RubyGems - aws-sdk-lambda - Versions diffs - 1.53.0 → 1.58.0 - Mend

aws-sdk-lambda 1.53.0 → 1.58.0

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/aws-sdk-lambda.rb +1 -1
data/lib/aws-sdk-lambda/client.rb +688 -68
data/lib/aws-sdk-lambda/client_api.rb +318 -4
data/lib/aws-sdk-lambda/errors.rb +63 -0
data/lib/aws-sdk-lambda/types.rb +884 -84
metadata +4 -4

data/lib/aws-sdk-lambda/errors.rb CHANGED Viewed

@@ -27,7 +27,9 @@ module Aws::Lambda
   # See {Seahorse::Client::RequestContext} for more information.
   #
   # ## Error Classes
+  # * {CodeSigningConfigNotFoundException}
   # * {CodeStorageExceededException}
+  # * {CodeVerificationFailedException}
   # * {EC2AccessDeniedException}
   # * {EC2ThrottledException}
   # * {EC2UnexpectedException}
@@ -36,6 +38,7 @@ module Aws::Lambda
   # * {EFSMountFailureException}
   # * {EFSMountTimeoutException}
   # * {ENILimitReachedException}
+  # * {InvalidCodeSignatureException}
   # * {InvalidParameterValueException}
   # * {InvalidRequestContentException}
   # * {InvalidRuntimeException}
@@ -65,6 +68,26 @@ module Aws::Lambda
     extend Aws::Errors::DynamicErrors
+    class CodeSigningConfigNotFoundException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Lambda::Types::CodeSigningConfigNotFoundException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def type
+        @data[:type]
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
     class CodeStorageExceededException < ServiceError
       # @param [Seahorse::Client::RequestContext] context
@@ -85,6 +108,26 @@ module Aws::Lambda
       end
     end
+    class CodeVerificationFailedException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Lambda::Types::CodeVerificationFailedException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def type
+        @data[:type]
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
     class EC2AccessDeniedException < ServiceError
       # @param [Seahorse::Client::RequestContext] context
@@ -250,6 +293,26 @@ module Aws::Lambda
       end
     end
+    class InvalidCodeSignatureException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Lambda::Types::InvalidCodeSignatureException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def type
+        @data[:type]
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
     class InvalidParameterValueException < ServiceError
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-lambda/types.rb CHANGED Viewed

@@ -327,6 +327,114 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # List of signing profiles that can sign a code package.
+    #
+    # @note When making an API call, you may pass AllowedPublishers
+    #   data as a hash:
+    #
+    #       {
+    #         signing_profile_version_arns: ["Arn"], # required
+    #       }
+    #
+    # @!attribute [rw] signing_profile_version_arns
+    #   The Amazon Resource Name (ARN) for each of the signing profiles. A
+    #   signing profile defines a trusted user who can sign a code package.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/AllowedPublishers AWS API Documentation
+    #
+    class AllowedPublishers < Struct.new(
+      :signing_profile_version_arns)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Details about a Code signing configuration.
+    #
+    # @!attribute [rw] code_signing_config_id
+    #   Unique identifer for the Code signing configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The Amazon Resource Name (ARN) of the Code signing configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   Code signing configuration description.
+    #   @return [String]
+    #
+    # @!attribute [rw] allowed_publishers
+    #   List of allowed publishers.
+    #   @return [Types::AllowedPublishers]
+    #
+    # @!attribute [rw] code_signing_policies
+    #   The code signing policy controls the validation failure action for
+    #   signature mismatch or expiry.
+    #   @return [Types::CodeSigningPolicies]
+    #
+    # @!attribute [rw] last_modified
+    #   The date and time that the Code signing configuration was last
+    #   modified, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CodeSigningConfig AWS API Documentation
+    #
+    class CodeSigningConfig < Struct.new(
+      :code_signing_config_id,
+      :code_signing_config_arn,
+      :description,
+      :allowed_publishers,
+      :code_signing_policies,
+      :last_modified)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The specified code signing configuration does not exist.
+    #
+    # @!attribute [rw] type
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CodeSigningConfigNotFoundException AWS API Documentation
+    #
+    class CodeSigningConfigNotFoundException < Struct.new(
+      :type,
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Code signing configuration policies specifies the validation failure
+    # action for signature mismatch or expiry.
+    #
+    # @note When making an API call, you may pass CodeSigningPolicies
+    #   data as a hash:
+    #
+    #       {
+    #         untrusted_artifact_on_deployment: "Warn", # accepts Warn, Enforce
+    #       }
+    #
+    # @!attribute [rw] untrusted_artifact_on_deployment
+    #   Code signing configuration policy for deployment validation failure.
+    #   If you set the policy to `Enforce`, Lambda blocks the deployment
+    #   request if signature validation checks fail. If you set the policy
+    #   to `Warn`, Lambda allows the deployment and creates a CloudWatch
+    #   log.
+    #
+    #   Default value: `Warn`
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CodeSigningPolicies AWS API Documentation
+    #
+    class CodeSigningPolicies < Struct.new(
+      :untrusted_artifact_on_deployment)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # You have exceeded your maximum total code size per account. [Learn
     # more][1]
     #
@@ -350,6 +458,25 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # The code signature failed one or more of the validation checks for
+    # signature mismatch or expiry, and the code signing policy is set to
+    # ENFORCE. Lambda blocks the deployment.
+    #
+    # @!attribute [rw] type
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CodeVerificationFailedException AWS API Documentation
+    #
+    class CodeVerificationFailedException < Struct.new(
+      :type,
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] reserved_concurrent_executions
     #   The number of concurrent executions that are reserved for this
     #   function. For more information, see [Managing Concurrency][1].
@@ -430,11 +557,59 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass CreateCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         description: "Description",
+    #         allowed_publishers: { # required
+    #           signing_profile_version_arns: ["Arn"], # required
+    #         },
+    #         code_signing_policies: {
+    #           untrusted_artifact_on_deployment: "Warn", # accepts Warn, Enforce
+    #         },
+    #       }
+    #
+    # @!attribute [rw] description
+    #   Descriptive name for this code signing configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] allowed_publishers
+    #   Signing profiles for this code signing configuration.
+    #   @return [Types::AllowedPublishers]
+    #
+    # @!attribute [rw] code_signing_policies
+    #   The code signing policies define the actions to take if the
+    #   validation checks fail.
+    #   @return [Types::CodeSigningPolicies]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CreateCodeSigningConfigRequest AWS API Documentation
+    #
+    class CreateCodeSigningConfigRequest < Struct.new(
+      :description,
+      :allowed_publishers,
+      :code_signing_policies)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] code_signing_config
+    #   The code signing configuration.
+    #   @return [Types::CodeSigningConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CreateCodeSigningConfigResponse AWS API Documentation
+    #
+    class CreateCodeSigningConfigResponse < Struct.new(
+      :code_signing_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass CreateEventSourceMappingRequest
     #   data as a hash:
     #
     #       {
-    #         event_source_arn: "Arn", # required
+    #         event_source_arn: "Arn",
     #         function_name: "FunctionName", # required
     #         enabled: false,
     #         batch_size: 1,
@@ -453,14 +628,21 @@ module Aws::Lambda
     #         maximum_record_age_in_seconds: 1,
     #         bisect_batch_on_function_error: false,
     #         maximum_retry_attempts: 1,
+    #         tumbling_window_in_seconds: 1,
     #         topics: ["Topic"],
     #         queues: ["Queue"],
     #         source_access_configurations: [
     #           {
-    #             type: "BASIC_AUTH", # accepts BASIC_AUTH
-    #             uri: "Arn",
+    #             type: "BASIC_AUTH", # accepts BASIC_AUTH, VPC_SUBNET, VPC_SECURITY_GROUP, SASL_SCRAM_512_AUTH, SASL_SCRAM_256_AUTH
+    #             uri: "URI",
     #           },
     #         ],
+    #         self_managed_event_source: {
+    #           endpoints: {
+    #             "KAFKA_BOOTSTRAP_SERVERS" => ["Endpoint"],
+    #           },
+    #         },
+    #         function_response_types: ["ReportBatchItemFailures"], # accepts ReportBatchItemFailures
     #       }
     #
     # @!attribute [rw] event_source_arn
@@ -508,15 +690,18 @@ module Aws::Lambda
     #
     #   * **Amazon DynamoDB Streams** - Default 100. Max 1,000.
     #
-    #   * **Amazon Simple Queue Service** - Default 10. Max 10.
+    #   * **Amazon Simple Queue Service** - Default 10. For standard queues
+    #     the max is 10,000. For FIFO queues the max is 10.
     #
     #   * **Amazon Managed Streaming for Apache Kafka** - Default 100. Max
     #     10,000.
+    #
+    #   * **Self-Managed Apache Kafka** - Default 100. Max 10,000.
     #   @return [Integer]
     #
     # @!attribute [rw] maximum_batching_window_in_seconds
-    #   (Streams) The maximum amount of time to gather records before
-    #   invoking the function, in seconds.
+    #   (Streams and SQS standard queues) The maximum amount of time to
+    #   gather records before invoking the function, in seconds.
     #   @return [Integer]
     #
     # @!attribute [rw] parallelization_factor
@@ -556,8 +741,13 @@ module Aws::Lambda
     #   records will be retried until the record expires.
     #   @return [Integer]
     #
+    # @!attribute [rw] tumbling_window_in_seconds
+    #   (Streams) The duration of a processing window in seconds. The range
+    #   is between 1 second up to 15 minutes.
+    #   @return [Integer]
+    #
     # @!attribute [rw] topics
-    #   (MSK) The name of the Kafka topic.
+    #   The name of the Kafka topic.
     #   @return [Array<String>]
     #
     # @!attribute [rw] queues
@@ -565,18 +755,18 @@ module Aws::Lambda
     #   @return [Array<String>]
     #
     # @!attribute [rw] source_access_configurations
-    #   (MQ) The Secrets Manager secret that stores your broker credentials.
-    #   To store your secret, use the following format: ` \{ "username":
-    #   "your username", "password": "your password" \}`
+    #   An array of the authentication protocol, or the VPC components to
+    #   secure your event source.
+    #   @return [Array<Types::SourceAccessConfiguration>]
     #
-    #   To reference the secret, use the following format: `[ \{ "Type":
-    #   "BASIC_AUTH", "URI": "secretARN" \} ]`
+    # @!attribute [rw] self_managed_event_source
+    #   The Self-Managed Apache Kafka cluster to send records.
+    #   @return [Types::SelfManagedEventSource]
     #
-    #   The value of `Type` is always `BASIC_AUTH`. To encrypt the secret,
-    #   you can use customer or service managed keys. When using a customer
-    #   managed KMS key, the Lambda execution role requires `kms:Decrypt`
-    #   permissions.
-    #   @return [Array<Types::SourceAccessConfiguration>]
+    # @!attribute [rw] function_response_types
+    #   (Streams) A list of current response type enums applied to the event
+    #   source mapping.
+    #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CreateEventSourceMappingRequest AWS API Documentation
     #
@@ -593,9 +783,12 @@ module Aws::Lambda
       :maximum_record_age_in_seconds,
       :bisect_batch_on_function_error,
       :maximum_retry_attempts,
+      :tumbling_window_in_seconds,
       :topics,
       :queues,
-      :source_access_configurations)
+      :source_access_configurations,
+      :self_managed_event_source,
+      :function_response_types)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -605,14 +798,15 @@ module Aws::Lambda
     #
     #       {
     #         function_name: "FunctionName", # required
-    #         runtime: "nodejs", # required, accepts nodejs, nodejs4.3, nodejs6.10, nodejs8.10, nodejs10.x, nodejs12.x, java8, java8.al2, java11, python2.7, python3.6, python3.7, python3.8, dotnetcore1.0, dotnetcore2.0, dotnetcore2.1, dotnetcore3.1, nodejs4.3-edge, go1.x, ruby2.5, ruby2.7, provided, provided.al2
+    #         runtime: "nodejs", # accepts nodejs, nodejs4.3, nodejs6.10, nodejs8.10, nodejs10.x, nodejs12.x, java8, java8.al2, java11, python2.7, python3.6, python3.7, python3.8, dotnetcore1.0, dotnetcore2.0, dotnetcore2.1, dotnetcore3.1, nodejs4.3-edge, go1.x, ruby2.5, ruby2.7, provided, provided.al2
     #         role: "RoleArn", # required
-    #         handler: "Handler", # required
+    #         handler: "Handler",
     #         code: { # required
     #           zip_file: "data",
     #           s3_bucket: "S3Bucket",
     #           s3_key: "S3Key",
     #           s3_object_version: "S3ObjectVersion",
+    #           image_uri: "String",
     #         },
     #         description: "Description",
     #         timeout: 1,
@@ -622,6 +816,7 @@ module Aws::Lambda
     #           subnet_ids: ["SubnetId"],
     #           security_group_ids: ["SecurityGroupId"],
     #         },
+    #         package_type: "Zip", # accepts Zip, Image
     #         dead_letter_config: {
     #           target_arn: "ResourceArn",
     #         },
@@ -644,6 +839,12 @@ module Aws::Lambda
     #             local_mount_path: "LocalMountPath", # required
     #           },
     #         ],
+    #         image_config: {
+    #           entry_point: ["String"],
+    #           command: ["String"],
+    #           working_directory: "WorkingDirectory",
+    #         },
+    #         code_signing_config_arn: "CodeSigningConfigArn",
     #       }
     #
     # @!attribute [rw] function_name
@@ -700,9 +901,9 @@ module Aws::Lambda
     #   @return [Integer]
     #
     # @!attribute [rw] memory_size
-    #   The amount of memory that your function has access to. Increasing
-    #   the function's memory also increases its CPU allocation. The
-    #   default value is 128 MB. The value must be a multiple of 64 MB.
+    #   The amount of memory available to the function at runtime.
+    #   Increasing the function's memory also increases its CPU allocation.
+    #   The default value is 128 MB. The value can be any multiple of 1 MB.
     #   @return [Integer]
     #
     # @!attribute [rw] publish
@@ -721,6 +922,11 @@ module Aws::Lambda
     #   [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
     #   @return [Types::VpcConfig]
     #
+    # @!attribute [rw] package_type
+    #   The type of deployment package. Set to `Image` for container image
+    #   and set `Zip` for ZIP archive.
+    #   @return [String]
+    #
     # @!attribute [rw] dead_letter_config
     #   A dead letter queue configuration that specifies the queue or topic
     #   where Lambda sends asynchronous events when they fail processing.
@@ -768,6 +974,17 @@ module Aws::Lambda
     #   Connection settings for an Amazon EFS file system.
     #   @return [Array<Types::FileSystemConfig>]
     #
+    # @!attribute [rw] image_config
+    #   Configuration values that override the container image Dockerfile.
+    #   @return [Types::ImageConfig]
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   To enable code signing for this function, specify the ARN of a
+    #   code-signing configuration. A code-signing configuration includes a
+    #   set of signing profiles, which define the trusted publishers for
+    #   this function.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/CreateFunctionRequest AWS API Documentation
     #
     class CreateFunctionRequest < Struct.new(
@@ -781,13 +998,16 @@ module Aws::Lambda
       :memory_size,
       :publish,
       :vpc_config,
+      :package_type,
       :dead_letter_config,
       :environment,
       :kms_key_arn,
       :tracing_config,
       :tags,
       :layers,
-      :file_system_configs)
+      :file_system_configs,
+      :image_config,
+      :code_signing_config_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -855,6 +1075,30 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DeleteCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         code_signing_config_arn: "CodeSigningConfigArn", # required
+    #       }
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteCodeSigningConfigRequest AWS API Documentation
+    #
+    class DeleteCodeSigningConfigRequest < Struct.new(
+      :code_signing_config_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteCodeSigningConfigResponse AWS API Documentation
+    #
+    class DeleteCodeSigningConfigResponse < Aws::EmptyStructure; end
     # @note When making an API call, you may pass DeleteEventSourceMappingRequest
     #   data as a hash:
     #
@@ -874,6 +1118,37 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass DeleteFunctionCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         function_name: "FunctionName", # required
+    #       }
+    #
+    # @!attribute [rw] function_name
+    #   The name of the Lambda function.
+    #
+    #   **Name formats**
+    #
+    #   * **Function name** - `MyFunction`.
+    #
+    #   * **Function ARN** -
+    #     `arn:aws:lambda:us-west-2:123456789012:function:MyFunction`.
+    #
+    #   * **Partial ARN** - `123456789012:function:MyFunction`.
+    #
+    #   The length constraint applies only to the full ARN. If you specify
+    #   only the function name, it is limited to 64 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteFunctionCodeSigningConfigRequest AWS API Documentation
+    #
+    class DeleteFunctionCodeSigningConfigRequest < Struct.new(
+      :function_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass DeleteFunctionConcurrencyRequest
     #   data as a hash:
     #
@@ -1314,8 +1589,9 @@ module Aws::Lambda
     #   @return [Integer]
     #
     # @!attribute [rw] maximum_batching_window_in_seconds
-    #   (Streams) The maximum amount of time to gather records before
-    #   invoking the function, in seconds. The default value is zero.
+    #   (Streams and SQS standard queues) The maximum amount of time to
+    #   gather records before invoking the function, in seconds. The default
+    #   value is zero.
     #   @return [Integer]
     #
     # @!attribute [rw] parallelization_factor
@@ -1358,7 +1634,7 @@ module Aws::Lambda
     #   @return [Types::DestinationConfig]
     #
     # @!attribute [rw] topics
-    #   (MSK) The name of the Kafka topic to consume.
+    #   The name of the Kafka topic.
     #   @return [Array<String>]
     #
     # @!attribute [rw] queues
@@ -1366,19 +1642,14 @@ module Aws::Lambda
     #   @return [Array<String>]
     #
     # @!attribute [rw] source_access_configurations
-    #   (MQ) The Secrets Manager secret that stores your broker credentials.
-    #   To store your secret, use the following format: ` \{ "username":
-    #   "your username", "password": "your password" \}`
-    #
-    #   To reference the secret, use the following format: `[ \{ "Type":
-    #   "BASIC_AUTH", "URI": "secretARN" \} ]`
-    #
-    #   The value of `Type` is always `BASIC_AUTH`. To encrypt the secret,
-    #   you can use customer or service managed keys. When using a customer
-    #   managed KMS key, the Lambda execution role requires `kms:Decrypt`
-    #   permissions.
+    #   An array of the authentication protocol, or the VPC components to
+    #   secure your event source.
     #   @return [Array<Types::SourceAccessConfiguration>]
     #
+    # @!attribute [rw] self_managed_event_source
+    #   The Self-Managed Apache Kafka cluster for your event source.
+    #   @return [Types::SelfManagedEventSource]
+    #
     # @!attribute [rw] maximum_record_age_in_seconds
     #   (Streams) Discard records older than the specified age. The default
     #   value is infinite (-1). When set to infinite (-1), failed records
@@ -1396,6 +1667,16 @@ module Aws::Lambda
     #   records are retried until the record expires.
     #   @return [Integer]
     #
+    # @!attribute [rw] tumbling_window_in_seconds
+    #   (Streams) The duration of a processing window in seconds. The range
+    #   is between 1 second up to 15 minutes.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] function_response_types
+    #   (Streams) A list of current response type enums applied to the event
+    #   source mapping.
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/EventSourceMappingConfiguration AWS API Documentation
     #
     class EventSourceMappingConfiguration < Struct.new(
@@ -1415,9 +1696,12 @@ module Aws::Lambda
       :topics,
       :queues,
       :source_access_configurations,
+      :self_managed_event_source,
       :maximum_record_age_in_seconds,
       :bisect_batch_on_function_error,
-      :maximum_retry_attempts)
+      :maximum_retry_attempts,
+      :tumbling_window_in_seconds,
+      :function_response_types)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1453,7 +1737,8 @@ module Aws::Lambda
     end
     # The code for the Lambda function. You can specify either an object in
-    # Amazon S3, or upload a deployment package directly.
+    # Amazon S3, upload a .zip file archive deployment package directly, or
+    # specify the URI of a container image.
     #
     # @note When making an API call, you may pass FunctionCode
     #   data as a hash:
@@ -1463,6 +1748,7 @@ module Aws::Lambda
     #         s3_bucket: "S3Bucket",
     #         s3_key: "S3Key",
     #         s3_object_version: "S3ObjectVersion",
+    #         image_uri: "String",
     #       }
     #
     # @!attribute [rw] zip_file
@@ -1484,13 +1770,18 @@ module Aws::Lambda
     #   to use.
     #   @return [String]
     #
+    # @!attribute [rw] image_uri
+    #   URI of a container image in the Amazon ECR registry.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/FunctionCode AWS API Documentation
     #
     class FunctionCode < Struct.new(
       :zip_file,
       :s3_bucket,
       :s3_key,
-      :s3_object_version)
+      :s3_object_version,
+      :image_uri)
       SENSITIVE = [:zip_file]
       include Aws::Structure
     end
@@ -1505,11 +1796,21 @@ module Aws::Lambda
     #   A presigned URL that you can use to download the deployment package.
     #   @return [String]
     #
+    # @!attribute [rw] image_uri
+    #   URI of a container image in the Amazon ECR registry.
+    #   @return [String]
+    #
+    # @!attribute [rw] resolved_image_uri
+    #   The resolved URI for the image.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/FunctionCodeLocation AWS API Documentation
     #
     class FunctionCodeLocation < Struct.new(
       :repository_type,
-      :location)
+      :location,
+      :image_uri,
+      :resolved_image_uri)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1550,7 +1851,7 @@ module Aws::Lambda
     #   @return [Integer]
     #
     # @!attribute [rw] memory_size
-    #   The memory that's allocated to the function.
+    #   The amount of memory available to the function at runtime.
     #   @return [Integer]
     #
     # @!attribute [rw] last_modified
@@ -1640,6 +1941,23 @@ module Aws::Lambda
     #   Connection settings for an Amazon EFS file system.
     #   @return [Array<Types::FileSystemConfig>]
     #
+    # @!attribute [rw] package_type
+    #   The type of deployment package. Set to `Image` for container image
+    #   and set `Zip` for .zip file archive.
+    #   @return [String]
+    #
+    # @!attribute [rw] image_config_response
+    #   The function's image configuration values.
+    #   @return [Types::ImageConfigResponse]
+    #
+    # @!attribute [rw] signing_profile_version_arn
+    #   The ARN of the signing profile version.
+    #   @return [String]
+    #
+    # @!attribute [rw] signing_job_arn
+    #   The ARN of the signing job.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/FunctionConfiguration AWS API Documentation
     #
     class FunctionConfiguration < Struct.new(
@@ -1669,7 +1987,11 @@ module Aws::Lambda
       :last_update_status,
       :last_update_status_reason,
       :last_update_status_reason_code,
-      :file_system_configs)
+      :file_system_configs,
+      :package_type,
+      :image_config_response,
+      :signing_profile_version_arn,
+      :signing_job_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1780,6 +2102,38 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass GetCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         code_signing_config_arn: "CodeSigningConfigArn", # required
+    #       }
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetCodeSigningConfigRequest AWS API Documentation
+    #
+    class GetCodeSigningConfigRequest < Struct.new(
+      :code_signing_config_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] code_signing_config
+    #   The code signing configuration
+    #   @return [Types::CodeSigningConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetCodeSigningConfigResponse AWS API Documentation
+    #
+    class GetCodeSigningConfigResponse < Struct.new(
+      :code_signing_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass GetEventSourceMappingRequest
     #   data as a hash:
     #
@@ -1799,6 +2153,67 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass GetFunctionCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         function_name: "FunctionName", # required
+    #       }
+    #
+    # @!attribute [rw] function_name
+    #   The name of the Lambda function.
+    #
+    #   **Name formats**
+    #
+    #   * **Function name** - `MyFunction`.
+    #
+    #   * **Function ARN** -
+    #     `arn:aws:lambda:us-west-2:123456789012:function:MyFunction`.
+    #
+    #   * **Partial ARN** - `123456789012:function:MyFunction`.
+    #
+    #   The length constraint applies only to the full ARN. If you specify
+    #   only the function name, it is limited to 64 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetFunctionCodeSigningConfigRequest AWS API Documentation
+    #
+    class GetFunctionCodeSigningConfigRequest < Struct.new(
+      :function_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] function_name
+    #   The name of the Lambda function.
+    #
+    #   **Name formats**
+    #
+    #   * **Function name** - `MyFunction`.
+    #
+    #   * **Function ARN** -
+    #     `arn:aws:lambda:us-west-2:123456789012:function:MyFunction`.
+    #
+    #   * **Partial ARN** - `123456789012:function:MyFunction`.
+    #
+    #   The length constraint applies only to the full ARN. If you specify
+    #   only the function name, it is limited to 64 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetFunctionCodeSigningConfigResponse AWS API Documentation
+    #
+    class GetFunctionCodeSigningConfigResponse < Struct.new(
+      :code_signing_config_arn,
+      :function_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass GetFunctionConcurrencyRequest
     #   data as a hash:
     #
@@ -2271,6 +2686,102 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # Configuration values that override the container image Dockerfile
+    # settings. See [Container settings][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/lambda/latest/dg/images-parms.html
+    #
+    # @note When making an API call, you may pass ImageConfig
+    #   data as a hash:
+    #
+    #       {
+    #         entry_point: ["String"],
+    #         command: ["String"],
+    #         working_directory: "WorkingDirectory",
+    #       }
+    #
+    # @!attribute [rw] entry_point
+    #   Specifies the entry point to their application, which is typically
+    #   the location of the runtime executable.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] command
+    #   Specifies parameters that you want to pass in with ENTRYPOINT.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] working_directory
+    #   Specifies the working directory.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ImageConfig AWS API Documentation
+    #
+    class ImageConfig < Struct.new(
+      :entry_point,
+      :command,
+      :working_directory)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Error response to GetFunctionConfiguration.
+    #
+    # @!attribute [rw] error_code
+    #   Error code.
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   Error message.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ImageConfigError AWS API Documentation
+    #
+    class ImageConfigError < Struct.new(
+      :error_code,
+      :message)
+      SENSITIVE = [:message]
+      include Aws::Structure
+    end
+    # Response to GetFunctionConfiguration request.
+    #
+    # @!attribute [rw] image_config
+    #   Configuration values that override the container image Dockerfile.
+    #   @return [Types::ImageConfig]
+    #
+    # @!attribute [rw] error
+    #   Error response to GetFunctionConfiguration.
+    #   @return [Types::ImageConfigError]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ImageConfigResponse AWS API Documentation
+    #
+    class ImageConfigResponse < Struct.new(
+      :image_config,
+      :error)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The code signature failed the integrity check. Lambda always blocks
+    # deployment if the integrity check fails, even if code signing policy
+    # is set to WARN.
+    #
+    # @!attribute [rw] type
+    #   @return [String]
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/InvalidCodeSignatureException AWS API Documentation
+    #
+    class InvalidCodeSignatureException < Struct.new(
+      :type,
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # One of the parameters in the request is invalid.
     #
     # @!attribute [rw] type
@@ -2634,11 +3145,21 @@ module Aws::Lambda
     #   The size of the layer archive in bytes.
     #   @return [Integer]
     #
+    # @!attribute [rw] signing_profile_version_arn
+    #   The Amazon Resource Name (ARN) for a signing profile version.
+    #   @return [String]
+    #
+    # @!attribute [rw] signing_job_arn
+    #   The Amazon Resource Name (ARN) of a signing job.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/Layer AWS API Documentation
     #
     class Layer < Struct.new(
       :arn,
-      :code_size)
+      :code_size,
+      :signing_profile_version_arn,
+      :signing_job_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2709,12 +3230,22 @@ module Aws::Lambda
     #   The size of the layer archive in bytes.
     #   @return [Integer]
     #
+    # @!attribute [rw] signing_profile_version_arn
+    #   The Amazon Resource Name (ARN) for a signing profile version.
+    #   @return [String]
+    #
+    # @!attribute [rw] signing_job_arn
+    #   The Amazon Resource Name (ARN) of a signing job.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/LayerVersionContentOutput AWS API Documentation
     #
     class LayerVersionContentOutput < Struct.new(
       :location,
       :code_sha_256,
-      :code_size)
+      :code_size,
+      :signing_profile_version_arn,
+      :signing_job_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2859,6 +3390,49 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListCodeSigningConfigsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         marker: "String",
+    #         max_items: 1,
+    #       }
+    #
+    # @!attribute [rw] marker
+    #   Specify the pagination token that's returned by a previous request
+    #   to retrieve the next page of results.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_items
+    #   Maximum number of items to return.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ListCodeSigningConfigsRequest AWS API Documentation
+    #
+    class ListCodeSigningConfigsRequest < Struct.new(
+      :marker,
+      :max_items)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] next_marker
+    #   The pagination token that's included if more results are available.
+    #   @return [String]
+    #
+    # @!attribute [rw] code_signing_configs
+    #   The code signing configurations
+    #   @return [Array<Types::CodeSigningConfig>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ListCodeSigningConfigsResponse AWS API Documentation
+    #
+    class ListCodeSigningConfigsResponse < Struct.new(
+      :next_marker,
+      :code_signing_configs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListEventSourceMappingsRequest
     #   data as a hash:
     #
@@ -3000,6 +3574,56 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass ListFunctionsByCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         code_signing_config_arn: "CodeSigningConfigArn", # required
+    #         marker: "String",
+    #         max_items: 1,
+    #       }
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] marker
+    #   Specify the pagination token that's returned by a previous request
+    #   to retrieve the next page of results.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_items
+    #   Maximum number of items to return.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ListFunctionsByCodeSigningConfigRequest AWS API Documentation
+    #
+    class ListFunctionsByCodeSigningConfigRequest < Struct.new(
+      :code_signing_config_arn,
+      :marker,
+      :max_items)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] next_marker
+    #   The pagination token that's included if more results are available.
+    #   @return [String]
+    #
+    # @!attribute [rw] function_arns
+    #   The function ARNs.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/ListFunctionsByCodeSigningConfigResponse AWS API Documentation
+    #
+    class ListFunctionsByCodeSigningConfigResponse < Struct.new(
+      :next_marker,
+      :function_arns)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass ListFunctionsRequest
     #   data as a hash:
     #
@@ -3643,6 +4267,74 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass PutFunctionCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         code_signing_config_arn: "CodeSigningConfigArn", # required
+    #         function_name: "FunctionName", # required
+    #       }
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] function_name
+    #   The name of the Lambda function.
+    #
+    #   **Name formats**
+    #
+    #   * **Function name** - `MyFunction`.
+    #
+    #   * **Function ARN** -
+    #     `arn:aws:lambda:us-west-2:123456789012:function:MyFunction`.
+    #
+    #   * **Partial ARN** - `123456789012:function:MyFunction`.
+    #
+    #   The length constraint applies only to the full ARN. If you specify
+    #   only the function name, it is limited to 64 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutFunctionCodeSigningConfigRequest AWS API Documentation
+    #
+    class PutFunctionCodeSigningConfigRequest < Struct.new(
+      :code_signing_config_arn,
+      :function_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] function_name
+    #   The name of the Lambda function.
+    #
+    #   **Name formats**
+    #
+    #   * **Function name** - `MyFunction`.
+    #
+    #   * **Function ARN** -
+    #     `arn:aws:lambda:us-west-2:123456789012:function:MyFunction`.
+    #
+    #   * **Partial ARN** - `123456789012:function:MyFunction`.
+    #
+    #   The length constraint applies only to the full ARN. If you specify
+    #   only the function name, it is limited to 64 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutFunctionCodeSigningConfigResponse AWS API Documentation
+    #
+    class PutFunctionCodeSigningConfigResponse < Struct.new(
+      :code_signing_config_arn,
+      :function_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass PutFunctionConcurrencyRequest
     #   data as a hash:
     #
@@ -4036,6 +4728,31 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # The Self-Managed Apache Kafka cluster for your event source.
+    #
+    # @note When making an API call, you may pass SelfManagedEventSource
+    #   data as a hash:
+    #
+    #       {
+    #         endpoints: {
+    #           "KAFKA_BOOTSTRAP_SERVERS" => ["Endpoint"],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] endpoints
+    #   The list of bootstrap servers for your Kafka brokers in the
+    #   following format: `"KAFKA_BOOTSTRAP_SERVERS":
+    #   ["abc.xyz.com:xxxx","abc2.xyz.com:xxxx"]`.
+    #   @return [Hash<String,Array<String>>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/SelfManagedEventSource AWS API Documentation
+    #
+    class SelfManagedEventSource < Struct.new(
+      :endpoints)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # The AWS Lambda service encountered an internal error.
     #
     # @!attribute [rw] type
@@ -4053,36 +4770,41 @@ module Aws::Lambda
       include Aws::Structure
     end
-    # (MQ) The Secrets Manager secret that stores your broker credentials.
-    # To store your secret, use the following format: ` \{ "username": "your
-    # username", "password": "your password" \}`
+    # You can specify the authentication protocol, or the VPC components to
+    # secure access to your event source.
     #
     # @note When making an API call, you may pass SourceAccessConfiguration
     #   data as a hash:
     #
     #       {
-    #         type: "BASIC_AUTH", # accepts BASIC_AUTH
-    #         uri: "Arn",
+    #         type: "BASIC_AUTH", # accepts BASIC_AUTH, VPC_SUBNET, VPC_SECURITY_GROUP, SASL_SCRAM_512_AUTH, SASL_SCRAM_256_AUTH
+    #         uri: "URI",
     #       }
     #
     # @!attribute [rw] type
-    #   To reference the secret, use the following format: `[ \{ "Type":
-    #   "BASIC_AUTH", "URI": "secretARN" \} ]`
+    #   The type of authentication protocol or the VPC components for your
+    #   event source. For example: `"Type":"SASL_SCRAM_512_AUTH"`.
+    #
+    #   * `BASIC_AUTH` - (MQ) The Secrets Manager secret that stores your
+    #     broker credentials.
+    #
+    #   * `VPC_SUBNET` - The subnets associated with your VPC. Lambda
+    #     connects to these subnets to fetch data from your Kafka cluster.
+    #
+    #   * `VPC_SECURITY_GROUP` - The VPC security group used to manage
+    #     access to your Kafka brokers.
+    #
+    #   * `SASL_SCRAM_256_AUTH` - The ARN of your secret key used for SASL
+    #     SCRAM-256 authentication of your Kafka brokers.
     #
-    #   The value of `Type` is always `BASIC_AUTH`. To encrypt the secret,
-    #   you can use customer or service managed keys. When using a customer
-    #   managed KMS key, the Lambda execution role requires `kms:Decrypt`
-    #   permissions.
+    #   * `SASL_SCRAM_512_AUTH` - The ARN of your secret key used for SASL
+    #     SCRAM-512 authentication of your Kafka brokers.
     #   @return [String]
     #
     # @!attribute [rw] uri
-    #   To reference the secret, use the following format: `[ \{ "Type":
-    #   "BASIC_AUTH", "URI": "secretARN" \} ]`
-    #
-    #   The value of `Type` is always `BASIC_AUTH`. To encrypt the secret,
-    #   you can use customer or service managed keys. When using a customer
-    #   managed KMS key, the Lambda execution role requires `kms:Decrypt`
-    #   permissions.
+    #   The value for your chosen configuration in `Type`. For example:
+    #   `"URI":
+    #   "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName"`.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/SourceAccessConfiguration AWS API Documentation
@@ -4314,6 +5036,60 @@ module Aws::Lambda
       include Aws::Structure
     end
+    # @note When making an API call, you may pass UpdateCodeSigningConfigRequest
+    #   data as a hash:
+    #
+    #       {
+    #         code_signing_config_arn: "CodeSigningConfigArn", # required
+    #         description: "Description",
+    #         allowed_publishers: {
+    #           signing_profile_version_arns: ["Arn"], # required
+    #         },
+    #         code_signing_policies: {
+    #           untrusted_artifact_on_deployment: "Warn", # accepts Warn, Enforce
+    #         },
+    #       }
+    #
+    # @!attribute [rw] code_signing_config_arn
+    #   The The Amazon Resource Name (ARN) of the code signing
+    #   configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   Descriptive name for this code signing configuration.
+    #   @return [String]
+    #
+    # @!attribute [rw] allowed_publishers
+    #   Signing profiles for this code signing configuration.
+    #   @return [Types::AllowedPublishers]
+    #
+    # @!attribute [rw] code_signing_policies
+    #   The code signing policy.
+    #   @return [Types::CodeSigningPolicies]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/UpdateCodeSigningConfigRequest AWS API Documentation
+    #
+    class UpdateCodeSigningConfigRequest < Struct.new(
+      :code_signing_config_arn,
+      :description,
+      :allowed_publishers,
+      :code_signing_policies)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] code_signing_config
+    #   The code signing configuration
+    #   @return [Types::CodeSigningConfig]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/UpdateCodeSigningConfigResponse AWS API Documentation
+    #
+    class UpdateCodeSigningConfigResponse < Struct.new(
+      :code_signing_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @note When making an API call, you may pass UpdateEventSourceMappingRequest
     #   data as a hash:
     #
@@ -4337,10 +5113,12 @@ module Aws::Lambda
     #         parallelization_factor: 1,
     #         source_access_configurations: [
     #           {
-    #             type: "BASIC_AUTH", # accepts BASIC_AUTH
-    #             uri: "Arn",
+    #             type: "BASIC_AUTH", # accepts BASIC_AUTH, VPC_SUBNET, VPC_SECURITY_GROUP, SASL_SCRAM_512_AUTH, SASL_SCRAM_256_AUTH
+    #             uri: "URI",
     #           },
     #         ],
+    #         tumbling_window_in_seconds: 1,
+    #         function_response_types: ["ReportBatchItemFailures"], # accepts ReportBatchItemFailures
     #       }
     #
     # @!attribute [rw] uuid
@@ -4378,15 +5156,18 @@ module Aws::Lambda
     #
     #   * **Amazon DynamoDB Streams** - Default 100. Max 1,000.
     #
-    #   * **Amazon Simple Queue Service** - Default 10. Max 10.
+    #   * **Amazon Simple Queue Service** - Default 10. For standard queues
+    #     the max is 10,000. For FIFO queues the max is 10.
     #
     #   * **Amazon Managed Streaming for Apache Kafka** - Default 100. Max
     #     10,000.
+    #
+    #   * **Self-Managed Apache Kafka** - Default 100. Max 10,000.
     #   @return [Integer]
     #
     # @!attribute [rw] maximum_batching_window_in_seconds
-    #   (Streams) The maximum amount of time to gather records before
-    #   invoking the function, in seconds.
+    #   (Streams and SQS standard queues) The maximum amount of time to
+    #   gather records before invoking the function, in seconds.
     #   @return [Integer]
     #
     # @!attribute [rw] destination_config
@@ -4416,18 +5197,19 @@ module Aws::Lambda
     #   @return [Integer]
     #
     # @!attribute [rw] source_access_configurations
-    #   (MQ) The Secrets Manager secret that stores your broker credentials.
-    #   To store your secret, use the following format: ` \{ "username":
-    #   "your username", "password": "your password" \}`
+    #   An array of the authentication protocol, or the VPC components to
+    #   secure your event source.
+    #   @return [Array<Types::SourceAccessConfiguration>]
     #
-    #   To reference the secret, use the following format: `[ \{ "Type":
-    #   "BASIC_AUTH", "URI": "secretARN" \} ]`
+    # @!attribute [rw] tumbling_window_in_seconds
+    #   (Streams) The duration of a processing window in seconds. The range
+    #   is between 1 second up to 15 minutes.
+    #   @return [Integer]
     #
-    #   The value of `Type` is always `BASIC_AUTH`. To encrypt the secret,
-    #   you can use customer or service managed keys. When using a customer
-    #   managed KMS key, the Lambda execution role requires `kms:Decrypt`
-    #   permissions.
-    #   @return [Array<Types::SourceAccessConfiguration>]
+    # @!attribute [rw] function_response_types
+    #   (Streams) A list of current response type enums applied to the event
+    #   source mapping.
+    #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/UpdateEventSourceMappingRequest AWS API Documentation
     #
@@ -4442,7 +5224,9 @@ module Aws::Lambda
       :bisect_batch_on_function_error,
       :maximum_retry_attempts,
       :parallelization_factor,
-      :source_access_configurations)
+      :source_access_configurations,
+      :tumbling_window_in_seconds,
+      :function_response_types)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4456,6 +5240,7 @@ module Aws::Lambda
     #         s3_bucket: "S3Bucket",
     #         s3_key: "S3Key",
     #         s3_object_version: "S3ObjectVersion",
+    #         image_uri: "String",
     #         publish: false,
     #         dry_run: false,
     #         revision_id: "String",
@@ -4496,6 +5281,10 @@ module Aws::Lambda
     #   to use.
     #   @return [String]
     #
+    # @!attribute [rw] image_uri
+    #   URI of a container image in the Amazon ECR registry.
+    #   @return [String]
+    #
     # @!attribute [rw] publish
     #   Set to true to publish a new version of the function after updating
     #   the code. This has the same effect as calling PublishVersion
@@ -4521,6 +5310,7 @@ module Aws::Lambda
       :s3_bucket,
       :s3_key,
       :s3_object_version,
+      :image_uri,
       :publish,
       :dry_run,
       :revision_id)
@@ -4563,6 +5353,11 @@ module Aws::Lambda
     #             local_mount_path: "LocalMountPath", # required
     #           },
     #         ],
+    #         image_config: {
+    #           entry_point: ["String"],
+    #           command: ["String"],
+    #           working_directory: "WorkingDirectory",
+    #         },
     #       }
     #
     # @!attribute [rw] function_name
@@ -4607,9 +5402,9 @@ module Aws::Lambda
     #   @return [Integer]
     #
     # @!attribute [rw] memory_size
-    #   The amount of memory that your function has access to. Increasing
-    #   the function's memory also increases its CPU allocation. The
-    #   default value is 128 MB. The value must be a multiple of 64 MB.
+    #   The amount of memory available to the function at runtime.
+    #   Increasing the function's memory also increases its CPU allocation.
+    #   The default value is 128 MB. The value can be any multiple of 1 MB.
     #   @return [Integer]
     #
     # @!attribute [rw] vpc_config
@@ -4676,6 +5471,10 @@ module Aws::Lambda
     #   Connection settings for an Amazon EFS file system.
     #   @return [Array<Types::FileSystemConfig>]
     #
+    # @!attribute [rw] image_config
+    #   Configuration values that override the container image Dockerfile.
+    #   @return [Types::ImageConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/UpdateFunctionConfigurationRequest AWS API Documentation
     #
     class UpdateFunctionConfigurationRequest < Struct.new(
@@ -4693,7 +5492,8 @@ module Aws::Lambda
       :tracing_config,
       :revision_id,
       :layers,
-      :file_system_configs)
+      :file_system_configs,
+      :image_config)
       SENSITIVE = []
       include Aws::Structure
     end