aws-sdk-ssm 1.191.0 → 1.193.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0cf59ccb8eeccc2f508b0927b7387de6f1244496a3f65248c7efeb19d89b8dee
-  data.tar.gz: 07dd8ae4bdcc32bafe5ac284c7406f12a044417248b72b6f4c2c1732a140ab19
+  metadata.gz: d67c8d163adf40a5061905786654e7ae1e867820de5cdfdb4ca932350d648a23
+  data.tar.gz: 2210b47d591cb0a59abf0415fae41adc998e8d98692928b700036741bc1ea52f
 SHA512:
-  metadata.gz: 0caffd58fae3ca04c79ace31884aa2ada349a1745575da2c3c715b725a80f8324050519ca721d63245d534b01b37b6ce28b3077dffe4eef68d47b21946bc2d15
-  data.tar.gz: 4af0b10fe3983290503268d99b4d4f3e445dbededbfebf706c020b93e33f53d2b1b200f05b9b8961ac43eee53876aa5d23c341c79b71ee641b474f9eb09d2710
+  metadata.gz: 5ecb334953eb771f9a1f773ad30158bcde0aabe89e5e3858597c6402d31ccb1d1799f0e10065fede8110297d793cd23e01c501e46ebdd401a8c89dd93f3b0584
+  data.tar.gz: 1cb0e57e68ef91960d2e24c962eda8af4770c2fadf1d53d1962a5ec6023d87591e263e2013fa8d4bab020db0d4a9ceca7cb54f6a3b8f9d4e9ec9a04f9663198c

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.193.0 (2025-04-29)
+------------------
+
+* Feature - This release adds support for just-In-time node access in AWS Systems Manager. Just-in-time node access enables customers to move towards zero standing privileges by requiring operators to request access and obtain approval before remotely connecting to nodes managed by the SSM Agent.
+
+1.192.0 (2025-03-24)
+------------------
+
+* Feature - This release adds the AvailableSecurityUpdatesComplianceStatus field to patch baseline operations, as well as the AvailableSecurityUpdateCount and InstancesWithAvailableSecurityUpdates to patch state operations. Applies to Windows Server managed nodes only.
+
 1.191.0 (2025-02-28)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.191.0
+1.193.0

data/lib/aws-sdk-ssm/client.rb

@@ -1611,7 +1611,7 @@ module Aws::SSM
     #     name: "DocumentName", # required
     #     display_name: "DocumentDisplayName",
     #     version_name: "DocumentVersionName",
-    #     document_type: "Command", # accepts Command, Policy, Automation, Session, Package, ApplicationConfiguration, ApplicationConfigurationSchema, DeploymentStrategy, ChangeCalendar, Automation.ChangeTemplate, ProblemAnalysis, ProblemAnalysisTemplate, CloudFormation, ConformancePackTemplate, QuickSetup
+    #     document_type: "Command", # accepts Command, Policy, Automation, Session, Package, ApplicationConfiguration, ApplicationConfigurationSchema, DeploymentStrategy, ChangeCalendar, Automation.ChangeTemplate, ProblemAnalysis, ProblemAnalysisTemplate, CloudFormation, ConformancePackTemplate, QuickSetup, ManualApprovalPolicy, AutoApprovalPolicy
     #     document_format: "YAML", # accepts YAML, JSON, TEXT
     #     target_type: "TargetType",
     #     tags: [
@@ -1643,7 +1643,7 @@ module Aws::SSM
     #   resp.document_description.parameters[0].default_value #=> String
     #   resp.document_description.platform_types #=> Array
     #   resp.document_description.platform_types[0] #=> String, one of "Windows", "Linux", "MacOS"
-    #   resp.document_description.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup"
+    #   resp.document_description.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup", "ManualApprovalPolicy", "AutoApprovalPolicy"
     #   resp.document_description.schema_version #=> String
     #   resp.document_description.latest_version #=> String
     #   resp.document_description.default_version #=> String
@@ -2177,6 +2177,20 @@ module Aws::SSM
     #   including target operating systems and source repositories. Applies to
     #   Linux managed nodes only.
     #
+    # @option params [String] :available_security_updates_compliance_status
+    #   Indicates the status you want to assign to security patches that are
+    #   available but not approved because they don't meet the installation
+    #   criteria specified in the patch baseline.
+    #
+    #   Example scenario: Security patches that you might want installed can
+    #   be skipped if you have specified a long period to wait after a patch
+    #   is released before installation. If an update to the patch is released
+    #   during your specified waiting period, the waiting period for
+    #   installing the patch starts over. If the waiting period is too long,
+    #   multiple versions of the patch could be released but never installed.
+    #
+    #   Supported for Windows Server managed nodes only.
+    #
     # @option params [String] :client_token
     #   User-provided idempotency token.
     #
@@ -2248,6 +2262,7 @@ module Aws::SSM
     #         configuration: "PatchSourceConfiguration", # required
     #       },
     #     ],
+    #     available_security_updates_compliance_status: "COMPLIANT", # accepts COMPLIANT, NON_COMPLIANT
     #     client_token: "ClientToken",
     #     tags: [
     #       {
@@ -3382,7 +3397,7 @@ module Aws::SSM
     #   resp.automation_execution_metadata_list[0].triggered_alarms[0].name #=> String
     #   resp.automation_execution_metadata_list[0].triggered_alarms[0].state #=> String, one of "UNKNOWN", "ALARM"
     #   resp.automation_execution_metadata_list[0].target_locations_url #=> String
-    #   resp.automation_execution_metadata_list[0].automation_subtype #=> String, one of "ChangeRequest"
+    #   resp.automation_execution_metadata_list[0].automation_subtype #=> String, one of "ChangeRequest", "AccessRequest"
     #   resp.automation_execution_metadata_list[0].scheduled_time #=> Time
     #   resp.automation_execution_metadata_list[0].runbooks #=> Array
     #   resp.automation_execution_metadata_list[0].runbooks[0].document_name #=> String
@@ -3772,7 +3787,7 @@ module Aws::SSM
     #   resp.document.parameters[0].default_value #=> String
     #   resp.document.platform_types #=> Array
     #   resp.document.platform_types[0] #=> String, one of "Windows", "Linux", "MacOS"
-    #   resp.document.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup"
+    #   resp.document.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup", "ManualApprovalPolicy", "AutoApprovalPolicy"
     #   resp.document.schema_version #=> String
     #   resp.document.latest_version #=> String
     #   resp.document.default_version #=> String
@@ -4191,6 +4206,7 @@ module Aws::SSM
     #   resp.instance_patch_states[0].failed_count #=> Integer
     #   resp.instance_patch_states[0].unreported_not_applicable_count #=> Integer
     #   resp.instance_patch_states[0].not_applicable_count #=> Integer
+    #   resp.instance_patch_states[0].available_security_update_count #=> Integer
     #   resp.instance_patch_states[0].operation_start_time #=> Time
     #   resp.instance_patch_states[0].operation_end_time #=> Time
     #   resp.instance_patch_states[0].operation #=> String, one of "Scan", "Install"
@@ -4272,6 +4288,7 @@ module Aws::SSM
     #   resp.instance_patch_states[0].failed_count #=> Integer
     #   resp.instance_patch_states[0].unreported_not_applicable_count #=> Integer
     #   resp.instance_patch_states[0].not_applicable_count #=> Integer
+    #   resp.instance_patch_states[0].available_security_update_count #=> Integer
     #   resp.instance_patch_states[0].operation_start_time #=> Time
     #   resp.instance_patch_states[0].operation_end_time #=> Time
     #   resp.instance_patch_states[0].operation #=> String, one of "Scan", "Install"
@@ -4363,7 +4380,7 @@ module Aws::SSM
     #   resp.patches[0].kb_id #=> String
     #   resp.patches[0].classification #=> String
     #   resp.patches[0].severity #=> String
-    #   resp.patches[0].state #=> String, one of "INSTALLED", "INSTALLED_OTHER", "INSTALLED_PENDING_REBOOT", "INSTALLED_REJECTED", "MISSING", "NOT_APPLICABLE", "FAILED"
+    #   resp.patches[0].state #=> String, one of "INSTALLED", "INSTALLED_OTHER", "INSTALLED_PENDING_REBOOT", "INSTALLED_REJECTED", "MISSING", "NOT_APPLICABLE", "FAILED", "AVAILABLE_SECURITY_UPDATE"
     #   resp.patches[0].installed_time #=> Time
     #   resp.patches[0].cve_ids #=> String
     #   resp.next_token #=> String
@@ -5177,7 +5194,7 @@ module Aws::SSM
     #   resp = client.describe_ops_items({
     #     ops_item_filters: [
     #       {
-    #         key: "Status", # required, accepts Status, CreatedBy, Source, Priority, Title, OpsItemId, CreatedTime, LastModifiedTime, ActualStartTime, ActualEndTime, PlannedStartTime, PlannedEndTime, OperationalData, OperationalDataKey, OperationalDataValue, ResourceId, AutomationId, Category, Severity, OpsItemType, ChangeRequestByRequesterArn, ChangeRequestByRequesterName, ChangeRequestByApproverArn, ChangeRequestByApproverName, ChangeRequestByTemplate, ChangeRequestByTargetsResourceGroup, InsightByType, AccountId
+    #         key: "Status", # required, accepts Status, CreatedBy, Source, Priority, Title, OpsItemId, CreatedTime, LastModifiedTime, ActualStartTime, ActualEndTime, PlannedStartTime, PlannedEndTime, OperationalData, OperationalDataKey, OperationalDataValue, ResourceId, AutomationId, Category, Severity, OpsItemType, AccessRequestByRequesterArn, AccessRequestByRequesterId, AccessRequestByApproverArn, AccessRequestByApproverId, AccessRequestBySourceAccountId, AccessRequestBySourceOpsItemId, AccessRequestBySourceRegion, AccessRequestByIsReplica, AccessRequestByTargetResourceId, ChangeRequestByRequesterArn, ChangeRequestByRequesterName, ChangeRequestByApproverArn, ChangeRequestByApproverName, ChangeRequestByTemplate, ChangeRequestByTargetsResourceGroup, InsightByType, AccountId
     #         values: ["OpsItemFilterValue"], # required
     #         operator: "Equal", # required, accepts Equal, Contains, GreaterThan, LessThan
     #       },
@@ -5196,7 +5213,7 @@ module Aws::SSM
     #   resp.ops_item_summaries[0].last_modified_time #=> Time
     #   resp.ops_item_summaries[0].priority #=> Integer
     #   resp.ops_item_summaries[0].source #=> String
-    #   resp.ops_item_summaries[0].status #=> String, one of "Open", "InProgress", "Resolved", "Pending", "TimedOut", "Cancelling", "Cancelled", "Failed", "CompletedWithSuccess", "CompletedWithFailure", "Scheduled", "RunbookInProgress", "PendingChangeCalendarOverride", "ChangeCalendarOverrideApproved", "ChangeCalendarOverrideRejected", "PendingApproval", "Approved", "Rejected", "Closed"
+    #   resp.ops_item_summaries[0].status #=> String, one of "Open", "InProgress", "Resolved", "Pending", "TimedOut", "Cancelling", "Cancelled", "Failed", "CompletedWithSuccess", "CompletedWithFailure", "Scheduled", "RunbookInProgress", "PendingChangeCalendarOverride", "ChangeCalendarOverrideApproved", "ChangeCalendarOverrideRejected", "PendingApproval", "Approved", "Revoked", "Rejected", "Closed"
     #   resp.ops_item_summaries[0].ops_item_id #=> String
     #   resp.ops_item_summaries[0].title #=> String
     #   resp.ops_item_summaries[0].operational_data #=> Hash
@@ -5419,6 +5436,7 @@ module Aws::SSM
     #   * {Types::DescribePatchGroupStateResult#instances_with_critical_non_compliant_patches #instances_with_critical_non_compliant_patches} => Integer
     #   * {Types::DescribePatchGroupStateResult#instances_with_security_non_compliant_patches #instances_with_security_non_compliant_patches} => Integer
     #   * {Types::DescribePatchGroupStateResult#instances_with_other_non_compliant_patches #instances_with_other_non_compliant_patches} => Integer
+    #   * {Types::DescribePatchGroupStateResult#instances_with_available_security_updates #instances_with_available_security_updates} => Integer
     #
     # @example Request syntax with placeholder values
     #
@@ -5440,6 +5458,7 @@ module Aws::SSM
     #   resp.instances_with_critical_non_compliant_patches #=> Integer
     #   resp.instances_with_security_non_compliant_patches #=> Integer
     #   resp.instances_with_other_non_compliant_patches #=> Integer
+    #   resp.instances_with_available_security_updates #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribePatchGroupState AWS API Documentation
     #
@@ -5718,6 +5737,39 @@ module Aws::SSM
       req.send_request(options)
     end
 
+    # Returns a credentials set to be used with just-in-time node access.
+    #
+    # @option params [required, String] :access_request_id
+    #   The ID of a just-in-time node access request.
+    #
+    # @return [Types::GetAccessTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetAccessTokenResponse#credentials #credentials} => Types::Credentials
+    #   * {Types::GetAccessTokenResponse#access_request_status #access_request_status} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_access_token({
+    #     access_request_id: "AccessRequestId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.credentials.access_key_id #=> String
+    #   resp.credentials.secret_access_key #=> String
+    #   resp.credentials.session_token #=> String
+    #   resp.credentials.expiration_time #=> Time
+    #   resp.access_request_status #=> String, one of "Approved", "Rejected", "Revoked", "Expired", "Pending"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetAccessToken AWS API Documentation
+    #
+    # @overload get_access_token(params = {})
+    # @param [Hash] params ({})
+    def get_access_token(params = {}, options = {})
+      req = build_request(:get_access_token, params)
+      req.send_request(options)
+    end
+
     # Get detailed information about a particular Automation execution.
     #
     # @option params [required, String] :automation_execution_id
@@ -5865,7 +5917,7 @@ module Aws::SSM
     #   resp.automation_execution.triggered_alarms[0].name #=> String
     #   resp.automation_execution.triggered_alarms[0].state #=> String, one of "UNKNOWN", "ALARM"
     #   resp.automation_execution.target_locations_url #=> String
-    #   resp.automation_execution.automation_subtype #=> String, one of "ChangeRequest"
+    #   resp.automation_execution.automation_subtype #=> String, one of "ChangeRequest", "AccessRequest"
     #   resp.automation_execution.scheduled_time #=> Time
     #   resp.automation_execution.runbooks #=> Array
     #   resp.automation_execution.runbooks[0].document_name #=> String
@@ -6231,6 +6283,7 @@ module Aws::SSM
     #           configuration: "PatchSourceConfiguration", # required
     #         },
     #       ],
+    #       available_security_updates_compliance_status: "COMPLIANT", # accepts COMPLIANT, NON_COMPLIANT
     #     },
     #   })
     #
@@ -6303,7 +6356,7 @@ module Aws::SSM
     #   resp.status #=> String, one of "Creating", "Active", "Updating", "Deleting", "Failed"
     #   resp.status_information #=> String
     #   resp.content #=> String
-    #   resp.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup"
+    #   resp.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup", "ManualApprovalPolicy", "AutoApprovalPolicy"
     #   resp.document_format #=> String, one of "YAML", "JSON", "TEXT"
     #   resp.requires #=> Array
     #   resp.requires[0].name #=> String
@@ -6935,7 +6988,7 @@ module Aws::SSM
     #   resp.ops_item.priority #=> Integer
     #   resp.ops_item.related_ops_items #=> Array
     #   resp.ops_item.related_ops_items[0].ops_item_id #=> String
-    #   resp.ops_item.status #=> String, one of "Open", "InProgress", "Resolved", "Pending", "TimedOut", "Cancelling", "Cancelled", "Failed", "CompletedWithSuccess", "CompletedWithFailure", "Scheduled", "RunbookInProgress", "PendingChangeCalendarOverride", "ChangeCalendarOverrideApproved", "ChangeCalendarOverrideRejected", "PendingApproval", "Approved", "Rejected", "Closed"
+    #   resp.ops_item.status #=> String, one of "Open", "InProgress", "Resolved", "Pending", "TimedOut", "Cancelling", "Cancelled", "Failed", "CompletedWithSuccess", "CompletedWithFailure", "Scheduled", "RunbookInProgress", "PendingChangeCalendarOverride", "ChangeCalendarOverrideApproved", "ChangeCalendarOverrideRejected", "PendingApproval", "Approved", "Revoked", "Rejected", "Closed"
     #   resp.ops_item.ops_item_id #=> String
     #   resp.ops_item.version #=> String
     #   resp.ops_item.title #=> String
@@ -7434,6 +7487,7 @@ module Aws::SSM
     #   * {Types::GetPatchBaselineResult#modified_date #modified_date} => Time
     #   * {Types::GetPatchBaselineResult#description #description} => String
     #   * {Types::GetPatchBaselineResult#sources #sources} => Array<Types::PatchSource>
+    #   * {Types::GetPatchBaselineResult#available_security_updates_compliance_status #available_security_updates_compliance_status} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -7476,6 +7530,7 @@ module Aws::SSM
     #   resp.sources[0].products #=> Array
     #   resp.sources[0].products[0] #=> String
     #   resp.sources[0].configuration #=> String
+    #   resp.available_security_updates_compliance_status #=> String, one of "COMPLIANT", "NON_COMPLIANT"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetPatchBaseline AWS API Documentation
     #
@@ -8428,7 +8483,7 @@ module Aws::SSM
     #   resp.document_identifiers[0].platform_types #=> Array
     #   resp.document_identifiers[0].platform_types[0] #=> String, one of "Windows", "Linux", "MacOS"
     #   resp.document_identifiers[0].document_version #=> String
-    #   resp.document_identifiers[0].document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup"
+    #   resp.document_identifiers[0].document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup", "ManualApprovalPolicy", "AutoApprovalPolicy"
     #   resp.document_identifiers[0].schema_version #=> String
     #   resp.document_identifiers[0].document_format #=> String, one of "YAML", "JSON", "TEXT"
     #   resp.document_identifiers[0].target_type #=> String
@@ -9159,14 +9214,17 @@ module Aws::SSM
     #
     # @option params [Array<String>] :account_ids_to_add
     #   The Amazon Web Services users that should have access to the document.
-    #   The account IDs can either be a group of account IDs or *All*.
+    #   The account IDs can either be a group of account IDs or *All*. You
+    #   must specify a value for this parameter or the `AccountIdsToRemove`
+    #   parameter.
     #
     # @option params [Array<String>] :account_ids_to_remove
     #   The Amazon Web Services users that should no longer have access to the
     #   document. The Amazon Web Services user can either be a group of
     #   account IDs or *All*. This action has a higher priority than
     #   `AccountIdsToAdd`. If you specify an ID to add and the same ID to
-    #   remove, the system removes access to the document.
+    #   remove, the system removes access to the document. You must specify a
+    #   value for this parameter or the `AccountIdsToAdd` parameter.
     #
     # @option params [String] :shared_document_version
     #   (Optional) The version of the document to share. If it isn't
@@ -9409,11 +9467,16 @@ module Aws::SSM
     #   [Creating Systems Manager parameters][1] in the *Amazon Web Services
     #   Systems Manager User Guide*.
     #
-    #   <note markdown="1"> The maximum length constraint of 2048 characters listed below includes
-    #   1037 characters reserved for internal use by Systems Manager. The
-    #   maximum length for a parameter name that you create is 1011
-    #   characters. This includes the characters in the ARN that precede the
-    #   name you specify, such as
+    #   <note markdown="1"> The reported maximum length of 2048 characters for a parameter name
+    #   includes 1037 characters that are reserved for internal use by Systems
+    #   Manager. The maximum length for a parameter name that you specify is
+    #   1011 characters.
+    #
+    #    This count of 1011 characters includes the characters in the ARN that
+    #   precede the name you specify. This ARN length will vary depending on
+    #   your partition and Region. For example, the following 45 characters
+    #   count toward the 1011 character maximum for a parameter created in the
+    #   US East (Ohio) Region:
     #   `arn:aws:ssm:us-east-2:111122223333:parameter/`.
     #
     #    </note>
@@ -10417,7 +10480,7 @@ module Aws::SSM
     #
     #   resp = client.send_automation_signal({
     #     automation_execution_id: "AutomationExecutionId", # required
-    #     signal_type: "Approve", # required, accepts Approve, Reject, StartStep, StopStep, Resume
+    #     signal_type: "Approve", # required, accepts Approve, Reject, StartStep, StopStep, Resume, Revoke
     #     payload: {
     #       "AutomationParameterKey" => ["AutomationParameterValue"],
     #     },
@@ -10691,6 +10754,53 @@ module Aws::SSM
       req.send_request(options)
     end
 
+    # Starts the workflow for just-in-time node access sessions.
+    #
+    # @option params [required, String] :reason
+    #   A brief description explaining why you are requesting access to the
+    #   node.
+    #
+    # @option params [required, Array<Types::Target>] :targets
+    #   The node you are requesting access to.
+    #
+    # @option params [Array<Types::Tag>] :tags
+    #   Key-value pairs of metadata you want to assign to the access request.
+    #
+    # @return [Types::StartAccessRequestResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::StartAccessRequestResponse#access_request_id #access_request_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.start_access_request({
+    #     reason: "String1to256", # required
+    #     targets: [ # required
+    #       {
+    #         key: "TargetKey",
+    #         values: ["TargetValue"],
+    #       },
+    #     ],
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue", # required
+    #       },
+    #     ],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.access_request_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/StartAccessRequest AWS API Documentation
+    #
+    # @overload start_access_request(params = {})
+    # @param [Hash] params ({})
+    def start_access_request(params = {}, options = {})
+      req = build_request(:start_access_request, params)
+      req.send_request(options)
+    end
+
     # Runs an association immediately and only one time. This operation can
     # be helpful when troubleshooting associations.
     #
@@ -11977,7 +12087,7 @@ module Aws::SSM
     #   resp.document_description.parameters[0].default_value #=> String
     #   resp.document_description.platform_types #=> Array
     #   resp.document_description.platform_types[0] #=> String, one of "Windows", "Linux", "MacOS"
-    #   resp.document_description.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup"
+    #   resp.document_description.document_type #=> String, one of "Command", "Policy", "Automation", "Session", "Package", "ApplicationConfiguration", "ApplicationConfigurationSchema", "DeploymentStrategy", "ChangeCalendar", "Automation.ChangeTemplate", "ProblemAnalysis", "ProblemAnalysisTemplate", "CloudFormation", "ConformancePackTemplate", "QuickSetup", "ManualApprovalPolicy", "AutoApprovalPolicy"
     #   resp.document_description.schema_version #=> String
     #   resp.document_description.latest_version #=> String
     #   resp.document_description.default_version #=> String
@@ -12886,7 +12996,7 @@ module Aws::SSM
     #         ops_item_id: "String", # required
     #       },
     #     ],
-    #     status: "Open", # accepts Open, InProgress, Resolved, Pending, TimedOut, Cancelling, Cancelled, Failed, CompletedWithSuccess, CompletedWithFailure, Scheduled, RunbookInProgress, PendingChangeCalendarOverride, ChangeCalendarOverrideApproved, ChangeCalendarOverrideRejected, PendingApproval, Approved, Rejected, Closed
+    #     status: "Open", # accepts Open, InProgress, Resolved, Pending, TimedOut, Cancelling, Cancelled, Failed, CompletedWithSuccess, CompletedWithFailure, Scheduled, RunbookInProgress, PendingChangeCalendarOverride, ChangeCalendarOverrideApproved, ChangeCalendarOverrideRejected, PendingApproval, Approved, Revoked, Rejected, Closed
     #     ops_item_id: "OpsItemId", # required
     #     title: "OpsItemTitle",
     #     category: "OpsItemCategory",
@@ -13039,6 +13149,20 @@ module Aws::SSM
     #   including target operating systems and source repositories. Applies to
     #   Linux managed nodes only.
     #
+    # @option params [String] :available_security_updates_compliance_status
+    #   Indicates the status to be assigned to security patches that are
+    #   available but not approved because they don't meet the installation
+    #   criteria specified in the patch baseline.
+    #
+    #   Example scenario: Security patches that you might want installed can
+    #   be skipped if you have specified a long period to wait after a patch
+    #   is released before installation. If an update to the patch is released
+    #   during your specified waiting period, the waiting period for
+    #   installing the patch starts over. If the waiting period is too long,
+    #   multiple versions of the patch could be released but never installed.
+    #
+    #   Supported for Windows Server managed nodes only.
+    #
     # @option params [Boolean] :replace
     #   If True, then all fields that are required by the CreatePatchBaseline
     #   operation are also required for this API request. Optional fields that
@@ -13060,6 +13184,7 @@ module Aws::SSM
     #   * {Types::UpdatePatchBaselineResult#modified_date #modified_date} => Time
     #   * {Types::UpdatePatchBaselineResult#description #description} => String
     #   * {Types::UpdatePatchBaselineResult#sources #sources} => Array&lt;Types::PatchSource&gt;
+    #   * {Types::UpdatePatchBaselineResult#available_security_updates_compliance_status #available_security_updates_compliance_status} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -13105,6 +13230,7 @@ module Aws::SSM
     #         configuration: "PatchSourceConfiguration", # required
     #       },
     #     ],
+    #     available_security_updates_compliance_status: "COMPLIANT", # accepts COMPLIANT, NON_COMPLIANT
     #     replace: false,
     #   })
     #
@@ -13141,6 +13267,7 @@ module Aws::SSM
     #   resp.sources[0].products #=> Array
     #   resp.sources[0].products[0] #=> String
     #   resp.sources[0].configuration #=> String
+    #   resp.available_security_updates_compliance_status #=> String, one of "COMPLIANT", "NON_COMPLIANT"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdatePatchBaseline AWS API Documentation
     #
@@ -13324,7 +13451,7 @@ module Aws::SSM
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-ssm'
-      context[:gem_version] = '1.191.0'
+      context[:gem_version] = '1.193.0'
       Seahorse::Client::Request.new(handlers, context)
     end