aws-sdk-qbusiness 1.11.0 → 1.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 20b03cc5793bf612a9919fbe290251219a49f7dc8ebc40b94124535c3113411d
-  data.tar.gz: f2663a04eaa616b7af0ca2eba98d16273007bd12ce65fe8c1f1002bace47c780
+  metadata.gz: d9c0359f7faf73a13d9a6e28c643a22ae563e60324ed0e464036fbacac9fd4eb
+  data.tar.gz: 5826d1e0f94bbc0b257b88b1d6510247b61752c021d79f264a42e6092026590f
 SHA512:
-  metadata.gz: 3a05f4d16545722f7910a99a2ba0aa440868f21021c6e2a309c59d766f168662fd1cee9b1a4fbd860b2d60c1a20781bb1534c35bd1942f2c1afccd367da8941a
-  data.tar.gz: ae8528fad510bda7d01ec1914d4773475b7533c9a6b9122cb71577911af735d1d97b4c2972540bc36b99b5ffae6508c8269b6181251fc934420a34f509e926dd
+  metadata.gz: f747cab2c1ac613f635f8e00f9e14863dd31385640c43eaa48394821aac4840c0e79712993806ab3df5a2dec7b96199f231e250b270e6943430af54821221458
+  data.tar.gz: 43c89628d1b1ea615b57b849d68ebeb7709407f81e5f463e9f59dd1a546bb9796f07a9f0c8502149cb165d789de673891eddd5cb663ebd0380aea877d796ac6a

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.12.0 (2024-08-23)
+------------------
+
+* Feature - Amazon QBusiness: Enable support for SAML and OIDC federation through AWS IAM Identity Provider integration.
+
 1.11.0 (2024-07-05)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.11.0
+1.12.0

data/lib/aws-sdk-qbusiness/async_client.rb

@@ -580,7 +580,7 @@ module Aws::QBusiness
         http_response: Seahorse::Client::Http::AsyncResponse.new,
         config: config)
       context[:gem_name] = 'aws-sdk-qbusiness'
-      context[:gem_version] = '1.11.0'
+      context[:gem_version] = '1.12.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-qbusiness/client.rb

@@ -919,11 +919,21 @@ module Aws::QBusiness
     #   The Amazon Resource Name (ARN) of an IAM role with permissions to
     #   access your Amazon CloudWatch logs and metrics.
     #
+    # @option params [String] :identity_type
+    #   The authentication type being used by a Amazon Q Business application.
+    #
+    # @option params [String] :iam_identity_provider_arn
+    #   The Amazon Resource Name (ARN) of an identity provider being used by
+    #   an Amazon Q Business application.
+    #
     # @option params [String] :identity_center_instance_arn
     #   The Amazon Resource Name (ARN) of the IAM Identity Center instance you
     #   are either creating for—or connecting to—your Amazon Q Business
     #   application.
     #
+    # @option params [Array<String>] :client_ids_for_oidc
+    #   The OIDC client ID for a Amazon Q Business application.
+    #
     # @option params [String] :description
     #   A description for the Amazon Q Business application.
     #
@@ -970,7 +980,10 @@ module Aws::QBusiness
     #   resp = client.create_application({
     #     display_name: "ApplicationName", # required
     #     role_arn: "RoleArn",
+    #     identity_type: "AWS_IAM_IDP_SAML", # accepts AWS_IAM_IDP_SAML, AWS_IAM_IDP_OIDC, AWS_IAM_IDC
+    #     iam_identity_provider_arn: "IamIdentityProviderArn",
     #     identity_center_instance_arn: "InstanceArn",
+    #     client_ids_for_oidc: ["ClientIdForOIDC"],
     #     description: "Description",
     #     encryption_configuration: {
     #       kms_key_id: "KmsKeyId",
@@ -1025,9 +1038,27 @@ module Aws::QBusiness
     #   A name for the data source connector.
     #
     # @option params [required, Hash,Array,String,Numeric,Boolean] :configuration
-    #   Configuration information to connect to your data source repository.
-    #   For configuration templates for your specific data source, see
-    #   [Supported connectors][1].
+    #   Configuration information to connect your data source repository to
+    #   Amazon Q Business. Use this parameter to provide a JSON schema with
+    #   configuration information specific to your data source connector.
+    #
+    #   Each data source has a JSON schema provided by Amazon Q Business that
+    #   you must use. For example, the Amazon S3 and Web Crawler connectors
+    #   require the following JSON schemas:
+    #
+    #   * [Amazon S3 JSON schema][1]
+    #
+    #   * [Web Crawler JSON schema][2]
+    #
+    #   You can find configuration templates for your specific data source
+    #   using the following steps:
+    #
+    #   1.  Navigate to the [Supported connectors][3] page in the Amazon Q
+    #       Business User Guide, and select the data source of your choice.
+    #
+    #   2.  Then, from your specific data source connector page, select
+    #       **Using the API**. You will find the JSON schema for your data
+    #       source, including parameter descriptions, in this section.
     #
     #   Document type used to carry open content
     #   (Hash,Array,String,Numeric,Boolean). A document type value is
@@ -1036,7 +1067,9 @@ module Aws::QBusiness
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html
+    #   [1]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-api.html
+    #   [2]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-api.html
+    #   [3]: https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html
     #
     # @option params [Types::DataSourceVpcConfiguration] :vpc_configuration
     #   Configuration information for an Amazon VPC (Virtual Private Cloud) to
@@ -1537,6 +1570,13 @@ module Aws::QBusiness
     #   The Amazon Resource Name (ARN) of the service role attached to your
     #   web experience.
     #
+    #   <note markdown="1"> You must provide this value if you're using IAM Identity Center to
+    #   manage end user access to your application. If you're using legacy
+    #   identity management to manage user access, you don't need to provide
+    #   this value.
+    #
+    #    </note>
+    #
     # @option params [Array<Types::Tag>] :tags
     #   A list of key-value pairs that identify or categorize your Amazon Q
     #   Business web experience. You can also use tags to help control access
@@ -1551,6 +1591,10 @@ module Aws::QBusiness
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.**
     #
+    # @option params [Types::IdentityProviderConfiguration] :identity_provider_configuration
+    #   Information about the identity provider (IdP) used to authenticate end
+    #   users of an Amazon Q Business web experience.
+    #
     # @return [Types::CreateWebExperienceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateWebExperienceResponse#web_experience_id #web_experience_id} => String
@@ -1572,6 +1616,15 @@ module Aws::QBusiness
     #       },
     #     ],
     #     client_token: "ClientToken",
+    #     identity_provider_configuration: {
+    #       saml_configuration: {
+    #         authentication_url: "SamlAuthenticationUrl", # required
+    #       },
+    #       open_id_connect_configuration: {
+    #         secrets_arn: "SecretArn", # required
+    #         secrets_role: "RoleArn", # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -1898,6 +1951,8 @@ module Aws::QBusiness
     #   * {Types::GetApplicationResponse#display_name #display_name} => String
     #   * {Types::GetApplicationResponse#application_id #application_id} => String
     #   * {Types::GetApplicationResponse#application_arn #application_arn} => String
+    #   * {Types::GetApplicationResponse#identity_type #identity_type} => String
+    #   * {Types::GetApplicationResponse#iam_identity_provider_arn #iam_identity_provider_arn} => String
     #   * {Types::GetApplicationResponse#identity_center_application_arn #identity_center_application_arn} => String
     #   * {Types::GetApplicationResponse#role_arn #role_arn} => String
     #   * {Types::GetApplicationResponse#status #status} => String
@@ -1909,6 +1964,8 @@ module Aws::QBusiness
     #   * {Types::GetApplicationResponse#attachments_configuration #attachments_configuration} => Types::AppliedAttachmentsConfiguration
     #   * {Types::GetApplicationResponse#q_apps_configuration #q_apps_configuration} => Types::QAppsConfiguration
     #   * {Types::GetApplicationResponse#personalization_configuration #personalization_configuration} => Types::PersonalizationConfiguration
+    #   * {Types::GetApplicationResponse#auto_subscription_configuration #auto_subscription_configuration} => Types::AutoSubscriptionConfiguration
+    #   * {Types::GetApplicationResponse#client_ids_for_oidc #client_ids_for_oidc} => Array&lt;String&gt;
     #
     # @example Request syntax with placeholder values
     #
@@ -1921,6 +1978,8 @@ module Aws::QBusiness
     #   resp.display_name #=> String
     #   resp.application_id #=> String
     #   resp.application_arn #=> String
+    #   resp.identity_type #=> String, one of "AWS_IAM_IDP_SAML", "AWS_IAM_IDP_OIDC", "AWS_IAM_IDC"
+    #   resp.iam_identity_provider_arn #=> String
     #   resp.identity_center_application_arn #=> String
     #   resp.role_arn #=> String
     #   resp.status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED", "UPDATING"
@@ -1933,6 +1992,10 @@ module Aws::QBusiness
     #   resp.attachments_configuration.attachments_control_mode #=> String, one of "ENABLED", "DISABLED"
     #   resp.q_apps_configuration.q_apps_control_mode #=> String, one of "ENABLED", "DISABLED"
     #   resp.personalization_configuration.personalization_control_mode #=> String, one of "ENABLED", "DISABLED"
+    #   resp.auto_subscription_configuration.auto_subscribe #=> String, one of "ENABLED", "DISABLED"
+    #   resp.auto_subscription_configuration.default_subscription_type #=> String, one of "Q_LITE", "Q_BUSINESS"
+    #   resp.client_ids_for_oidc #=> Array
+    #   resp.client_ids_for_oidc[0] #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/GetApplication AWS API Documentation
     #
@@ -2412,6 +2475,7 @@ module Aws::QBusiness
     #   * {Types::GetWebExperienceResponse#welcome_message #welcome_message} => String
     #   * {Types::GetWebExperienceResponse#sample_prompts_control_mode #sample_prompts_control_mode} => String
     #   * {Types::GetWebExperienceResponse#role_arn #role_arn} => String
+    #   * {Types::GetWebExperienceResponse#identity_provider_configuration #identity_provider_configuration} => Types::IdentityProviderConfiguration
     #   * {Types::GetWebExperienceResponse#authentication_configuration #authentication_configuration} => Types::WebExperienceAuthConfiguration
     #   * {Types::GetWebExperienceResponse#error #error} => Types::ErrorDetail
     #
@@ -2436,6 +2500,9 @@ module Aws::QBusiness
     #   resp.welcome_message #=> String
     #   resp.sample_prompts_control_mode #=> String, one of "ENABLED", "DISABLED"
     #   resp.role_arn #=> String
+    #   resp.identity_provider_configuration.saml_configuration.authentication_url #=> String
+    #   resp.identity_provider_configuration.open_id_connect_configuration.secrets_arn #=> String
+    #   resp.identity_provider_configuration.open_id_connect_configuration.secrets_role #=> String
     #   resp.authentication_configuration.saml_configuration.metadata_xml #=> String
     #   resp.authentication_configuration.saml_configuration.role_arn #=> String
     #   resp.authentication_configuration.saml_configuration.user_id_attribute #=> String
@@ -2486,6 +2553,7 @@ module Aws::QBusiness
     #   resp.applications[0].created_at #=> Time
     #   resp.applications[0].updated_at #=> Time
     #   resp.applications[0].status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED", "UPDATING"
+    #   resp.applications[0].identity_type #=> String, one of "AWS_IAM_IDP_SAML", "AWS_IAM_IDP_OIDC", "AWS_IAM_IDC"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/ListApplications AWS API Documentation
     #
@@ -3187,12 +3255,6 @@ module Aws::QBusiness
     #   and the sub groups "Research", "Engineering", and "Sales and
     #   Marketing".
     #
-    #   If you have more than 1000 users and/or sub groups for a single group,
-    #   you need to provide the path to the S3 file that lists your users and
-    #   sub groups for a group. Your sub groups can contain more than 1000
-    #   users, but the list of sub groups that belong to a group (and/or
-    #   users) must be no more than 1000.
-    #
     # @option params [String] :data_source_id
     #   The identifier of the data source for which you want to map users to
     #   their groups. This is useful if a group is tied to multiple data
@@ -3419,6 +3481,11 @@ module Aws::QBusiness
     #
     #   [1]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html
     #
+    # @option params [Types::AutoSubscriptionConfiguration] :auto_subscription_configuration
+    #   An option to enable updating the default subscription type assigned to
+    #   an Amazon Q Business application using IAM identity federation for
+    #   user management.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -3438,6 +3505,10 @@ module Aws::QBusiness
     #     personalization_configuration: {
     #       personalization_control_mode: "ENABLED", # required, accepts ENABLED, DISABLED
     #     },
+    #     auto_subscription_configuration: {
+    #       auto_subscribe: "ENABLED", # required, accepts ENABLED, DISABLED
+    #       default_subscription_type: "Q_LITE", # accepts Q_LITE, Q_BUSINESS
+    #     },
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/UpdateApplication AWS API Documentation
@@ -4000,6 +4071,10 @@ module Aws::QBusiness
     #   Determines whether sample prompts are enabled in the web experience
     #   for an end user.
     #
+    # @option params [Types::IdentityProviderConfiguration] :identity_provider_configuration
+    #   Information about the identity provider (IdP) used to authenticate end
+    #   users of an Amazon Q Business web experience.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -4020,6 +4095,15 @@ module Aws::QBusiness
     #     subtitle: "WebExperienceSubtitle",
     #     welcome_message: "WebExperienceWelcomeMessage",
     #     sample_prompts_control_mode: "ENABLED", # accepts ENABLED, DISABLED
+    #     identity_provider_configuration: {
+    #       saml_configuration: {
+    #         authentication_url: "SamlAuthenticationUrl", # required
+    #       },
+    #       open_id_connect_configuration: {
+    #         secrets_arn: "SecretArn", # required
+    #         secrets_role: "RoleArn", # required
+    #       },
+    #     },
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/UpdateWebExperience AWS API Documentation
@@ -4044,7 +4128,7 @@ module Aws::QBusiness
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-qbusiness'
-      context[:gem_version] = '1.11.0'
+      context[:gem_version] = '1.12.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-qbusiness/client_api.rb

@@ -62,6 +62,8 @@ module Aws::QBusiness
     AuthResponseKey = Shapes::StringShape.new(name: 'AuthResponseKey')
     AuthResponseValue = Shapes::StringShape.new(name: 'AuthResponseValue')
     AuthorizationResponseMap = Shapes::MapShape.new(name: 'AuthorizationResponseMap')
+    AutoSubscriptionConfiguration = Shapes::StructureShape.new(name: 'AutoSubscriptionConfiguration')
+    AutoSubscriptionStatus = Shapes::StringShape.new(name: 'AutoSubscriptionStatus')
     BasicAuthConfiguration = Shapes::StructureShape.new(name: 'BasicAuthConfiguration')
     BatchDeleteDocumentRequest = Shapes::StructureShape.new(name: 'BatchDeleteDocumentRequest')
     BatchDeleteDocumentResponse = Shapes::StructureShape.new(name: 'BatchDeleteDocumentResponse')
@@ -82,6 +84,8 @@ module Aws::QBusiness
     ChatOutputStream = Shapes::StructureShape.new(name: 'ChatOutputStream')
     ChatSyncInput = Shapes::StructureShape.new(name: 'ChatSyncInput')
     ChatSyncOutput = Shapes::StructureShape.new(name: 'ChatSyncOutput')
+    ClientIdForOIDC = Shapes::StringShape.new(name: 'ClientIdForOIDC')
+    ClientIdsForOIDC = Shapes::ListShape.new(name: 'ClientIdsForOIDC')
     ClientToken = Shapes::StringShape.new(name: 'ClientToken')
     ConfigurationEvent = Shapes::StructureShape.new(name: 'ConfigurationEvent')
     ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
@@ -211,7 +215,10 @@ module Aws::QBusiness
     GroupSummary = Shapes::StructureShape.new(name: 'GroupSummary')
     GroupSummaryList = Shapes::ListShape.new(name: 'GroupSummaryList')
     HookConfiguration = Shapes::StructureShape.new(name: 'HookConfiguration')
+    IamIdentityProviderArn = Shapes::StringShape.new(name: 'IamIdentityProviderArn')
     IdcApplicationArn = Shapes::StringShape.new(name: 'IdcApplicationArn')
+    IdentityProviderConfiguration = Shapes::UnionShape.new(name: 'IdentityProviderConfiguration')
+    IdentityType = Shapes::StringShape.new(name: 'IdentityType')
     Index = Shapes::StructureShape.new(name: 'Index')
     IndexArn = Shapes::StringShape.new(name: 'IndexArn')
     IndexCapacityConfiguration = Shapes::StructureShape.new(name: 'IndexCapacityConfiguration')
@@ -294,6 +301,7 @@ module Aws::QBusiness
     NumberAttributeBoostingConfiguration = Shapes::StructureShape.new(name: 'NumberAttributeBoostingConfiguration')
     NumberAttributeBoostingType = Shapes::StringShape.new(name: 'NumberAttributeBoostingType')
     OAuth2ClientCredentialConfiguration = Shapes::StructureShape.new(name: 'OAuth2ClientCredentialConfiguration')
+    OpenIDConnectProviderConfiguration = Shapes::StructureShape.new(name: 'OpenIDConnectProviderConfiguration')
     Payload = Shapes::StringShape.new(name: 'Payload')
     PersonalizationConfiguration = Shapes::StructureShape.new(name: 'PersonalizationConfiguration')
     PersonalizationControlMode = Shapes::StringShape.new(name: 'PersonalizationControlMode')
@@ -337,8 +345,10 @@ module Aws::QBusiness
     S3BucketName = Shapes::StringShape.new(name: 'S3BucketName')
     S3ObjectKey = Shapes::StringShape.new(name: 'S3ObjectKey')
     SamlAttribute = Shapes::StringShape.new(name: 'SamlAttribute')
+    SamlAuthenticationUrl = Shapes::StringShape.new(name: 'SamlAuthenticationUrl')
     SamlConfiguration = Shapes::StructureShape.new(name: 'SamlConfiguration')
     SamlMetadataXML = Shapes::StringShape.new(name: 'SamlMetadataXML')
+    SamlProviderConfiguration = Shapes::StructureShape.new(name: 'SamlProviderConfiguration')
     SecretArn = Shapes::StringShape.new(name: 'SecretArn')
     SecurityGroupId = Shapes::StringShape.new(name: 'SecurityGroupId')
     SecurityGroupIds = Shapes::ListShape.new(name: 'SecurityGroupIds')
@@ -359,6 +369,7 @@ module Aws::QBusiness
     StringListAttributeBoostingConfiguration = Shapes::StructureShape.new(name: 'StringListAttributeBoostingConfiguration')
     SubnetId = Shapes::StringShape.new(name: 'SubnetId')
     SubnetIds = Shapes::ListShape.new(name: 'SubnetIds')
+    SubscriptionType = Shapes::StringShape.new(name: 'SubscriptionType')
     SyncSchedule = Shapes::StringShape.new(name: 'SyncSchedule')
     SystemMessageId = Shapes::StringShape.new(name: 'SystemMessageId')
     SystemMessageOverride = Shapes::StringShape.new(name: 'SystemMessageOverride')
@@ -498,6 +509,7 @@ module Aws::QBusiness
     Application.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
     Application.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "updatedAt"))
     Application.add_member(:status, Shapes::ShapeRef.new(shape: ApplicationStatus, location_name: "status"))
+    Application.add_member(:identity_type, Shapes::ShapeRef.new(shape: IdentityType, location_name: "identityType"))
     Application.struct_class = Types::Application
 
     Applications.member = Shapes::ShapeRef.new(shape: Application)
@@ -556,6 +568,10 @@ module Aws::QBusiness
     AuthorizationResponseMap.key = Shapes::ShapeRef.new(shape: AuthResponseKey)
     AuthorizationResponseMap.value = Shapes::ShapeRef.new(shape: AuthResponseValue)
 
+    AutoSubscriptionConfiguration.add_member(:auto_subscribe, Shapes::ShapeRef.new(shape: AutoSubscriptionStatus, required: true, location_name: "autoSubscribe"))
+    AutoSubscriptionConfiguration.add_member(:default_subscription_type, Shapes::ShapeRef.new(shape: SubscriptionType, location_name: "defaultSubscriptionType"))
+    AutoSubscriptionConfiguration.struct_class = Types::AutoSubscriptionConfiguration
+
     BasicAuthConfiguration.add_member(:secret_arn, Shapes::ShapeRef.new(shape: SecretArn, required: true, location_name: "secretArn"))
     BasicAuthConfiguration.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "roleArn"))
     BasicAuthConfiguration.struct_class = Types::BasicAuthConfiguration
@@ -652,6 +668,8 @@ module Aws::QBusiness
     ChatSyncOutput.add_member(:failed_attachments, Shapes::ShapeRef.new(shape: AttachmentsOutput, location_name: "failedAttachments"))
     ChatSyncOutput.struct_class = Types::ChatSyncOutput
 
+    ClientIdsForOIDC.member = Shapes::ShapeRef.new(shape: ClientIdForOIDC)
+
     ConfigurationEvent.add_member(:chat_mode, Shapes::ShapeRef.new(shape: ChatMode, location_name: "chatMode"))
     ConfigurationEvent.add_member(:chat_mode_configuration, Shapes::ShapeRef.new(shape: ChatModeConfiguration, location_name: "chatModeConfiguration"))
     ConfigurationEvent.add_member(:attribute_filter, Shapes::ShapeRef.new(shape: AttributeFilter, location_name: "attributeFilter"))
@@ -677,7 +695,10 @@ module Aws::QBusiness
 
     CreateApplicationRequest.add_member(:display_name, Shapes::ShapeRef.new(shape: ApplicationName, required: true, location_name: "displayName"))
     CreateApplicationRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
+    CreateApplicationRequest.add_member(:identity_type, Shapes::ShapeRef.new(shape: IdentityType, location_name: "identityType"))
+    CreateApplicationRequest.add_member(:iam_identity_provider_arn, Shapes::ShapeRef.new(shape: IamIdentityProviderArn, location_name: "iamIdentityProviderArn"))
     CreateApplicationRequest.add_member(:identity_center_instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, location_name: "identityCenterInstanceArn"))
+    CreateApplicationRequest.add_member(:client_ids_for_oidc, Shapes::ShapeRef.new(shape: ClientIdsForOIDC, location_name: "clientIdsForOIDC"))
     CreateApplicationRequest.add_member(:description, Shapes::ShapeRef.new(shape: Description, location_name: "description"))
     CreateApplicationRequest.add_member(:encryption_configuration, Shapes::ShapeRef.new(shape: EncryptionConfiguration, location_name: "encryptionConfiguration"))
     CreateApplicationRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
@@ -767,6 +788,7 @@ module Aws::QBusiness
     CreateWebExperienceRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
     CreateWebExperienceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
     CreateWebExperienceRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
+    CreateWebExperienceRequest.add_member(:identity_provider_configuration, Shapes::ShapeRef.new(shape: IdentityProviderConfiguration, location_name: "identityProviderConfiguration"))
     CreateWebExperienceRequest.struct_class = Types::CreateWebExperienceRequest
 
     CreateWebExperienceResponse.add_member(:web_experience_id, Shapes::ShapeRef.new(shape: WebExperienceId, location_name: "webExperienceId"))
@@ -1007,6 +1029,8 @@ module Aws::QBusiness
     GetApplicationResponse.add_member(:display_name, Shapes::ShapeRef.new(shape: ApplicationName, location_name: "displayName"))
     GetApplicationResponse.add_member(:application_id, Shapes::ShapeRef.new(shape: ApplicationId, location_name: "applicationId"))
     GetApplicationResponse.add_member(:application_arn, Shapes::ShapeRef.new(shape: ApplicationArn, location_name: "applicationArn"))
+    GetApplicationResponse.add_member(:identity_type, Shapes::ShapeRef.new(shape: IdentityType, location_name: "identityType"))
+    GetApplicationResponse.add_member(:iam_identity_provider_arn, Shapes::ShapeRef.new(shape: IamIdentityProviderArn, location_name: "iamIdentityProviderArn"))
     GetApplicationResponse.add_member(:identity_center_application_arn, Shapes::ShapeRef.new(shape: IdcApplicationArn, location_name: "identityCenterApplicationArn"))
     GetApplicationResponse.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
     GetApplicationResponse.add_member(:status, Shapes::ShapeRef.new(shape: ApplicationStatus, location_name: "status"))
@@ -1018,6 +1042,8 @@ module Aws::QBusiness
     GetApplicationResponse.add_member(:attachments_configuration, Shapes::ShapeRef.new(shape: AppliedAttachmentsConfiguration, location_name: "attachmentsConfiguration"))
     GetApplicationResponse.add_member(:q_apps_configuration, Shapes::ShapeRef.new(shape: QAppsConfiguration, location_name: "qAppsConfiguration"))
     GetApplicationResponse.add_member(:personalization_configuration, Shapes::ShapeRef.new(shape: PersonalizationConfiguration, location_name: "personalizationConfiguration"))
+    GetApplicationResponse.add_member(:auto_subscription_configuration, Shapes::ShapeRef.new(shape: AutoSubscriptionConfiguration, location_name: "autoSubscriptionConfiguration"))
+    GetApplicationResponse.add_member(:client_ids_for_oidc, Shapes::ShapeRef.new(shape: ClientIdsForOIDC, location_name: "clientIdsForOIDC"))
     GetApplicationResponse.struct_class = Types::GetApplicationResponse
 
     GetChatControlsConfigurationRequest.add_member(:application_id, Shapes::ShapeRef.new(shape: ApplicationId, required: true, location: "uri", location_name: "applicationId"))
@@ -1141,6 +1167,7 @@ module Aws::QBusiness
     GetWebExperienceResponse.add_member(:welcome_message, Shapes::ShapeRef.new(shape: WebExperienceWelcomeMessage, location_name: "welcomeMessage"))
     GetWebExperienceResponse.add_member(:sample_prompts_control_mode, Shapes::ShapeRef.new(shape: WebExperienceSamplePromptsControlMode, location_name: "samplePromptsControlMode"))
     GetWebExperienceResponse.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
+    GetWebExperienceResponse.add_member(:identity_provider_configuration, Shapes::ShapeRef.new(shape: IdentityProviderConfiguration, location_name: "identityProviderConfiguration"))
     GetWebExperienceResponse.add_member(:authentication_configuration, Shapes::ShapeRef.new(shape: WebExperienceAuthConfiguration, deprecated: true, location_name: "authenticationConfiguration", metadata: {"deprecatedMessage"=>"Property associated with legacy SAML IdP flow. Deprecated in favor of using AWS IAM Identity Center for user management."}))
     GetWebExperienceResponse.add_member(:error, Shapes::ShapeRef.new(shape: ErrorDetail, location_name: "error"))
     GetWebExperienceResponse.struct_class = Types::GetWebExperienceResponse
@@ -1167,6 +1194,14 @@ module Aws::QBusiness
     HookConfiguration.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
     HookConfiguration.struct_class = Types::HookConfiguration
 
+    IdentityProviderConfiguration.add_member(:saml_configuration, Shapes::ShapeRef.new(shape: SamlProviderConfiguration, location_name: "samlConfiguration"))
+    IdentityProviderConfiguration.add_member(:open_id_connect_configuration, Shapes::ShapeRef.new(shape: OpenIDConnectProviderConfiguration, location_name: "openIDConnectConfiguration"))
+    IdentityProviderConfiguration.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
+    IdentityProviderConfiguration.add_member_subclass(:saml_configuration, Types::IdentityProviderConfiguration::SamlConfiguration)
+    IdentityProviderConfiguration.add_member_subclass(:open_id_connect_configuration, Types::IdentityProviderConfiguration::OpenIdConnectConfiguration)
+    IdentityProviderConfiguration.add_member_subclass(:unknown, Types::IdentityProviderConfiguration::Unknown)
+    IdentityProviderConfiguration.struct_class = Types::IdentityProviderConfiguration
+
     Index.add_member(:display_name, Shapes::ShapeRef.new(shape: IndexName, location_name: "displayName"))
     Index.add_member(:index_id, Shapes::ShapeRef.new(shape: IndexId, location_name: "indexId"))
     Index.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
@@ -1367,6 +1402,10 @@ module Aws::QBusiness
     OAuth2ClientCredentialConfiguration.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "roleArn"))
     OAuth2ClientCredentialConfiguration.struct_class = Types::OAuth2ClientCredentialConfiguration
 
+    OpenIDConnectProviderConfiguration.add_member(:secrets_arn, Shapes::ShapeRef.new(shape: SecretArn, required: true, location_name: "secretsArn"))
+    OpenIDConnectProviderConfiguration.add_member(:secrets_role, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "secretsRole"))
+    OpenIDConnectProviderConfiguration.struct_class = Types::OpenIDConnectProviderConfiguration
+
     PersonalizationConfiguration.add_member(:personalization_control_mode, Shapes::ShapeRef.new(shape: PersonalizationControlMode, required: true, location_name: "personalizationControlMode"))
     PersonalizationConfiguration.struct_class = Types::PersonalizationConfiguration
 
@@ -1484,6 +1523,9 @@ module Aws::QBusiness
     SamlConfiguration.add_member(:user_group_attribute, Shapes::ShapeRef.new(shape: SamlAttribute, location_name: "userGroupAttribute"))
     SamlConfiguration.struct_class = Types::SamlConfiguration
 
+    SamlProviderConfiguration.add_member(:authentication_url, Shapes::ShapeRef.new(shape: SamlAuthenticationUrl, required: true, location_name: "authenticationUrl"))
+    SamlProviderConfiguration.struct_class = Types::SamlProviderConfiguration
+
     SecurityGroupIds.member = Shapes::ShapeRef.new(shape: SecurityGroupId)
 
     ServiceQuotaExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, required: true, location_name: "message"))
@@ -1590,6 +1632,7 @@ module Aws::QBusiness
     UpdateApplicationRequest.add_member(:attachments_configuration, Shapes::ShapeRef.new(shape: AttachmentsConfiguration, location_name: "attachmentsConfiguration"))
     UpdateApplicationRequest.add_member(:q_apps_configuration, Shapes::ShapeRef.new(shape: QAppsConfiguration, location_name: "qAppsConfiguration"))
     UpdateApplicationRequest.add_member(:personalization_configuration, Shapes::ShapeRef.new(shape: PersonalizationConfiguration, location_name: "personalizationConfiguration"))
+    UpdateApplicationRequest.add_member(:auto_subscription_configuration, Shapes::ShapeRef.new(shape: AutoSubscriptionConfiguration, location_name: "autoSubscriptionConfiguration"))
     UpdateApplicationRequest.struct_class = Types::UpdateApplicationRequest
 
     UpdateApplicationResponse.struct_class = Types::UpdateApplicationResponse
@@ -1668,6 +1711,7 @@ module Aws::QBusiness
     UpdateWebExperienceRequest.add_member(:subtitle, Shapes::ShapeRef.new(shape: WebExperienceSubtitle, location_name: "subtitle"))
     UpdateWebExperienceRequest.add_member(:welcome_message, Shapes::ShapeRef.new(shape: WebExperienceWelcomeMessage, location_name: "welcomeMessage"))
     UpdateWebExperienceRequest.add_member(:sample_prompts_control_mode, Shapes::ShapeRef.new(shape: WebExperienceSamplePromptsControlMode, location_name: "samplePromptsControlMode"))
+    UpdateWebExperienceRequest.add_member(:identity_provider_configuration, Shapes::ShapeRef.new(shape: IdentityProviderConfiguration, location_name: "identityProviderConfiguration"))
     UpdateWebExperienceRequest.struct_class = Types::UpdateWebExperienceRequest
 
     UpdateWebExperienceResponse.struct_class = Types::UpdateWebExperienceResponse

data/lib/aws-sdk-qbusiness/types.rb

@@ -369,6 +369,11 @@ module Aws::QBusiness
     #   ready to use when the status is `ACTIVE`.
     #   @return [String]
     #
+    # @!attribute [rw] identity_type
+    #   The authentication type being used by a Amazon Q Business
+    #   application.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/Application AWS API Documentation
     #
     class Application < Struct.new(
@@ -376,7 +381,8 @@ module Aws::QBusiness
       :application_id,
       :created_at,
       :updated_at,
-      :status)
+      :status,
+      :identity_type)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -668,6 +674,31 @@ module Aws::QBusiness
       include Aws::Structure
     end
 
+    # Subscription configuration information for an Amazon Q Business
+    # application using IAM identity federation for user management.
+    #
+    # @!attribute [rw] auto_subscribe
+    #   Describes whether automatic subscriptions are enabled for an Amazon
+    #   Q Business application using IAM identity federation for user
+    #   management.
+    #   @return [String]
+    #
+    # @!attribute [rw] default_subscription_type
+    #   Describes the default subscription type assigned to an Amazon Q
+    #   Business application using IAM identity federation for user
+    #   management. If the value for `autoSubscribe` is set to `ENABLED` you
+    #   must select a value for this field.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/AutoSubscriptionConfiguration AWS API Documentation
+    #
+    class AutoSubscriptionConfiguration < Struct.new(
+      :auto_subscribe,
+      :default_subscription_type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Information about the basic authentication credentials used to
     # configure a plugin.
     #
@@ -1223,12 +1254,26 @@ module Aws::QBusiness
     #   access your Amazon CloudWatch logs and metrics.
     #   @return [String]
     #
+    # @!attribute [rw] identity_type
+    #   The authentication type being used by a Amazon Q Business
+    #   application.
+    #   @return [String]
+    #
+    # @!attribute [rw] iam_identity_provider_arn
+    #   The Amazon Resource Name (ARN) of an identity provider being used by
+    #   an Amazon Q Business application.
+    #   @return [String]
+    #
     # @!attribute [rw] identity_center_instance_arn
     #   The Amazon Resource Name (ARN) of the IAM Identity Center instance
     #   you are either creating for—or connecting to—your Amazon Q Business
     #   application.
     #   @return [String]
     #
+    # @!attribute [rw] client_ids_for_oidc
+    #   The OIDC client ID for a Amazon Q Business application.
+    #   @return [Array<String>]
+    #
     # @!attribute [rw] description
     #   A description for the Amazon Q Business application.
     #   @return [String]
@@ -1277,7 +1322,10 @@ module Aws::QBusiness
     class CreateApplicationRequest < Struct.new(
       :display_name,
       :role_arn,
+      :identity_type,
+      :iam_identity_provider_arn,
       :identity_center_instance_arn,
+      :client_ids_for_oidc,
       :description,
       :encryption_configuration,
       :tags,
@@ -1321,13 +1369,33 @@ module Aws::QBusiness
     #   @return [String]
     #
     # @!attribute [rw] configuration
-    #   Configuration information to connect to your data source repository.
-    #   For configuration templates for your specific data source, see
-    #   [Supported connectors][1].
+    #   Configuration information to connect your data source repository to
+    #   Amazon Q Business. Use this parameter to provide a JSON schema with
+    #   configuration information specific to your data source connector.
+    #
+    #   Each data source has a JSON schema provided by Amazon Q Business
+    #   that you must use. For example, the Amazon S3 and Web Crawler
+    #   connectors require the following JSON schemas:
+    #
+    #   * [Amazon S3 JSON schema][1]
+    #
+    #   * [Web Crawler JSON schema][2]
+    #
+    #   You can find configuration templates for your specific data source
+    #   using the following steps:
+    #
+    #   1.  Navigate to the [Supported connectors][3] page in the Amazon Q
+    #       Business User Guide, and select the data source of your choice.
     #
+    #   2.  Then, from your specific data source connector page, select
+    #       **Using the API**. You will find the JSON schema for your data
+    #       source, including parameter descriptions, in this section.
     #
     #
-    #   [1]: https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html
+    #
+    #   [1]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-api.html
+    #   [2]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-api.html
+    #   [3]: https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html
     #   @return [Hash,Array,String,Numeric,Boolean]
     #
     # @!attribute [rw] vpc_configuration
@@ -1706,6 +1774,13 @@ module Aws::QBusiness
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the service role attached to your
     #   web experience.
+    #
+    #   <note markdown="1"> You must provide this value if you're using IAM Identity Center to
+    #   manage end user access to your application. If you're using legacy
+    #   identity management to manage user access, you don't need to
+    #   provide this value.
+    #
+    #    </note>
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -1724,6 +1799,11 @@ module Aws::QBusiness
     #   not need to pass this option.
     #   @return [String]
     #
+    # @!attribute [rw] identity_provider_configuration
+    #   Information about the identity provider (IdP) used to authenticate
+    #   end users of an Amazon Q Business web experience.
+    #   @return [Types::IdentityProviderConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/CreateWebExperienceRequest AWS API Documentation
     #
     class CreateWebExperienceRequest < Struct.new(
@@ -1734,7 +1814,8 @@ module Aws::QBusiness
       :sample_prompts_control_mode,
       :role_arn,
       :tags,
-      :client_token)
+      :client_token,
+      :identity_provider_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2858,6 +2939,16 @@ module Aws::QBusiness
     #   The Amazon Resource Name (ARN) of the Amazon Q Business application.
     #   @return [String]
     #
+    # @!attribute [rw] identity_type
+    #   The authentication type being used by a Amazon Q Business
+    #   application.
+    #   @return [String]
+    #
+    # @!attribute [rw] iam_identity_provider_arn
+    #   The Amazon Resource Name (ARN) of an identity provider being used by
+    #   an Amazon Q Business application.
+    #   @return [String]
+    #
     # @!attribute [rw] identity_center_application_arn
     #   The Amazon Resource Name (ARN) of the AWS IAM Identity Center
     #   instance attached to your Amazon Q Business application.
@@ -2917,12 +3008,23 @@ module Aws::QBusiness
     #   [1]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html
     #   @return [Types::PersonalizationConfiguration]
     #
+    # @!attribute [rw] auto_subscription_configuration
+    #   Settings for auto-subscription behavior for this application. This
+    #   is only applicable to SAML and OIDC applications.
+    #   @return [Types::AutoSubscriptionConfiguration]
+    #
+    # @!attribute [rw] client_ids_for_oidc
+    #   The OIDC client ID for a Amazon Q Business application.
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/GetApplicationResponse AWS API Documentation
     #
     class GetApplicationResponse < Struct.new(
       :display_name,
       :application_id,
       :application_arn,
+      :identity_type,
+      :iam_identity_provider_arn,
       :identity_center_application_arn,
       :role_arn,
       :status,
@@ -2933,7 +3035,9 @@ module Aws::QBusiness
       :error,
       :attachments_configuration,
       :q_apps_configuration,
-      :personalization_configuration)
+      :personalization_configuration,
+      :auto_subscription_configuration,
+      :client_ids_for_oidc)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3544,6 +3648,11 @@ module Aws::QBusiness
     #   web experience.
     #   @return [String]
     #
+    # @!attribute [rw] identity_provider_configuration
+    #   Information about the identity provider (IdP) used to authenticate
+    #   end users of an Amazon Q Business web experience.
+    #   @return [Types::IdentityProviderConfiguration]
+    #
     # @!attribute [rw] authentication_configuration
     #   The authentication configuration information for your Amazon Q
     #   Business web experience.
@@ -3570,6 +3679,7 @@ module Aws::QBusiness
       :welcome_message,
       :sample_prompts_control_mode,
       :role_arn,
+      :identity_provider_configuration,
       :authentication_configuration,
       :error)
       SENSITIVE = []
@@ -3706,6 +3816,39 @@ module Aws::QBusiness
       include Aws::Structure
     end
 
+    # Provides information about the identity provider (IdP) used to
+    # authenticate end users of an Amazon Q Business web experience.
+    #
+    # @note IdentityProviderConfiguration is a union - when making an API calls you must set exactly one of the members.
+    #
+    # @note IdentityProviderConfiguration is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of IdentityProviderConfiguration corresponding to the set member.
+    #
+    # @!attribute [rw] saml_configuration
+    #   Information about the SAML 2.0-compliant identity provider (IdP)
+    #   used to authenticate end users of an Amazon Q Business web
+    #   experience.
+    #   @return [Types::SamlProviderConfiguration]
+    #
+    # @!attribute [rw] open_id_connect_configuration
+    #   Information about the OIDC-compliant identity provider (IdP) used to
+    #   authenticate end users of an Amazon Q Business web experience.
+    #   @return [Types::OpenIDConnectProviderConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/IdentityProviderConfiguration AWS API Documentation
+    #
+    class IdentityProviderConfiguration < Struct.new(
+      :saml_configuration,
+      :open_id_connect_configuration,
+      :unknown)
+      SENSITIVE = []
+      include Aws::Structure
+      include Aws::Structure::Union
+
+      class SamlConfiguration < IdentityProviderConfiguration; end
+      class OpenIdConnectConfiguration < IdentityProviderConfiguration; end
+      class Unknown < IdentityProviderConfiguration; end
+    end
+
     # Summary information for your Amazon Q Business index.
     #
     # @!attribute [rw] display_name
@@ -4731,6 +4874,28 @@ module Aws::QBusiness
       include Aws::Structure
     end
 
+    # Information about the OIDC-compliant identity provider (IdP) used to
+    # authenticate end users of an Amazon Q Business web experience.
+    #
+    # @!attribute [rw] secrets_arn
+    #   The Amazon Resource Name (ARN) of a Secrets Manager secret
+    #   containing the OIDC client secret.
+    #   @return [String]
+    #
+    # @!attribute [rw] secrets_role
+    #   An IAM role with permissions to access KMS to decrypt the Secrets
+    #   Manager secret containing your OIDC client secret.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/OpenIDConnectProviderConfiguration AWS API Documentation
+    #
+    class OpenIDConnectProviderConfiguration < Struct.new(
+      :secrets_arn,
+      :secrets_role)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Configuration information about chat response personalization. For
     # more information, see [Personalizing chat responses][1].
     #
@@ -4993,12 +5158,6 @@ module Aws::QBusiness
     #   group. For example, the group "Company" includes the user "CEO"
     #   and the sub groups "Research", "Engineering", and "Sales and
     #   Marketing".
-    #
-    #   If you have more than 1000 users and/or sub groups for a single
-    #   group, you need to provide the path to the S3 file that lists your
-    #   users and sub groups for a group. Your sub groups can contain more
-    #   than 1000 users, but the list of sub groups that belong to a group
-    #   (and/or users) must be no more than 1000.
     #   @return [String]
     #
     # @!attribute [rw] data_source_id
@@ -5263,6 +5422,22 @@ module Aws::QBusiness
       include Aws::Structure
     end
 
+    # Information about the SAML 2.0-compliant identity provider (IdP) used
+    # to authenticate end users of an Amazon Q Business web experience.
+    #
+    # @!attribute [rw] authentication_url
+    #   The URL where Amazon Q Business end users will be redirected for
+    #   authentication.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/SamlProviderConfiguration AWS API Documentation
+    #
+    class SamlProviderConfiguration < Struct.new(
+      :authentication_url)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # You have exceeded the set limits for your Amazon Q Business service.
     #
     # @!attribute [rw] message
@@ -5739,6 +5914,12 @@ module Aws::QBusiness
     #   [1]: https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html
     #   @return [Types::PersonalizationConfiguration]
     #
+    # @!attribute [rw] auto_subscription_configuration
+    #   An option to enable updating the default subscription type assigned
+    #   to an Amazon Q Business application using IAM identity federation
+    #   for user management.
+    #   @return [Types::AutoSubscriptionConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/UpdateApplicationRequest AWS API Documentation
     #
     class UpdateApplicationRequest < Struct.new(
@@ -5749,7 +5930,8 @@ module Aws::QBusiness
       :role_arn,
       :attachments_configuration,
       :q_apps_configuration,
-      :personalization_configuration)
+      :personalization_configuration,
+      :auto_subscription_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6107,6 +6289,11 @@ module Aws::QBusiness
     #   for an end user.
     #   @return [String]
     #
+    # @!attribute [rw] identity_provider_configuration
+    #   Information about the identity provider (IdP) used to authenticate
+    #   end users of an Amazon Q Business web experience.
+    #   @return [Types::IdentityProviderConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/UpdateWebExperienceRequest AWS API Documentation
     #
     class UpdateWebExperienceRequest < Struct.new(
@@ -6117,7 +6304,8 @@ module Aws::QBusiness
       :title,
       :subtitle,
       :welcome_message,
-      :sample_prompts_control_mode)
+      :sample_prompts_control_mode,
+      :identity_provider_configuration)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-qbusiness.rb

@@ -55,6 +55,6 @@ require_relative 'aws-sdk-qbusiness/event_streams'
 # @!group service
 module Aws::QBusiness
 
-  GEM_VERSION = '1.11.0'
+  GEM_VERSION = '1.12.0'
 
 end

data/sig/client.rbs

@@ -353,7 +353,10 @@ module Aws
       def create_application: (
                                 display_name: ::String,
                                 ?role_arn: ::String,
+                                ?identity_type: ("AWS_IAM_IDP_SAML" | "AWS_IAM_IDP_OIDC" | "AWS_IAM_IDC"),
+                                ?iam_identity_provider_arn: ::String,
                                 ?identity_center_instance_arn: ::String,
+                                ?client_ids_for_oidc: Array[::String],
                                 ?description: ::String,
                                 ?encryption_configuration: {
                                   kms_key_id: ::String?
@@ -615,7 +618,16 @@ module Aws
                                        value: ::String
                                      },
                                    ],
-                                   ?client_token: ::String
+                                   ?client_token: ::String,
+                                   ?identity_provider_configuration: {
+                                     saml_configuration: {
+                                       authentication_url: ::String
+                                     }?,
+                                     open_id_connect_configuration: {
+                                       secrets_arn: ::String,
+                                       secrets_role: ::String
+                                     }?
+                                   }
                                  ) -> _CreateWebExperienceResponseSuccess
                                | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateWebExperienceResponseSuccess
 
@@ -726,6 +738,8 @@ module Aws
         def display_name: () -> ::String
         def application_id: () -> ::String
         def application_arn: () -> ::String
+        def identity_type: () -> ("AWS_IAM_IDP_SAML" | "AWS_IAM_IDP_OIDC" | "AWS_IAM_IDC")
+        def iam_identity_provider_arn: () -> ::String
         def identity_center_application_arn: () -> ::String
         def role_arn: () -> ::String
         def status: () -> ("CREATING" | "ACTIVE" | "DELETING" | "FAILED" | "UPDATING")
@@ -736,6 +750,8 @@ module Aws
         def attachments_configuration: () -> Types::AppliedAttachmentsConfiguration
         def q_apps_configuration: () -> Types::QAppsConfiguration
         def personalization_configuration: () -> Types::PersonalizationConfiguration
+        def auto_subscription_configuration: () -> Types::AutoSubscriptionConfiguration
+        def client_ids_for_oidc: () -> ::Array[::String]
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/QBusiness/Client.html#get_application-instance_method
       def get_application: (
@@ -888,6 +904,7 @@ module Aws
         def welcome_message: () -> ::String
         def sample_prompts_control_mode: () -> ("ENABLED" | "DISABLED")
         def role_arn: () -> ::String
+        def identity_provider_configuration: () -> Types::IdentityProviderConfiguration
         def authentication_configuration: () -> Types::WebExperienceAuthConfiguration
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/QBusiness/Client.html#get_web_experience-instance_method
@@ -1172,6 +1189,10 @@ module Aws
                                 },
                                 ?personalization_configuration: {
                                   personalization_control_mode: ("ENABLED" | "DISABLED")
+                                },
+                                ?auto_subscription_configuration: {
+                                  auto_subscribe: ("ENABLED" | "DISABLED"),
+                                  default_subscription_type: ("Q_LITE" | "Q_BUSINESS")?
                                 }
                               ) -> _UpdateApplicationResponseSuccess
                             | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _UpdateApplicationResponseSuccess
@@ -1480,7 +1501,16 @@ module Aws
                                    ?title: ::String,
                                    ?subtitle: ::String,
                                    ?welcome_message: ::String,
-                                   ?sample_prompts_control_mode: ("ENABLED" | "DISABLED")
+                                   ?sample_prompts_control_mode: ("ENABLED" | "DISABLED"),
+                                   ?identity_provider_configuration: {
+                                     saml_configuration: {
+                                       authentication_url: ::String
+                                     }?,
+                                     open_id_connect_configuration: {
+                                       secrets_arn: ::String,
+                                       secrets_role: ::String
+                                     }?
+                                   }
                                  ) -> _UpdateWebExperienceResponseSuccess
                                | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _UpdateWebExperienceResponseSuccess
     end

data/sig/types.rbs

@@ -103,6 +103,7 @@ module Aws::QBusiness
       attr_accessor created_at: ::Time
       attr_accessor updated_at: ::Time
       attr_accessor status: ("CREATING" | "ACTIVE" | "DELETING" | "FAILED" | "UPDATING")
+      attr_accessor identity_type: ("AWS_IAM_IDP_SAML" | "AWS_IAM_IDP_OIDC" | "AWS_IAM_IDC")
       SENSITIVE: []
     end
 
@@ -176,6 +177,12 @@ module Aws::QBusiness
       SENSITIVE: []
     end
 
+    class AutoSubscriptionConfiguration
+      attr_accessor auto_subscribe: ("ENABLED" | "DISABLED")
+      attr_accessor default_subscription_type: ("Q_LITE" | "Q_BUSINESS")
+      SENSITIVE: []
+    end
+
     class BasicAuthConfiguration
       attr_accessor secret_arn: ::String
       attr_accessor role_arn: ::String
@@ -313,7 +320,10 @@ module Aws::QBusiness
     class CreateApplicationRequest
       attr_accessor display_name: ::String
       attr_accessor role_arn: ::String
+      attr_accessor identity_type: ("AWS_IAM_IDP_SAML" | "AWS_IAM_IDP_OIDC" | "AWS_IAM_IDC")
+      attr_accessor iam_identity_provider_arn: ::String
       attr_accessor identity_center_instance_arn: ::String
+      attr_accessor client_ids_for_oidc: ::Array[::String]
       attr_accessor description: ::String
       attr_accessor encryption_configuration: Types::EncryptionConfiguration
       attr_accessor tags: ::Array[Types::Tag]
@@ -424,6 +434,7 @@ module Aws::QBusiness
       attr_accessor role_arn: ::String
       attr_accessor tags: ::Array[Types::Tag]
       attr_accessor client_token: ::String
+      attr_accessor identity_provider_configuration: Types::IdentityProviderConfiguration
       SENSITIVE: []
     end
 
@@ -739,6 +750,8 @@ module Aws::QBusiness
       attr_accessor display_name: ::String
       attr_accessor application_id: ::String
       attr_accessor application_arn: ::String
+      attr_accessor identity_type: ("AWS_IAM_IDP_SAML" | "AWS_IAM_IDP_OIDC" | "AWS_IAM_IDC")
+      attr_accessor iam_identity_provider_arn: ::String
       attr_accessor identity_center_application_arn: ::String
       attr_accessor role_arn: ::String
       attr_accessor status: ("CREATING" | "ACTIVE" | "DELETING" | "FAILED" | "UPDATING")
@@ -750,6 +763,8 @@ module Aws::QBusiness
       attr_accessor attachments_configuration: Types::AppliedAttachmentsConfiguration
       attr_accessor q_apps_configuration: Types::QAppsConfiguration
       attr_accessor personalization_configuration: Types::PersonalizationConfiguration
+      attr_accessor auto_subscription_configuration: Types::AutoSubscriptionConfiguration
+      attr_accessor client_ids_for_oidc: ::Array[::String]
       SENSITIVE: []
     end
 
@@ -905,6 +920,7 @@ module Aws::QBusiness
       attr_accessor welcome_message: ::String
       attr_accessor sample_prompts_control_mode: ("ENABLED" | "DISABLED")
       attr_accessor role_arn: ::String
+      attr_accessor identity_provider_configuration: Types::IdentityProviderConfiguration
       attr_accessor authentication_configuration: Types::WebExperienceAuthConfiguration
       attr_accessor error: Types::ErrorDetail
       SENSITIVE: []
@@ -936,6 +952,20 @@ module Aws::QBusiness
       SENSITIVE: []
     end
 
+    class IdentityProviderConfiguration
+      attr_accessor saml_configuration: Types::SamlProviderConfiguration
+      attr_accessor open_id_connect_configuration: Types::OpenIDConnectProviderConfiguration
+      attr_accessor unknown: untyped
+      SENSITIVE: []
+
+      class SamlConfiguration < IdentityProviderConfiguration
+      end
+      class OpenIdConnectConfiguration < IdentityProviderConfiguration
+      end
+      class Unknown < IdentityProviderConfiguration
+      end
+    end
+
     class Index
       attr_accessor display_name: ::String
       attr_accessor index_id: ::String
@@ -1206,6 +1236,12 @@ module Aws::QBusiness
       SENSITIVE: []
     end
 
+    class OpenIDConnectProviderConfiguration
+      attr_accessor secrets_arn: ::String
+      attr_accessor secrets_role: ::String
+      SENSITIVE: []
+    end
+
     class PersonalizationConfiguration
       attr_accessor personalization_control_mode: ("ENABLED" | "DISABLED")
       SENSITIVE: []
@@ -1367,6 +1403,11 @@ module Aws::QBusiness
       SENSITIVE: []
     end
 
+    class SamlProviderConfiguration
+      attr_accessor authentication_url: ::String
+      SENSITIVE: []
+    end
+
     class ServiceQuotaExceededException
       attr_accessor message: ::String
       attr_accessor resource_id: ::String
@@ -1496,6 +1537,7 @@ module Aws::QBusiness
       attr_accessor attachments_configuration: Types::AttachmentsConfiguration
       attr_accessor q_apps_configuration: Types::QAppsConfiguration
       attr_accessor personalization_configuration: Types::PersonalizationConfiguration
+      attr_accessor auto_subscription_configuration: Types::AutoSubscriptionConfiguration
       SENSITIVE: []
     end
 
@@ -1596,6 +1638,7 @@ module Aws::QBusiness
       attr_accessor subtitle: ::String
       attr_accessor welcome_message: ::String
       attr_accessor sample_prompts_control_mode: ("ENABLED" | "DISABLED")
+      attr_accessor identity_provider_configuration: Types::IdentityProviderConfiguration
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-qbusiness
 version: !ruby/object:Gem::Version
-  version: 1.11.0
+  version: 1.12.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-07-05 00:00:00.000000000 Z
+date: 2024-08-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core