArrayC<TypeC<{ ipamPoolName
: SizedType<string, Type<string, string, unknown>>; netmaskLength
: NumberC }>>>; loadBalancers
: OptionalType<TypeC<{ applicationLoadBalancers
: OptionalType<ArrayC<TypeC<{ attributes
: OptionalType<TypeC<{ deletionProtection
: OptionalType<BooleanC>; http2Enabled
: OptionalType<BooleanC>; idleTimeout
: OptionalType<NumberC>; routingHttpDesyncMitigationMode
: OptionalType<EnumType<"monitor" | "defensive" | "strictest">>; routingHttpDropInvalidHeader
: OptionalType<BooleanC>; routingHttpXAmznTlsCipherEnable
: OptionalType<BooleanC>; routingHttpXffClientPort
: OptionalType<BooleanC>; routingHttpXffHeaderProcessingMode
: OptionalType<EnumType<"append" | "preserve" | "remove">>; wafF
Network configuration items.