aws-sdk-iot 1.80.0 → 1.111.0

data/lib/aws-sdk-iot/client.rb

@@ -27,7 +27,11 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
-require 'aws-sdk-core/plugins/signature_v4.rb'
+require 'aws-sdk-core/plugins/checksum_algorithm.rb'
+require 'aws-sdk-core/plugins/request_compression.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
+require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/rest_json.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:iot)
@@ -73,8 +77,13 @@ module Aws::IoT
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
-    add_plugin(Aws::Plugins::SignatureV4)
+    add_plugin(Aws::Plugins::ChecksumAlgorithm)
+    add_plugin(Aws::Plugins::RequestCompression)
+    add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
+    add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::RestJson)
+    add_plugin(Aws::IoT::Plugins::Endpoints)
 
     # @overload initialize(options)
     #   @param [Hash] options
@@ -175,10 +184,18 @@ module Aws::IoT
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
     #
+    #   @option options [Boolean] :disable_request_compression (false)
+    #     When set to 'true' the request body will not be compressed
+    #     for supported operations.
+    #
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
@@ -199,6 +216,10 @@ module Aws::IoT
     #   @option options [Boolean] :endpoint_discovery (false)
     #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
+    #   @option options [Boolean] :ignore_configured_endpoint_urls
+    #     Setting to true disables use of endpoint URLs provided via environment
+    #     variables and the shared configuration file.
+    #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
     #
@@ -219,6 +240,11 @@ module Aws::IoT
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Integer] :request_min_compression_size_bytes (10240)
+    #     The minimum size in bytes that triggers compression for request
+    #     bodies. The value must be non-negative integer value between 0
+    #     and 10485780 bytes inclusive.
+    #
     #   @option options [Proc] :retry_backoff
     #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
     #     This option is only used in the `legacy` retry mode.
@@ -264,6 +290,11 @@ module Aws::IoT
     #       in the future.
     #
     #
+    #   @option options [String] :sdk_ua_app_id
+    #     A unique and opaque application ID that is appended to the
+    #     User-Agent header as app/<sdk_ua_app_id>. It should have a
+    #     maximum length of 50.
+    #
     #   @option options [String] :secret_access_key
     #
     #   @option options [String] :session_token
@@ -277,6 +308,19 @@ module Aws::IoT
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::TokenProvider] :token_provider
+    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     following classes:
+    #
+    #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+    #       tokens.
+    #
+    #     * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+    #     will be used to search for tokens configured for your profile in shared configuration files.
+    #
     #   @option options [Boolean] :use_dualstack_endpoint
     #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
     #     will be used if available.
@@ -290,6 +334,9 @@ module Aws::IoT
     #     When `true`, request parameters are validated before
     #     sending the request.
     #
+    #   @option options [Aws::IoT::EndpointProvider] :endpoint_provider
+    #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::IoT::EndpointParameters`
+    #
     #   @option options [URI::HTTP,String] :http_proxy A proxy to send
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
@@ -297,7 +344,7 @@ module Aws::IoT
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -313,6 +360,9 @@ module Aws::IoT
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -569,7 +619,9 @@ module Aws::IoT
     # Attaches the specified policy to the specified principal (certificate
     # or other credential).
     #
-    # **Note:** This action is deprecated. Please use AttachPolicy instead.
+    # **Note:** This action is deprecated and works as expected for backward
+    # compatibility, but we won't add enhancements. Use AttachPolicy
+    # instead.
     #
     # Requires permission to access the [AttachPrincipalPolicy][1] action.
     #
@@ -634,8 +686,8 @@ module Aws::IoT
     end
 
     # Attaches the specified principal to the specified thing. A principal
-    # can be X.509 certificates, IAM users, groups, and roles, Amazon
-    # Cognito identities or federated identities.
+    # can be X.509 certificates, Amazon Cognito identities or federated
+    # identities.
     #
     # Requires permission to access the [AttachThingPrincipal][1] action.
     #
@@ -1006,6 +1058,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #     expiration_date: Time.now,
     #     suppress_indefinitely: false,
@@ -1063,6 +1121,15 @@ module Aws::IoT
     #   Specifies whether IoT validates the token signature in an
     #   authorization request.
     #
+    # @option params [Boolean] :enable_caching_for_http
+    #   When `true`, the result from the authorizer’s Lambda function is
+    #   cached for clients that use persistent HTTP connections. The results
+    #   are cached for the time specified by the Lambda function in
+    #   `refreshAfterInSeconds`. This value does not affect authorization of
+    #   clients that use MQTT connections.
+    #
+    #   The default value is `false`.
+    #
     # @return [Types::CreateAuthorizerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateAuthorizerResponse#authorizer_name #authorizer_name} => String
@@ -1085,6 +1152,7 @@ module Aws::IoT
     #       },
     #     ],
     #     signing_disabled: false,
+    #     enable_caching_for_http: false,
     #   })
     #
     # @example Response structure
@@ -1153,61 +1221,63 @@ module Aws::IoT
     # Creates an X.509 certificate using the specified certificate signing
     # request.
     #
-    # **Note:** The CSR must include a public key that is either an RSA key
-    # with a length of at least 2048 bits or an ECC key from NIST P-256,
-    # NIST P-384, or NIST P-512 curves. For supported certificates, consult
-    # [ Certificate signing algorithms supported by IoT][1].
+    # Requires permission to access the [CreateCertificateFromCsr][1]
+    # action.
+    #
+    # <note markdown="1"> The CSR must include a public key that is either an RSA key with a
+    # length of at least 2048 bits or an ECC key from NIST P-256, NIST
+    # P-384, or NIST P-521 curves. For supported certificates, consult [
+    # Certificate signing algorithms supported by IoT][2].
+    #
+    #  </note>
     #
-    # **Note:** Reusing the same certificate signing request (CSR) results
-    # in a distinct certificate.
+    # <note markdown="1"> Reusing the same certificate signing request (CSR) results in a
+    # distinct certificate.
     #
-    # Requires permission to access the [CreateCertificateFromCsr][2]
-    # action.
+    #  </note>
     #
     # You can create multiple certificates in a batch by creating a
-    # directory, copying multiple .csr files into that directory, and then
+    # directory, copying multiple `.csr` files into that directory, and then
     # specifying that directory on the command line. The following commands
-    # show how to create a batch of certificates given a batch of CSRs.
-    #
-    # Assuming a set of CSRs are located inside of the directory
-    # my-csr-directory:
+    # show how to create a batch of certificates given a batch of CSRs. In
+    # the following commands, we assume that a set of CSRs are located
+    # inside of the directory my-csr-directory:
     #
     # On Linux and OS X, the command is:
     #
-    # $ ls my-csr-directory/ \| xargs -I \\\{\\} aws iot
+    # `$ ls my-csr-directory/ | xargs -I \{\} aws iot
     # create-certificate-from-csr --certificate-signing-request
-    # file://my-csr-directory/\\\{\\}
+    # file://my-csr-directory/\{\}`
     #
     # This command lists all of the CSRs in my-csr-directory and pipes each
-    # CSR file name to the aws iot create-certificate-from-csr Amazon Web
+    # CSR file name to the `aws iot create-certificate-from-csr` Amazon Web
     # Services CLI command to create a certificate for the corresponding
     # CSR.
     #
-    # The aws iot create-certificate-from-csr part of the command can also
-    # be run in parallel to speed up the certificate creation process:
+    # You can also run the `aws iot create-certificate-from-csr` part of the
+    # command in parallel to speed up the certificate creation process:
     #
-    # $ ls my-csr-directory/ \| xargs -P 10 -I \\\{\\} aws iot
+    # `$ ls my-csr-directory/ | xargs -P 10 -I \{\} aws iot
     # create-certificate-from-csr --certificate-signing-request
-    # file://my-csr-directory/\\\{\\}
+    # file://my-csr-directory/\{\} `
     #
     # On Windows PowerShell, the command to create certificates for all CSRs
     # in my-csr-directory is:
     #
-    # &gt; ls -Name my-csr-directory \| %\\\{aws iot
-    # create-certificate-from-csr --certificate-signing-request
-    # file://my-csr-directory/$\_\\}
+    # `> ls -Name my-csr-directory | %\{aws iot create-certificate-from-csr
+    # --certificate-signing-request file://my-csr-directory/$_\} `
     #
     # On a Windows command prompt, the command to create certificates for
     # all CSRs in my-csr-directory is:
     #
-    # &gt; forfiles /p my-csr-directory /c "cmd /c aws iot
+    # `> forfiles /p my-csr-directory /c "cmd /c aws iot
     # create-certificate-from-csr --certificate-signing-request
-    # file://@path"
+    # file://@path" `
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms
-    # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [2]: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms
     #
     # @option params [required, String] :certificate_signing_request
     #   The certificate signing request (CSR).
@@ -1252,17 +1322,21 @@ module Aws::IoT
     #
     # @option params [required, String] :metric_name
     #   The name of the custom metric. This will be used in the metric report
-    #   submitted from the device/thing. Shouldn't begin with `aws:`. Cannot
-    #   be updated once defined.
+    #   submitted from the device/thing. The name can't begin with `aws:`.
+    #   You can't change the name after you define it.
     #
     # @option params [String] :display_name
-    #   Field represents a friendly name in the console for the custom metric;
-    #   it doesn't have to be unique. Don't use this name as the metric
-    #   identifier in the device metric report. Can be updated once defined.
+    #   The friendly name in the console for the custom metric. This name
+    #   doesn't have to be unique. Don't use this name as the metric
+    #   identifier in the device metric report. You can update the friendly
+    #   name after you define it.
     #
     # @option params [required, String] :metric_type
-    #   The type of the custom metric. Types include `string-list`,
-    #   `ip-address-list`, `number-list`, and `number`.
+    #   The type of the custom metric.
+    #
+    #   The type `number` only takes a single metric value as an input, but
+    #   when you submit the metrics value in the DeviceMetrics report, you
+    #   must pass it as an array with a single value.
     #
     # @option params [Array<Types::Tag>] :tags
     #   Metadata that can be used to manage the custom metric.
@@ -1428,6 +1502,9 @@ module Aws::IoT
     #
     #    </note>
     #
+    # @option params [Types::TlsConfig] :tls_config
+    #   An object that specifies the TLS configuration for a domain.
+    #
     # @return [Types::CreateDomainConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDomainConfigurationResponse#domain_configuration_name #domain_configuration_name} => String
@@ -1451,6 +1528,9 @@ module Aws::IoT
     #         value: "TagValue",
     #       },
     #     ],
+    #     tls_config: {
+    #       security_policy: "SecurityPolicy",
+    #     },
     #   })
     #
     # @example Response structure
@@ -1594,7 +1674,7 @@ module Aws::IoT
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html
     #
     # @option params [Array<Types::Tag>] :tags
     #   Metadata, which can be used to manage the fleet metric.
@@ -1656,20 +1736,18 @@ module Aws::IoT
     #   A list of things and thing groups to which the job should be sent.
     #
     # @option params [String] :document_source
-    #   An S3 link to the job document. Required if you don't specify a value
-    #   for `document`.
+    #   An S3 link, or S3 object URL, to the job document. The link is an
+    #   Amazon S3 object URL and is required if you don't specify a value for
+    #   `document`.
     #
-    #   <note markdown="1"> If the job document resides in an S3 bucket, you must use a
-    #   placeholder link when specifying the document.
+    #   For example, `--document-source
+    #   https://s3.region-code.amazonaws.com/example-firmware/device-firmware.1.0`
     #
-    #    The placeholder link is of the following form:
+    #   For more information, see [Methods for accessing a bucket][1].
     #
-    #    `$\{aws:iot:s3-presigned-url:https://s3.amazonaws.com/bucket/key\}`
     #
-    #    where *bucket* is your bucket name and *key* is the object in the
-    #   bucket to which you are linking.
     #
-    #    </note>
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html
     #
     # @option params [String] :document
     #   The job document. Required if you don't specify a value for
@@ -1689,11 +1767,18 @@ module Aws::IoT
     #   a thing when the thing is added to a target group, even after the job
     #   was completed by all things originally in the group.
     #
+    #   <note markdown="1"> We recommend that you use continuous jobs instead of snapshot jobs for
+    #   dynamic thing group targets. By using continuous jobs, devices that
+    #   join the group receive the job execution even after the job has been
+    #   created.
+    #
+    #    </note>
+    #
     # @option params [Types::JobExecutionsRolloutConfig] :job_executions_rollout_config
     #   Allows you to create a staged rollout of the job.
     #
     # @option params [Types::AbortConfig] :abort_config
-    #   Allows you to create criteria to abort a job.
+    #   Allows you to create the criteria to abort a job.
     #
     # @option params [Types::TimeoutConfig] :timeout_config
     #   Specifies the amount of time each device has to finish its execution
@@ -1721,9 +1806,30 @@ module Aws::IoT
     # @option params [String] :job_template_arn
     #   The ARN of the job template used to create the job.
     #
+    # @option params [Types::JobExecutionsRetryConfig] :job_executions_retry_config
+    #   Allows you to create the criteria to retry a job.
+    #
     # @option params [Hash<String,String>] :document_parameters
-    #   Parameters of a managed template that you can specify to create the
-    #   job document.
+    #   Parameters of an Amazon Web Services managed template that you can
+    #   specify to create the job document.
+    #
+    #   <note markdown="1"> `documentParameters` can only be used when creating jobs from Amazon
+    #   Web Services managed templates. This parameter can't be used with
+    #   custom job templates or to create jobs from them.
+    #
+    #    </note>
+    #
+    # @option params [Types::SchedulingConfig] :scheduling_config
+    #   The configuration that allows you to schedule a job for a future date
+    #   and time in addition to specifying the end behavior for each job
+    #   execution.
+    #
+    # @option params [Array<String>] :destination_package_versions
+    #   The package version Amazon Resource Names (ARNs) that are installed on
+    #   the device when the job successfully completes.
+    #
+    #   **Note:**The following Length Constraints relates to a single string.
+    #   Up to five strings are allowed.
     #
     # @return [Types::CreateJobResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1776,9 +1882,29 @@ module Aws::IoT
     #     ],
     #     namespace_id: "NamespaceId",
     #     job_template_arn: "JobTemplateArn",
+    #     job_executions_retry_config: {
+    #       criteria_list: [ # required
+    #         {
+    #           failure_type: "FAILED", # required, accepts FAILED, TIMED_OUT, ALL
+    #           number_of_retries: 1, # required
+    #         },
+    #       ],
+    #     },
     #     document_parameters: {
     #       "ParameterKey" => "ParameterValue",
     #     },
+    #     scheduling_config: {
+    #       start_time: "StringDateTime",
+    #       end_time: "StringDateTime",
+    #       end_behavior: "STOP_ROLLOUT", # accepts STOP_ROLLOUT, CANCEL, FORCE_CANCEL
+    #       maintenance_windows: [
+    #         {
+    #           start_time: "CronExpression", # required
+    #           duration_in_minutes: 1, # required
+    #         },
+    #       ],
+    #     },
+    #     destination_package_versions: ["PackageVersionArn"],
     #   })
     #
     # @example Response structure
@@ -1810,20 +1936,18 @@ module Aws::IoT
     #   The ARN of the job to use as the basis for the job template.
     #
     # @option params [String] :document_source
-    #   An S3 link to the job document to use in the template. Required if you
-    #   don't specify a value for `document`.
+    #   An S3 link, or S3 object URL, to the job document. The link is an
+    #   Amazon S3 object URL and is required if you don't specify a value for
+    #   `document`.
     #
-    #   <note markdown="1"> If the job document resides in an S3 bucket, you must use a
-    #   placeholder link when specifying the document.
+    #   For example, `--document-source
+    #   https://s3.region-code.amazonaws.com/example-firmware/device-firmware.1.0`
     #
-    #    The placeholder link is of the following form:
+    #   For more information, see [Methods for accessing a bucket][1].
     #
-    #    `$\{aws:iot:s3-presigned-url:https://s3.amazonaws.com/bucket/key\}`
     #
-    #    where *bucket* is your bucket name and *key* is the object in the
-    #   bucket to which you are linking.
     #
-    #    </note>
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html
     #
     # @option params [String] :document
     #   The job document. Required if you don't specify a value for
@@ -1851,6 +1975,20 @@ module Aws::IoT
     # @option params [Array<Types::Tag>] :tags
     #   Metadata that can be used to manage the job template.
     #
+    # @option params [Types::JobExecutionsRetryConfig] :job_executions_retry_config
+    #   Allows you to create the criteria to retry a job.
+    #
+    # @option params [Array<Types::MaintenanceWindow>] :maintenance_windows
+    #   Allows you to configure an optional maintenance window for the rollout
+    #   of a job document to all devices in the target group for a job.
+    #
+    # @option params [Array<String>] :destination_package_versions
+    #   The package version Amazon Resource Names (ARNs) that are installed on
+    #   the device when the job successfully completes.
+    #
+    #   **Note:**The following Length Constraints relates to a single string.
+    #   Up to five strings are allowed.
+    #
     # @return [Types::CreateJobTemplateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateJobTemplateResponse#job_template_arn #job_template_arn} => String
@@ -1898,6 +2036,21 @@ module Aws::IoT
     #         value: "TagValue",
     #       },
     #     ],
+    #     job_executions_retry_config: {
+    #       criteria_list: [ # required
+    #         {
+    #           failure_type: "FAILED", # required, accepts FAILED, TIMED_OUT, ALL
+    #           number_of_retries: 1, # required
+    #         },
+    #       ],
+    #     },
+    #     maintenance_windows: [
+    #       {
+    #         start_time: "CronExpression", # required
+    #         duration_in_minutes: 1, # required
+    #       },
+    #     ],
+    #     destination_package_versions: ["PackageVersionArn"],
     #   })
     #
     # @example Response structure
@@ -2093,7 +2246,8 @@ module Aws::IoT
     #   create an OTA update job.
     #
     # @option params [Hash<String,String>] :additional_parameters
-    #   A list of additional OTA update parameters which are name-value pairs.
+    #   A list of additional OTA update parameters, which are name-value
+    #   pairs. They won't be sent to devices as a part of the Job document.
     #
     # @option params [Array<Types::Tag>] :tags
     #   Metadata which can be used to manage updates.
@@ -2208,7 +2362,7 @@ module Aws::IoT
     #   resp.aws_iot_job_id #=> String
     #   resp.ota_update_arn #=> String
     #   resp.aws_iot_job_arn #=> String
-    #   resp.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED"
+    #   resp.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
     #
     # @overload create_ota_update(params = {})
     # @param [Hash] params ({})
@@ -2217,6 +2371,144 @@ module Aws::IoT
       req.send_request(options)
     end
 
+    # Creates an IoT software package that can be deployed to your fleet.
+    #
+    # Requires permission to access the [CreatePackage][1] and
+    # [GetIndexingConfiguration][1] actions.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the new software package.
+    #
+    # @option params [String] :description
+    #   A summary of the package being created. This can be used to outline
+    #   the package's contents or purpose.
+    #
+    # @option params [Hash<String,String>] :tags
+    #   Metadata that can be used to manage the package.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Types::CreatePackageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreatePackageResponse#package_name #package_name} => String
+    #   * {Types::CreatePackageResponse#package_arn #package_arn} => String
+    #   * {Types::CreatePackageResponse#description #description} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_package({
+    #     package_name: "PackageName", # required
+    #     description: "ResourceDescription",
+    #     tags: {
+    #       "TagKey" => "TagValue",
+    #     },
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.package_name #=> String
+    #   resp.package_arn #=> String
+    #   resp.description #=> String
+    #
+    # @overload create_package(params = {})
+    # @param [Hash] params ({})
+    def create_package(params = {}, options = {})
+      req = build_request(:create_package, params)
+      req.send_request(options)
+    end
+
+    # Creates a new version for an existing IoT software package.
+    #
+    # Requires permission to access the [CreatePackageVersion][1] and
+    # [GetIndexingConfiguration][1] actions.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the associated software package.
+    #
+    # @option params [required, String] :version_name
+    #   The name of the new package version.
+    #
+    # @option params [String] :description
+    #   A summary of the package version being created. This can be used to
+    #   outline the package's contents or purpose.
+    #
+    # @option params [Hash<String,String>] :attributes
+    #   Metadata that can be used to define a package version’s configuration.
+    #   For example, the S3 file location, configuration options that are
+    #   being sent to the device or fleet.
+    #
+    #   The combined size of all the attributes on a package version is
+    #   limited to 3KB.
+    #
+    # @option params [Hash<String,String>] :tags
+    #   Metadata that can be used to manage the package version.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Types::CreatePackageVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreatePackageVersionResponse#package_version_arn #package_version_arn} => String
+    #   * {Types::CreatePackageVersionResponse#package_name #package_name} => String
+    #   * {Types::CreatePackageVersionResponse#version_name #version_name} => String
+    #   * {Types::CreatePackageVersionResponse#description #description} => String
+    #   * {Types::CreatePackageVersionResponse#attributes #attributes} => Hash&lt;String,String&gt;
+    #   * {Types::CreatePackageVersionResponse#status #status} => String
+    #   * {Types::CreatePackageVersionResponse#error_reason #error_reason} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_package_version({
+    #     package_name: "PackageName", # required
+    #     version_name: "VersionName", # required
+    #     description: "ResourceDescription",
+    #     attributes: {
+    #       "ResourceAttributeKey" => "ResourceAttributeValue",
+    #     },
+    #     tags: {
+    #       "TagKey" => "TagValue",
+    #     },
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.package_version_arn #=> String
+    #   resp.package_name #=> String
+    #   resp.version_name #=> String
+    #   resp.description #=> String
+    #   resp.attributes #=> Hash
+    #   resp.attributes["ResourceAttributeKey"] #=> String
+    #   resp.status #=> String, one of "DRAFT", "PUBLISHED", "DEPRECATED"
+    #   resp.error_reason #=> String
+    #
+    # @overload create_package_version(params = {})
+    # @param [Hash] params ({})
+    def create_package_version(params = {}, options = {})
+      req = build_request(:create_package_version, params)
+      req.send_request(options)
+    end
+
     # Creates an IoT policy.
     #
     # The created policy is the default version for the policy. This
@@ -2383,7 +2675,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Creates a fleet provisioning template.
+    # Creates a provisioning template.
     #
     # Requires permission to access the [CreateProvisioningTemplate][1]
     # action.
@@ -2393,26 +2685,32 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template.
+    #   The name of the provisioning template.
     #
     # @option params [String] :description
-    #   The description of the fleet provisioning template.
+    #   The description of the provisioning template.
     #
     # @option params [required, String] :template_body
-    #   The JSON formatted contents of the fleet provisioning template.
+    #   The JSON formatted contents of the provisioning template.
     #
     # @option params [Boolean] :enabled
-    #   True to enable the fleet provisioning template, otherwise false.
+    #   True to enable the provisioning template, otherwise false.
     #
     # @option params [required, String] :provisioning_role_arn
-    #   The role ARN for the role associated with the fleet provisioning
-    #   template. This IoT role grants permission to provision a device.
+    #   The role ARN for the role associated with the provisioning template.
+    #   This IoT role grants permission to provision a device.
     #
     # @option params [Types::ProvisioningHook] :pre_provisioning_hook
-    #   Creates a pre-provisioning hook template.
+    #   Creates a pre-provisioning hook template. Only supports template of
+    #   type `FLEET_PROVISIONING`. For more information about provisioning
+    #   template types, see [type][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type
     #
     # @option params [Array<Types::Tag>] :tags
-    #   Metadata which can be used to manage the fleet provisioning template.
+    #   Metadata which can be used to manage the provisioning template.
     #
     #   <note markdown="1"> For URI Request parameters use format:
     #   ...key1=value1&amp;key2=value2...
@@ -2425,6 +2723,17 @@ module Aws::IoT
     #
     #    </note>
     #
+    # @option params [String] :type
+    #   The type you define in a provisioning template. You can create a
+    #   template with only one type. You can't change the template type after
+    #   its creation. The default value is `FLEET_PROVISIONING`. For more
+    #   information about provisioning template, see: [Provisioning
+    #   template][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html
+    #
     # @return [Types::CreateProvisioningTemplateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateProvisioningTemplateResponse#template_arn #template_arn} => String
@@ -2449,6 +2758,7 @@ module Aws::IoT
     #         value: "TagValue",
     #       },
     #     ],
+    #     type: "FLEET_PROVISIONING", # accepts FLEET_PROVISIONING, JITP
     #   })
     #
     # @example Response structure
@@ -2464,7 +2774,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Creates a new version of a fleet provisioning template.
+    # Creates a new version of a provisioning template.
     #
     # Requires permission to access the
     # [CreateProvisioningTemplateVersion][1] action.
@@ -2474,10 +2784,10 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template.
+    #   The name of the provisioning template.
     #
     # @option params [required, String] :template_body
-    #   The JSON formatted contents of the fleet provisioning template.
+    #   The JSON formatted contents of the provisioning template.
     #
     # @option params [Boolean] :set_as_default
     #   Sets a fleet provision template version as the default version.
@@ -2530,6 +2840,9 @@ module Aws::IoT
     #   How long (in seconds) the credentials will be valid. The default value
     #   is 3,600 seconds.
     #
+    #   This value must be less than or equal to the maximum session duration
+    #   of the IAM role that the role alias references.
+    #
     # @option params [Array<Types::Tag>] :tags
     #   Metadata which can be used to manage the role alias.
     #
@@ -3105,6 +3418,19 @@ module Aws::IoT
     #             role_arn: "AwsArn", # required
     #             topic: "TopicPattern", # required
     #             qos: 1,
+    #             headers: {
+    #               payload_format_indicator: "PayloadFormatIndicator",
+    #               content_type: "ContentType",
+    #               response_topic: "ResponseTopic",
+    #               correlation_data: "CorrelationData",
+    #               message_expiry: "MessageExpiry",
+    #               user_properties: [
+    #                 {
+    #                   key: "UserPropertyKey", # required
+    #                   value: "UserPropertyValue", # required
+    #                 },
+    #               ],
+    #             },
     #           },
     #           s3: {
     #             role_arn: "AwsArn", # required
@@ -3135,6 +3461,7 @@ module Aws::IoT
     #           cloudwatch_logs: {
     #             role_arn: "AwsArn", # required
     #             log_group_name: "LogGroupName", # required
+    #             batch_mode: false,
     #           },
     #           elasticsearch: {
     #             role_arn: "AwsArn", # required
@@ -3230,6 +3557,12 @@ module Aws::IoT
     #             client_properties: { # required
     #               "String" => "String",
     #             },
+    #             headers: [
+    #               {
+    #                 key: "KafkaHeaderKey", # required
+    #                 value: "KafkaHeaderValue", # required
+    #               },
+    #             ],
     #           },
     #           open_search: {
     #             role_arn: "AwsArn", # required
@@ -3238,6 +3571,17 @@ module Aws::IoT
     #             type: "ElasticsearchType", # required
     #             id: "ElasticsearchId", # required
     #           },
+    #           location: {
+    #             role_arn: "AwsArn", # required
+    #             tracker_name: "String", # required
+    #             device_id: "String", # required
+    #             timestamp: {
+    #               value: "String", # required
+    #               unit: "String",
+    #             },
+    #             latitude: "String", # required
+    #             longitude: "String", # required
+    #           },
     #         },
     #       ],
     #       rule_disabled: false,
@@ -3283,6 +3627,19 @@ module Aws::IoT
     #           role_arn: "AwsArn", # required
     #           topic: "TopicPattern", # required
     #           qos: 1,
+    #           headers: {
+    #             payload_format_indicator: "PayloadFormatIndicator",
+    #             content_type: "ContentType",
+    #             response_topic: "ResponseTopic",
+    #             correlation_data: "CorrelationData",
+    #             message_expiry: "MessageExpiry",
+    #             user_properties: [
+    #               {
+    #                 key: "UserPropertyKey", # required
+    #                 value: "UserPropertyValue", # required
+    #               },
+    #             ],
+    #           },
     #         },
     #         s3: {
     #           role_arn: "AwsArn", # required
@@ -3313,6 +3670,7 @@ module Aws::IoT
     #         cloudwatch_logs: {
     #           role_arn: "AwsArn", # required
     #           log_group_name: "LogGroupName", # required
+    #           batch_mode: false,
     #         },
     #         elasticsearch: {
     #           role_arn: "AwsArn", # required
@@ -3408,6 +3766,12 @@ module Aws::IoT
     #           client_properties: { # required
     #             "String" => "String",
     #           },
+    #           headers: [
+    #             {
+    #               key: "KafkaHeaderKey", # required
+    #               value: "KafkaHeaderValue", # required
+    #             },
+    #           ],
     #         },
     #         open_search: {
     #           role_arn: "AwsArn", # required
@@ -3416,6 +3780,17 @@ module Aws::IoT
     #           type: "ElasticsearchType", # required
     #           id: "ElasticsearchId", # required
     #         },
+    #         location: {
+    #           role_arn: "AwsArn", # required
+    #           tracker_name: "String", # required
+    #           device_id: "String", # required
+    #           timestamp: {
+    #             value: "String", # required
+    #             unit: "String",
+    #           },
+    #           latitude: "String", # required
+    #           longitude: "String", # required
+    #         },
     #       },
     #     },
     #     tags: "String",
@@ -3547,6 +3922,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #   })
     #
@@ -4054,6 +4435,81 @@ module Aws::IoT
       req.send_request(options)
     end
 
+    # Deletes a specific version from a software package.
+    #
+    # **Note:** All package versions must be deleted before deleting the
+    # software package.
+    #
+    # Requires permission to access the [DeletePackageVersion][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the target software package.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_package({
+    #     package_name: "PackageName", # required
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @overload delete_package(params = {})
+    # @param [Hash] params ({})
+    def delete_package(params = {}, options = {})
+      req = build_request(:delete_package, params)
+      req.send_request(options)
+    end
+
+    # Deletes a specific version from a software package.
+    #
+    # **Note:** If a package version is designated as default, you must
+    # remove the designation from the software package using the
+    # UpdatePackage action.
+    #
+    # @option params [required, String] :package_name
+    #   The name of the associated software package.
+    #
+    # @option params [required, String] :version_name
+    #   The name of the target package version.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_package_version({
+    #     package_name: "PackageName", # required
+    #     version_name: "VersionName", # required
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @overload delete_package_version(params = {})
+    # @param [Hash] params ({})
+    def delete_package_version(params = {}, options = {})
+      req = build_request(:delete_package_version, params)
+      req.send_request(options)
+    end
+
     # Deletes the specified policy.
     #
     # A policy cannot be deleted if it has non-default versions or it is
@@ -4131,7 +4587,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Deletes a fleet provisioning template.
+    # Deletes a provisioning template.
     #
     # Requires permission to access the [DeleteProvisioningTemplate][1]
     # action.
@@ -4158,7 +4614,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Deletes a fleet provisioning template version.
+    # Deletes a provisioning template version.
     #
     # Requires permission to access the
     # [DeleteProvisioningTemplateVersion][1] action.
@@ -4168,10 +4624,10 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template version to delete.
+    #   The name of the provisioning template version to delete.
     #
     # @option params [required, Integer] :version_id
-    #   The fleet provisioning template version ID to delete.
+    #   The provisioning template version ID to delete.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -4485,7 +4941,7 @@ module Aws::IoT
     # @example Request syntax with placeholder values
     #
     #   resp = client.delete_v2_logging_level({
-    #     target_type: "DEFAULT", # required, accepts DEFAULT, THING_GROUP
+    #     target_type: "DEFAULT", # required, accepts DEFAULT, THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, EVENT_TYPE, DEVICE_DEFENDER
     #     target_name: "LogTargetName", # required
     #   })
     #
@@ -4595,7 +5051,7 @@ module Aws::IoT
     #   resp.finding.task_start_time #=> Time
     #   resp.finding.finding_time #=> Time
     #   resp.finding.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW"
-    #   resp.finding.non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
+    #   resp.finding.non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE", "ISSUER_CERTIFICATE"
     #   resp.finding.non_compliant_resource.resource_identifier.device_certificate_id #=> String
     #   resp.finding.non_compliant_resource.resource_identifier.ca_certificate_id #=> String
     #   resp.finding.non_compliant_resource.resource_identifier.cognito_identity_pool_id #=> String
@@ -4605,10 +5061,14 @@ module Aws::IoT
     #   resp.finding.non_compliant_resource.resource_identifier.account #=> String
     #   resp.finding.non_compliant_resource.resource_identifier.iam_role_arn #=> String
     #   resp.finding.non_compliant_resource.resource_identifier.role_alias_arn #=> String
+    #   resp.finding.non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.finding.non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.finding.non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.finding.non_compliant_resource.resource_identifier.device_certificate_arn #=> String
     #   resp.finding.non_compliant_resource.additional_info #=> Hash
     #   resp.finding.non_compliant_resource.additional_info["String"] #=> String
     #   resp.finding.related_resources #=> Array
-    #   resp.finding.related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
+    #   resp.finding.related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE", "ISSUER_CERTIFICATE"
     #   resp.finding.related_resources[0].resource_identifier.device_certificate_id #=> String
     #   resp.finding.related_resources[0].resource_identifier.ca_certificate_id #=> String
     #   resp.finding.related_resources[0].resource_identifier.cognito_identity_pool_id #=> String
@@ -4618,6 +5078,10 @@ module Aws::IoT
     #   resp.finding.related_resources[0].resource_identifier.account #=> String
     #   resp.finding.related_resources[0].resource_identifier.iam_role_arn #=> String
     #   resp.finding.related_resources[0].resource_identifier.role_alias_arn #=> String
+    #   resp.finding.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.finding.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.finding.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.finding.related_resources[0].resource_identifier.device_certificate_arn #=> String
     #   resp.finding.related_resources[0].additional_info #=> Hash
     #   resp.finding.related_resources[0].additional_info["String"] #=> String
     #   resp.finding.reason_for_non_compliance #=> String
@@ -4731,6 +5195,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #   })
     #
@@ -4746,6 +5216,10 @@ module Aws::IoT
     #   resp.resource_identifier.account #=> String
     #   resp.resource_identifier.iam_role_arn #=> String
     #   resp.resource_identifier.role_alias_arn #=> String
+    #   resp.resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.resource_identifier.device_certificate_arn #=> String
     #   resp.expiration_date #=> Time
     #   resp.suppress_indefinitely #=> Boolean
     #   resp.description #=> String
@@ -4845,6 +5319,7 @@ module Aws::IoT
     #   resp.authorizer_description.creation_date #=> Time
     #   resp.authorizer_description.last_modified_date #=> Time
     #   resp.authorizer_description.signing_disabled #=> Boolean
+    #   resp.authorizer_description.enable_caching_for_http #=> Boolean
     #
     # @overload describe_authorizer(params = {})
     # @param [Hash] params ({})
@@ -4931,8 +5406,10 @@ module Aws::IoT
     #   resp.certificate_description.generation_id #=> String
     #   resp.certificate_description.validity.not_before #=> Time
     #   resp.certificate_description.validity.not_after #=> Time
+    #   resp.certificate_description.certificate_mode #=> String, one of "DEFAULT", "SNI_ONLY"
     #   resp.registration_config.template_body #=> String
     #   resp.registration_config.role_arn #=> String
+    #   resp.registration_config.template_name #=> String
     #
     # @overload describe_ca_certificate(params = {})
     # @param [Hash] params ({})
@@ -5059,6 +5536,7 @@ module Aws::IoT
     #   resp.authorizer_description.creation_date #=> Time
     #   resp.authorizer_description.last_modified_date #=> Time
     #   resp.authorizer_description.signing_disabled #=> Boolean
+    #   resp.authorizer_description.enable_caching_for_http #=> Boolean
     #
     # @overload describe_default_authorizer(params = {})
     # @param [Hash] params ({})
@@ -5194,6 +5672,7 @@ module Aws::IoT
     #   * {Types::DescribeDomainConfigurationResponse#service_type #service_type} => String
     #   * {Types::DescribeDomainConfigurationResponse#domain_type #domain_type} => String
     #   * {Types::DescribeDomainConfigurationResponse#last_status_change_date #last_status_change_date} => Time
+    #   * {Types::DescribeDomainConfigurationResponse#tls_config #tls_config} => Types::TlsConfig
     #
     # @example Request syntax with placeholder values
     #
@@ -5216,6 +5695,7 @@ module Aws::IoT
     #   resp.service_type #=> String, one of "DATA", "CREDENTIAL_PROVIDER", "JOBS"
     #   resp.domain_type #=> String, one of "ENDPOINT", "AWS_MANAGED", "CUSTOMER_MANAGED"
     #   resp.last_status_change_date #=> Time
+    #   resp.tls_config.security_policy #=> String
     #
     # @overload describe_domain_configuration(params = {})
     # @param [Hash] params ({})
@@ -5258,7 +5738,8 @@ module Aws::IoT
     #
     #   We strongly recommend that customers use the newer `iot:Data-ATS`
     #   endpoint type to avoid issues related to the widespread distrust of
-    #   Symantec certificate authorities.
+    #   Symantec certificate authorities. ATS Signed Certificates are more
+    #   secure and are trusted by most popular browsers.
     #
     # @return [Types::DescribeEndpointResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -5432,7 +5913,7 @@ module Aws::IoT
     #   resp.job.job_arn #=> String
     #   resp.job.job_id #=> String
     #   resp.job.target_selection #=> String, one of "CONTINUOUS", "SNAPSHOT"
-    #   resp.job.status #=> String, one of "IN_PROGRESS", "CANCELED", "COMPLETED", "DELETION_IN_PROGRESS"
+    #   resp.job.status #=> String, one of "IN_PROGRESS", "CANCELED", "COMPLETED", "DELETION_IN_PROGRESS", "SCHEDULED"
     #   resp.job.force_canceled #=> Boolean
     #   resp.job.reason_code #=> String
     #   resp.job.comment #=> String
@@ -5467,8 +5948,22 @@ module Aws::IoT
     #   resp.job.timeout_config.in_progress_timeout_in_minutes #=> Integer
     #   resp.job.namespace_id #=> String
     #   resp.job.job_template_arn #=> String
+    #   resp.job.job_executions_retry_config.criteria_list #=> Array
+    #   resp.job.job_executions_retry_config.criteria_list[0].failure_type #=> String, one of "FAILED", "TIMED_OUT", "ALL"
+    #   resp.job.job_executions_retry_config.criteria_list[0].number_of_retries #=> Integer
     #   resp.job.document_parameters #=> Hash
     #   resp.job.document_parameters["ParameterKey"] #=> String
+    #   resp.job.is_concurrent #=> Boolean
+    #   resp.job.scheduling_config.start_time #=> String
+    #   resp.job.scheduling_config.end_time #=> String
+    #   resp.job.scheduling_config.end_behavior #=> String, one of "STOP_ROLLOUT", "CANCEL", "FORCE_CANCEL"
+    #   resp.job.scheduling_config.maintenance_windows #=> Array
+    #   resp.job.scheduling_config.maintenance_windows[0].start_time #=> String
+    #   resp.job.scheduling_config.maintenance_windows[0].duration_in_minutes #=> Integer
+    #   resp.job.scheduled_job_rollouts #=> Array
+    #   resp.job.scheduled_job_rollouts[0].start_time #=> String
+    #   resp.job.destination_package_versions #=> Array
+    #   resp.job.destination_package_versions[0] #=> String
     #
     # @overload describe_job(params = {})
     # @param [Hash] params ({})
@@ -5546,6 +6041,9 @@ module Aws::IoT
     #   * {Types::DescribeJobTemplateResponse#job_executions_rollout_config #job_executions_rollout_config} => Types::JobExecutionsRolloutConfig
     #   * {Types::DescribeJobTemplateResponse#abort_config #abort_config} => Types::AbortConfig
     #   * {Types::DescribeJobTemplateResponse#timeout_config #timeout_config} => Types::TimeoutConfig
+    #   * {Types::DescribeJobTemplateResponse#job_executions_retry_config #job_executions_retry_config} => Types::JobExecutionsRetryConfig
+    #   * {Types::DescribeJobTemplateResponse#maintenance_windows #maintenance_windows} => Array&lt;Types::MaintenanceWindow&gt;
+    #   * {Types::DescribeJobTemplateResponse#destination_package_versions #destination_package_versions} => Array&lt;String&gt;
     #
     # @example Request syntax with placeholder values
     #
@@ -5574,6 +6072,14 @@ module Aws::IoT
     #   resp.abort_config.criteria_list[0].threshold_percentage #=> Float
     #   resp.abort_config.criteria_list[0].min_number_of_executed_things #=> Integer
     #   resp.timeout_config.in_progress_timeout_in_minutes #=> Integer
+    #   resp.job_executions_retry_config.criteria_list #=> Array
+    #   resp.job_executions_retry_config.criteria_list[0].failure_type #=> String, one of "FAILED", "TIMED_OUT", "ALL"
+    #   resp.job_executions_retry_config.criteria_list[0].number_of_retries #=> Integer
+    #   resp.maintenance_windows #=> Array
+    #   resp.maintenance_windows[0].start_time #=> String
+    #   resp.maintenance_windows[0].duration_in_minutes #=> Integer
+    #   resp.destination_package_versions #=> Array
+    #   resp.destination_package_versions[0] #=> String
     #
     # @overload describe_job_template(params = {})
     # @param [Hash] params ({})
@@ -5686,7 +6192,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Returns information about a fleet provisioning template.
+    # Returns information about a provisioning template.
     #
     # Requires permission to access the [DescribeProvisioningTemplate][1]
     # action.
@@ -5696,7 +6202,7 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template.
+    #   The name of the provisioning template.
     #
     # @return [Types::DescribeProvisioningTemplateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -5710,6 +6216,7 @@ module Aws::IoT
     #   * {Types::DescribeProvisioningTemplateResponse#enabled #enabled} => Boolean
     #   * {Types::DescribeProvisioningTemplateResponse#provisioning_role_arn #provisioning_role_arn} => String
     #   * {Types::DescribeProvisioningTemplateResponse#pre_provisioning_hook #pre_provisioning_hook} => Types::ProvisioningHook
+    #   * {Types::DescribeProvisioningTemplateResponse#type #type} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -5730,6 +6237,7 @@ module Aws::IoT
     #   resp.provisioning_role_arn #=> String
     #   resp.pre_provisioning_hook.payload_version #=> String
     #   resp.pre_provisioning_hook.target_arn #=> String
+    #   resp.type #=> String, one of "FLEET_PROVISIONING", "JITP"
     #
     # @overload describe_provisioning_template(params = {})
     # @param [Hash] params ({})
@@ -5738,7 +6246,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Returns information about a fleet provisioning template version.
+    # Returns information about a provisioning template version.
     #
     # Requires permission to access the
     # [DescribeProvisioningTemplateVersion][1] action.
@@ -5751,7 +6259,7 @@ module Aws::IoT
     #   The template name.
     #
     # @option params [required, Integer] :version_id
-    #   The fleet provisioning template version ID.
+    #   The provisioning template version ID.
     #
     # @return [Types::DescribeProvisioningTemplateVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -6223,9 +6731,9 @@ module Aws::IoT
 
     # Removes the specified policy from the specified certificate.
     #
-    # <note markdown="1"> This action is deprecated. Please use DetachPolicy instead.
-    #
-    #  </note>
+    # **Note:** This action is deprecated and works as expected for backward
+    # compatibility, but we won't add enhancements. Use DetachPolicy
+    # instead.
     #
     # Requires permission to access the [DetachPrincipalPolicy][1] action.
     #
@@ -6240,10 +6748,9 @@ module Aws::IoT
     #   The principal.
     #
     #   Valid principals are CertificateArn
-    #   (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
-    #   thingGroupArn
-    #   (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
-    #   CognitoId (*region*\:*id*).
+    #   (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn
+    #   (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and
+    #   CognitoId (*region*:*id*).
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -6399,7 +6906,7 @@ module Aws::IoT
     #
     # @option params [Integer] :max_results
     #   The maximum number of results to return at one time. The default is
-    #   25.
+    #   10.
     #
     # @option params [String] :next_token
     #   The token for the next set of results.
@@ -6551,10 +7058,9 @@ module Aws::IoT
     #
     # @option params [String] :principal
     #   The principal. Valid principals are CertificateArn
-    #   (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
-    #   thingGroupArn
-    #   (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
-    #   CognitoId (*region*\:*id*).
+    #   (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn
+    #   (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and
+    #   CognitoId (*region*:*id*).
     #
     # @option params [String] :cognito_identity_pool_id
     #   The Cognito identity pool ID.
@@ -6614,6 +7120,8 @@ module Aws::IoT
     #   resp.thing_indexing_configuration.custom_fields #=> Array
     #   resp.thing_indexing_configuration.custom_fields[0].name #=> String
     #   resp.thing_indexing_configuration.custom_fields[0].type #=> String, one of "Number", "String", "Boolean"
+    #   resp.thing_indexing_configuration.filter.named_shadow_names #=> Array
+    #   resp.thing_indexing_configuration.filter.named_shadow_names[0] #=> String
     #   resp.thing_group_indexing_configuration.thing_group_indexing_mode #=> String, one of "OFF", "ON"
     #   resp.thing_group_indexing_configuration.managed_fields #=> Array
     #   resp.thing_group_indexing_configuration.managed_fields[0].name #=> String
@@ -6751,7 +7259,7 @@ module Aws::IoT
     #   resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.signature_algorithm #=> String
     #   resp.ota_update_info.ota_update_files[0].attributes #=> Hash
     #   resp.ota_update_info.ota_update_files[0].attributes["AttributeKey"] #=> String
-    #   resp.ota_update_info.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED"
+    #   resp.ota_update_info.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
     #   resp.ota_update_info.aws_iot_job_id #=> String
     #   resp.ota_update_info.aws_iot_job_arn #=> String
     #   resp.ota_update_info.error_info.code #=> String
@@ -6766,62 +7274,182 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Groups the aggregated values that match the query into percentile
-    # groupings. The default percentile groupings are: 1,5,25,50,75,95,99,
-    # although you can specify your own when you call `GetPercentiles`. This
-    # function returns a value for each percentile group specified (or the
-    # default percentile groupings). The percentile group "1" contains the
-    # aggregated field value that occurs in approximately one percent of the
-    # values that match the query. The percentile group "5" contains the
-    # aggregated field value that occurs in approximately five percent of
-    # the values that match the query, and so on. The result is an
-    # approximation, the more values that match the query, the more accurate
-    # the percentile values.
+    # Gets information about the specified software package.
     #
-    # Requires permission to access the [GetPercentiles][1] action.
+    # Requires permission to access the [GetPackage][1] action.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
-    # @option params [String] :index_name
-    #   The name of the index to search.
-    #
-    # @option params [required, String] :query_string
-    #   The search query string.
-    #
-    # @option params [String] :aggregation_field
-    #   The field to aggregate.
-    #
-    # @option params [String] :query_version
-    #   The query version.
-    #
-    # @option params [Array<Float>] :percents
-    #   The percentile groups returned.
+    # @option params [required, String] :package_name
+    #   The name of the target software package.
     #
-    # @return [Types::GetPercentilesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    # @return [Types::GetPackageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
-    #   * {Types::GetPercentilesResponse#percentiles #percentiles} => Array&lt;Types::PercentPair&gt;
+    #   * {Types::GetPackageResponse#package_name #package_name} => String
+    #   * {Types::GetPackageResponse#package_arn #package_arn} => String
+    #   * {Types::GetPackageResponse#description #description} => String
+    #   * {Types::GetPackageResponse#default_version_name #default_version_name} => String
+    #   * {Types::GetPackageResponse#creation_date #creation_date} => Time
+    #   * {Types::GetPackageResponse#last_modified_date #last_modified_date} => Time
     #
     # @example Request syntax with placeholder values
     #
-    #   resp = client.get_percentiles({
-    #     index_name: "IndexName",
-    #     query_string: "QueryString", # required
-    #     aggregation_field: "AggregationField",
-    #     query_version: "QueryVersion",
-    #     percents: [1.0],
+    #   resp = client.get_package({
+    #     package_name: "PackageName", # required
     #   })
     #
     # @example Response structure
     #
-    #   resp.percentiles #=> Array
-    #   resp.percentiles[0].percent #=> Float
-    #   resp.percentiles[0].value #=> Float
+    #   resp.package_name #=> String
+    #   resp.package_arn #=> String
+    #   resp.description #=> String
+    #   resp.default_version_name #=> String
+    #   resp.creation_date #=> Time
+    #   resp.last_modified_date #=> Time
     #
-    # @overload get_percentiles(params = {})
+    # @overload get_package(params = {})
     # @param [Hash] params ({})
-    def get_percentiles(params = {}, options = {})
+    def get_package(params = {}, options = {})
+      req = build_request(:get_package, params)
+      req.send_request(options)
+    end
+
+    # Gets information about the specified software package's
+    # configuration.
+    #
+    # Requires permission to access the [GetPackageConfiguration][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @return [Types::GetPackageConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPackageConfigurationResponse#version_update_by_jobs_config #version_update_by_jobs_config} => Types::VersionUpdateByJobsConfig
+    #
+    # @example Response structure
+    #
+    #   resp.version_update_by_jobs_config.enabled #=> Boolean
+    #   resp.version_update_by_jobs_config.role_arn #=> String
+    #
+    # @overload get_package_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_package_configuration(params = {}, options = {})
+      req = build_request(:get_package_configuration, params)
+      req.send_request(options)
+    end
+
+    # Gets information about the specified package version.
+    #
+    # Requires permission to access the [GetPackageVersion][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the associated package.
+    #
+    # @option params [required, String] :version_name
+    #   The name of the target package version.
+    #
+    # @return [Types::GetPackageVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPackageVersionResponse#package_version_arn #package_version_arn} => String
+    #   * {Types::GetPackageVersionResponse#package_name #package_name} => String
+    #   * {Types::GetPackageVersionResponse#version_name #version_name} => String
+    #   * {Types::GetPackageVersionResponse#description #description} => String
+    #   * {Types::GetPackageVersionResponse#attributes #attributes} => Hash&lt;String,String&gt;
+    #   * {Types::GetPackageVersionResponse#status #status} => String
+    #   * {Types::GetPackageVersionResponse#error_reason #error_reason} => String
+    #   * {Types::GetPackageVersionResponse#creation_date #creation_date} => Time
+    #   * {Types::GetPackageVersionResponse#last_modified_date #last_modified_date} => Time
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_package_version({
+    #     package_name: "PackageName", # required
+    #     version_name: "VersionName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.package_version_arn #=> String
+    #   resp.package_name #=> String
+    #   resp.version_name #=> String
+    #   resp.description #=> String
+    #   resp.attributes #=> Hash
+    #   resp.attributes["ResourceAttributeKey"] #=> String
+    #   resp.status #=> String, one of "DRAFT", "PUBLISHED", "DEPRECATED"
+    #   resp.error_reason #=> String
+    #   resp.creation_date #=> Time
+    #   resp.last_modified_date #=> Time
+    #
+    # @overload get_package_version(params = {})
+    # @param [Hash] params ({})
+    def get_package_version(params = {}, options = {})
+      req = build_request(:get_package_version, params)
+      req.send_request(options)
+    end
+
+    # Groups the aggregated values that match the query into percentile
+    # groupings. The default percentile groupings are: 1,5,25,50,75,95,99,
+    # although you can specify your own when you call `GetPercentiles`. This
+    # function returns a value for each percentile group specified (or the
+    # default percentile groupings). The percentile group "1" contains the
+    # aggregated field value that occurs in approximately one percent of the
+    # values that match the query. The percentile group "5" contains the
+    # aggregated field value that occurs in approximately five percent of
+    # the values that match the query, and so on. The result is an
+    # approximation, the more values that match the query, the more accurate
+    # the percentile values.
+    #
+    # Requires permission to access the [GetPercentiles][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [String] :index_name
+    #   The name of the index to search.
+    #
+    # @option params [required, String] :query_string
+    #   The search query string.
+    #
+    # @option params [String] :aggregation_field
+    #   The field to aggregate.
+    #
+    # @option params [String] :query_version
+    #   The query version.
+    #
+    # @option params [Array<Float>] :percents
+    #   The percentile groups returned.
+    #
+    # @return [Types::GetPercentilesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPercentilesResponse#percentiles #percentiles} => Array&lt;Types::PercentPair&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_percentiles({
+    #     index_name: "IndexName",
+    #     query_string: "QueryString", # required
+    #     aggregation_field: "AggregationField",
+    #     query_version: "QueryVersion",
+    #     percents: [1.0],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.percentiles #=> Array
+    #   resp.percentiles[0].percent #=> Float
+    #   resp.percentiles[0].value #=> Float
+    #
+    # @overload get_percentiles(params = {})
+    # @param [Hash] params ({})
+    def get_percentiles(params = {}, options = {})
       req = build_request(:get_percentiles, params)
       req.send_request(options)
     end
@@ -7055,6 +7683,14 @@ module Aws::IoT
     #   resp.rule.actions[0].republish.role_arn #=> String
     #   resp.rule.actions[0].republish.topic #=> String
     #   resp.rule.actions[0].republish.qos #=> Integer
+    #   resp.rule.actions[0].republish.headers.payload_format_indicator #=> String
+    #   resp.rule.actions[0].republish.headers.content_type #=> String
+    #   resp.rule.actions[0].republish.headers.response_topic #=> String
+    #   resp.rule.actions[0].republish.headers.correlation_data #=> String
+    #   resp.rule.actions[0].republish.headers.message_expiry #=> String
+    #   resp.rule.actions[0].republish.headers.user_properties #=> Array
+    #   resp.rule.actions[0].republish.headers.user_properties[0].key #=> String
+    #   resp.rule.actions[0].republish.headers.user_properties[0].value #=> String
     #   resp.rule.actions[0].s3.role_arn #=> String
     #   resp.rule.actions[0].s3.bucket_name #=> String
     #   resp.rule.actions[0].s3.key #=> String
@@ -7075,6 +7711,7 @@ module Aws::IoT
     #   resp.rule.actions[0].cloudwatch_alarm.state_value #=> String
     #   resp.rule.actions[0].cloudwatch_logs.role_arn #=> String
     #   resp.rule.actions[0].cloudwatch_logs.log_group_name #=> String
+    #   resp.rule.actions[0].cloudwatch_logs.batch_mode #=> Boolean
     #   resp.rule.actions[0].elasticsearch.role_arn #=> String
     #   resp.rule.actions[0].elasticsearch.endpoint #=> String
     #   resp.rule.actions[0].elasticsearch.index #=> String
@@ -7129,11 +7766,21 @@ module Aws::IoT
     #   resp.rule.actions[0].kafka.partition #=> String
     #   resp.rule.actions[0].kafka.client_properties #=> Hash
     #   resp.rule.actions[0].kafka.client_properties["String"] #=> String
+    #   resp.rule.actions[0].kafka.headers #=> Array
+    #   resp.rule.actions[0].kafka.headers[0].key #=> String
+    #   resp.rule.actions[0].kafka.headers[0].value #=> String
     #   resp.rule.actions[0].open_search.role_arn #=> String
     #   resp.rule.actions[0].open_search.endpoint #=> String
     #   resp.rule.actions[0].open_search.index #=> String
     #   resp.rule.actions[0].open_search.type #=> String
     #   resp.rule.actions[0].open_search.id #=> String
+    #   resp.rule.actions[0].location.role_arn #=> String
+    #   resp.rule.actions[0].location.tracker_name #=> String
+    #   resp.rule.actions[0].location.device_id #=> String
+    #   resp.rule.actions[0].location.timestamp.value #=> String
+    #   resp.rule.actions[0].location.timestamp.unit #=> String
+    #   resp.rule.actions[0].location.latitude #=> String
+    #   resp.rule.actions[0].location.longitude #=> String
     #   resp.rule.rule_disabled #=> Boolean
     #   resp.rule.aws_iot_sql_version #=> String
     #   resp.rule.error_action.dynamo_db.table_name #=> String
@@ -7161,6 +7808,14 @@ module Aws::IoT
     #   resp.rule.error_action.republish.role_arn #=> String
     #   resp.rule.error_action.republish.topic #=> String
     #   resp.rule.error_action.republish.qos #=> Integer
+    #   resp.rule.error_action.republish.headers.payload_format_indicator #=> String
+    #   resp.rule.error_action.republish.headers.content_type #=> String
+    #   resp.rule.error_action.republish.headers.response_topic #=> String
+    #   resp.rule.error_action.republish.headers.correlation_data #=> String
+    #   resp.rule.error_action.republish.headers.message_expiry #=> String
+    #   resp.rule.error_action.republish.headers.user_properties #=> Array
+    #   resp.rule.error_action.republish.headers.user_properties[0].key #=> String
+    #   resp.rule.error_action.republish.headers.user_properties[0].value #=> String
     #   resp.rule.error_action.s3.role_arn #=> String
     #   resp.rule.error_action.s3.bucket_name #=> String
     #   resp.rule.error_action.s3.key #=> String
@@ -7181,6 +7836,7 @@ module Aws::IoT
     #   resp.rule.error_action.cloudwatch_alarm.state_value #=> String
     #   resp.rule.error_action.cloudwatch_logs.role_arn #=> String
     #   resp.rule.error_action.cloudwatch_logs.log_group_name #=> String
+    #   resp.rule.error_action.cloudwatch_logs.batch_mode #=> Boolean
     #   resp.rule.error_action.elasticsearch.role_arn #=> String
     #   resp.rule.error_action.elasticsearch.endpoint #=> String
     #   resp.rule.error_action.elasticsearch.index #=> String
@@ -7235,11 +7891,21 @@ module Aws::IoT
     #   resp.rule.error_action.kafka.partition #=> String
     #   resp.rule.error_action.kafka.client_properties #=> Hash
     #   resp.rule.error_action.kafka.client_properties["String"] #=> String
+    #   resp.rule.error_action.kafka.headers #=> Array
+    #   resp.rule.error_action.kafka.headers[0].key #=> String
+    #   resp.rule.error_action.kafka.headers[0].value #=> String
     #   resp.rule.error_action.open_search.role_arn #=> String
     #   resp.rule.error_action.open_search.endpoint #=> String
     #   resp.rule.error_action.open_search.index #=> String
     #   resp.rule.error_action.open_search.type #=> String
     #   resp.rule.error_action.open_search.id #=> String
+    #   resp.rule.error_action.location.role_arn #=> String
+    #   resp.rule.error_action.location.tracker_name #=> String
+    #   resp.rule.error_action.location.device_id #=> String
+    #   resp.rule.error_action.location.timestamp.value #=> String
+    #   resp.rule.error_action.location.timestamp.unit #=> String
+    #   resp.rule.error_action.location.latitude #=> String
+    #   resp.rule.error_action.location.longitude #=> String
     #
     # @overload get_topic_rule(params = {})
     # @param [Hash] params ({})
@@ -7430,10 +8096,9 @@ module Aws::IoT
     # @option params [required, String] :target
     #   The group or principal for which the policies will be listed. Valid
     #   principals are CertificateArn
-    #   (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
-    #   thingGroupArn
-    #   (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
-    #   CognitoId (*region*\:*id*).
+    #   (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn
+    #   (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and
+    #   CognitoId (*region*:*id*).
     #
     # @option params [Boolean] :recursive
     #   When true, recursively list attached policies.
@@ -7542,6 +8207,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #     max_results: 1,
     #     next_token: "NextToken",
@@ -7559,7 +8230,7 @@ module Aws::IoT
     #   resp.findings[0].task_start_time #=> Time
     #   resp.findings[0].finding_time #=> Time
     #   resp.findings[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW"
-    #   resp.findings[0].non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
+    #   resp.findings[0].non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE", "ISSUER_CERTIFICATE"
     #   resp.findings[0].non_compliant_resource.resource_identifier.device_certificate_id #=> String
     #   resp.findings[0].non_compliant_resource.resource_identifier.ca_certificate_id #=> String
     #   resp.findings[0].non_compliant_resource.resource_identifier.cognito_identity_pool_id #=> String
@@ -7569,10 +8240,14 @@ module Aws::IoT
     #   resp.findings[0].non_compliant_resource.resource_identifier.account #=> String
     #   resp.findings[0].non_compliant_resource.resource_identifier.iam_role_arn #=> String
     #   resp.findings[0].non_compliant_resource.resource_identifier.role_alias_arn #=> String
+    #   resp.findings[0].non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.findings[0].non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.findings[0].non_compliant_resource.resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.findings[0].non_compliant_resource.resource_identifier.device_certificate_arn #=> String
     #   resp.findings[0].non_compliant_resource.additional_info #=> Hash
     #   resp.findings[0].non_compliant_resource.additional_info["String"] #=> String
     #   resp.findings[0].related_resources #=> Array
-    #   resp.findings[0].related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
+    #   resp.findings[0].related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE", "ISSUER_CERTIFICATE"
     #   resp.findings[0].related_resources[0].resource_identifier.device_certificate_id #=> String
     #   resp.findings[0].related_resources[0].resource_identifier.ca_certificate_id #=> String
     #   resp.findings[0].related_resources[0].resource_identifier.cognito_identity_pool_id #=> String
@@ -7582,6 +8257,10 @@ module Aws::IoT
     #   resp.findings[0].related_resources[0].resource_identifier.account #=> String
     #   resp.findings[0].related_resources[0].resource_identifier.iam_role_arn #=> String
     #   resp.findings[0].related_resources[0].resource_identifier.role_alias_arn #=> String
+    #   resp.findings[0].related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.findings[0].related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.findings[0].related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.findings[0].related_resources[0].resource_identifier.device_certificate_arn #=> String
     #   resp.findings[0].related_resources[0].additional_info #=> Hash
     #   resp.findings[0].related_resources[0].additional_info["String"] #=> String
     #   resp.findings[0].reason_for_non_compliance #=> String
@@ -7784,6 +8463,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #     ascending_order: false,
     #     next_token: "NextToken",
@@ -7803,6 +8488,10 @@ module Aws::IoT
     #   resp.suppressions[0].resource_identifier.account #=> String
     #   resp.suppressions[0].resource_identifier.iam_role_arn #=> String
     #   resp.suppressions[0].resource_identifier.role_alias_arn #=> String
+    #   resp.suppressions[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.suppressions[0].resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.suppressions[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.suppressions[0].resource_identifier.device_certificate_arn #=> String
     #   resp.suppressions[0].expiration_date #=> Time
     #   resp.suppressions[0].suppress_indefinitely #=> Boolean
     #   resp.suppressions[0].description #=> String
@@ -8000,6 +8689,9 @@ module Aws::IoT
     # @option params [Boolean] :ascending_order
     #   Determines the order of the results.
     #
+    # @option params [String] :template_name
+    #   The name of the provisioning template.
+    #
     # @return [Types::ListCACertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListCACertificatesResponse#certificates #certificates} => Array&lt;Types::CACertificate&gt;
@@ -8013,6 +8705,7 @@ module Aws::IoT
     #     page_size: 1,
     #     marker: "Marker",
     #     ascending_order: false,
+    #     template_name: "TemplateName",
     #   })
     #
     # @example Response structure
@@ -8559,6 +9252,7 @@ module Aws::IoT
     #   resp.execution_summaries[0].job_execution_summary.started_at #=> Time
     #   resp.execution_summaries[0].job_execution_summary.last_updated_at #=> Time
     #   resp.execution_summaries[0].job_execution_summary.execution_number #=> Integer
+    #   resp.execution_summaries[0].job_execution_summary.retry_attempt #=> Integer
     #   resp.next_token #=> String
     #
     # @overload list_job_executions_for_job(params = {})
@@ -8603,6 +9297,9 @@ module Aws::IoT
     # @option params [String] :next_token
     #   The token to retrieve the next set of results.
     #
+    # @option params [String] :job_id
+    #   The unique identifier you assigned to this job when it was created.
+    #
     # @return [Types::ListJobExecutionsForThingResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListJobExecutionsForThingResponse#execution_summaries #execution_summaries} => Array&lt;Types::JobExecutionSummaryForThing&gt;
@@ -8618,6 +9315,7 @@ module Aws::IoT
     #     namespace_id: "NamespaceId",
     #     max_results: 1,
     #     next_token: "NextToken",
+    #     job_id: "JobId",
     #   })
     #
     # @example Response structure
@@ -8629,6 +9327,7 @@ module Aws::IoT
     #   resp.execution_summaries[0].job_execution_summary.started_at #=> Time
     #   resp.execution_summaries[0].job_execution_summary.last_updated_at #=> Time
     #   resp.execution_summaries[0].job_execution_summary.execution_number #=> Integer
+    #   resp.execution_summaries[0].job_execution_summary.retry_attempt #=> Integer
     #   resp.next_token #=> String
     #
     # @overload list_job_executions_for_thing(params = {})
@@ -8702,6 +9401,13 @@ module Aws::IoT
     #   a thing when the thing is added to a target group, even after the job
     #   was completed by all things originally in the group.
     #
+    #   <note markdown="1"> We recommend that you use continuous jobs instead of snapshot jobs for
+    #   dynamic thing group targets. By using continuous jobs, devices that
+    #   join the group receive the job execution even after the job has been
+    #   created.
+    #
+    #    </note>
+    #
     # @option params [Integer] :max_results
     #   The maximum number of results to return per request.
     #
@@ -8739,7 +9445,7 @@ module Aws::IoT
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_jobs({
-    #     status: "IN_PROGRESS", # accepts IN_PROGRESS, CANCELED, COMPLETED, DELETION_IN_PROGRESS
+    #     status: "IN_PROGRESS", # accepts IN_PROGRESS, CANCELED, COMPLETED, DELETION_IN_PROGRESS, SCHEDULED
     #     target_selection: "CONTINUOUS", # accepts CONTINUOUS, SNAPSHOT
     #     max_results: 1,
     #     next_token: "NextToken",
@@ -8755,10 +9461,11 @@ module Aws::IoT
     #   resp.jobs[0].job_id #=> String
     #   resp.jobs[0].thing_group_id #=> String
     #   resp.jobs[0].target_selection #=> String, one of "CONTINUOUS", "SNAPSHOT"
-    #   resp.jobs[0].status #=> String, one of "IN_PROGRESS", "CANCELED", "COMPLETED", "DELETION_IN_PROGRESS"
+    #   resp.jobs[0].status #=> String, one of "IN_PROGRESS", "CANCELED", "COMPLETED", "DELETION_IN_PROGRESS", "SCHEDULED"
     #   resp.jobs[0].created_at #=> Time
     #   resp.jobs[0].last_updated_at #=> Time
     #   resp.jobs[0].completed_at #=> Time
+    #   resp.jobs[0].is_concurrent #=> Boolean
     #   resp.next_token #=> String
     #
     # @overload list_jobs(params = {})
@@ -8786,6 +9493,8 @@ module Aws::IoT
     #   * {Types::ListManagedJobTemplatesResponse#managed_job_templates #managed_job_templates} => Array&lt;Types::ManagedJobTemplateSummary&gt;
     #   * {Types::ListManagedJobTemplatesResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_managed_job_templates({
@@ -8812,6 +9521,78 @@ module Aws::IoT
       req.send_request(options)
     end
 
+    # Lists the values reported for an IoT Device Defender metric
+    # (device-side metric, cloud-side metric, or custom metric) by the given
+    # thing during the specified time period.
+    #
+    # @option params [required, String] :thing_name
+    #   The name of the thing for which security profile metric values are
+    #   returned.
+    #
+    # @option params [required, String] :metric_name
+    #   The name of the security profile metric for which values are returned.
+    #
+    # @option params [String] :dimension_name
+    #   The dimension name.
+    #
+    # @option params [String] :dimension_value_operator
+    #   The dimension value operator.
+    #
+    # @option params [required, Time,DateTime,Date,Integer,String] :start_time
+    #   The start of the time period for which metric values are returned.
+    #
+    # @option params [required, Time,DateTime,Date,Integer,String] :end_time
+    #   The end of the time period for which metric values are returned.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to return at one time.
+    #
+    # @option params [String] :next_token
+    #   The token for the next set of results.
+    #
+    # @return [Types::ListMetricValuesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListMetricValuesResponse#metric_datum_list #metric_datum_list} => Array&lt;Types::MetricDatum&gt;
+    #   * {Types::ListMetricValuesResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_metric_values({
+    #     thing_name: "DeviceDefenderThingName", # required
+    #     metric_name: "BehaviorMetric", # required
+    #     dimension_name: "DimensionName",
+    #     dimension_value_operator: "IN", # accepts IN, NOT_IN
+    #     start_time: Time.now, # required
+    #     end_time: Time.now, # required
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.metric_datum_list #=> Array
+    #   resp.metric_datum_list[0].timestamp #=> Time
+    #   resp.metric_datum_list[0].value.count #=> Integer
+    #   resp.metric_datum_list[0].value.cidrs #=> Array
+    #   resp.metric_datum_list[0].value.cidrs[0] #=> String
+    #   resp.metric_datum_list[0].value.ports #=> Array
+    #   resp.metric_datum_list[0].value.ports[0] #=> Integer
+    #   resp.metric_datum_list[0].value.number #=> Float
+    #   resp.metric_datum_list[0].value.numbers #=> Array
+    #   resp.metric_datum_list[0].value.numbers[0] #=> Float
+    #   resp.metric_datum_list[0].value.strings #=> Array
+    #   resp.metric_datum_list[0].value.strings[0] #=> String
+    #   resp.next_token #=> String
+    #
+    # @overload list_metric_values(params = {})
+    # @param [Hash] params ({})
+    def list_metric_values(params = {}, options = {})
+      req = build_request(:list_metric_values, params)
+      req.send_request(options)
+    end
+
     # Gets a list of all mitigation actions that match the specified filter
     # criteria.
     #
@@ -8891,7 +9672,7 @@ module Aws::IoT
     #   resp = client.list_ota_updates({
     #     max_results: 1,
     #     next_token: "NextToken",
-    #     ota_update_status: "CREATE_PENDING", # accepts CREATE_PENDING, CREATE_IN_PROGRESS, CREATE_COMPLETE, CREATE_FAILED
+    #     ota_update_status: "CREATE_PENDING", # accepts CREATE_PENDING, CREATE_IN_PROGRESS, CREATE_COMPLETE, CREATE_FAILED, DELETE_IN_PROGRESS, DELETE_FAILED
     #   })
     #
     # @example Response structure
@@ -8961,6 +9742,108 @@ module Aws::IoT
       req.send_request(options)
     end
 
+    # Lists the software package versions associated to the account.
+    #
+    # Requires permission to access the [ListPackageVersions][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the target software package.
+    #
+    # @option params [String] :status
+    #   The status of the package version. For more information, see [Package
+    #   version lifecycle][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to return at one time.
+    #
+    # @option params [String] :next_token
+    #   The token for the next set of results.
+    #
+    # @return [Types::ListPackageVersionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListPackageVersionsResponse#package_version_summaries #package_version_summaries} => Array&lt;Types::PackageVersionSummary&gt;
+    #   * {Types::ListPackageVersionsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_package_versions({
+    #     package_name: "PackageName", # required
+    #     status: "DRAFT", # accepts DRAFT, PUBLISHED, DEPRECATED
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.package_version_summaries #=> Array
+    #   resp.package_version_summaries[0].package_name #=> String
+    #   resp.package_version_summaries[0].version_name #=> String
+    #   resp.package_version_summaries[0].status #=> String, one of "DRAFT", "PUBLISHED", "DEPRECATED"
+    #   resp.package_version_summaries[0].creation_date #=> Time
+    #   resp.package_version_summaries[0].last_modified_date #=> Time
+    #   resp.next_token #=> String
+    #
+    # @overload list_package_versions(params = {})
+    # @param [Hash] params ({})
+    def list_package_versions(params = {}, options = {})
+      req = build_request(:list_package_versions, params)
+      req.send_request(options)
+    end
+
+    # Lists the software packages associated to the account.
+    #
+    # Requires permission to access the [ListPackages][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results returned at one time.
+    #
+    # @option params [String] :next_token
+    #   The token for the next set of results.
+    #
+    # @return [Types::ListPackagesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListPackagesResponse#package_summaries #package_summaries} => Array&lt;Types::PackageSummary&gt;
+    #   * {Types::ListPackagesResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_packages({
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.package_summaries #=> Array
+    #   resp.package_summaries[0].package_name #=> String
+    #   resp.package_summaries[0].default_version_name #=> String
+    #   resp.package_summaries[0].creation_date #=> Time
+    #   resp.package_summaries[0].last_modified_date #=> Time
+    #   resp.next_token #=> String
+    #
+    # @overload list_packages(params = {})
+    # @param [Hash] params ({})
+    def list_packages(params = {}, options = {})
+      req = build_request(:list_packages, params)
+      req.send_request(options)
+    end
+
     # Lists your policies.
     #
     # Requires permission to access the [ListPolicies][1] action.
@@ -9010,8 +9893,9 @@ module Aws::IoT
 
     # Lists the principals associated with the specified policy.
     #
-    # **Note:** This action is deprecated. Please use ListTargetsForPolicy
-    # instead.
+    # **Note:** This action is deprecated and works as expected for backward
+    # compatibility, but we won't add enhancements. Use
+    # ListTargetsForPolicy instead.
     #
     # Requires permission to access the [ListPolicyPrincipals][1] action.
     #
@@ -9101,8 +9985,9 @@ module Aws::IoT
     # Cognito identity, the ID must be in [AmazonCognito Identity
     # format][1].
     #
-    # **Note:** This action is deprecated. Please use ListAttachedPolicies
-    # instead.
+    # **Note:** This action is deprecated and works as expected for backward
+    # compatibility, but we won't add enhancements. Use
+    # ListAttachedPolicies instead.
     #
     # Requires permission to access the [ListPrincipalPolicies][2] action.
     #
@@ -9113,10 +9998,9 @@ module Aws::IoT
     #
     # @option params [required, String] :principal
     #   The principal. Valid principals are CertificateArn
-    #   (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
-    #   thingGroupArn
-    #   (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
-    #   CognitoId (*region*\:*id*).
+    #   (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn
+    #   (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and
+    #   CognitoId (*region*:*id*).
     #
     # @option params [String] :marker
     #   The marker for the next set of results.
@@ -9207,7 +10091,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # A list of fleet provisioning template versions.
+    # A list of provisioning template versions.
     #
     # Requires permission to access the
     # [ListProvisioningTemplateVersions][1] action.
@@ -9217,7 +10101,7 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template.
+    #   The name of the provisioning template.
     #
     # @option params [Integer] :max_results
     #   The maximum number of results to return at one time.
@@ -9255,8 +10139,7 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Lists the fleet provisioning templates in your Amazon Web Services
-    # account.
+    # Lists the provisioning templates in your Amazon Web Services account.
     #
     # Requires permission to access the [ListProvisioningTemplates][1]
     # action.
@@ -9294,6 +10177,7 @@ module Aws::IoT
     #   resp.templates[0].creation_date #=> Time
     #   resp.templates[0].last_modified_date #=> Time
     #   resp.templates[0].enabled #=> Boolean
+    #   resp.templates[0].type #=> String, one of "FLEET_PROVISIONING", "JITP"
     #   resp.next_token #=> String
     #
     # @overload list_provisioning_templates(params = {})
@@ -9303,6 +10187,93 @@ module Aws::IoT
       req.send_request(options)
     end
 
+    # The related resources of an Audit finding. The following resources can
+    # be returned from calling this API:
+    #
+    # * DEVICE\_CERTIFICATE
+    #
+    # * CA\_CERTIFICATE
+    #
+    # * IOT\_POLICY
+    #
+    # * COGNITO\_IDENTITY\_POOL
+    #
+    # * CLIENT\_ID
+    #
+    # * ACCOUNT\_SETTINGS
+    #
+    # * ROLE\_ALIAS
+    #
+    # * IAM\_ROLE
+    #
+    # * ISSUER\_CERTIFICATE
+    #
+    # <note markdown="1"> This API is similar to DescribeAuditFinding's [RelatedResources][1]
+    # but provides pagination and is not limited to 10 resources. When
+    # calling [DescribeAuditFinding][1] for the intermediate CA revoked for
+    # active device certificates check, RelatedResources will not be
+    # populated. You must use this API, ListRelatedResourcesForAuditFinding,
+    # to list the certificates.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html
+    #
+    # @option params [required, String] :finding_id
+    #   The finding Id.
+    #
+    # @option params [String] :next_token
+    #   A token that can be used to retrieve the next set of results, or
+    #   `null` if there are no additional results.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to return at one time.
+    #
+    # @return [Types::ListRelatedResourcesForAuditFindingResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListRelatedResourcesForAuditFindingResponse#related_resources #related_resources} => Array&lt;Types::RelatedResource&gt;
+    #   * {Types::ListRelatedResourcesForAuditFindingResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_related_resources_for_audit_finding({
+    #     finding_id: "FindingId", # required
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.related_resources #=> Array
+    #   resp.related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE", "ISSUER_CERTIFICATE"
+    #   resp.related_resources[0].resource_identifier.device_certificate_id #=> String
+    #   resp.related_resources[0].resource_identifier.ca_certificate_id #=> String
+    #   resp.related_resources[0].resource_identifier.cognito_identity_pool_id #=> String
+    #   resp.related_resources[0].resource_identifier.client_id #=> String
+    #   resp.related_resources[0].resource_identifier.policy_version_identifier.policy_name #=> String
+    #   resp.related_resources[0].resource_identifier.policy_version_identifier.policy_version_id #=> String
+    #   resp.related_resources[0].resource_identifier.account #=> String
+    #   resp.related_resources[0].resource_identifier.iam_role_arn #=> String
+    #   resp.related_resources[0].resource_identifier.role_alias_arn #=> String
+    #   resp.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_subject #=> String
+    #   resp.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_id #=> String
+    #   resp.related_resources[0].resource_identifier.issuer_certificate_identifier.issuer_certificate_serial_number #=> String
+    #   resp.related_resources[0].resource_identifier.device_certificate_arn #=> String
+    #   resp.related_resources[0].additional_info #=> Hash
+    #   resp.related_resources[0].additional_info["String"] #=> String
+    #   resp.next_token #=> String
+    #
+    # @overload list_related_resources_for_audit_finding(params = {})
+    # @param [Hash] params ({})
+    def list_related_resources_for_audit_finding(params = {}, options = {})
+      req = build_request(:list_related_resources_for_audit_finding, params)
+      req.send_request(options)
+    end
+
     # Lists the role aliases registered in your account.
     #
     # Requires permission to access the [ListRoleAliases][1] action.
@@ -9996,9 +10967,10 @@ module Aws::IoT
     # parameters to filter your things. For example, calling `ListThings`
     # with attributeName=Color and attributeValue=Red retrieves all things
     # in the registry that contain an attribute **Color** with the value
-    # **Red**.
+    # **Red**. For more information, see [List Things][1] from the *Amazon
+    # Web Services IoT Core Developer Guide*.
     #
-    # Requires permission to access the [ListThings][1] action.
+    # Requires permission to access the [ListThings][2] action.
     #
     # <note markdown="1"> You will not be charged for calling this API if an `Access denied`
     # error is returned. You will also not be charged if no attributes or
@@ -10009,7 +10981,8 @@ module Aws::IoT
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html#list-things
+    # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [String] :next_token
     #   To retrieve the next set of results, the `nextToken` value from a
@@ -10313,7 +11286,7 @@ module Aws::IoT
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_v2_logging_levels({
-    #     target_type: "DEFAULT", # accepts DEFAULT, THING_GROUP
+    #     target_type: "DEFAULT", # accepts DEFAULT, THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, EVENT_TYPE, DEVICE_DEFENDER
     #     next_token: "NextToken",
     #     max_results: 1,
     #   })
@@ -10321,7 +11294,7 @@ module Aws::IoT
     # @example Response structure
     #
     #   resp.log_target_configurations #=> Array
-    #   resp.log_target_configurations[0].log_target.target_type #=> String, one of "DEFAULT", "THING_GROUP"
+    #   resp.log_target_configurations[0].log_target.target_type #=> String, one of "DEFAULT", "THING_GROUP", "CLIENT_ID", "SOURCE_IP", "PRINCIPAL_ID", "EVENT_TYPE", "DEVICE_DEFENDER"
     #   resp.log_target_configurations[0].log_target.target_name #=> String
     #   resp.log_target_configurations[0].log_level #=> String, one of "DEBUG", "INFO", "ERROR", "WARN", "DISABLED"
     #   resp.next_token #=> String
@@ -10475,14 +11448,10 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Registers a CA certificate with IoT. This CA certificate can then be
-    # used to sign device certificates, which can be then registered with
-    # IoT. You can register up to 10 CA certificates per Amazon Web Services
-    # account that have the same subject field. This enables you to have up
-    # to 10 certificate authorities sign your device certificates. If you
-    # have more than one CA certificate registered, make sure you pass the
-    # CA certificate when you register your device certificates with the
-    # RegisterCertificate action.
+    # Registers a CA certificate with Amazon Web Services IoT Core. There is
+    # no limit to the number of CA certificates you can register in your
+    # Amazon Web Services account. You can register up to 10 CA certificates
+    # with the same `CA subject field` per Amazon Web Services account.
     #
     # Requires permission to access the [RegisterCACertificate][1] action.
     #
@@ -10493,12 +11462,17 @@ module Aws::IoT
     # @option params [required, String] :ca_certificate
     #   The CA certificate.
     #
-    # @option params [required, String] :verification_certificate
-    #   The private key verification certificate.
+    # @option params [String] :verification_certificate
+    #   The private key verification certificate. If `certificateMode` is
+    #   `SNI_ONLY`, the `verificationCertificate` field must be empty. If
+    #   `certificateMode` is `DEFAULT` or not provided, the
+    #   `verificationCertificate` field must not be empty.
     #
     # @option params [Boolean] :set_as_active
     #   A boolean value that specifies if the CA certificate is set to active.
     #
+    #   Valid values: `ACTIVE | INACTIVE`
+    #
     # @option params [Boolean] :allow_auto_registration
     #   Allows this CA certificate to be used for auto registration of device
     #   certificates.
@@ -10520,6 +11494,21 @@ module Aws::IoT
     #
     #    </note>
     #
+    # @option params [String] :certificate_mode
+    #   Describes the certificate mode in which the Certificate Authority (CA)
+    #   will be registered. If the `verificationCertificate` field is not
+    #   provided, set `certificateMode` to be `SNI_ONLY`. If the
+    #   `verificationCertificate` field is provided, set `certificateMode` to
+    #   be `DEFAULT`. When `certificateMode` is not provided, it defaults to
+    #   `DEFAULT`. All the device certificates that are registered using this
+    #   CA will be registered in the same certificate mode as the CA. For more
+    #   information about certificate mode for device certificates, see [
+    #   certificate mode][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode
+    #
     # @return [Types::RegisterCACertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RegisterCACertificateResponse#certificate_arn #certificate_arn} => String
@@ -10529,12 +11518,13 @@ module Aws::IoT
     #
     #   resp = client.register_ca_certificate({
     #     ca_certificate: "CertificatePem", # required
-    #     verification_certificate: "CertificatePem", # required
+    #     verification_certificate: "CertificatePem",
     #     set_as_active: false,
     #     allow_auto_registration: false,
     #     registration_config: {
     #       template_body: "TemplateBody",
     #       role_arn: "RoleArn",
+    #       template_name: "TemplateName",
     #     },
     #     tags: [
     #       {
@@ -10542,6 +11532,7 @@ module Aws::IoT
     #         value: "TagValue",
     #       },
     #     ],
+    #     certificate_mode: "DEFAULT", # accepts DEFAULT, SNI_ONLY
     #   })
     #
     # @example Response structure
@@ -10556,16 +11547,17 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Registers a device certificate with IoT. If you have more than one CA
-    # certificate that has the same subject field, you must specify the CA
-    # certificate that was used to sign the device certificate being
-    # registered.
+    # Registers a device certificate with IoT in the same [certificate
+    # mode][1] as the signing CA. If you have more than one CA certificate
+    # that has the same subject field, you must specify the CA certificate
+    # that was used to sign the device certificate being registered.
     #
-    # Requires permission to access the [RegisterCertificate][1] action.
+    # Requires permission to access the [RegisterCertificate][2] action.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [1]: https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode
+    # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :certificate_pem
     #   The certificate data, in PEM format.
@@ -10577,8 +11569,11 @@ module Aws::IoT
     # @option params [Boolean] :set_as_active
     #   A boolean value that specifies if the certificate is set to active.
     #
+    #   Valid values: `ACTIVE | INACTIVE`
+    #
     # @option params [String] :status
-    #   The status of the register certificate request.
+    #   The status of the register certificate request. Valid values that you
+    #   can use include `ACTIVE`, `INACTIVE`, and `REVOKED`.
     #
     # @return [Types::RegisterCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -10897,6 +11892,19 @@ module Aws::IoT
     #             role_arn: "AwsArn", # required
     #             topic: "TopicPattern", # required
     #             qos: 1,
+    #             headers: {
+    #               payload_format_indicator: "PayloadFormatIndicator",
+    #               content_type: "ContentType",
+    #               response_topic: "ResponseTopic",
+    #               correlation_data: "CorrelationData",
+    #               message_expiry: "MessageExpiry",
+    #               user_properties: [
+    #                 {
+    #                   key: "UserPropertyKey", # required
+    #                   value: "UserPropertyValue", # required
+    #                 },
+    #               ],
+    #             },
     #           },
     #           s3: {
     #             role_arn: "AwsArn", # required
@@ -10927,6 +11935,7 @@ module Aws::IoT
     #           cloudwatch_logs: {
     #             role_arn: "AwsArn", # required
     #             log_group_name: "LogGroupName", # required
+    #             batch_mode: false,
     #           },
     #           elasticsearch: {
     #             role_arn: "AwsArn", # required
@@ -11022,6 +12031,12 @@ module Aws::IoT
     #             client_properties: { # required
     #               "String" => "String",
     #             },
+    #             headers: [
+    #               {
+    #                 key: "KafkaHeaderKey", # required
+    #                 value: "KafkaHeaderValue", # required
+    #               },
+    #             ],
     #           },
     #           open_search: {
     #             role_arn: "AwsArn", # required
@@ -11030,6 +12045,17 @@ module Aws::IoT
     #             type: "ElasticsearchType", # required
     #             id: "ElasticsearchId", # required
     #           },
+    #           location: {
+    #             role_arn: "AwsArn", # required
+    #             tracker_name: "String", # required
+    #             device_id: "String", # required
+    #             timestamp: {
+    #               value: "String", # required
+    #               unit: "String",
+    #             },
+    #             latitude: "String", # required
+    #             longitude: "String", # required
+    #           },
     #         },
     #       ],
     #       rule_disabled: false,
@@ -11075,6 +12101,19 @@ module Aws::IoT
     #           role_arn: "AwsArn", # required
     #           topic: "TopicPattern", # required
     #           qos: 1,
+    #           headers: {
+    #             payload_format_indicator: "PayloadFormatIndicator",
+    #             content_type: "ContentType",
+    #             response_topic: "ResponseTopic",
+    #             correlation_data: "CorrelationData",
+    #             message_expiry: "MessageExpiry",
+    #             user_properties: [
+    #               {
+    #                 key: "UserPropertyKey", # required
+    #                 value: "UserPropertyValue", # required
+    #               },
+    #             ],
+    #           },
     #         },
     #         s3: {
     #           role_arn: "AwsArn", # required
@@ -11105,6 +12144,7 @@ module Aws::IoT
     #         cloudwatch_logs: {
     #           role_arn: "AwsArn", # required
     #           log_group_name: "LogGroupName", # required
+    #           batch_mode: false,
     #         },
     #         elasticsearch: {
     #           role_arn: "AwsArn", # required
@@ -11200,6 +12240,12 @@ module Aws::IoT
     #           client_properties: { # required
     #             "String" => "String",
     #           },
+    #           headers: [
+    #             {
+    #               key: "KafkaHeaderKey", # required
+    #               value: "KafkaHeaderValue", # required
+    #             },
+    #           ],
     #         },
     #         open_search: {
     #           role_arn: "AwsArn", # required
@@ -11208,6 +12254,17 @@ module Aws::IoT
     #           type: "ElasticsearchType", # required
     #           id: "ElasticsearchId", # required
     #         },
+    #         location: {
+    #           role_arn: "AwsArn", # required
+    #           tracker_name: "String", # required
+    #           device_id: "String", # required
+    #           timestamp: {
+    #             value: "String", # required
+    #             unit: "String",
+    #           },
+    #           latitude: "String", # required
+    #           longitude: "String", # required
+    #         },
     #       },
     #     },
     #   })
@@ -11231,7 +12288,12 @@ module Aws::IoT
     #   The search index name.
     #
     # @option params [required, String] :query_string
-    #   The search query string.
+    #   The search query string. For more information about the search query
+    #   syntax, see [Query syntax][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/query-syntax.html
     #
     # @option params [String] :next_token
     #   The token used to get the next set of results, or `null` if there are
@@ -11411,7 +12473,7 @@ module Aws::IoT
     #
     #   resp = client.set_v2_logging_level({
     #     log_target: { # required
-    #       target_type: "DEFAULT", # required, accepts DEFAULT, THING_GROUP
+    #       target_type: "DEFAULT", # required, accepts DEFAULT, THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, EVENT_TYPE, DEVICE_DEFENDER
     #       target_name: "LogTargetName",
     #     },
     #     log_level: "DEBUG", # required, accepts DEBUG, INFO, ERROR, WARN, DISABLED
@@ -11751,10 +12813,9 @@ module Aws::IoT
     #
     # @option params [String] :principal
     #   The principal. Valid principals are CertificateArn
-    #   (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
-    #   thingGroupArn
-    #   (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
-    #   CognitoId (*region*\:*id*).
+    #   (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn
+    #   (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and
+    #   CognitoId (*region*:*id*).
     #
     # @option params [String] :cognito_identity_pool_id
     #   The Cognito identity pool ID.
@@ -12079,6 +13140,12 @@ module Aws::IoT
     #       account: "AwsAccountId",
     #       iam_role_arn: "RoleArn",
     #       role_alias_arn: "RoleAliasArn",
+    #       issuer_certificate_identifier: {
+    #         issuer_certificate_subject: "IssuerCertificateSubject",
+    #         issuer_id: "IssuerId",
+    #         issuer_certificate_serial_number: "IssuerCertificateSerialNumber",
+    #       },
+    #       device_certificate_arn: "CertificateArn",
     #     },
     #     expiration_date: Time.now,
     #     suppress_indefinitely: false,
@@ -12115,6 +13182,11 @@ module Aws::IoT
     # @option params [String] :status
     #   The status of the update authorizer request.
     #
+    # @option params [Boolean] :enable_caching_for_http
+    #   When `true`, the result from the authorizer’s Lambda function is
+    #   cached for the time specified in `refreshAfterInSeconds`. The cached
+    #   result is used while the device reuses the same HTTP connection.
+    #
     # @return [Types::UpdateAuthorizerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateAuthorizerResponse#authorizer_name #authorizer_name} => String
@@ -12130,6 +13202,7 @@ module Aws::IoT
     #       "KeyName" => "KeyValue",
     #     },
     #     status: "ACTIVE", # accepts ACTIVE, INACTIVE
+    #     enable_caching_for_http: false,
     #   })
     #
     # @example Response structure
@@ -12227,6 +13300,7 @@ module Aws::IoT
     #     registration_config: {
     #       template_body: "TemplateBody",
     #       role_arn: "RoleArn",
+    #       template_name: "TemplateName",
     #     },
     #     remove_auto_registration: false,
     #   })
@@ -12407,6 +13481,9 @@ module Aws::IoT
     # @option params [Boolean] :remove_authorizer_config
     #   Removes the authorization configuration from a domain.
     #
+    # @option params [Types::TlsConfig] :tls_config
+    #   An object that specifies the TLS configuration for a domain.
+    #
     # @return [Types::UpdateDomainConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateDomainConfigurationResponse#domain_configuration_name #domain_configuration_name} => String
@@ -12422,6 +13499,9 @@ module Aws::IoT
     #     },
     #     domain_configuration_status: "ENABLED", # accepts ENABLED, DISABLED
     #     remove_authorizer_config: false,
+    #     tls_config: {
+    #       security_policy: "SecurityPolicy",
+    #     },
     #   })
     #
     # @example Response structure
@@ -12644,6 +13724,9 @@ module Aws::IoT
     #           type: "Number", # accepts Number, String, Boolean
     #         },
     #       ],
+    #       filter: {
+    #         named_shadow_names: ["ShadowName"],
+    #       },
     #     },
     #     thing_group_indexing_configuration: {
     #       thing_group_indexing_mode: "OFF", # required, accepts OFF, ON
@@ -12712,6 +13795,9 @@ module Aws::IoT
     #
     #    </note>
     #
+    # @option params [Types::JobExecutionsRetryConfig] :job_executions_retry_config
+    #   Allows you to create the criteria to retry a job.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -12748,6 +13834,14 @@ module Aws::IoT
     #       in_progress_timeout_in_minutes: 1,
     #     },
     #     namespace_id: "NamespaceId",
+    #     job_executions_retry_config: {
+    #       criteria_list: [ # required
+    #         {
+    #           failure_type: "FAILED", # required, accepts FAILED, TIMED_OUT, ALL
+    #           number_of_retries: 1, # required
+    #         },
+    #       ],
+    #     },
     #   })
     #
     # @overload update_job(params = {})
@@ -12822,7 +13916,171 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Updates a fleet provisioning template.
+    # Updates the supported fields for a specific software package.
+    #
+    # Requires permission to access the [UpdatePackage][1] and
+    # [GetIndexingConfiguration][1] actions.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the target software package.
+    #
+    # @option params [String] :description
+    #   The package description.
+    #
+    # @option params [String] :default_version_name
+    #   The name of the default package version.
+    #
+    #   **Note:** You cannot name a `defaultVersion` and set
+    #   `unsetDefaultVersion` equal to `true` at the same time.
+    #
+    # @option params [Boolean] :unset_default_version
+    #   Indicates whether you want to remove the named default package version
+    #   from the software package. Set as `true` to remove the default package
+    #   version.
+    #
+    #   **Note:** You cannot name a `defaultVersion` and set
+    #   `unsetDefaultVersion` equal to `true` at the same time.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_package({
+    #     package_name: "PackageName", # required
+    #     description: "ResourceDescription",
+    #     default_version_name: "VersionName",
+    #     unset_default_version: false,
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @overload update_package(params = {})
+    # @param [Hash] params ({})
+    def update_package(params = {}, options = {})
+      req = build_request(:update_package, params)
+      req.send_request(options)
+    end
+
+    # Updates the software package configuration.
+    #
+    # Requires permission to access the [UpdatePackageConfiguration][1] and
+    # [iam:PassRole][2] actions.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html
+    #
+    # @option params [Types::VersionUpdateByJobsConfig] :version_update_by_jobs_config
+    #   Configuration to manage job's package version reporting. This updates
+    #   the thing's reserved named shadow that the job targets.
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_package_configuration({
+    #     version_update_by_jobs_config: {
+    #       enabled: false,
+    #       role_arn: "RoleArn",
+    #     },
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @overload update_package_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_package_configuration(params = {}, options = {})
+      req = build_request(:update_package_configuration, params)
+      req.send_request(options)
+    end
+
+    # Updates the supported fields for a specific package version.
+    #
+    # Requires permission to access the [UpdatePackageVersion][1] and
+    # [GetIndexingConfiguration][1] actions.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :package_name
+    #   The name of the associated software package.
+    #
+    # @option params [required, String] :version_name
+    #   The name of the target package version.
+    #
+    # @option params [String] :description
+    #   The package version description.
+    #
+    # @option params [Hash<String,String>] :attributes
+    #   Metadata that can be used to define a package version’s configuration.
+    #   For example, the Amazon S3 file location, configuration options that
+    #   are being sent to the device or fleet.
+    #
+    #   **Note:** Attributes can be updated only when the package version is
+    #   in a draft state.
+    #
+    #   The combined size of all the attributes on a package version is
+    #   limited to 3KB.
+    #
+    # @option params [String] :action
+    #   The status that the package version should be assigned. For more
+    #   information, see [Package version lifecycle][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle
+    #
+    # @option params [String] :client_token
+    #   A unique case-sensitive identifier that you can provide to ensure the
+    #   idempotency of the request. Don't reuse this client token if a new
+    #   idempotent request is required.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_package_version({
+    #     package_name: "PackageName", # required
+    #     version_name: "VersionName", # required
+    #     description: "ResourceDescription",
+    #     attributes: {
+    #       "ResourceAttributeKey" => "ResourceAttributeValue",
+    #     },
+    #     action: "PUBLISH", # accepts PUBLISH, DEPRECATE
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @overload update_package_version(params = {})
+    # @param [Hash] params ({})
+    def update_package_version(params = {}, options = {})
+      req = build_request(:update_package_version, params)
+      req.send_request(options)
+    end
+
+    # Updates a provisioning template.
     #
     # Requires permission to access the [UpdateProvisioningTemplate][1]
     # action.
@@ -12832,13 +14090,13 @@ module Aws::IoT
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [required, String] :template_name
-    #   The name of the fleet provisioning template.
+    #   The name of the provisioning template.
     #
     # @option params [String] :description
-    #   The description of the fleet provisioning template.
+    #   The description of the provisioning template.
     #
     # @option params [Boolean] :enabled
-    #   True to enable the fleet provisioning template, otherwise false.
+    #   True to enable the provisioning template, otherwise false.
     #
     # @option params [Integer] :default_version_id
     #   The ID of the default provisioning template version.
@@ -12848,7 +14106,13 @@ module Aws::IoT
     #   IoT role grants permission to provision a device.
     #
     # @option params [Types::ProvisioningHook] :pre_provisioning_hook
-    #   Updates the pre-provisioning hook template.
+    #   Updates the pre-provisioning hook template. Only supports template of
+    #   type `FLEET_PROVISIONING`. For more information about provisioning
+    #   template types, see [type][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html#iot-CreateProvisioningTemplate-request-type
     #
     # @option params [Boolean] :remove_pre_provisioning_hook
     #   Removes pre-provisioning hook template.
@@ -12894,6 +14158,9 @@ module Aws::IoT
     # @option params [Integer] :credential_duration_seconds
     #   The number of seconds the credential will be valid.
     #
+    #   This value must be less than or equal to the maximum session duration
+    #   of the IAM role that the role alias references.
+    #
     # @return [Types::UpdateRoleAliasResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateRoleAliasResponse#role_alias #role_alias} => String
@@ -13508,7 +14775,7 @@ module Aws::IoT
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iot'
-      context[:gem_version] = '1.80.0'
+      context[:gem_version] = '1.111.0'
       Seahorse::Client::Request.new(handlers, context)
     end