@awboost/cfntypes 0.100.4 → 0.100.5

package/lib/resources.generated.d.ts

@@ -2544,7 +2544,6 @@ export type ApiGatewayMethodIntegration = {
     /**
      * Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
      * @min `50`
-     * @max `29000`
      */
     TimeoutInMillis?: number;
     /**
@@ -9797,13 +9796,45 @@ export type ApplicationAutoScalingScalableTargetScalableTargetAction = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalingpolicy.html}
  */
 export type ApplicationAutoScalingScalingPolicyProps = {
+    /**
+       * The name of the scaling policy.
+      
+      Updates to the name of a target tracking scaling policy are not supported, unless you also update the metric used for scaling. To change only a target tracking scaling policy's name, first delete the policy by removing the existing AWS::ApplicationAutoScaling::ScalingPolicy resource from the template and updating the stack. Then, recreate the resource with the same settings and a different name.
+       */
     PolicyName: string;
+    /**
+       * The scaling policy type.
+      
+      The following policy types are supported:
+      
+      TargetTrackingScaling Not supported for Amazon EMR
+      
+      StepScaling Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune.
+       */
     PolicyType: string;
+    /**
+     * The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.
+     */
     ResourceId?: string;
+    /**
+     * The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
+     */
     ScalableDimension?: string;
+    /**
+     * The CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the AWS::ApplicationAutoScaling::ScalableTarget resource.
+     */
     ScalingTargetId?: string;
+    /**
+     * The namespace of the AWS service that provides the resource, or a custom-resource.
+     */
     ServiceNamespace?: string;
+    /**
+     * A step scaling policy.
+     */
     StepScalingPolicyConfiguration?: ApplicationAutoScalingScalingPolicyStepScalingPolicyConfiguration;
+    /**
+     * A target tracking scaling policy.
+     */
     TargetTrackingScalingPolicyConfiguration?: ApplicationAutoScalingScalingPolicyTargetTrackingScalingPolicyConfiguration;
 };
 /**
@@ -9812,65 +9843,223 @@ export type ApplicationAutoScalingScalingPolicyProps = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalingpolicy.html}
  */
 export type ApplicationAutoScalingScalingPolicyAttributes = {
-    Id: string;
+    /**
+     * ARN is a read only property for the resource.
+     */
+    Arn: string;
 };
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.StepScalingPolicyConfiguration`.
+ * A step scaling policy.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-stepscalingpolicyconfiguration.html}
  */
 export type ApplicationAutoScalingScalingPolicyStepScalingPolicyConfiguration = {
+    /**
+     * Specifies how the ScalingAdjustment value in a StepAdjustment is interpreted.
+     */
     AdjustmentType?: string;
+    /**
+     * The amount of time, in seconds, to wait for a previous scaling activity to take effect.
+     */
     Cooldown?: number;
+    /**
+     * The aggregation type for the CloudWatch metrics. Valid values are Minimum, Maximum, and Average. If the aggregation type is null, the value is treated as Average
+     */
     MetricAggregationType?: string;
+    /**
+     * The minimum value to scale by when the adjustment type is PercentChangeInCapacity.
+     */
     MinAdjustmentMagnitude?: number;
+    /**
+     * A set of adjustments that enable you to scale based on the size of the alarm breach.
+     */
     StepAdjustments?: ApplicationAutoScalingScalingPolicyStepAdjustment[];
 };
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingScalingPolicyConfiguration`.
+ * A target tracking scaling policy.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingscalingpolicyconfiguration.html}
  */
 export type ApplicationAutoScalingScalingPolicyTargetTrackingScalingPolicyConfiguration = {
+    /**
+     * A customized metric. You can specify either a predefined metric or a customized metric.
+     */
     CustomizedMetricSpecification?: ApplicationAutoScalingScalingPolicyCustomizedMetricSpecification;
+    /**
+     * Indicates whether scale in by the target tracking scaling policy is disabled. If the value is true, scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable target. The default value is false.
+     */
     DisableScaleIn?: boolean;
+    /**
+     * A predefined metric. You can specify either a predefined metric or a customized metric.
+     */
     PredefinedMetricSpecification?: ApplicationAutoScalingScalingPolicyPredefinedMetricSpecification;
+    /**
+     * The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.
+     */
     ScaleInCooldown?: number;
+    /**
+     * The amount of time, in seconds, to wait for a previous scale-out activity to take effect.
+     */
     ScaleOutCooldown?: number;
+    /**
+     * The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out.
+     */
     TargetValue: number;
 };
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.PredefinedMetricSpecification`.
+ * Represents a predefined metric for a target tracking scaling policy to use with Application Auto Scaling.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-predefinedmetricspecification.html}
  */
 export type ApplicationAutoScalingScalingPolicyPredefinedMetricSpecification = {
+    /**
+     * The metric type. The ALBRequestCountPerTarget metric type applies only to Spot Fleets and ECS services.
+     */
     PredefinedMetricType: string;
+    /**
+     * Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is ALBRequestCountPerTarget and there is a target group attached to the Spot Fleet or ECS service.
+     */
     ResourceLabel?: string;
 };
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.CustomizedMetricSpecification`.
+ * Represents a CloudWatch metric of your choosing for a target tracking scaling policy to use with Application Auto Scaling.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-customizedmetricspecification.html}
  */
 export type ApplicationAutoScalingScalingPolicyCustomizedMetricSpecification = {
+    /**
+     * The dimensions of the metric.
+     */
     Dimensions?: ApplicationAutoScalingScalingPolicyMetricDimension[];
-    MetricName: string;
-    Namespace: string;
-    Statistic: string;
+    /**
+     * The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the Metric object that is returned by a call to ListMetrics.
+     */
+    MetricName?: string;
+    /**
+     * The namespace of the metric.
+     */
+    Namespace?: string;
+    /**
+     * The statistic of the metric.
+     */
+    Statistic?: string;
+    /**
+     * The unit of the metric. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference.
+     */
+    Unit?: string;
+    /**
+     * The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.
+     */
+    Metrics?: ApplicationAutoScalingScalingPolicyTargetTrackingMetricDataQuery[];
+};
+/**
+ * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery`.
+ * The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp.
+ */
+export type ApplicationAutoScalingScalingPolicyTargetTrackingMetricDataQuery = {
+    /**
+     * The math expression to perform on the returned data, if this object is performing a math expression.
+     */
+    Expression?: string;
+    /**
+     * A short name that identifies the object's results in the response.
+     */
+    Id?: string;
+    /**
+     * A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.
+     */
+    Label?: string;
+    /**
+     * Indicates whether to return the timestamps and raw data values of this metric.
+     */
+    ReturnData?: boolean;
+    /**
+     * Information about the metric data to return.
+     */
+    MetricStat?: ApplicationAutoScalingScalingPolicyTargetTrackingMetricStat;
+};
+/**
+ * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricStat`.
+ * This structure defines the CloudWatch metric to return, along with the statistic, period, and unit.
+ */
+export type ApplicationAutoScalingScalingPolicyTargetTrackingMetricStat = {
+    /**
+     * The CloudWatch metric to return, including the metric name, namespace, and dimensions.
+     */
+    Metric?: ApplicationAutoScalingScalingPolicyTargetTrackingMetric;
+    /**
+     * The statistic to return. It can include any CloudWatch statistic or extended statistic.
+     */
+    Stat?: string;
+    /**
+     * The unit to use for the returned data points.
+     */
     Unit?: string;
 };
+/**
+ * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetric`.
+ * Represents a specific metric.
+ */
+export type ApplicationAutoScalingScalingPolicyTargetTrackingMetric = {
+    /**
+     * The dimensions for the metric.
+     */
+    Dimensions?: ApplicationAutoScalingScalingPolicyTargetTrackingMetricDimension[];
+    /**
+     * The name of the metric.
+     */
+    MetricName?: string;
+    /**
+     * The namespace of the metric.
+     */
+    Namespace?: string;
+};
+/**
+ * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDimension`.
+ * Describes the dimension of a metric.
+ */
+export type ApplicationAutoScalingScalingPolicyTargetTrackingMetricDimension = {
+    /**
+     * The name of the dimension.
+     */
+    Name?: string;
+    /**
+     * The value of the dimension.
+     */
+    Value?: string;
+};
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment`.
+ * Represents a step adjustment for a StepScalingPolicyConfiguration. Describes an adjustment based on the difference between the value of the aggregated CloudWatch metric and the breach threshold that you've defined for the alarm.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-stepscalingpolicyconfiguration-stepadjustment.html}
  */
 export type ApplicationAutoScalingScalingPolicyStepAdjustment = {
+    /**
+     * The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity.
+     */
     MetricIntervalLowerBound?: number;
+    /**
+     * The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.
+     */
     MetricIntervalUpperBound?: number;
+    /**
+     * The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a positive value.
+     */
     ScalingAdjustment: number;
 };
 /**
  * Type definition for `AWS::ApplicationAutoScaling::ScalingPolicy.MetricDimension`.
+ * Describes the dimension names and values associated with a metric.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-metricdimension.html}
  */
 export type ApplicationAutoScalingScalingPolicyMetricDimension = {
+    /**
+     * The name of the dimension.
+     */
     Name: string;
+    /**
+     * The value of the dimension.
+     */
     Value: string;
 };
 /**
@@ -11084,6 +11273,7 @@ export type AutoScalingAutoScalingGroupProps = {
     AvailabilityZones?: string[];
     NotificationConfiguration?: AutoScalingAutoScalingGroupNotificationConfiguration;
     MetricsCollection?: AutoScalingAutoScalingGroupMetricsCollection[];
+    InstanceMaintenancePolicy?: AutoScalingAutoScalingGroupInstanceMaintenancePolicy;
     /**
      * @pattern `^[0-9]+$`
      */
@@ -11190,6 +11380,13 @@ export type AutoScalingAutoScalingGroupMemoryMiBRequest = {
     Min?: number;
     Max?: number;
 };
+/**
+ * Type definition for `AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy`.
+ */
+export type AutoScalingAutoScalingGroupInstanceMaintenancePolicy = {
+    MaxHealthyPercentage?: number;
+    MinHealthyPercentage?: number;
+};
 /**
  * Type definition for `AWS::AutoScaling::AutoScalingGroup.NetworkBandwidthGbpsRequest`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-networkbandwidthgbpsrequest.html}
@@ -16796,116 +16993,78 @@ export type CloudTrailChannelTag = {
 };
 /**
  * Type definition for `AWS::CloudTrail::EventDataStore`.
- * A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years).
+ * A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 7 to 2557 or 3653 days (about seven or ten years) depending on the selected BillingMode.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-eventdatastore.html}
  */
 export type CloudTrailEventDataStoreProps = {
-    /**
-     * Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
-     */
-    KmsKeyId?: string;
     /**
      * The advanced event selectors that were used to select events for the data store.
      */
     AdvancedEventSelectors?: CloudTrailEventDataStoreAdvancedEventSelector[];
-    /**
-     * Indicates whether the event data store is protected from termination.
-     */
-    TerminationProtectionEnabled?: boolean;
     /**
      * Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
      */
     MultiRegionEnabled?: boolean;
+    /**
+     * The name of the event data store.
+     */
+    Name?: string;
+    /**
+     * Indicates that an event data store is collecting logged events for an organization.
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * The mode that the event data store will use to charge for event storage.
+     */
+    BillingMode?: string;
     /**
      * The retention period, in days.
      */
     RetentionPeriod?: number;
     /**
-     * Indicates whether the event data store is ingesting events.
+     * Indicates whether the event data store is protected from termination.
      */
-    IngestionEnabled?: boolean;
+    TerminationProtectionEnabled?: boolean;
     /**
-     * The name of the event data store.
+     * Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
      */
-    Name?: string;
+    KmsKeyId?: string;
+    Tags?: CloudTrailEventDataStoreTag[];
     /**
      * Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
      */
     InsightSelectors?: CloudTrailEventDataStoreInsightSelector[];
-    /**
-     * Indicates that an event data store is collecting logged events for an organization.
-     */
-    OrganizationEnabled?: boolean;
     /**
      * Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
      */
     InsightsDestination?: string;
-    Tags?: CloudTrailEventDataStoreTag[];
+    /**
+     * Indicates whether the event data store is ingesting events.
+     */
+    IngestionEnabled?: boolean;
 };
 /**
  * Type definition for `AWS::CloudTrail::EventDataStore`.
- * A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years).
+ * A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 7 to 2557 or 3653 days (about seven or ten years) depending on the selected BillingMode.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-eventdatastore.html}
  */
 export type CloudTrailEventDataStoreAttributes = {
-    /**
-     * The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
-     */
-    Status: string;
-    /**
-     * The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
-     */
-    UpdatedTimestamp: string;
-    /**
-     * The ARN of the event data store.
-     */
-    EventDataStoreArn: string;
     /**
      * The timestamp of the event data store's creation.
      */
     CreatedTimestamp: string;
-};
-/**
- * Type definition for `AWS::CloudTrail::EventDataStore.AdvancedEventSelector`.
- * Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudtrail-eventdatastore-advancedeventselector.html}
- */
-export type CloudTrailEventDataStoreAdvancedEventSelector = {
     /**
-     * Contains all selector statements in an advanced event selector.
-     * @minLength `1`
-     */
-    FieldSelectors: CloudTrailEventDataStoreAdvancedFieldSelector[];
-    /**
-     * An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
-     * @minLength `1`
-     * @maxLength `1000`
-     */
-    Name?: string;
-};
-/**
- * Type definition for `AWS::CloudTrail::EventDataStore.InsightSelector`.
- * A string that contains Insights types that are logged on an event data store.
- */
-export type CloudTrailEventDataStoreInsightSelector = {
-    /**
-     * The type of Insights to log on an event data store.
+     * The ARN of the event data store.
      */
-    InsightType?: string;
-};
-/**
- * Type definition for `AWS::CloudTrail::EventDataStore.Tag`.
- * An arbitrary set of tags (key-value pairs) for this event data store.
- */
-export type CloudTrailEventDataStoreTag = {
+    EventDataStoreArn: string;
     /**
-     * The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+     * The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
      */
-    Value: string;
+    Status: string;
     /**
-     * The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+     * The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
      */
-    Key: string;
+    UpdatedTimestamp: string;
 };
 /**
  * Type definition for `AWS::CloudTrail::EventDataStore.AdvancedFieldSelector`.
@@ -16925,6 +17084,21 @@ export type CloudTrailEventDataStoreAdvancedFieldSelector = {
      * @minLength `1`
      */
     Equals?: string[];
+    /**
+     * An operator that includes events that match the first few characters of the event record field specified as the value of Field.
+     * @minLength `1`
+     */
+    StartsWith?: string[];
+    /**
+     * An operator that includes events that match the last few characters of the event record field specified as the value of Field.
+     * @minLength `1`
+     */
+    EndsWith?: string[];
+    /**
+     * An operator that excludes events that match the exact value of the event record field specified as the value of Field.
+     * @minLength `1`
+     */
+    NotEquals?: string[];
     /**
      * An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
      * @minLength `1`
@@ -16935,21 +17109,48 @@ export type CloudTrailEventDataStoreAdvancedFieldSelector = {
      * @minLength `1`
      */
     NotEndsWith?: string[];
+};
+/**
+ * Type definition for `AWS::CloudTrail::EventDataStore.AdvancedEventSelector`.
+ * Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudtrail-eventdatastore-advancedeventselector.html}
+ */
+export type CloudTrailEventDataStoreAdvancedEventSelector = {
     /**
-     * An operator that includes events that match the first few characters of the event record field specified as the value of Field.
+     * An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
      * @minLength `1`
+     * @maxLength `1000`
      */
-    StartsWith?: string[];
+    Name?: string;
     /**
-     * An operator that includes events that match the last few characters of the event record field specified as the value of Field.
+     * Contains all selector statements in an advanced event selector.
      * @minLength `1`
      */
-    EndsWith?: string[];
+    FieldSelectors: CloudTrailEventDataStoreAdvancedFieldSelector[];
+};
+/**
+ * Type definition for `AWS::CloudTrail::EventDataStore.Tag`.
+ * An arbitrary set of tags (key-value pairs) for this event data store.
+ */
+export type CloudTrailEventDataStoreTag = {
     /**
-     * An operator that excludes events that match the exact value of the event record field specified as the value of Field.
-     * @minLength `1`
+     * The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
      */
-    NotEquals?: string[];
+    Key: string;
+    /**
+     * The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+     */
+    Value: string;
+};
+/**
+ * Type definition for `AWS::CloudTrail::EventDataStore.InsightSelector`.
+ * A string that contains Insights types that are logged on an event data store.
+ */
+export type CloudTrailEventDataStoreInsightSelector = {
+    /**
+     * The type of Insights to log on an event data store.
+     */
+    InsightType?: string;
 };
 /**
  * Type definition for `AWS::CloudTrail::ResourcePolicy`.
@@ -29874,8 +30075,8 @@ export type EC2EC2FleetInstanceRequirementsRequest = {
     BaselineEbsBandwidthMbps?: EC2EC2FleetBaselineEbsBandwidthMbpsRequest;
     AcceleratorTypes?: ("gpu" | "fpga" | "inference")[];
     AcceleratorCount?: EC2EC2FleetAcceleratorCountRequest;
-    AcceleratorManufacturers?: ("nvidia" | "amd" | "amazon-web-services" | "xilinx")[];
-    AcceleratorNames?: ("a100" | "v100" | "k80" | "t4" | "m60" | "radeon-pro-v520" | "vu9p" | "inferentia" | "k520")[];
+    AcceleratorManufacturers?: ("amazon-web-services" | "amd" | "habana" | "nvidia" | "xilinx")[];
+    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100")[];
     AcceleratorTotalMemoryMiB?: EC2EC2FleetAcceleratorTotalMemoryMiBRequest;
 };
 /**
@@ -31392,6 +31593,20 @@ export type EC2LaunchTemplateIpv4PrefixSpecification = {
      */
     Ipv4Prefix?: string;
 };
+/**
+ * Type definition for `AWS::EC2::LaunchTemplate.EnaSrdSpecification`.
+ * Allows customer to specify ENA-SRD options
+ */
+export type EC2LaunchTemplateEnaSrdSpecification = {
+    /**
+     * Enables TCP ENA-SRD
+     */
+    EnaSrdEnabled?: boolean;
+    /**
+     * Allows customer to specify ENA-SRD (UDP) options
+     */
+    EnaSrdUdpSpecification?: EC2LaunchTemplateEnaSrdUdpSpecification;
+};
 /**
  * Type definition for `AWS::EC2::LaunchTemplate.Placement`.
  * Specifies the placement of an instance.
@@ -31701,6 +31916,10 @@ export type EC2LaunchTemplateNetworkInterface = {
      * Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
      */
     AssociateCarrierIpAddress?: boolean;
+    /**
+     * Allows customer to specify ENA-SRD options
+     */
+    EnaSrdSpecification?: EC2LaunchTemplateEnaSrdSpecification;
     /**
      * The number of IPv6 addresses to assign to a network interface.
      */
@@ -31786,6 +32005,16 @@ export type EC2LaunchTemplateTagSpecification = {
      */
     Tags?: EC2LaunchTemplateTag[];
 };
+/**
+ * Type definition for `AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification`.
+ * Allows customer to specify ENA-SRD (UDP) options
+ */
+export type EC2LaunchTemplateEnaSrdUdpSpecification = {
+    /**
+     * Enables UDP ENA-SRD
+     */
+    EnaSrdUdpEnabled?: boolean;
+};
 /**
  * Type definition for `AWS::EC2::LaunchTemplate.NetworkBandwidthGbps`.
  * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).
@@ -33604,8 +33833,8 @@ export type EC2SpotFleetInstanceRequirementsRequest = {
     BaselineEbsBandwidthMbps?: EC2SpotFleetBaselineEbsBandwidthMbpsRequest;
     AcceleratorTypes?: ("gpu" | "fpga" | "inference")[];
     AcceleratorCount?: EC2SpotFleetAcceleratorCountRequest;
-    AcceleratorManufacturers?: ("nvidia" | "amd" | "amazon-web-services" | "xilinx")[];
-    AcceleratorNames?: ("a100" | "v100" | "k80" | "t4" | "m60" | "radeon-pro-v520" | "vu9p" | "inferentia" | "k520")[];
+    AcceleratorManufacturers?: ("amazon-web-services" | "amd" | "habana" | "nvidia" | "xilinx")[];
+    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100")[];
     AcceleratorTotalMemoryMiB?: EC2SpotFleetAcceleratorTotalMemoryMiBRequest;
 };
 /**
@@ -35661,18 +35890,29 @@ export type ECRPullThroughCacheRuleProps = {
     /**
      * The ECRRepositoryPrefix is a custom alias for upstream registry url.
      * @minLength `2`
-     * @maxLength `20`
-     * @pattern `^([a-z0-9]+(?:[._-][a-z0-9]+)*)$`
+     * @maxLength `30`
+     * @pattern `(?:[a-z0-9]+(?:[._-][a-z0-9]+)/‍*)*[a-z0-9]+(?:[._-][a-z0-9]+)*`
      */
     EcrRepositoryPrefix?: string;
     /**
      * The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached
      */
     UpstreamRegistryUrl?: string;
+    /**
+     * The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.
+     * @minLength `50`
+     * @maxLength `612`
+     * @pattern `^arn:aws:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
+     */
+    CredentialArn?: string;
+    /**
+     * The name of the upstream registry.
+     */
+    UpstreamRegistry?: string;
 };
 /**
  * Type definition for `AWS::ECR::PullThroughCacheRule.PullThroughCacheRule`.
- * @maxLength `25`
+ * @maxLength `50`
  */
 export type ECRPullThroughCacheRulePullThroughCacheRule = {
     /**
@@ -35683,14 +35923,25 @@ export type ECRPullThroughCacheRulePullThroughCacheRule = {
     /**
      * The ECRRepositoryPrefix is a custom alias for upstream registry url.
      * @minLength `2`
-     * @maxLength `20`
-     * @pattern `^([a-z0-9]+(?:[._-][a-z0-9]+)*)$`
+     * @maxLength `30`
+     * @pattern `(?:[a-z0-9]+(?:[._-][a-z0-9]+)/‍*)*[a-z0-9]+(?:[._-][a-z0-9]+)*`
      */
     EcrRepositoryPrefix: string;
     /**
      * The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached
      */
     UpstreamRegistryUrl: string;
+    /**
+     * The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.
+     * @minLength `50`
+     * @maxLength `612`
+     * @pattern `^arn:aws:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
+     */
+    CredentialArn?: string;
+    /**
+     * The name of the upstream registry.
+     */
+    UpstreamRegistry?: string;
 };
 /**
  * Type definition for `AWS::ECR::RegistryPolicy`.
@@ -36990,21 +37241,21 @@ export type EFSAccessPointPosixUser = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html}
  */
 export type EFSFileSystemProps = {
-    Encrypted?: boolean;
-    FileSystemTags?: EFSFileSystemElasticFileSystemTag[];
     KmsKeyId?: string;
-    LifecyclePolicies?: EFSFileSystemLifecyclePolicy[];
     PerformanceMode?: string;
-    ProvisionedThroughputInMibps?: number;
-    ThroughputMode?: string;
-    FileSystemPolicy?: any;
+    Encrypted?: boolean;
     /**
      * Whether to bypass the FileSystemPolicy lockout safety check. The policy lockout safety check determines whether the policy in the request will prevent the principal making the request to be locked out from making future PutFileSystemPolicy requests on the file system. Set BypassPolicyLockoutSafetyCheck to True only when you intend to prevent the principal that is making the request from making a subsequent PutFileSystemPolicy request on the file system. Defaults to false
      */
     BypassPolicyLockoutSafetyCheck?: boolean;
-    BackupPolicy?: EFSFileSystemBackupPolicy;
+    LifecyclePolicies?: EFSFileSystemLifecyclePolicy[];
+    ThroughputMode?: string;
+    FileSystemTags?: EFSFileSystemElasticFileSystemTag[];
+    ProvisionedThroughputInMibps?: number;
+    FileSystemPolicy?: any;
     AvailabilityZoneName?: string;
     ReplicationConfiguration?: EFSFileSystemReplicationConfiguration;
+    BackupPolicy?: EFSFileSystemBackupPolicy;
 };
 /**
  * Type definition for `AWS::EFS::FileSystem`.
@@ -37016,12 +37267,14 @@ export type EFSFileSystemAttributes = {
     Arn: string;
 };
 /**
- * Type definition for `AWS::EFS::FileSystem.ElasticFileSystemTag`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-elasticfilesystemtag.html}
+ * Type definition for `AWS::EFS::FileSystem.ReplicationDestination`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-replicationdestination.html}
  */
-export type EFSFileSystemElasticFileSystemTag = {
-    Key: string;
-    Value: string;
+export type EFSFileSystemReplicationDestination = {
+    KmsKeyId?: string;
+    AvailabilityZoneName?: string;
+    FileSystemId?: string;
+    Region?: string;
 };
 /**
  * Type definition for `AWS::EFS::FileSystem.LifecyclePolicy`.
@@ -37032,21 +37285,12 @@ export type EFSFileSystemLifecyclePolicy = {
     TransitionToPrimaryStorageClass?: string;
 };
 /**
- * Type definition for `AWS::EFS::FileSystem.BackupPolicy`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-backuppolicy.html}
- */
-export type EFSFileSystemBackupPolicy = {
-    Status: string;
-};
-/**
- * Type definition for `AWS::EFS::FileSystem.ReplicationDestination`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-replicationdestination.html}
+ * Type definition for `AWS::EFS::FileSystem.ElasticFileSystemTag`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-elasticfilesystemtag.html}
  */
-export type EFSFileSystemReplicationDestination = {
-    FileSystemId?: string;
-    Region?: string;
-    AvailabilityZoneName?: string;
-    KmsKeyId?: string;
+export type EFSFileSystemElasticFileSystemTag = {
+    Value: string;
+    Key: string;
 };
 /**
  * Type definition for `AWS::EFS::FileSystem.ReplicationConfiguration`.
@@ -37059,6 +37303,13 @@ export type EFSFileSystemReplicationConfiguration = {
      */
     Destinations?: EFSFileSystemReplicationDestination[];
 };
+/**
+ * Type definition for `AWS::EFS::FileSystem.BackupPolicy`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-efs-filesystem-backuppolicy.html}
+ */
+export type EFSFileSystemBackupPolicy = {
+    Status: string;
+};
 /**
  * Type definition for `AWS::EFS::MountTarget`.
  * Resource Type definition for AWS::EFS::MountTarget
@@ -37158,19 +37409,15 @@ export type EKSAddonTag = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-eks-cluster.html}
  */
 export type EKSClusterProps = {
-    /**
-     * Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs.
-     */
-    Logging?: EKSClusterLogging;
     EncryptionConfig?: EKSClusterEncryptionConfig[];
     /**
      * The Kubernetes network configuration for the cluster.
      */
     KubernetesNetworkConfig?: EKSClusterKubernetesNetworkConfig;
     /**
-     * The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
+     * Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs.
      */
-    RoleArn: string;
+    Logging?: EKSClusterLogging;
     /**
      * The unique name to give to your cluster.
      * @minLength `1`
@@ -37179,18 +37426,26 @@ export type EKSClusterProps = {
      */
     Name?: string;
     /**
-     * The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
-     * @pattern `1\.\d\d`
+     * An object representing the VPC configuration to use for an Amazon EKS cluster.
      */
-    Version?: string;
+    ResourcesVpcConfig: EKSClusterResourcesVpcConfig;
     /**
      * An object representing the Outpost configuration to use for AWS EKS outpost cluster.
      */
     OutpostConfig?: EKSClusterOutpostConfig;
     /**
-     * An object representing the VPC configuration to use for an Amazon EKS cluster.
+     * An object representing the Access Config to use for the cluster.
      */
-    ResourcesVpcConfig: EKSClusterResourcesVpcConfig;
+    AccessConfig?: EKSClusterAccessConfig;
+    /**
+     * The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
+     */
+    RoleArn: string;
+    /**
+     * The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.
+     * @pattern `1\.\d\d`
+     */
+    Version?: string;
     /**
      * An array of key-value pairs to apply to this resource.
      */
@@ -37203,91 +37458,60 @@ export type EKSClusterProps = {
  */
 export type EKSClusterAttributes = {
     /**
-     * Amazon Resource Name (ARN) or alias of the customer master key (CMK).
+     * The unique ID given to your cluster.
      */
-    EncryptionConfigKeyArn: string;
+    Id: string;
     /**
-     * The certificate-authority-data for your cluster.
+     * The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
      */
-    CertificateAuthorityData: string;
+    Arn: string;
     /**
      * The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com.
      */
     Endpoint: string;
     /**
-     * The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
+     * The certificate-authority-data for your cluster.
      */
-    ClusterSecurityGroupId: string;
+    CertificateAuthorityData: string;
     /**
-     * The unique ID given to your cluster.
+     * The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication.
      */
-    Id: string;
+    ClusterSecurityGroupId: string;
     /**
-     * The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod.
+     * Amazon Resource Name (ARN) or alias of the customer master key (CMK).
      */
-    Arn: string;
+    EncryptionConfigKeyArn: string;
     /**
      * The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template.
      */
     OpenIdConnectIssuerUrl: string;
 };
-/**
- * Type definition for `AWS::EKS::Cluster.Logging`.
- * Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html}
- */
-export type EKSClusterLogging = {
-    /**
-     * The cluster control plane logging configuration for your cluster.
-     */
-    ClusterLogging?: EKSClusterClusterLogging;
-};
 /**
  * Type definition for `AWS::EKS::Cluster.Tag`.
  * A key-value pair to associate with a resource.
  */
 export type EKSClusterTag = {
-    /**
-     * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
-     * @maxLength `256`
-     */
-    Value: string;
     /**
      * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
      * @minLength `1`
      * @maxLength `128`
      */
     Key: string;
-};
-/**
- * Type definition for `AWS::EKS::Cluster.ControlPlanePlacement`.
- * Specify the placement group of the control plane machines for your cluster.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-controlplaneplacement.html}
- */
-export type EKSClusterControlPlanePlacement = {
     /**
-     * Specify the placement group name of the control place machines for your cluster.
+     * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+     * @maxLength `256`
      */
-    GroupName?: string;
+    Value: string;
 };
 /**
- * Type definition for `AWS::EKS::Cluster.OutpostConfig`.
- * An object representing the Outpost configuration to use for AWS EKS outpost cluster.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-outpostconfig.html}
+ * Type definition for `AWS::EKS::Cluster.Provider`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html}
  */
-export type EKSClusterOutpostConfig = {
-    /**
-     * Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
-     */
-    OutpostArns: string[];
-    /**
-     * Specify the placement group of the control plane machines for your cluster.
-     */
-    ControlPlanePlacement?: EKSClusterControlPlanePlacement;
+export type EKSClusterProvider = {
     /**
-     * Specify the Instance type of the machines that should be used to create your cluster.
+     * Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
      */
-    ControlPlaneInstanceType: string;
+    KeyArn?: string;
 };
 /**
  * Type definition for `AWS::EKS::Cluster.EncryptionConfig`.
@@ -37295,25 +37519,14 @@ export type EKSClusterOutpostConfig = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-encryptionconfig.html}
  */
 export type EKSClusterEncryptionConfig = {
-    /**
-     * Specifies the resources to be encrypted. The only supported value is "secrets".
-     */
-    Resources?: string[];
     /**
      * The encryption provider for the cluster.
      */
     Provider?: EKSClusterProvider;
-};
-/**
- * Type definition for `AWS::EKS::Cluster.LoggingTypeConfig`.
- * Enabled Logging Type
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html}
- */
-export type EKSClusterLoggingTypeConfig = {
     /**
-     * name of the log type
+     * Specifies the resources to be encrypted. The only supported value is "secrets".
      */
-    Type?: "api" | "audit" | "authenticator" | "controllerManager" | "scheduler";
+    Resources?: string[];
 };
 /**
  * Type definition for `AWS::EKS::Cluster.ResourcesVpcConfig`.
@@ -37321,6 +37534,10 @@ export type EKSClusterLoggingTypeConfig = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-resourcesvpcconfig.html}
  */
 export type EKSClusterResourcesVpcConfig = {
+    /**
+     * Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
+     */
+    EndpointPrivateAccess?: boolean;
     /**
      * Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server.
      */
@@ -37329,10 +37546,6 @@ export type EKSClusterResourcesVpcConfig = {
      * The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks.
      */
     PublicAccessCidrs?: string[];
-    /**
-     * Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods.
-     */
-    EndpointPrivateAccess?: boolean;
     /**
      * Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used.
      */
@@ -37342,6 +37555,17 @@ export type EKSClusterResourcesVpcConfig = {
      */
     SubnetIds: string[];
 };
+/**
+ * Type definition for `AWS::EKS::Cluster.LoggingTypeConfig`.
+ * Enabled Logging Type
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-loggingtypeconfig.html}
+ */
+export type EKSClusterLoggingTypeConfig = {
+    /**
+     * name of the log type
+     */
+    Type?: "api" | "audit" | "authenticator" | "controllerManager" | "scheduler";
+};
 /**
  * Type definition for `AWS::EKS::Cluster.ClusterLogging`.
  * The cluster control plane logging configuration for your cluster.
@@ -37353,6 +37577,17 @@ export type EKSClusterClusterLogging = {
      */
     EnabledTypes?: EKSClusterLoggingTypeConfig[];
 };
+/**
+ * Type definition for `AWS::EKS::Cluster.Logging`.
+ * Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-logging.html}
+ */
+export type EKSClusterLogging = {
+    /**
+     * The cluster control plane logging configuration for your cluster.
+     */
+    ClusterLogging?: EKSClusterClusterLogging;
+};
 /**
  * Type definition for `AWS::EKS::Cluster.KubernetesNetworkConfig`.
  * The Kubernetes network configuration for the cluster.
@@ -37373,14 +37608,48 @@ export type EKSClusterKubernetesNetworkConfig = {
     IpFamily?: "ipv4" | "ipv6";
 };
 /**
- * Type definition for `AWS::EKS::Cluster.Provider`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-provider.html}
+ * Type definition for `AWS::EKS::Cluster.ControlPlanePlacement`.
+ * Specify the placement group of the control plane machines for your cluster.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-controlplaneplacement.html}
  */
-export type EKSClusterProvider = {
+export type EKSClusterControlPlanePlacement = {
     /**
-     * Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key.
+     * Specify the placement group name of the control place machines for your cluster.
      */
-    KeyArn?: string;
+    GroupName?: string;
+};
+/**
+ * Type definition for `AWS::EKS::Cluster.OutpostConfig`.
+ * An object representing the Outpost configuration to use for AWS EKS outpost cluster.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-cluster-outpostconfig.html}
+ */
+export type EKSClusterOutpostConfig = {
+    /**
+     * Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster.
+     */
+    OutpostArns: string[];
+    /**
+     * Specify the Instance type of the machines that should be used to create your cluster.
+     */
+    ControlPlaneInstanceType: string;
+    /**
+     * Specify the placement group of the control plane machines for your cluster.
+     */
+    ControlPlanePlacement?: EKSClusterControlPlanePlacement;
+};
+/**
+ * Type definition for `AWS::EKS::Cluster.AccessConfig`.
+ * An object representing the Access Config to use for the cluster.
+ */
+export type EKSClusterAccessConfig = {
+    /**
+     * Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.
+     */
+    BootstrapClusterCreatorAdminPermissions?: boolean;
+    /**
+     * Specify the authentication mode that should be used to create your cluster.
+     */
+    AuthenticationMode?: "CONFIG_MAP" | "API_AND_CONFIG_MAP" | "API";
 };
 /**
  * Type definition for `AWS::EKS::FargateProfile`.
@@ -39973,13 +40242,13 @@ export type ElasticLoadBalancingLoadBalancerConnectionSettings = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html}
  */
 export type ElasticLoadBalancingV2ListenerProps = {
+    AlpnPolicy?: string[];
     SslPolicy?: string;
     LoadBalancerArn: string;
     DefaultActions: ElasticLoadBalancingV2ListenerAction[];
     Port?: number;
     Certificates?: ElasticLoadBalancingV2ListenerCertificate[];
     Protocol?: string;
-    AlpnPolicy?: string[];
 };
 /**
  * Type definition for `AWS::ElasticLoadBalancingV2::Listener`.
@@ -40069,6 +40338,7 @@ export type ElasticLoadBalancingV2ListenerForwardConfig = {
 export type ElasticLoadBalancingV2ListenerAuthenticateOidcConfig = {
     OnUnauthenticatedRequest?: string;
     TokenEndpoint: string;
+    UseExistingClientSecret?: boolean;
     SessionTimeout?: string;
     Scope?: string;
     Issuer: string;
@@ -40077,7 +40347,6 @@ export type ElasticLoadBalancingV2ListenerAuthenticateOidcConfig = {
     ClientId: string;
     AuthorizationEndpoint: string;
     SessionCookieName?: string;
-    UseExistingClientSecret?: boolean;
     AuthenticationRequestExtraParams?: Record<string, string>;
 };
 /**
@@ -41620,7 +41889,7 @@ export type EventsRuleProps = {
     /**
      * The state of the rule.
      */
-    State?: "DISABLED" | "ENABLED";
+    State?: "DISABLED" | "ENABLED" | "ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS";
     /**
        * Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.
       Targets are the resources that are invoked when a rule is triggered.
@@ -42493,10 +42762,6 @@ export type FISExperimentTemplateProps = {
      * @maxLength `512`
      */
     Description: string;
-    /**
-     * The targets for the experiment.
-     */
-    Targets: FISExperimentTemplateExperimentTemplateTargetMap;
     /**
      * The actions for the experiment.
      */
@@ -42505,6 +42770,10 @@ export type FISExperimentTemplateProps = {
      * One or more stop conditions.
      */
     StopConditions: FISExperimentTemplateExperimentTemplateStopCondition[];
+    /**
+     * The targets for the experiment.
+     */
+    Targets: FISExperimentTemplateExperimentTemplateTargetMap;
     LogConfiguration?: FISExperimentTemplateExperimentTemplateLogConfiguration;
     /**
      * The Amazon Resource Name (ARN) of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.
@@ -42526,31 +42795,44 @@ export type FISExperimentTemplateAttributes = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatestopcondition.html}
  */
 export type FISExperimentTemplateExperimentTemplateStopCondition = {
-    /**
-     * @maxLength `64`
-     */
-    Source: string;
     /**
      * @minLength `20`
      * @maxLength `2048`
      */
     Value?: string;
+    /**
+     * @maxLength `64`
+     */
+    Source: string;
 };
 /**
- * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter`.
- * Describes a filter used for the target resource input in an experiment template.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilter.html}
+ * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatelogconfiguration.html}
  */
-export type FISExperimentTemplateExperimentTemplateTargetFilter = {
-    /**
-     * The attribute path for the filter.
-     * @maxLength `256`
-     */
-    Path: string;
+export type FISExperimentTemplateExperimentTemplateLogConfiguration = {
+    S3Configuration?: {
+        /**
+         * @minLength `3`
+         * @maxLength `63`
+         */
+        BucketName: string;
+        /**
+         * @minLength `1`
+         * @maxLength `1024`
+         */
+        Prefix?: string;
+    };
     /**
-     * The attribute values for the filter.
+     * @min `1`
      */
-    Values: string[];
+    LogSchemaVersion: number;
+    CloudWatchLogsConfiguration?: {
+        /**
+         * @minLength `20`
+         * @maxLength `2048`
+         */
+        LogGroupArn: string;
+    };
 };
 /**
  * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget`.
@@ -42558,6 +42840,9 @@ export type FISExperimentTemplateExperimentTemplateTargetFilter = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html}
  */
 export type FISExperimentTemplateExperimentTemplateTarget = {
+    Filters?: FISExperimentTemplateExperimentTemplateTargetFilter[];
+    Parameters?: Record<string, string>;
+    ResourceTags?: Record<string, string>;
     /**
      * The AWS resource type. The resource type must be supported for the specified action.
      * @maxLength `64`
@@ -42567,9 +42852,6 @@ export type FISExperimentTemplateExperimentTemplateTarget = {
      * The Amazon Resource Names (ARNs) of the target resources.
      */
     ResourceArns?: string[];
-    ResourceTags?: Record<string, string>;
-    Parameters?: Record<string, string>;
-    Filters?: FISExperimentTemplateExperimentTemplateTargetFilter[];
     /**
      * Scopes the identified resources to a specific number of the resources at random, or a percentage of the resources.
      * @maxLength `64`
@@ -42581,6 +42863,27 @@ export type FISExperimentTemplateExperimentTemplateTarget = {
  * The targets for the experiment.
  */
 export type FISExperimentTemplateExperimentTemplateTargetMap = Record<string, FISExperimentTemplateExperimentTemplateTarget>;
+/**
+ * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter`.
+ * Describes a filter used for the target resource input in an experiment template.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilter.html}
+ */
+export type FISExperimentTemplateExperimentTemplateTargetFilter = {
+    /**
+     * The attribute path for the filter.
+     * @maxLength `256`
+     */
+    Path: string;
+    /**
+     * The attribute values for the filter.
+     */
+    Values: string[];
+};
+/**
+ * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateActionMap`.
+ * The actions for the experiment.
+ */
+export type FISExperimentTemplateExperimentTemplateActionMap = Record<string, FISExperimentTemplateExperimentTemplateAction>;
 /**
  * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateAction`.
  * Specifies an action for the experiment template.
@@ -42610,40 +42913,6 @@ export type FISExperimentTemplateExperimentTemplateAction = {
      */
     StartAfter?: string[];
 };
-/**
- * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateActionMap`.
- * The actions for the experiment.
- */
-export type FISExperimentTemplateExperimentTemplateActionMap = Record<string, FISExperimentTemplateExperimentTemplateAction>;
-/**
- * Type definition for `AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatelogconfiguration.html}
- */
-export type FISExperimentTemplateExperimentTemplateLogConfiguration = {
-    CloudWatchLogsConfiguration?: {
-        /**
-         * @minLength `20`
-         * @maxLength `2048`
-         */
-        LogGroupArn: string;
-    };
-    S3Configuration?: {
-        /**
-         * @minLength `3`
-         * @maxLength `63`
-         */
-        BucketName: string;
-        /**
-         * @minLength `1`
-         * @maxLength `1024`
-         */
-        Prefix?: string;
-    };
-    /**
-     * @min `1`
-     */
-    LogSchemaVersion: number;
-};
 /**
  * Type definition for `AWS::FMS::NotificationChannel`.
  * Designates the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs.
@@ -44623,22 +44892,6 @@ export type GameLiftFleetProps = {
      * @maxLength `50`
      */
     ScalingPolicies?: GameLiftFleetScalingPolicy[];
-    /**
-     * Configuration for Anywhere fleet.
-     */
-    AnywhereConfiguration?: GameLiftFleetAnywhereConfiguration;
-    /**
-     * ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer.
-     */
-    ApplyCapacity?: "ON_UPDATE" | "ON_CREATE_AND_UPDATE";
-    /**
-     * Indicates whether to generate a TLS/SSL certificate for the new fleet. TLS certificates are used for encrypting traffic between game clients and game servers running on GameLift. If this parameter is not set, certificate generation is disabled. This fleet setting cannot be changed once the fleet is created.
-     */
-    CertificateConfiguration?: GameLiftFleetCertificateConfiguration;
-    /**
-     * ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer.
-     */
-    ComputeType?: "EC2" | "ANYWHERE";
     /**
      * A human-readable description of a fleet.
      * @minLength `1`
@@ -44646,88 +44899,68 @@ export type GameLiftFleetProps = {
      */
     Description?: string;
     /**
-     * [DEPRECATED] The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to "1" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet.
+     * A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the AWS Management Console.
+     * @minLength `1`
+     * @maxLength `1024`
+     * @pattern `^vpc-\S+`
      */
-    DesiredEC2Instances?: number;
+    PeerVpcId?: string;
     /**
      * A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift server.
      * @maxLength `50`
      */
     EC2InboundPermissions?: GameLiftFleetIpPermission[];
     /**
-     * The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions.
-     * @pattern `^.*..*$`
-     */
-    EC2InstanceType?: string;
-    /**
-     * Indicates whether to use On-Demand instances or Spot instances for this fleet. If empty, the default is ON_DEMAND. Both categories of instances use identical hardware and configurations based on the instance type selected for this fleet.
+     * ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer.
      */
-    FleetType?: "ON_DEMAND" | "SPOT";
+    ComputeType?: "EC2" | "ANYWHERE";
     /**
-     * A unique identifier for an AWS IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN from the IAM dashboard in the AWS Management Console.
+     * A descriptive label that is associated with a fleet. Fleet names do not need to be unique.
      * @minLength `1`
-     * @pattern `^arn:aws(-.*)?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$`
+     * @maxLength `1024`
      */
-    InstanceRoleARN?: string;
+    Name: string;
     /**
-     * Credentials provider implementation that loads credentials from the Amazon EC2 Instance Metadata Service.
+     * Configuration for Anywhere fleet.
      */
-    InstanceRoleCredentialsProvider?: "SHARED_CREDENTIAL_FILE";
+    AnywhereConfiguration?: GameLiftFleetAnywhereConfiguration;
     /**
+     * A unique identifier for an AWS IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN from the IAM dashboard in the AWS Management Console.
      * @minLength `1`
-     * @maxLength `100`
-     */
-    Locations?: GameLiftFleetLocationConfiguration[];
-    /**
-     * This parameter is no longer used. When hosting a custom game build, specify where Amazon GameLift should store log files using the Amazon GameLift server API call ProcessReady()
+     * @pattern `^arn:aws(-.*)?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$`
      */
-    LogPaths?: string[];
+    InstanceRoleARN?: string;
     /**
-     * [DEPRECATED] The maximum value that is allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value.
+     * Indicates whether to generate a TLS/SSL certificate for the new fleet. TLS certificates are used for encrypting traffic between game clients and game servers running on GameLift. If this parameter is not set, certificate generation is disabled. This fleet setting cannot be changed once the fleet is created.
      */
-    MaxSize?: number;
+    CertificateConfiguration?: GameLiftFleetCertificateConfiguration;
     /**
-     * The name of an Amazon CloudWatch metric group. A metric group aggregates the metrics for all fleets in the group. Specify a string containing the metric group name. You can use an existing name or use a new name to create a new metric group. Currently, this parameter can have only one string.
-     * @maxLength `1`
+     * Credentials provider implementation that loads credentials from the Amazon EC2 Instance Metadata Service.
      */
-    MetricGroups?: string[];
+    InstanceRoleCredentialsProvider?: "SHARED_CREDENTIAL_FILE";
     /**
-     * [DEPRECATED] The minimum value allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value.
+     * [DEPRECATED] The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to "1" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet.
      */
-    MinSize?: number;
+    DesiredEC2Instances?: number;
     /**
-     * A descriptive label that is associated with a fleet. Fleet names do not need to be unique.
+     * This parameter is no longer used but is retained for backward compatibility. Instead, specify server launch parameters in the RuntimeConfiguration parameter. A request must specify either a runtime configuration or values for both ServerLaunchParameters and ServerLaunchPath.
      * @minLength `1`
      * @maxLength `1024`
      */
-    Name: string;
-    /**
-     * A game session protection policy to apply to all game sessions hosted on instances in this fleet. When protected, active game sessions cannot be terminated during a scale-down event. If this parameter is not set, instances in this fleet default to no protection. You can change a fleet's protection policy to affect future game sessions on the fleet. You can also set protection for individual game sessions.
-     */
-    NewGameSessionProtectionPolicy?: "FullProtection" | "NoProtection";
+    ServerLaunchParameters?: string;
     /**
-     * A unique identifier for the AWS account with the VPC that you want to peer your Amazon GameLift fleet with. You can find your account ID in the AWS Management Console under account settings.
-     * @minLength `1`
-     * @maxLength `1024`
-     * @pattern `^[0-9]{12}$`
+     * Indicates whether to use On-Demand instances or Spot instances for this fleet. If empty, the default is ON_DEMAND. Both categories of instances use identical hardware and configurations based on the instance type selected for this fleet.
      */
-    PeerVpcAwsAccountId?: string;
+    FleetType?: "ON_DEMAND" | "SPOT";
     /**
-     * A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the AWS Management Console.
      * @minLength `1`
-     * @maxLength `1024`
-     * @pattern `^vpc-\S+`
-     */
-    PeerVpcId?: string;
-    /**
-     * A policy that limits the number of game sessions an individual player can create over a span of time for this fleet.
+     * @maxLength `100`
      */
-    ResourceCreationLimitPolicy?: GameLiftFleetResourceCreationLimitPolicy;
+    Locations?: GameLiftFleetLocationConfiguration[];
     /**
-     * A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created.
-     * @pattern `^build-\S+|^arn:.*:build/build-\S+`
+     * A game session protection policy to apply to all game sessions hosted on instances in this fleet. When protected, active game sessions cannot be terminated during a scale-down event. If this parameter is not set, instances in this fleet default to no protection. You can change a fleet's protection policy to affect future game sessions on the fleet. You can also set protection for individual game sessions.
      */
-    BuildId?: string;
+    NewGameSessionProtectionPolicy?: "FullProtection" | "NoProtection";
     /**
        * A unique identifier for a Realtime script to be deployed on a new Realtime Servers fleet. The script must have been successfully uploaded to Amazon GameLift. This fleet setting cannot be changed once the fleet is created.
       
@@ -44735,6 +44968,10 @@ export type GameLiftFleetProps = {
        * @pattern `^script-\S+|^arn:.*:script/script-\S+`
        */
     ScriptId?: string;
+    /**
+     * [DEPRECATED] The maximum value that is allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value.
+     */
+    MaxSize?: number;
     /**
        * Instructions for launching server processes on each instance in the fleet. Server processes run either a custom game build executable or a Realtime script. The runtime configuration defines the server executables or launch script file, launch parameters, and the number of processes to run concurrently on each instance. When creating a fleet, the runtime configuration must have at least one server process configuration; otherwise the request fails with an invalid request exception.
       
@@ -44742,171 +44979,92 @@ export type GameLiftFleetProps = {
        */
     RuntimeConfiguration?: GameLiftFleetRuntimeConfiguration;
     /**
-     * This parameter is no longer used but is retained for backward compatibility. Instead, specify server launch parameters in the RuntimeConfiguration parameter. A request must specify either a runtime configuration or values for both ServerLaunchParameters and ServerLaunchPath.
-     * @minLength `1`
-     * @maxLength `1024`
+     * This parameter is no longer used. When hosting a custom game build, specify where Amazon GameLift should store log files using the Amazon GameLift server API call ProcessReady()
      */
-    ServerLaunchParameters?: string;
+    LogPaths?: string[];
     /**
      * This parameter is no longer used. Instead, specify a server launch path using the RuntimeConfiguration parameter. Requests that specify a server launch path and launch parameters instead of a runtime configuration will continue to work.
      * @minLength `1`
      * @maxLength `1024`
      */
     ServerLaunchPath?: string;
-};
-/**
- * Type definition for `AWS::GameLift::Fleet`.
- * The AWS::GameLift::Fleet resource creates an Amazon GameLift (GameLift) fleet to host game servers. A fleet is a set of EC2 or Anywhere instances, each of which can host multiple game sessions.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html}
- */
-export type GameLiftFleetAttributes = {
     /**
-     * Unique fleet ID
-     * @pattern `^fleet-\S+`
+     * [DEPRECATED] The minimum value allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value.
      */
-    FleetId: string;
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.AnywhereConfiguration`.
- * Configuration for Anywhere fleet.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-anywhereconfiguration.html}
- */
-export type GameLiftFleetAnywhereConfiguration = {
+    MinSize?: number;
     /**
-     * Cost of compute can be specified on Anywhere Fleets to prioritize placement across Queue destinations based on Cost.
+     * A unique identifier for the AWS account with the VPC that you want to peer your Amazon GameLift fleet with. You can find your account ID in the AWS Management Console under account settings.
      * @minLength `1`
-     * @maxLength `11`
-     * @pattern `^\d{1,5}(?:\.\d{1,5})?$`
+     * @maxLength `1024`
+     * @pattern `^[0-9]{12}$`
      */
-    Cost: string;
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.CertificateConfiguration`.
- * Information about the use of a TLS/SSL certificate for a fleet. TLS certificate generation is enabled at the fleet level, with one certificate generated for the fleet. When this feature is enabled, the certificate can be retrieved using the GameLift Server SDK call GetInstanceCertificate. All instances in a fleet share the same certificate.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-certificateconfiguration.html}
- */
-export type GameLiftFleetCertificateConfiguration = {
-    CertificateType: "DISABLED" | "GENERATED";
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.IpPermission`.
- * A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift hosting resource. New game sessions that are started on the fleet are assigned an IP address/port number combination, which must fall into the fleet's allowed ranges. For fleets created with a custom game server, the ranges reflect the server's game session assignments. For Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging and one for UDP, for use by the Realtime servers.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-ippermission.html}
- */
-export type GameLiftFleetIpPermission = {
+    PeerVpcAwsAccountId?: string;
     /**
-     * A starting value for a range of allowed port numbers.
-     * @min `1`
-     * @max `60000`
+     * The name of an Amazon CloudWatch metric group. A metric group aggregates the metrics for all fleets in the group. Specify a string containing the metric group name. You can use an existing name or use a new name to create a new metric group. Currently, this parameter can have only one string.
+     * @maxLength `1`
      */
-    FromPort: number;
+    MetricGroups?: string[];
     /**
-     * A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: "000.000.000.000/[subnet mask]" or optionally the shortened version "0.0.0.0/[subnet mask]".
-     * @pattern `(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([0-9]|[1-2][0-9]|3[0-2]))$)`
+     * A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created.
+     * @pattern `^build-\S+|^arn:.*:build/build-\S+`
      */
-    IpRange: string;
+    BuildId?: string;
     /**
-     * The network communication protocol used by the fleet.
+     * A policy that limits the number of game sessions an individual player can create over a span of time for this fleet.
      */
-    Protocol: "TCP" | "UDP";
+    ResourceCreationLimitPolicy?: GameLiftFleetResourceCreationLimitPolicy;
     /**
-     * An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort.
-     * @min `1`
-     * @max `60000`
+     * The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions.
+     * @pattern `^.*..*$`
      */
-    ToPort: number;
+    EC2InstanceType?: string;
 };
 /**
- * Type definition for `AWS::GameLift::Fleet.LocationCapacity`.
- * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-locationcapacity.html}
+ * Type definition for `AWS::GameLift::Fleet`.
+ * The AWS::GameLift::Fleet resource creates an Amazon GameLift (GameLift) fleet to host game servers. A fleet is a set of EC2 or Anywhere instances, each of which can host multiple game sessions.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-fleet.html}
  */
-export type GameLiftFleetLocationCapacity = {
-    /**
-     * The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits.
-     */
-    DesiredEC2Instances: number;
-    /**
-     * The minimum value allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value.
-     */
-    MinSize: number;
+export type GameLiftFleetAttributes = {
     /**
-     * The maximum value that is allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value.
+     * Unique fleet ID
+     * @pattern `^fleet-\S+`
      */
-    MaxSize: number;
+    FleetId: string;
 };
 /**
- * Type definition for `AWS::GameLift::Fleet.LocationConfiguration`.
- * A remote location where a multi-location fleet can deploy EC2 instances for game hosting.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-locationconfiguration.html}
+ * Type definition for `AWS::GameLift::Fleet.ScalingPolicy`.
+ * Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-scalingpolicy.html}
  */
-export type GameLiftFleetLocationConfiguration = {
-    /**
-     * @minLength `1`
-     * @maxLength `64`
-     * @pattern `^[A-Za-z0-9\-]+`
-     */
-    Location: string;
+export type GameLiftFleetScalingPolicy = {
     /**
-     * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region.
+     * Current status of the scaling policy. The scaling policy can be in force only when in an ACTIVE status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.
      */
-    LocationCapacity?: GameLiftFleetLocationCapacity;
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.ResourceCreationLimitPolicy`.
- * A policy that limits the number of game sessions a player can create on the same fleet. This optional policy gives game owners control over how players can consume available game server resources. A resource creation policy makes the following statement: "An individual player can create a maximum number of new game sessions within a specified time period".
-
-The policy is evaluated when a player tries to create a new game session. For example, assume you have a policy of 10 new game sessions and a time period of 60 minutes. On receiving a CreateGameSession request, Amazon GameLift checks that the player (identified by CreatorId) has created fewer than 10 game sessions in the past 60 minutes.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-resourcecreationlimitpolicy.html}
- */
-export type GameLiftFleetResourceCreationLimitPolicy = {
+    Status?: "ACTIVE" | "UPDATE_REQUESTED" | "UPDATING" | "DELETE_REQUESTED" | "DELETING" | "DELETED" | "ERROR";
     /**
-     * The maximum number of game sessions that an individual can create during the policy period.
+     * Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment.
      */
-    NewGameSessionsPerCreator?: number;
+    MetricName: "ActivatingGameSessions" | "ActiveGameSessions" | "ActiveInstances" | "AvailableGameSessions" | "AvailablePlayerSessions" | "CurrentPlayerSessions" | "IdleInstances" | "PercentAvailableGameSessions" | "PercentIdleInstances" | "QueueDepth" | "WaitTime" | "ConcurrentActivatableGameSessions";
     /**
-     * The time span used in evaluating the resource creation limit policy.
+     * The type of scaling policy to create. For a target-based policy, set the parameter MetricName to 'PercentAvailableGameSessions' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment.
      */
-    PolicyPeriodInMinutes?: number;
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.RuntimeConfiguration`.
- * A collection of server process configurations that describe the processes to run on each instance in a fleet. All fleets must have a runtime configuration. Each instance in the fleet maintains server processes as specified in the runtime configuration, launching new ones as existing processes end. Each instance regularly checks for an updated runtime configuration makes adjustments as called for.
-
-The runtime configuration enables the instances in a fleet to run multiple processes simultaneously. Potential scenarios are as follows: (1) Run multiple processes of a single game server executable to maximize usage of your hosting resources. (2) Run one or more processes of different executables, such as your game server and a metrics tracking program. (3) Run multiple processes of a single game server but with different launch parameters, for example to run one process on each instance in debug mode.
-
-An Amazon GameLift instance is limited to 50 processes running simultaneously. A runtime configuration must specify fewer than this limit. To calculate the total number of processes specified in a runtime configuration, add the values of the ConcurrentExecutions parameter for each ServerProcess object in the runtime configuration.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-runtimeconfiguration.html}
- */
-export type GameLiftFleetRuntimeConfiguration = {
+    PolicyType?: "RuleBased" | "TargetBased";
     /**
-     * The maximum amount of time (in seconds) that a game session can remain in status ACTIVATING. If the game session is not active before the timeout, activation is terminated and the game session status is changed to TERMINATED.
-     * @min `1`
-     * @max `600`
+     * Comparison operator to use when measuring a metric against the threshold value.
      */
-    GameSessionActivationTimeoutSeconds?: number;
+    ComparisonOperator?: "GreaterThanOrEqualToThreshold" | "GreaterThanThreshold" | "LessThanThreshold" | "LessThanOrEqualToThreshold";
     /**
-     * The maximum number of game sessions with status ACTIVATING to allow on an instance simultaneously. This setting limits the amount of instance resources that can be used for new game activations at any one time.
-     * @min `1`
-     * @max `2147483647`
+     * An object that contains settings for a target-based scaling policy.
      */
-    MaxConcurrentGameSessionActivations?: number;
+    TargetConfiguration?: GameLiftFleetTargetConfiguration;
     /**
-     * A collection of server process configurations that describe which server processes to run on each instance in a fleet.
-     * @maxLength `50`
+     * The current status of the fleet's scaling policies in a requested fleet location. The status PENDING_UPDATE indicates that an update was requested for the fleet but has not yet been completed for the location.
      */
-    ServerProcesses?: GameLiftFleetServerProcess[];
-};
-/**
- * Type definition for `AWS::GameLift::Fleet.ScalingPolicy`.
- * Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-scalingpolicy.html}
- */
-export type GameLiftFleetScalingPolicy = {
+    UpdateStatus?: "PENDING_UPDATE";
     /**
-     * Comparison operator to use when measuring a metric against the threshold value.
+     * Amount of adjustment to make, based on the scaling adjustment type.
      */
-    ComparisonOperator?: "GreaterThanOrEqualToThreshold" | "GreaterThanThreshold" | "LessThanThreshold" | "LessThanOrEqualToThreshold";
+    ScalingAdjustment?: number;
     /**
      * Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.
      * @min `1`
@@ -44918,44 +45076,20 @@ export type GameLiftFleetScalingPolicy = {
      * @pattern `^[A-Za-z0-9\-]+`
      */
     Location?: string;
-    /**
-     * Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment.
-     */
-    MetricName: "ActivatingGameSessions" | "ActiveGameSessions" | "ActiveInstances" | "AvailableGameSessions" | "AvailablePlayerSessions" | "CurrentPlayerSessions" | "IdleInstances" | "PercentAvailableGameSessions" | "PercentIdleInstances" | "QueueDepth" | "WaitTime" | "ConcurrentActivatableGameSessions";
     /**
      * A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.
      * @minLength `1`
      * @maxLength `1024`
      */
     Name: string;
-    /**
-     * The type of scaling policy to create. For a target-based policy, set the parameter MetricName to 'PercentAvailableGameSessions' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment.
-     */
-    PolicyType?: "RuleBased" | "TargetBased";
-    /**
-     * Amount of adjustment to make, based on the scaling adjustment type.
-     */
-    ScalingAdjustment?: number;
     /**
      * The type of adjustment to make to a fleet's instance count.
      */
     ScalingAdjustmentType?: "ChangeInCapacity" | "ExactCapacity" | "PercentChangeInCapacity";
-    /**
-     * Current status of the scaling policy. The scaling policy can be in force only when in an ACTIVE status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.
-     */
-    Status?: "ACTIVE" | "UPDATE_REQUESTED" | "UPDATING" | "DELETE_REQUESTED" | "DELETING" | "DELETED" | "ERROR";
-    /**
-     * An object that contains settings for a target-based scaling policy.
-     */
-    TargetConfiguration?: GameLiftFleetTargetConfiguration;
     /**
      * Metric value used to trigger a scaling event.
      */
     Threshold?: number;
-    /**
-     * The current status of the fleet's scaling policies in a requested fleet location. The status PENDING_UPDATE indicates that an update was requested for the fleet but has not yet been completed for the location.
-     */
-    UpdateStatus?: "PENDING_UPDATE";
 };
 /**
  * Type definition for `AWS::GameLift::Fleet.ServerProcess`.
@@ -44968,6 +45102,12 @@ export type GameLiftFleetServerProcess = {
      * @min `1`
      */
     ConcurrentExecutions: number;
+    /**
+     * An optional list of parameters to pass to the server executable or Realtime script on launch.
+     * @minLength `1`
+     * @maxLength `1024`
+     */
+    Parameters?: string;
     /**
        * The location of the server executable in a custom game build or the name of the Realtime script file that contains the Init() function. Game builds and Realtime scripts are installed on instances at the root:
       
@@ -44979,12 +45119,6 @@ export type GameLiftFleetServerProcess = {
        * @pattern `^([Cc]:\\game\S+|/local/game/\S+)`
        */
     LaunchPath: string;
-    /**
-     * An optional list of parameters to pass to the server executable or Realtime script on launch.
-     * @minLength `1`
-     * @maxLength `1024`
-     */
-    Parameters?: string;
 };
 /**
  * Type definition for `AWS::GameLift::Fleet.TargetConfiguration`.
@@ -44997,6 +45131,137 @@ export type GameLiftFleetTargetConfiguration = {
      */
     TargetValue: number;
 };
+/**
+ * Type definition for `AWS::GameLift::Fleet.AnywhereConfiguration`.
+ * Configuration for Anywhere fleet.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-anywhereconfiguration.html}
+ */
+export type GameLiftFleetAnywhereConfiguration = {
+    /**
+     * Cost of compute can be specified on Anywhere Fleets to prioritize placement across Queue destinations based on Cost.
+     * @minLength `1`
+     * @maxLength `11`
+     * @pattern `^\d{1,5}(?:\.\d{1,5})?$`
+     */
+    Cost: string;
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.ResourceCreationLimitPolicy`.
+ * A policy that limits the number of game sessions a player can create on the same fleet. This optional policy gives game owners control over how players can consume available game server resources. A resource creation policy makes the following statement: "An individual player can create a maximum number of new game sessions within a specified time period".
+
+The policy is evaluated when a player tries to create a new game session. For example, assume you have a policy of 10 new game sessions and a time period of 60 minutes. On receiving a CreateGameSession request, Amazon GameLift checks that the player (identified by CreatorId) has created fewer than 10 game sessions in the past 60 minutes.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-resourcecreationlimitpolicy.html}
+ */
+export type GameLiftFleetResourceCreationLimitPolicy = {
+    /**
+     * The time span used in evaluating the resource creation limit policy.
+     */
+    PolicyPeriodInMinutes?: number;
+    /**
+     * The maximum number of game sessions that an individual can create during the policy period.
+     */
+    NewGameSessionsPerCreator?: number;
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.LocationCapacity`.
+ * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-locationcapacity.html}
+ */
+export type GameLiftFleetLocationCapacity = {
+    /**
+     * The minimum value allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value.
+     */
+    MinSize: number;
+    /**
+     * The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits.
+     */
+    DesiredEC2Instances: number;
+    /**
+     * The maximum value that is allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value.
+     */
+    MaxSize: number;
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.CertificateConfiguration`.
+ * Information about the use of a TLS/SSL certificate for a fleet. TLS certificate generation is enabled at the fleet level, with one certificate generated for the fleet. When this feature is enabled, the certificate can be retrieved using the GameLift Server SDK call GetInstanceCertificate. All instances in a fleet share the same certificate.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-certificateconfiguration.html}
+ */
+export type GameLiftFleetCertificateConfiguration = {
+    CertificateType: "DISABLED" | "GENERATED";
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.IpPermission`.
+ * A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift hosting resource. New game sessions that are started on the fleet are assigned an IP address/port number combination, which must fall into the fleet's allowed ranges. For fleets created with a custom game server, the ranges reflect the server's game session assignments. For Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging and one for UDP, for use by the Realtime servers.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-ippermission.html}
+ */
+export type GameLiftFleetIpPermission = {
+    /**
+     * A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: "000.000.000.000/[subnet mask]" or optionally the shortened version "0.0.0.0/[subnet mask]".
+     * @pattern `(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([0-9]|[1-2][0-9]|3[0-2]))$)`
+     */
+    IpRange: string;
+    /**
+     * A starting value for a range of allowed port numbers.
+     * @min `1`
+     * @max `60000`
+     */
+    FromPort: number;
+    /**
+     * An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort.
+     * @min `1`
+     * @max `60000`
+     */
+    ToPort: number;
+    /**
+     * The network communication protocol used by the fleet.
+     */
+    Protocol: "TCP" | "UDP";
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.RuntimeConfiguration`.
+ * A collection of server process configurations that describe the processes to run on each instance in a fleet. All fleets must have a runtime configuration. Each instance in the fleet maintains server processes as specified in the runtime configuration, launching new ones as existing processes end. Each instance regularly checks for an updated runtime configuration makes adjustments as called for.
+
+The runtime configuration enables the instances in a fleet to run multiple processes simultaneously. Potential scenarios are as follows: (1) Run multiple processes of a single game server executable to maximize usage of your hosting resources. (2) Run one or more processes of different executables, such as your game server and a metrics tracking program. (3) Run multiple processes of a single game server but with different launch parameters, for example to run one process on each instance in debug mode.
+
+An Amazon GameLift instance is limited to 50 processes running simultaneously. A runtime configuration must specify fewer than this limit. To calculate the total number of processes specified in a runtime configuration, add the values of the ConcurrentExecutions parameter for each ServerProcess object in the runtime configuration.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-runtimeconfiguration.html}
+ */
+export type GameLiftFleetRuntimeConfiguration = {
+    /**
+     * A collection of server process configurations that describe which server processes to run on each instance in a fleet.
+     * @maxLength `50`
+     */
+    ServerProcesses?: GameLiftFleetServerProcess[];
+    /**
+     * The maximum number of game sessions with status ACTIVATING to allow on an instance simultaneously. This setting limits the amount of instance resources that can be used for new game activations at any one time.
+     * @min `1`
+     * @max `2147483647`
+     */
+    MaxConcurrentGameSessionActivations?: number;
+    /**
+     * The maximum amount of time (in seconds) that a game session can remain in status ACTIVATING. If the game session is not active before the timeout, activation is terminated and the game session status is changed to TERMINATED.
+     * @min `1`
+     * @max `600`
+     */
+    GameSessionActivationTimeoutSeconds?: number;
+};
+/**
+ * Type definition for `AWS::GameLift::Fleet.LocationConfiguration`.
+ * A remote location where a multi-location fleet can deploy EC2 instances for game hosting.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-fleet-locationconfiguration.html}
+ */
+export type GameLiftFleetLocationConfiguration = {
+    /**
+     * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region.
+     */
+    LocationCapacity?: GameLiftFleetLocationCapacity;
+    /**
+     * @minLength `1`
+     * @maxLength `64`
+     * @pattern `^[A-Za-z0-9\-]+`
+     */
+    Location: string;
+};
 /**
  * Type definition for `AWS::GameLift::GameServerGroup`.
  * The AWS::GameLift::GameServerGroup resource creates an Amazon GameLift (GameLift) GameServerGroup.
@@ -45248,65 +45513,145 @@ export type GameLiftGameServerGroupGameServerGroup = {
 export type GameLiftGameServerGroupStatus = "NEW" | "ACTIVATING" | "ACTIVE" | "DELETE_SCHEDULED" | "DELETING" | "DELETED" | "ERROR";
 /**
  * Type definition for `AWS::GameLift::GameSessionQueue`.
- * Resource Type definition for AWS::GameLift::GameSessionQueue
+ * The AWS::GameLift::GameSessionQueue resource creates an Amazon GameLift (GameLift) game session queue.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-gamesessionqueue.html}
  */
 export type GameLiftGameSessionQueueProps = {
+    /**
+     * A descriptive label that is associated with game session queue. Queue names must be unique within each Region.
+     * @minLength `1`
+     * @maxLength `128`
+     * @pattern `[a-zA-Z0-9-]+`
+     */
+    Name: string;
+    /**
+     * The maximum time, in seconds, that a new game session placement request remains in the queue.
+     */
     TimeoutInSeconds?: number;
+    /**
+     * A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue.
+     */
+    Destinations?: GameLiftGameSessionQueueGameSessionQueueDestination[];
+    /**
+     * A set of policies that act as a sliding cap on player latency.
+     */
     PlayerLatencyPolicies?: GameLiftGameSessionQueuePlayerLatencyPolicy[];
-    Destinations?: GameLiftGameSessionQueueDestination[];
+    /**
+     * Information that is added to all events that are related to this game session queue.
+     * @minLength `1`
+     * @maxLength `256`
+     * @pattern `[\s\S]*`
+     */
+    CustomEventData?: string;
+    /**
+     * An SNS topic ARN that is set up to receive game session placement notifications.
+     * @minLength `1`
+     * @maxLength `300`
+     * @pattern `[a-zA-Z0-9:_-]*(\.fifo)?`
+     */
     NotificationTarget?: string;
+    /**
+     * A list of locations where a queue is allowed to place new game sessions.
+     */
     FilterConfiguration?: GameLiftGameSessionQueueFilterConfiguration;
-    CustomEventData?: string;
-    Tags?: GameLiftGameSessionQueueTag[];
-    Name: string;
+    /**
+     * Custom settings to use when prioritizing destinations and locations for game session placements.
+     */
     PriorityConfiguration?: GameLiftGameSessionQueuePriorityConfiguration;
+    /**
+     * An array of key-value pairs to apply to this resource.
+     * @maxLength `200`
+     */
+    Tags?: GameLiftGameSessionQueueTag[];
 };
 /**
  * Type definition for `AWS::GameLift::GameSessionQueue`.
- * Resource Type definition for AWS::GameLift::GameSessionQueue
+ * The AWS::GameLift::GameSessionQueue resource creates an Amazon GameLift (GameLift) game session queue.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-gamesessionqueue.html}
  */
 export type GameLiftGameSessionQueueAttributes = {
-    Id: string;
+    /**
+     * The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it.
+     * @minLength `1`
+     * @maxLength `256`
+     * @pattern `^arn:.*:gamesessionqueue\/[a-zA-Z0-9-]+`
+     */
     Arn: string;
 };
 /**
- * Type definition for `AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-playerlatencypolicy.html}
+ * Type definition for `AWS::GameLift::GameSessionQueue.Tag`.
+ * A key-value pair to associate with a resource.
  */
-export type GameLiftGameSessionQueuePlayerLatencyPolicy = {
-    PolicyDurationSeconds?: number;
-    MaximumIndividualPlayerLatencyMilliseconds?: number;
+export type GameLiftGameSessionQueueTag = {
+    /**
+     * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
- * Type definition for `AWS::GameLift::GameSessionQueue.Destination`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-destination.html}
+ * Type definition for `AWS::GameLift::GameSessionQueue.GameSessionQueueDestination`.
+ * A fleet or alias designated in a game session queue.
  */
-export type GameLiftGameSessionQueueDestination = {
+export type GameLiftGameSessionQueueGameSessionQueueDestination = {
+    /**
+     * @minLength `1`
+     * @maxLength `256`
+     * @pattern `[a-zA-Z0-9:/-]+`
+     */
     DestinationArn?: string;
 };
+/**
+ * Type definition for `AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy`.
+ * Sets a latency cap for individual players when placing a game session.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-playerlatencypolicy.html}
+ */
+export type GameLiftGameSessionQueuePlayerLatencyPolicy = {
+    /**
+     * The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.
+     */
+    MaximumIndividualPlayerLatencyMilliseconds?: number;
+    /**
+     * The length of time, in seconds, that the policy is enforced while placing a new game session.
+     */
+    PolicyDurationSeconds?: number;
+};
 /**
  * Type definition for `AWS::GameLift::GameSessionQueue.FilterConfiguration`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-filterconfiguration.html}
  */
 export type GameLiftGameSessionQueueFilterConfiguration = {
+    /**
+     * A list of locations to allow game session placement in, in the form of AWS Region codes such as us-west-2.
+     * @minLength `1`
+     * @maxLength `100`
+     */
     AllowedLocations?: string[];
 };
-/**
- * Type definition for `AWS::GameLift::GameSessionQueue.Tag`.
- */
-export type GameLiftGameSessionQueueTag = {
-    Value: string;
-    Key: string;
-};
 /**
  * Type definition for `AWS::GameLift::GameSessionQueue.PriorityConfiguration`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-gamesessionqueue-priorityconfiguration.html}
  */
 export type GameLiftGameSessionQueuePriorityConfiguration = {
-    PriorityOrder?: string[];
+    /**
+     * The prioritization order to use for fleet locations, when the PriorityOrder property includes LOCATION.
+     * @minLength `1`
+     * @maxLength `100`
+     */
     LocationOrder?: string[];
+    /**
+     * The recommended sequence to use when prioritizing where to place new game sessions.
+     * @minLength `1`
+     * @maxLength `4`
+     */
+    PriorityOrder?: ("LATENCY" | "COST" | "DESTINATION" | "LOCATION")[];
 };
 /**
  * Type definition for `AWS::GameLift::Location`.
@@ -45356,111 +45701,297 @@ export type GameLiftLocationTag = {
 };
 /**
  * Type definition for `AWS::GameLift::MatchmakingConfiguration`.
- * Resource Type definition for AWS::GameLift::MatchmakingConfiguration
+ * The AWS::GameLift::MatchmakingConfiguration resource creates an Amazon GameLift (GameLift) matchmaking configuration.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-matchmakingconfiguration.html}
  */
 export type GameLiftMatchmakingConfigurationProps = {
-    GameProperties?: GameLiftMatchmakingConfigurationGameProperty[];
-    GameSessionData?: string;
-    Description?: string;
+    /**
+     * A flag that indicates whether a match that was created with this configuration must be accepted by the matched players
+     */
+    AcceptanceRequired: boolean;
+    /**
+     * The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.
+     * @min `1`
+     * @max `600`
+     */
     AcceptanceTimeoutSeconds?: number;
-    NotificationTarget?: string;
+    /**
+     * The number of player slots in a match to keep open for future players.
+     */
+    AdditionalPlayerCount?: number;
+    /**
+     * The method used to backfill game sessions created with this matchmaking configuration.
+     */
+    BackfillMode?: "AUTOMATIC" | "MANUAL";
+    /**
+     * A time stamp indicating when this data object was created.
+     */
+    CreationTime?: string;
+    /**
+     * Information to attach to all events related to the matchmaking configuration.
+     * @maxLength `256`
+     */
     CustomEventData?: string;
+    /**
+     * A descriptive label that is associated with matchmaking configuration.
+     * @minLength `1`
+     * @maxLength `1024`
+     */
+    Description?: string;
+    /**
+     * Indicates whether this matchmaking configuration is being used with Amazon GameLift hosting or as a standalone matchmaking solution.
+     */
+    FlexMatchMode?: "STANDALONE" | "WITH_QUEUE";
+    /**
+     * A set of custom properties for a game session, formatted as key:value pairs.
+     * @maxLength `16`
+     */
+    GameProperties?: GameLiftMatchmakingConfigurationGameProperty[];
+    /**
+     * A set of custom game session properties, formatted as a single string value.
+     * @minLength `1`
+     * @maxLength `4096`
+     */
+    GameSessionData?: string;
+    /**
+     * The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it.
+     */
+    GameSessionQueueArns?: string[];
+    /**
+     * A unique identifier for the matchmaking configuration.
+     * @maxLength `128`
+     * @pattern `[a-zA-Z0-9-\.]*`
+     */
     Name: string;
-    AdditionalPlayerCount?: number;
-    BackfillMode?: string;
+    /**
+     * An SNS topic ARN that is set up to receive matchmaking notifications.
+     * @maxLength `300`
+     * @pattern `[a-zA-Z0-9:_/-]*(.fifo)?`
+     */
+    NotificationTarget?: string;
+    /**
+     * The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out.
+     * @min `1`
+     * @max `43200`
+     */
     RequestTimeoutSeconds: number;
-    AcceptanceRequired: boolean;
-    FlexMatchMode?: string;
+    /**
+     * The Amazon Resource Name (ARN) associated with the GameLift matchmaking rule set resource that this configuration uses.
+     * @pattern `^arn:.*:matchmakingruleset\/[a-zA-Z0-9-\.]*`
+     */
+    RuleSetArn?: string;
+    /**
+     * A unique identifier for the matchmaking rule set to use with this configuration.
+     * @maxLength `128`
+     * @pattern `[a-zA-Z0-9-\.]*`
+     */
     RuleSetName: string;
-    GameSessionQueueArns?: string[];
+    /**
+     * An array of key-value pairs to apply to this resource.
+     * @maxLength `200`
+     */
     Tags?: GameLiftMatchmakingConfigurationTag[];
 };
 /**
  * Type definition for `AWS::GameLift::MatchmakingConfiguration`.
- * Resource Type definition for AWS::GameLift::MatchmakingConfiguration
+ * The AWS::GameLift::MatchmakingConfiguration resource creates an Amazon GameLift (GameLift) matchmaking configuration.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-matchmakingconfiguration.html}
  */
 export type GameLiftMatchmakingConfigurationAttributes = {
-    Id: string;
+    /**
+     * The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking configuration resource and uniquely identifies it.
+     * @pattern `^arn:.*:matchmakingconfiguration\/[a-zA-Z0-9-\.]*`
+     */
     Arn: string;
 };
-/**
- * Type definition for `AWS::GameLift::MatchmakingConfiguration.Tag`.
- */
-export type GameLiftMatchmakingConfigurationTag = {
-    Value: string;
-    Key: string;
-};
 /**
  * Type definition for `AWS::GameLift::MatchmakingConfiguration.GameProperty`.
+ * A key-value pair that contains information about a game session.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-matchmakingconfiguration-gameproperty.html}
  */
 export type GameLiftMatchmakingConfigurationGameProperty = {
+    /**
+     * The game property identifier.
+     * @maxLength `32`
+     */
+    Key: string;
+    /**
+     * The game property value.
+     * @maxLength `96`
+     */
     Value: string;
+};
+/**
+ * Type definition for `AWS::GameLift::MatchmakingConfiguration.Tag`.
+ * A key-value pair to associate with a resource.
+ */
+export type GameLiftMatchmakingConfigurationTag = {
+    /**
+     * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `128`
+     */
     Key: string;
+    /**
+     * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length.
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
  * Type definition for `AWS::GameLift::MatchmakingRuleSet`.
- * Resource Type definition for AWS::GameLift::MatchmakingRuleSet
+ * The AWS::GameLift::MatchmakingRuleSet resource creates an Amazon GameLift (GameLift) matchmaking rule set.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-matchmakingruleset.html}
  */
 export type GameLiftMatchmakingRuleSetProps = {
+    /**
+     * A unique identifier for the matchmaking rule set.
+     * @maxLength `128`
+     * @pattern `[a-zA-Z0-9-\.]*`
+     */
+    Name: string;
+    /**
+     * A collection of matchmaking rules, formatted as a JSON string.
+     * @minLength `1`
+     * @maxLength `65535`
+     */
     RuleSetBody: string;
+    /**
+     * An array of key-value pairs to apply to this resource.
+     * @minLength `1`
+     * @maxLength `200`
+     */
     Tags?: GameLiftMatchmakingRuleSetTag[];
-    Name: string;
 };
 /**
  * Type definition for `AWS::GameLift::MatchmakingRuleSet`.
- * Resource Type definition for AWS::GameLift::MatchmakingRuleSet
+ * The AWS::GameLift::MatchmakingRuleSet resource creates an Amazon GameLift (GameLift) matchmaking rule set.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-matchmakingruleset.html}
  */
 export type GameLiftMatchmakingRuleSetAttributes = {
-    Id: string;
+    /**
+     * A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds.
+     */
+    CreationTime: string;
+    /**
+     * The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking rule set resource and uniquely identifies it.
+     * @pattern `^arn:.*:matchmakingruleset\/[a-zA-Z0-9-\.]*`
+     */
     Arn: string;
 };
 /**
  * Type definition for `AWS::GameLift::MatchmakingRuleSet.Tag`.
+ * A key-value pair to associate with a resource.
  */
 export type GameLiftMatchmakingRuleSetTag = {
-    Value: string;
+    /**
+     * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `128`
+     */
     Key: string;
+    /**
+     * The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
  * Type definition for `AWS::GameLift::Script`.
- * Resource Type definition for AWS::GameLift::Script
+ * The AWS::GameLift::Script resource creates a new script record for your Realtime Servers script. Realtime scripts are JavaScript that provide configuration settings and optional custom game logic for your game. The script is deployed when you create a Realtime Servers fleet to host your game sessions. Script logic is executed during an active game session.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-script.html}
  */
 export type GameLiftScriptProps = {
+    /**
+     * A descriptive label that is associated with a script. Script names do not need to be unique.
+     * @minLength `1`
+     * @maxLength `1024`
+     */
+    Name?: string;
+    /**
+     * The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the "key"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the ObjectVersion parameter to specify an earlier version.
+     */
     StorageLocation: GameLiftScriptS3Location;
+    /**
+     * The version that is associated with a script. Version strings do not need to be unique.
+     * @minLength `1`
+     * @maxLength `1024`
+     */
     Version?: string;
+    /**
+     * An array of key-value pairs to apply to this resource.
+     * @maxLength `200`
+     */
     Tags?: GameLiftScriptTag[];
-    Name?: string;
 };
 /**
  * Type definition for `AWS::GameLift::Script`.
- * Resource Type definition for AWS::GameLift::Script
+ * The AWS::GameLift::Script resource creates a new script record for your Realtime Servers script. Realtime scripts are JavaScript that provide configuration settings and optional custom game logic for your game. The script is deployed when you create a Realtime Servers fleet to host your game sessions. Script logic is executed during an active game session.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-gamelift-script.html}
  */
 export type GameLiftScriptAttributes = {
-    Id: string;
+    /**
+     * A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example "1469498468.057").
+     */
+    CreationTime: string;
+    /**
+     * The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift script resource and uniquely identifies it. ARNs are unique across all Regions. In a GameLift script ARN, the resource ID matches the Id value.
+     * @pattern `^arn:.*:script\/script-\S+`
+     */
     Arn: string;
+    /**
+     * A unique identifier for the Realtime script
+     * @pattern `^script-\S+`
+     */
+    Id: string;
+    /**
+     * The file size of the uploaded Realtime script, expressed in bytes. When files are uploaded from an S3 location, this value remains at "0".
+     * @min `1`
+     */
+    SizeOnDisk: number;
 };
 /**
  * Type definition for `AWS::GameLift::Script.Tag`.
+ * A key-value pair to associate with a resource.
  */
 export type GameLiftScriptTag = {
-    Value: string;
+    /**
+     * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length.
+     * @minLength `1`
+     * @maxLength `128`
+     */
     Key: string;
+    /**
+     * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length.
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
  * Type definition for `AWS::GameLift::Script.S3Location`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-gamelift-script-s3location.html}
  */
 export type GameLiftScriptS3Location = {
-    ObjectVersion?: string;
+    /**
+     * An Amazon S3 bucket identifier. This is the name of the S3 bucket.
+     * @minLength `1`
+     */
     Bucket: string;
+    /**
+     * The name of the zip file that contains the script files.
+     * @minLength `1`
+     */
     Key: string;
+    /**
+     * The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter.
+     * @minLength `1`
+     */
+    ObjectVersion?: string;
+    /**
+     * The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket.
+     * @minLength `1`
+     */
     RoleArn: string;
 };
 /**
@@ -46908,6 +47439,10 @@ export type GrafanaWorkspaceProps = {
      * @maxLength `2048`
      */
     RoleArn?: string;
+    /**
+     * Allow workspace admins to install plugins
+     */
+    PluginAdminEnabled?: boolean;
 };
 /**
  * Type definition for `AWS::Grafana::Workspace`.
@@ -48711,7 +49246,10 @@ export type GuardDutyDetectorCFNScanEc2InstanceWithFindingsConfiguration = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html}
  */
 export type GuardDutyDetectorCFNFeatureConfiguration = {
-    Name: "S3_DATA_EVENTS" | "EKS_AUDIT_LOGS" | "EBS_MALWARE_PROTECTION" | "RDS_LOGIN_EVENTS" | "LAMBDA_NETWORK_LOGS" | "EKS_RUNTIME_MONITORING";
+    /**
+     * @maxLength `128`
+     */
+    Name: string;
     Status: "ENABLED" | "DISABLED";
     AdditionalConfiguration?: GuardDutyDetectorCFNFeatureAdditionalConfiguration[];
 };
@@ -48793,11 +49331,23 @@ export type GuardDutyFilterTag = {
  */
 export type GuardDutyIPSetProps = {
     Format: string;
-    Activate: boolean;
-    DetectorId: string;
-    Tags?: GuardDutyIPSetTag[];
-    Name?: string;
+    Activate?: boolean;
+    /**
+     * @minLength `1`
+     * @maxLength `300`
+     */
+    DetectorId?: string;
+    /**
+     * @minLength `1`
+     * @maxLength `300`
+     */
+    Name: string;
+    /**
+     * @minLength `1`
+     * @maxLength `300`
+     */
     Location: string;
+    Tags?: GuardDutyIPSetTagItem[];
 };
 /**
  * Type definition for `AWS::GuardDuty::IPSet`.
@@ -48808,11 +49358,18 @@ export type GuardDutyIPSetAttributes = {
     Id: string;
 };
 /**
- * Type definition for `AWS::GuardDuty::IPSet.Tag`.
+ * Type definition for `AWS::GuardDuty::IPSet.TagItem`.
  */
-export type GuardDutyIPSetTag = {
-    Value: string;
+export type GuardDutyIPSetTagItem = {
+    /**
+     * @minLength `1`
+     * @maxLength `128`
+     */
     Key: string;
+    /**
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
  * Type definition for `AWS::GuardDuty::Master`.
@@ -48857,12 +49414,24 @@ export type GuardDutyMemberAttributes = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html}
  */
 export type GuardDutyThreatIntelSetProps = {
+    /**
+     * @minLength `1`
+     * @maxLength `300`
+     */
     Format: string;
-    Activate: boolean;
-    DetectorId: string;
-    Tags?: GuardDutyThreatIntelSetTag[];
-    Name?: string;
+    Activate?: boolean;
+    /**
+     * @minLength `1`
+     * @maxLength `32`
+     */
+    DetectorId?: string;
+    Name: string;
+    /**
+     * @minLength `1`
+     * @maxLength `300`
+     */
     Location: string;
+    Tags?: GuardDutyThreatIntelSetTagItem[];
 };
 /**
  * Type definition for `AWS::GuardDuty::ThreatIntelSet`.
@@ -48873,11 +49442,18 @@ export type GuardDutyThreatIntelSetAttributes = {
     Id: string;
 };
 /**
- * Type definition for `AWS::GuardDuty::ThreatIntelSet.Tag`.
+ * Type definition for `AWS::GuardDuty::ThreatIntelSet.TagItem`.
  */
-export type GuardDutyThreatIntelSetTag = {
-    Value: string;
+export type GuardDutyThreatIntelSetTagItem = {
+    /**
+     * @minLength `1`
+     * @maxLength `128`
+     */
     Key: string;
+    /**
+     * @maxLength `256`
+     */
+    Value: string;
 };
 /**
  * Type definition for `AWS::HealthImaging::Datastore`.
@@ -51502,6 +52078,213 @@ export type ImageBuilderInfrastructureConfigurationS3Logs = {
      */
     S3KeyPrefix?: string;
 };
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy`.
+ * Resource schema for AWS::ImageBuilder::LifecyclePolicy
+ */
+export type ImageBuilderLifecyclePolicyProps = {
+    /**
+     * The name of the lifecycle policy.
+     */
+    Name: string;
+    /**
+     * The description of the lifecycle policy.
+     */
+    Description?: string;
+    /**
+     * The status of the lifecycle policy.
+     */
+    Status?: "DISABLED" | "ENABLED";
+    /**
+     * The execution role of the lifecycle policy.
+     */
+    ExecutionRole: string;
+    /**
+     * The resource type of the lifecycle policy.
+     */
+    ResourceType: "AMI_IMAGE" | "CONTAINER_IMAGE";
+    /**
+     * The policy details of the lifecycle policy.
+     */
+    PolicyDetails: ImageBuilderLifecyclePolicyPolicyDetail[];
+    /**
+     * The resource selection of the lifecycle policy.
+     */
+    ResourceSelection: ImageBuilderLifecyclePolicyResourceSelection;
+    /**
+     * The tags associated with the lifecycle policy.
+     */
+    Tags?: Record<string, string>;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy`.
+ * Resource schema for AWS::ImageBuilder::LifecyclePolicy
+ */
+export type ImageBuilderLifecyclePolicyAttributes = {
+    /**
+     * The Amazon Resource Name (ARN) of the lifecycle policy.
+     */
+    Arn: string;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.PolicyDetail`.
+ * The policy detail of the lifecycle policy.
+ */
+export type ImageBuilderLifecyclePolicyPolicyDetail = {
+    /**
+     * The action of the policy detail.
+     */
+    Action: ImageBuilderLifecyclePolicyAction;
+    /**
+     * The filters to apply of the policy detail.
+     */
+    Filter: ImageBuilderLifecyclePolicyFilter;
+    /**
+     * The exclusion rules to apply of the policy detail.
+     */
+    ExclusionRules?: ImageBuilderLifecyclePolicyExclusionRules;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.Action`.
+ * The action of the policy detail.
+ */
+export type ImageBuilderLifecyclePolicyAction = {
+    /**
+     * The action type of the policy detail.
+     */
+    Type: "DELETE" | "DEPRECATE" | "DISABLE";
+    /**
+     * The included resources of the policy detail.
+     */
+    IncludeResources?: ImageBuilderLifecyclePolicyIncludeResources;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.Filter`.
+ * The filters to apply of the policy detail.
+ */
+export type ImageBuilderLifecyclePolicyFilter = {
+    /**
+     * The filter type.
+     */
+    Type: "AGE" | "COUNT";
+    /**
+     * The filter value.
+     */
+    Value: number;
+    /**
+     * The value's time unit.
+     */
+    Unit?: ImageBuilderLifecyclePolicyTimeUnit;
+    /**
+     * The minimum number of Image Builder resources to retain.
+     */
+    RetainAtLeast?: number;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.ExclusionRules`.
+ * The exclusion rules to apply of the policy detail.
+ */
+export type ImageBuilderLifecyclePolicyExclusionRules = {
+    /**
+     * The Image Builder tags to filter on.
+     */
+    TagMap?: Record<string, string>;
+    /**
+     * The AMI exclusion rules for the policy detail.
+     */
+    Amis?: ImageBuilderLifecyclePolicyAmiExclusionRules;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.TimeUnit`.
+ * A time unit.
+ */
+export type ImageBuilderLifecyclePolicyTimeUnit = "DAYS" | "WEEKS" | "MONTHS" | "YEARS";
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.IncludeResources`.
+ * The included resources of the policy detail.
+ */
+export type ImageBuilderLifecyclePolicyIncludeResources = {
+    /**
+     * Use to configure lifecycle actions on AMIs.
+     */
+    Amis?: boolean;
+    /**
+     * Use to configure lifecycle actions on containers.
+     */
+    Containers?: boolean;
+    /**
+     * Use to configure lifecycle actions on snapshots.
+     */
+    Snapshots?: boolean;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules`.
+ * The AMI exclusion rules for the policy detail.
+ */
+export type ImageBuilderLifecyclePolicyAmiExclusionRules = {
+    /**
+     * Use to apply lifecycle policy actions on whether the AMI is public.
+     */
+    IsPublic?: boolean;
+    /**
+     * Use to apply lifecycle policy actions on AMIs distributed to a set of regions.
+     */
+    Regions?: string[];
+    /**
+     * Use to apply lifecycle policy actions on AMIs shared with a set of regions.
+     */
+    SharedAccounts?: string[];
+    /**
+     * Use to apply lifecycle policy actions on AMIs launched before a certain time.
+     */
+    LastLaunched?: ImageBuilderLifecyclePolicyLastLaunched;
+    /**
+     * The AMIs to select by tag.
+     */
+    TagMap?: Record<string, string>;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.LastLaunched`.
+ * The last launched time of a resource.
+ */
+export type ImageBuilderLifecyclePolicyLastLaunched = {
+    /**
+     * The last launched value.
+     */
+    Value: number;
+    /**
+     * The value's time unit.
+     */
+    Unit: ImageBuilderLifecyclePolicyTimeUnit;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.ResourceSelection`.
+ * The resource selection for the lifecycle policy.
+ */
+export type ImageBuilderLifecyclePolicyResourceSelection = {
+    /**
+     * The recipes to select.
+     */
+    Recipes?: ImageBuilderLifecyclePolicyRecipeSelection[];
+    /**
+     * The Image Builder resources to select by tag.
+     */
+    TagMap?: Record<string, string>;
+};
+/**
+ * Type definition for `AWS::ImageBuilder::LifecyclePolicy.RecipeSelection`.
+ * The recipe to apply the lifecycle policy for.
+ */
+export type ImageBuilderLifecyclePolicyRecipeSelection = {
+    /**
+     * The recipe name.
+     */
+    Name: string;
+    /**
+     * The recipe version.
+     */
+    SemanticVersion?: string;
+};
 /**
  * Type definition for `AWS::Inspector::AssessmentTarget`.
  * Resource Type definition for AWS::Inspector::AssessmentTarget
@@ -53365,6 +54148,23 @@ export type IoTSecurityProfileProps = {
      * A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
      */
     AdditionalMetricsToRetainV2?: IoTSecurityProfileMetricToRetain[];
+    /**
+     * A structure containing the mqtt topic for metrics export.
+     */
+    MetricsExportConfig?: {
+        /**
+         * The topic for metrics export.
+         * @minLength `1`
+         * @maxLength `512`
+         */
+        MqttTopic: string;
+        /**
+         * The ARN of the role that grants permission to publish to mqtt topic.
+         * @minLength `20`
+         * @maxLength `2048`
+         */
+        RoleArn: string;
+    };
     /**
      * Metadata that can be used to manage the security profile.
      * @maxLength `50`
@@ -53418,6 +54218,10 @@ export type IoTSecurityProfileBehavior = {
      * Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.
      */
     SuppressAlerts?: boolean;
+    /**
+     * Flag to enable/disable metrics export for metric to be retained.
+     */
+    ExportMetric?: boolean;
 };
 /**
  * Type definition for `AWS::IoT::SecurityProfile.MetricDimension`.
@@ -53564,6 +54368,10 @@ export type IoTSecurityProfileMetricToRetain = {
      * The dimension of a metric.
      */
     MetricDimension?: IoTSecurityProfileMetricDimension;
+    /**
+     * Flag to enable/disable metrics export for metric to be retained.
+     */
+    ExportMetric?: boolean;
 };
 /**
  * Type definition for `AWS::IoT::SecurityProfile.Tag`.
@@ -65478,6 +66286,10 @@ export type LambdaFunctionProps = {
      * @pattern `^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$`
      */
     Role: string;
+    /**
+     * The logging configuration of your function
+     */
+    LoggingConfig?: LambdaFunctionLoggingConfig;
     /**
      * Environment variables that are accessible from function code during execution.
      */
@@ -65644,6 +66456,31 @@ export type LambdaFunctionCode = {
      */
     ImageUri?: string;
 };
+/**
+ * Type definition for `AWS::Lambda::Function.LoggingConfig`.
+ * The function's logging configuration.
+ */
+export type LambdaFunctionLoggingConfig = {
+    /**
+     * Log delivery format for the lambda function
+     */
+    LogFormat?: "Text" | "JSON";
+    /**
+     * Application log granularity level, can only be used when LogFormat is set to JSON
+     */
+    ApplicationLogLevel?: "TRACE" | "DEBUG" | "INFO" | "WARN" | "ERROR" | "FATAL";
+    /**
+     * The log group name.
+     * @minLength `1`
+     * @maxLength `512`
+     * @pattern `[\.\-_/#A-Za-z0-9]+`
+     */
+    LogGroup?: string;
+    /**
+     * System log granularity level, can only be used when LogFormat is set to JSON
+     */
+    SystemLogLevel?: "DEBUG" | "INFO" | "WARN";
+};
 /**
  * Type definition for `AWS::Lambda::Function.Environment`.
  * A function's environment variable settings.
@@ -72048,6 +72885,10 @@ export type MWAAEnvironmentProps = {
      * Choice for mode of webserver access including over public internet or via private VPC endpoint.
      */
     WebserverAccessMode?: MWAAEnvironmentWebserverAccessMode;
+    /**
+     * Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA.
+     */
+    EndpointManagement?: MWAAEnvironmentEndpointManagement;
 };
 /**
  * Type definition for `AWS::MWAA::Environment`.
@@ -72069,12 +72910,27 @@ export type MWAAEnvironmentAttributes = {
      * @pattern `^https://.+$`
      */
     WebserverUrl: string;
+    /**
+     * The celery executor queue associated with the environment.
+     * @maxLength `1224`
+     */
+    CeleryExecutorQueue: string;
+    /**
+     * The database VPC endpoint service name.
+     * @maxLength `1224`
+     */
+    DatabaseVpcEndpointService: string;
+    /**
+     * The webserver VPC endpoint service name, applicable if private webserver access mode selected.
+     * @maxLength `1224`
+     */
+    WebserverVpcEndpointService: string;
 };
 /**
  * Type definition for `AWS::MWAA::Environment.EnvironmentStatus`.
  * The status of the environment.
  */
-export type MWAAEnvironmentEnvironmentStatus = "CREATING" | "CREATE_FAILED" | "AVAILABLE" | "UPDATING" | "DELETING" | "DELETED" | "UPDATE_FAILED" | "UNAVAILABLE";
+export type MWAAEnvironmentEnvironmentStatus = "CREATING" | "CREATE_FAILED" | "AVAILABLE" | "UPDATING" | "DELETING" | "DELETED" | "UPDATE_FAILED" | "UNAVAILABLE" | "PENDING";
 /**
  * Type definition for `AWS::MWAA::Environment.UpdateStatus`.
  */
@@ -72214,6 +73070,11 @@ export type MWAAEnvironmentLastUpdate = {
  * Choice for mode of webserver access including over public internet or via private VPC endpoint.
  */
 export type MWAAEnvironmentWebserverAccessMode = "PRIVATE_ONLY" | "PUBLIC_ONLY";
+/**
+ * Type definition for `AWS::MWAA::Environment.EndpointManagement`.
+ * Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA.
+ */
+export type MWAAEnvironmentEndpointManagement = "CUSTOMER" | "SERVICE";
 /**
  * Type definition for `AWS::Macie::AllowList`.
  * Macie AllowList resource schema
@@ -82073,6 +82934,40 @@ export type OpenSearchServerlessCollectionTag = {
  * The possible types for the collection
  */
 export type OpenSearchServerlessCollectionCollectionType = "SEARCH" | "TIMESERIES" | "VECTORSEARCH";
+/**
+ * Type definition for `AWS::OpenSearchServerless::LifecyclePolicy`.
+ * Amazon OpenSearchServerless lifecycle policy resource
+ */
+export type OpenSearchServerlessLifecyclePolicyProps = {
+    /**
+     * The name of the policy
+     * @minLength `3`
+     * @maxLength `32`
+     * @pattern `^[a-z][a-z0-9-]+$`
+     */
+    Name: string;
+    /**
+     * The type of lifecycle policy
+     */
+    Type: OpenSearchServerlessLifecyclePolicyLifecyclePolicyType;
+    /**
+     * The description of the policy
+     * @maxLength `1000`
+     */
+    Description?: string;
+    /**
+     * The JSON policy document that is the content for the policy
+     * @minLength `1`
+     * @maxLength `20480`
+     * @pattern `[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+`
+     */
+    Policy: string;
+};
+/**
+ * Type definition for `AWS::OpenSearchServerless::LifecyclePolicy.LifecyclePolicyType`.
+ * The type of lifecycle policy
+ */
+export type OpenSearchServerlessLifecyclePolicyLifecyclePolicyType = "retention";
 /**
  * Type definition for `AWS::OpenSearchServerless::SecurityConfig`.
  * Amazon OpenSearchServerless security config resource
@@ -85607,6 +86502,7 @@ export type PipesPipeProps = {
      */
     Enrichment?: string;
     EnrichmentParameters?: PipesPipePipeEnrichmentParameters;
+    LogConfiguration?: PipesPipePipeLogConfiguration;
     /**
      * @minLength `1`
      * @maxLength `64`
@@ -85762,6 +86658,17 @@ export type PipesPipeCapacityProviderStrategyItem = {
      */
     Base?: number;
 };
+/**
+ * Type definition for `AWS::Pipes::Pipe.CloudwatchLogsLogDestination`.
+ */
+export type PipesPipeCloudwatchLogsLogDestination = {
+    /**
+     * @minLength `1`
+     * @maxLength `1600`
+     * @pattern `^(^arn:aws([a-z]|\-)*:logs:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):log-group:.+)$`
+     */
+    LogGroupArn?: string;
+};
 /**
  * Type definition for `AWS::Pipes::Pipe.DeadLetterConfig`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pipes-pipe-deadletterconfig.html}
@@ -85886,10 +86793,25 @@ export type PipesPipeFilterCriteria = {
      */
     Filters?: PipesPipeFilter[];
 };
+/**
+ * Type definition for `AWS::Pipes::Pipe.FirehoseLogDestination`.
+ */
+export type PipesPipeFirehoseLogDestination = {
+    /**
+     * @minLength `1`
+     * @maxLength `1600`
+     * @pattern `^(^arn:aws([a-z]|\-)*:firehose:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):deliverystream/.+)$`
+     */
+    DeliveryStreamArn?: string;
+};
 /**
  * Type definition for `AWS::Pipes::Pipe.HeaderParametersMap`.
  */
 export type PipesPipeHeaderParametersMap = Record<string, string>;
+/**
+ * Type definition for `AWS::Pipes::Pipe.IncludeExecutionDataOption`.
+ */
+export type PipesPipeIncludeExecutionDataOption = "ALL";
 /**
  * Type definition for `AWS::Pipes::Pipe.KinesisStreamStartPosition`.
  */
@@ -85898,6 +86820,10 @@ export type PipesPipeKinesisStreamStartPosition = "TRIM_HORIZON" | "LATEST" | "A
  * Type definition for `AWS::Pipes::Pipe.LaunchType`.
  */
 export type PipesPipeLaunchType = "EC2" | "FARGATE" | "EXTERNAL";
+/**
+ * Type definition for `AWS::Pipes::Pipe.LogLevel`.
+ */
+export type PipesPipeLogLevel = "OFF" | "ERROR" | "INFO" | "TRACE";
 /**
  * Type definition for `AWS::Pipes::Pipe.MSKStartPosition`.
  */
@@ -85933,6 +86859,16 @@ export type PipesPipePipeEnrichmentParameters = {
     InputTemplate?: string;
     HttpParameters?: PipesPipePipeEnrichmentHttpParameters;
 };
+/**
+ * Type definition for `AWS::Pipes::Pipe.PipeLogConfiguration`.
+ */
+export type PipesPipePipeLogConfiguration = {
+    S3LogDestination?: PipesPipeS3LogDestination;
+    FirehoseLogDestination?: PipesPipeFirehoseLogDestination;
+    CloudwatchLogsLogDestination?: PipesPipeCloudwatchLogsLogDestination;
+    Level?: PipesPipeLogLevel;
+    IncludeExecutionData?: PipesPipeIncludeExecutionDataOption[];
+};
 /**
  * Type definition for `AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pipes-pipe-pipesourceactivemqbrokerparameters.html}
@@ -86216,7 +87152,7 @@ export type PipesPipePipeSourceSqsQueueParameters = {
 /**
  * Type definition for `AWS::Pipes::Pipe.PipeState`.
  */
-export type PipesPipePipeState = "RUNNING" | "STOPPED" | "CREATING" | "UPDATING" | "DELETING" | "STARTING" | "STOPPING" | "CREATE_FAILED" | "UPDATE_FAILED" | "START_FAILED" | "STOP_FAILED";
+export type PipesPipePipeState = "RUNNING" | "STOPPED" | "CREATING" | "UPDATING" | "DELETING" | "STARTING" | "STOPPING" | "CREATE_FAILED" | "UPDATE_FAILED" | "START_FAILED" | "STOP_FAILED" | "DELETE_FAILED" | "CREATE_ROLLBACK_FAILED" | "DELETE_ROLLBACK_FAILED" | "UPDATE_ROLLBACK_FAILED";
 /**
  * Type definition for `AWS::Pipes::Pipe.PipeTargetBatchJobParameters`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pipes-pipe-pipetargetbatchjobparameters.html}
@@ -86486,6 +87422,19 @@ export type PipesPipeQueryStringParametersMap = Record<string, string>;
  * Type definition for `AWS::Pipes::Pipe.RequestedPipeState`.
  */
 export type PipesPipeRequestedPipeState = "RUNNING" | "STOPPED";
+/**
+ * Type definition for `AWS::Pipes::Pipe.S3LogDestination`.
+ */
+export type PipesPipeS3LogDestination = {
+    BucketName?: string;
+    Prefix?: string;
+    BucketOwner?: string;
+    OutputFormat?: PipesPipeS3OutputFormat;
+};
+/**
+ * Type definition for `AWS::Pipes::Pipe.S3OutputFormat`.
+ */
+export type PipesPipeS3OutputFormat = "json" | "plain" | "w3c";
 /**
  * Type definition for `AWS::Pipes::Pipe.SageMakerPipelineParameter`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pipes-pipe-sagemakerpipelineparameter.html}
@@ -94888,7 +95837,6 @@ export type QuickSightDashboardDashboardVersion = {
      * @maxLength `20`
      */
     Sheets?: QuickSightDashboardSheet[];
-    Options?: QuickSightDashboardAssetOptions;
 };
 /**
  * Type definition for `AWS::QuickSight::Dashboard.DashboardVersionDefinition`.
@@ -100618,11 +101566,16 @@ export type QuickSightDataSetCastColumnTypeOperation = {
        */
     Format?: string;
     NewColumnType: QuickSightDataSetColumnDataType;
+    SubType?: QuickSightDataSetColumnSubDataType;
 };
 /**
  * Type definition for `AWS::QuickSight::DataSet.ColumnDataType`.
  */
 export type QuickSightDataSetColumnDataType = "STRING" | "INTEGER" | "DECIMAL" | "DATETIME";
+/**
+ * Type definition for `AWS::QuickSight::DataSet.ColumnSubDataType`.
+ */
+export type QuickSightDataSetColumnSubDataType = "FIXED" | "FLOAT";
 /**
  * Type definition for `AWS::QuickSight::DataSet.ColumnDescription`.
  * <p>Metadata that contains a description for a column.</p>
@@ -100992,6 +101945,7 @@ export type QuickSightDataSetGeoSpatialDataRole = "COUNTRY" | "STATE" | "COUNTY"
  */
 export type QuickSightDataSetInputColumn = {
     Type: QuickSightDataSetInputColumnDataType;
+    SubType?: QuickSightDataSetColumnSubDataType;
     /**
      * <p>The name of this column in the underlying data source.</p>
      * @minLength `1`
@@ -101170,6 +102124,7 @@ export type QuickSightDataSetNewDefaultValues = {
  */
 export type QuickSightDataSetOutputColumn = {
     Type?: QuickSightDataSetColumnDataType;
+    SubType?: QuickSightDataSetColumnSubDataType;
     /**
      * <p>A description for a column.</p>
      * @maxLength `500`
@@ -108444,7 +109399,6 @@ export type QuickSightTemplateTemplateVersion = {
      * @maxLength `20`
      */
     Sheets?: QuickSightTemplateSheet[];
-    Options?: QuickSightTemplateAssetOptions;
 };
 /**
  * Type definition for `AWS::QuickSight::Template.TemplateVersionDefinition`.
@@ -114033,6 +114987,7 @@ export type ResourceExplorer2IndexIndexState = "ACTIVE" | "CREATING" | "DELETING
 export type ResourceExplorer2ViewProps = {
     Filters?: ResourceExplorer2ViewSearchFilter;
     IncludedProperties?: ResourceExplorer2ViewIncludedProperty[];
+    Scope?: string;
     Tags?: ResourceExplorer2ViewTagMap;
     /**
      * @pattern `^[a-zA-Z0-9\-]{1,64}$`
@@ -114047,16 +115002,6 @@ export type ResourceExplorer2ViewProps = {
 export type ResourceExplorer2ViewAttributes = {
     ViewArn: string;
 };
-/**
- * Type definition for `AWS::ResourceExplorer2::View.SearchFilter`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourceexplorer2-view-searchfilter.html}
- */
-export type ResourceExplorer2ViewSearchFilter = {
-    /**
-     * @maxLength `2048`
-     */
-    FilterString: string;
-};
 /**
  * Type definition for `AWS::ResourceExplorer2::View.IncludedProperty`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourceexplorer2-view-includedproperty.html}
@@ -114068,6 +115013,16 @@ export type ResourceExplorer2ViewIncludedProperty = {
      */
     Name: string;
 };
+/**
+ * Type definition for `AWS::ResourceExplorer2::View.SearchFilter`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resourceexplorer2-view-searchfilter.html}
+ */
+export type ResourceExplorer2ViewSearchFilter = {
+    /**
+     * @maxLength `2048`
+     */
+    FilterString: string;
+};
 /**
  * Type definition for `AWS::ResourceExplorer2::View.TagMap`.
  */
@@ -116564,9 +117519,13 @@ export type S3AccessPointPublicAccessBlockConfiguration = {
  */
 export type S3BucketProps = {
     /**
-     * Configuration for the transfer acceleration state.
+     * The inventory configuration for an Amazon S3 bucket.
      */
-    AccelerateConfiguration?: S3BucketAccelerateConfiguration;
+    InventoryConfigurations?: S3BucketInventoryConfiguration[];
+    /**
+     * Specifies website configuration parameters for an Amazon S3 bucket.
+     */
+    WebsiteConfiguration?: S3BucketWebsiteConfiguration;
     /**
      * A canned access control list (ACL) that grants predefined permissions to the bucket.
      */
@@ -116576,9 +117535,13 @@ export type S3BucketProps = {
      */
     AnalyticsConfigurations?: S3BucketAnalyticsConfiguration[];
     /**
-     * Specifies default encryption for a bucket using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
+     * Configuration for the transfer acceleration state.
      */
-    BucketEncryption?: S3BucketBucketEncryption;
+    AccelerateConfiguration?: S3BucketAccelerateConfiguration;
+    /**
+     * Configuration that defines how Amazon S3 handles public access.
+     */
+    PublicAccessBlockConfiguration?: S3BucketPublicAccessBlockConfiguration;
     /**
      * A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.
      * @minLength `3`
@@ -116587,65 +117550,57 @@ export type S3BucketProps = {
      */
     BucketName?: string;
     /**
-     * Rules that define cross-origin resource sharing of objects in this bucket.
-     */
-    CorsConfiguration?: S3BucketCorsConfiguration;
-    /**
-     * Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.
+     * Specifies the container element for object ownership rules.
      */
-    IntelligentTieringConfigurations?: S3BucketIntelligentTieringConfiguration[];
+    OwnershipControls?: S3BucketOwnershipControls;
     /**
-     * The inventory configuration for an Amazon S3 bucket.
+     * Places an Object Lock configuration on the specified bucket.
      */
-    InventoryConfigurations?: S3BucketInventoryConfiguration[];
+    ObjectLockConfiguration?: S3BucketObjectLockConfiguration;
     /**
-     * Rules that define how Amazon S3 manages objects during their lifetime.
+     * Indicates whether this bucket has an Object Lock configuration enabled.
      */
-    LifecycleConfiguration?: S3BucketLifecycleConfiguration;
+    ObjectLockEnabled?: boolean;
     /**
      * Settings that define where logs are stored.
      */
     LoggingConfiguration?: S3BucketLoggingConfiguration;
     /**
-     * Settings that define a metrics configuration for the CloudWatch request metrics from the bucket.
-     */
-    MetricsConfigurations?: S3BucketMetricsConfiguration[];
-    /**
-     * Configuration that defines how Amazon S3 handles bucket notifications.
+     * Configuration for replicating objects in an S3 bucket.
      */
-    NotificationConfiguration?: S3BucketNotificationConfiguration;
+    ReplicationConfiguration?: S3BucketReplicationConfiguration;
     /**
-     * Places an Object Lock configuration on the specified bucket.
+     * An arbitrary set of tags (key-value pairs) for this S3 bucket.
      */
-    ObjectLockConfiguration?: S3BucketObjectLockConfiguration;
+    Tags?: S3BucketTag[];
     /**
-     * Indicates whether this bucket has an Object Lock configuration enabled.
+     * Specifies default encryption for a bucket using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
      */
-    ObjectLockEnabled?: boolean;
+    BucketEncryption?: S3BucketBucketEncryption;
     /**
-     * Specifies the container element for object ownership rules.
+     * Configuration that defines how Amazon S3 handles bucket notifications.
      */
-    OwnershipControls?: S3BucketOwnershipControls;
+    NotificationConfiguration?: S3BucketNotificationConfiguration;
     /**
-     * Configuration that defines how Amazon S3 handles public access.
+     * Rules that define how Amazon S3 manages objects during their lifetime.
      */
-    PublicAccessBlockConfiguration?: S3BucketPublicAccessBlockConfiguration;
+    LifecycleConfiguration?: S3BucketLifecycleConfiguration;
     /**
-     * Configuration for replicating objects in an S3 bucket.
+     * Describes the versioning state of an Amazon S3 bucket.
      */
-    ReplicationConfiguration?: S3BucketReplicationConfiguration;
+    VersioningConfiguration?: S3BucketVersioningConfiguration;
     /**
-     * An arbitrary set of tags (key-value pairs) for this S3 bucket.
+     * Settings that define a metrics configuration for the CloudWatch request metrics from the bucket.
      */
-    Tags?: S3BucketTag[];
+    MetricsConfigurations?: S3BucketMetricsConfiguration[];
     /**
-     * Describes the versioning state of an Amazon S3 bucket.
+     * Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.
      */
-    VersioningConfiguration?: S3BucketVersioningConfiguration;
+    IntelligentTieringConfigurations?: S3BucketIntelligentTieringConfiguration[];
     /**
-     * Specifies website configuration parameters for an Amazon S3 bucket.
+     * Rules that define cross-origin resource sharing of objects in this bucket.
      */
-    WebsiteConfiguration?: S3BucketWebsiteConfiguration;
+    CorsConfiguration?: S3BucketCorsConfiguration;
 };
 /**
  * Type definition for `AWS::S3::Bucket`.
@@ -116653,14 +117608,6 @@ export type S3BucketProps = {
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html}
  */
 export type S3BucketAttributes = {
-    /**
-     * The Amazon Resource Name (ARN) of the specified bucket.
-     */
-    Arn: string;
-    /**
-     * The IPv4 DNS name of the specified bucket.
-     */
-    DomainName: string;
     /**
      * The IPv6 DNS name of the specified bucket. For more information about dual-stack endpoints, see [Using Amazon S3 Dual-Stack Endpoints](https://docs.aws.amazon.com/AmazonS3/latest/dev/dual-stack-endpoints.html).
      */
@@ -116669,42 +117616,94 @@ export type S3BucketAttributes = {
      * Returns the regional domain name of the specified bucket.
      */
     RegionalDomainName: string;
+    /**
+     * The IPv4 DNS name of the specified bucket.
+     */
+    DomainName: string;
     /**
      * The Amazon S3 website endpoint for the specified bucket.
      */
     WebsiteURL: string;
+    /**
+     * The Amazon Resource Name (ARN) of the specified bucket.
+     */
+    Arn: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.TagFilter`.
- * Tags to use to identify a subset of objects for an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-tagfilter.html}
+ * Type definition for `AWS::S3::Bucket.DefaultRetention`.
+ * The default retention period that you want to apply to new objects placed in the specified bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html}
  */
-export type S3BucketTagFilter = {
+export type S3BucketDefaultRetention = {
+    Years?: number;
+    Days?: number;
+    Mode?: "COMPLIANCE" | "GOVERNANCE";
+};
+/**
+ * Type definition for `AWS::S3::Bucket.SourceSelectionCriteria`.
+ * A container that describes additional filters for identifying the source objects that you want to replicate.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-sourceselectioncriteria.html}
+ */
+export type S3BucketSourceSelectionCriteria = {
+    /**
+     * A filter that you can specify for selection for modifications on replicas.
+     */
+    ReplicaModifications?: S3BucketReplicaModifications;
+    /**
+     * A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.
+     */
+    SseKmsEncryptedObjects?: S3BucketSseKmsEncryptedObjects;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.ReplicationTimeValue`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationtimevalue.html}
+ */
+export type S3BucketReplicationTimeValue = {
+    Minutes: number;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.FilterRule`.
+ * Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter-s3key-rules.html}
+ */
+export type S3BucketFilterRule = {
     Value: string;
-    Key: string;
+    /**
+     * @maxLength `1024`
+     */
+    Name: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.Destination`.
- * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-destination.html}
+ * Type definition for `AWS::S3::Bucket.ReplicationRule`.
+ * Specifies which Amazon S3 objects to replicate and where to store the replicas.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration-rules.html}
  */
-export type S3BucketDestination = {
+export type S3BucketReplicationRule = {
     /**
-     * The Amazon Resource Name (ARN) of the bucket to which data is exported.
+     * Specifies whether the rule is enabled.
      */
-    BucketArn: string;
+    Status: "Disabled" | "Enabled";
     /**
-     * The account ID that owns the destination S3 bucket.
+     * Specifies which Amazon S3 bucket to store replicated objects in and their storage class.
      */
-    BucketAccountId?: string;
+    Destination: S3BucketReplicationDestination;
+    Filter?: S3BucketReplicationRuleFilter;
+    Priority?: number;
     /**
-     * Specifies the file format used when exporting data to Amazon S3.
+     * A container that describes additional filters for identifying the source objects that you want to replicate.
      */
-    Format: "CSV" | "ORC" | "Parquet";
+    SourceSelectionCriteria?: S3BucketSourceSelectionCriteria;
     /**
-     * The prefix to use when exporting data. The prefix is prepended to all results.
+     * A unique identifier for the rule.
+     * @maxLength `255`
+     */
+    Id?: string;
+    /**
+     * An object key name prefix that identifies the object or objects to which the rule applies.
+     * @maxLength `1024`
      */
     Prefix?: string;
+    DeleteMarkerReplication?: S3BucketDeleteMarkerReplication;
 };
 /**
  * Type definition for `AWS::S3::Bucket.AccelerateConfiguration`.
@@ -116717,61 +117716,82 @@ export type S3BucketAccelerateConfiguration = {
     AccelerationStatus: "Enabled" | "Suspended";
 };
 /**
- * Type definition for `AWS::S3::Bucket.AnalyticsConfiguration`.
- * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-analyticsconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.Metrics`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-metrics.html}
  */
-export type S3BucketAnalyticsConfiguration = {
-    TagFilters?: S3BucketTagFilter[];
-    /**
-     * Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.
-     */
-    StorageClassAnalysis: S3BucketStorageClassAnalysis;
+export type S3BucketMetrics = {
+    Status: "Disabled" | "Enabled";
+    EventThreshold?: S3BucketReplicationTimeValue;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.RoutingRuleCondition`.
+ * A container for describing a condition that must be met for the specified redirect to apply.You must specify at least one of HttpErrorCodeReturnedEquals and KeyPrefixEquals
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules-routingrulecondition.html}
+ */
+export type S3BucketRoutingRuleCondition = {
     /**
-     * The ID that identifies the analytics configuration.
+     * The object key name prefix when the redirect is applied.
      */
-    Id: string;
+    KeyPrefixEquals?: string;
     /**
-     * The prefix that an object must have to be included in the analytics results.
+     * The HTTP error code when the redirect is applied.
      */
-    Prefix?: string;
+    HttpErrorCodeReturnedEquals?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.StorageClassAnalysis`.
- * Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-storageclassanalysis.html}
+ * Type definition for `AWS::S3::Bucket.OwnershipControls`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html}
  */
-export type S3BucketStorageClassAnalysis = {
-    /**
-     * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
-     */
-    DataExport?: S3BucketDataExport;
+export type S3BucketOwnershipControls = {
+    Rules: S3BucketOwnershipControlsRule[];
 };
 /**
- * Type definition for `AWS::S3::Bucket.DataExport`.
- * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-dataexport.html}
+ * Type definition for `AWS::S3::Bucket.DeleteMarkerReplication`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-deletemarkerreplication.html}
  */
-export type S3BucketDataExport = {
+export type S3BucketDeleteMarkerReplication = {
+    Status?: "Disabled" | "Enabled";
+};
+/**
+ * Type definition for `AWS::S3::Bucket.RoutingRule`.
+ * Specifies the redirect behavior and when a redirect is applied.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html}
+ */
+export type S3BucketRoutingRule = {
     /**
-     * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
+     * Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
      */
-    Destination: S3BucketDestination;
+    RedirectRule: S3BucketRedirectRule;
     /**
-     * The version of the output schema to use when exporting data.
+     * A container for describing a condition that must be met for the specified redirect to apply.You must specify at least one of HttpErrorCodeReturnedEquals and KeyPrefixEquals
      */
-    OutputSchemaVersion: "V_1";
+    RoutingRuleCondition?: S3BucketRoutingRuleCondition;
 };
 /**
- * Type definition for `AWS::S3::Bucket.BucketEncryption`.
- * Specifies default encryption for a bucket using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-bucketencryption.html}
+ * Type definition for `AWS::S3::Bucket.NotificationFilter`.
+ * Specifies object key name filtering rules.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter.html}
  */
-export type S3BucketBucketEncryption = {
+export type S3BucketNotificationFilter = {
     /**
-     * Specifies the default server-side-encryption configuration.
+     * A container for object key name prefix and suffix filtering rules.
      */
-    ServerSideEncryptionConfiguration: S3BucketServerSideEncryptionRule[];
+    S3Key: S3BucketS3KeyFilter;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.ReplicationConfiguration`.
+ * A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration.html}
+ */
+export type S3BucketReplicationConfiguration = {
+    /**
+     * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects.
+     */
+    Role: string;
+    /**
+     * A container for one or more replication rules.
+     */
+    Rules: S3BucketReplicationRule[];
 };
 /**
  * Type definition for `AWS::S3::Bucket.ServerSideEncryptionRule`.
@@ -116789,23 +117809,48 @@ export type S3BucketServerSideEncryptionRule = {
     ServerSideEncryptionByDefault?: S3BucketServerSideEncryptionByDefault;
 };
 /**
- * Type definition for `AWS::S3::Bucket.ServerSideEncryptionByDefault`.
- * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-serversideencryptionbydefault.html}
+ * Type definition for `AWS::S3::Bucket.ReplicationDestination`.
+ * Specifies which Amazon S3 bucket to store replicated objects in and their storage class.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration-rules-destination.html}
  */
-export type S3BucketServerSideEncryptionByDefault = {
+export type S3BucketReplicationDestination = {
     /**
-     * "KMSMasterKeyID" can only be used when you set the value of SSEAlgorithm as aws:kms or aws:kms:dsse.
+     * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.
      */
-    KMSMasterKeyID?: string;
-    SSEAlgorithm: "aws:kms" | "AES256" | "aws:kms:dsse";
+    AccessControlTranslation?: S3BucketAccessControlTranslation;
+    Account?: string;
+    Metrics?: S3BucketMetrics;
+    Bucket: string;
+    /**
+     * Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.
+     */
+    EncryptionConfiguration?: S3BucketEncryptionConfiguration;
+    /**
+     * The storage class to use when replicating objects, such as S3 Standard or reduced redundancy.
+     */
+    StorageClass?: "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
+    ReplicationTime?: S3BucketReplicationTime;
 };
 /**
- * Type definition for `AWS::S3::Bucket.CorsConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html}
+ * Type definition for `AWS::S3::Bucket.OwnershipControlsRule`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrolsrule.html}
  */
-export type S3BucketCorsConfiguration = {
-    CorsRules: S3BucketCorsRule[];
+export type S3BucketOwnershipControlsRule = {
+    /**
+     * Specifies an object ownership rule.
+     */
+    ObjectOwnership?: "ObjectWriter" | "BucketOwnerPreferred" | "BucketOwnerEnforced";
+};
+/**
+ * Type definition for `AWS::S3::Bucket.EventBridgeConfiguration`.
+ * Describes the Amazon EventBridge notification configuration for an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-eventbridgeconfig.html}
+ */
+export type S3BucketEventBridgeConfiguration = {
+    /**
+     * Specifies whether to send notifications to Amazon EventBridge when events occur in an Amazon S3 bucket.
+     */
+    EventBridgeEnabled: boolean;
 };
 /**
  * Type definition for `AWS::S3::Bucket.CorsRule`.
@@ -116814,9 +117859,9 @@ export type S3BucketCorsConfiguration = {
  */
 export type S3BucketCorsRule = {
     /**
-     * Headers that are specified in the Access-Control-Request-Headers header.
+     * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
      */
-    AllowedHeaders?: string[];
+    ExposedHeaders?: string[];
     /**
      * An HTTP method that you allow the origin to execute.
      */
@@ -116826,178 +117871,256 @@ export type S3BucketCorsRule = {
      */
     AllowedOrigins: string[];
     /**
-     * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).
+     * Headers that are specified in the Access-Control-Request-Headers header.
      */
-    ExposedHeaders?: string[];
+    AllowedHeaders?: string[];
+    /**
+     * The time in seconds that your browser is to cache the preflight response for the specified resource.
+     */
+    MaxAge?: number;
     /**
      * A unique identifier for this rule.
      * @maxLength `255`
      */
     Id?: string;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.AccessControlTranslation`.
+ * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-accesscontroltranslation.html}
+ */
+export type S3BucketAccessControlTranslation = {
+    Owner: "Destination";
+};
+/**
+ * Type definition for `AWS::S3::Bucket.ObjectLockRule`.
+ * The Object Lock rule in place for the specified object.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html}
+ */
+export type S3BucketObjectLockRule = {
     /**
-     * The time in seconds that your browser is to cache the preflight response for the specified resource.
+     * The default retention period that you want to apply to new objects placed in the specified bucket.
      */
-    MaxAge?: number;
+    DefaultRetention?: S3BucketDefaultRetention;
 };
 /**
- * Type definition for `AWS::S3::Bucket.IntelligentTieringConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-intelligenttieringconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.Rule`.
+ * You must specify at least one of the following properties: AbortIncompleteMultipartUpload, ExpirationDate, ExpirationInDays, NoncurrentVersionExpirationInDays, NoncurrentVersionTransition, NoncurrentVersionTransitions, Transition, or Transitions.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html}
  */
-export type S3BucketIntelligentTieringConfiguration = {
+export type S3BucketRule = {
+    Status: "Enabled" | "Disabled";
+    ExpiredObjectDeleteMarker?: boolean;
+    NoncurrentVersionExpirationInDays?: number;
+    Transitions?: S3BucketTransition[];
     /**
-     * The ID used to identify the S3 Intelligent-Tiering configuration.
+     * @maxLength `20`
+     * @pattern `[0-9]+`
      */
-    Id: string;
+    ObjectSizeGreaterThan?: string;
+    TagFilters?: S3BucketTagFilter[];
+    NoncurrentVersionTransitions?: S3BucketNoncurrentVersionTransition[];
+    Prefix?: string;
     /**
-     * An object key name prefix that identifies the subset of objects to which the rule applies.
+     * @maxLength `20`
+     * @pattern `[0-9]+`
      */
-    Prefix?: string;
+    ObjectSizeLessThan?: string;
     /**
-     * Specifies the status of the configuration.
+     * Container for the transition rule that describes when noncurrent objects transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's lifetime.
      */
-    Status: "Disabled" | "Enabled";
+    NoncurrentVersionTransition?: S3BucketNoncurrentVersionTransition;
     /**
-     * A container for a key-value pair.
+     * The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
+     * @pattern `^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$`
      */
-    TagFilters?: S3BucketTagFilter[];
+    ExpirationDate?: string;
     /**
-     * Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS.
+     * Container for the expiration rule that describes when noncurrent objects are expired. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 expire noncurrent object versions at a specific period in the object's lifetime
      */
-    Tierings: S3BucketTiering[];
-};
-/**
- * Type definition for `AWS::S3::Bucket.Tiering`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-tiering.html}
- */
-export type S3BucketTiering = {
+    NoncurrentVersionExpiration?: S3BucketNoncurrentVersionExpiration;
+    ExpirationInDays?: number;
     /**
-     * S3 Intelligent-Tiering access tier. See Storage class for automatically optimizing frequently and infrequently accessed objects for a list of access tiers in the S3 Intelligent-Tiering storage class.
+     * You must specify at least one of "TransitionDate" and "TransitionInDays"
      */
-    AccessTier: "ARCHIVE_ACCESS" | "DEEP_ARCHIVE_ACCESS";
+    Transition?: S3BucketTransition;
     /**
-     * The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).
+     * @maxLength `255`
      */
-    Days: number;
+    Id?: string;
+    /**
+     * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
+     */
+    AbortIncompleteMultipartUpload?: S3BucketAbortIncompleteMultipartUpload;
 };
 /**
- * Type definition for `AWS::S3::Bucket.InventoryConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-inventoryconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.S3KeyFilter`.
+ * A container for object key name prefix and suffix filtering rules.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter-s3key.html}
  */
-export type S3BucketInventoryConfiguration = {
+export type S3BucketS3KeyFilter = {
+    Rules: S3BucketFilterRule[];
+};
+/**
+ * Type definition for `AWS::S3::Bucket.AnalyticsConfiguration`.
+ * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-analyticsconfiguration.html}
+ */
+export type S3BucketAnalyticsConfiguration = {
     /**
-     * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
+     * Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.
      */
-    Destination: S3BucketDestination;
+    StorageClassAnalysis: S3BucketStorageClassAnalysis;
+    TagFilters?: S3BucketTagFilter[];
     /**
-     * Specifies whether the inventory is enabled or disabled.
+     * The ID that identifies the analytics configuration.
      */
-    Enabled: boolean;
+    Id: string;
     /**
-     * The ID used to identify the inventory configuration.
+     * The prefix that an object must have to be included in the analytics results.
      */
-    Id: string;
+    Prefix?: string;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.Destination`.
+ * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-destination.html}
+ */
+export type S3BucketDestination = {
     /**
-     * Object versions to include in the inventory list.
+     * The Amazon Resource Name (ARN) of the bucket to which data is exported.
      */
-    IncludedObjectVersions: "All" | "Current";
+    BucketArn: string;
     /**
-     * Contains the optional fields that are included in the inventory results.
+     * Specifies the file format used when exporting data to Amazon S3.
      */
-    OptionalFields?: ("Size" | "LastModifiedDate" | "StorageClass" | "ETag" | "IsMultipartUploaded" | "ReplicationStatus" | "EncryptionStatus" | "ObjectLockRetainUntilDate" | "ObjectLockMode" | "ObjectLockLegalHoldStatus" | "IntelligentTieringAccessTier" | "BucketKeyStatus")[];
+    Format: "CSV" | "ORC" | "Parquet";
     /**
-     * The prefix that is prepended to all inventory results.
+     * The account ID that owns the destination S3 bucket.
      */
-    Prefix?: string;
+    BucketAccountId?: string;
     /**
-     * Specifies the schedule for generating inventory results.
+     * The prefix to use when exporting data. The prefix is prepended to all results.
      */
-    ScheduleFrequency: "Daily" | "Weekly";
+    Prefix?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.LifecycleConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig.html}
+ * Type definition for `AWS::S3::Bucket.RedirectAllRequestsTo`.
+ * Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-redirectallrequeststo.html}
  */
-export type S3BucketLifecycleConfiguration = {
+export type S3BucketRedirectAllRequestsTo = {
     /**
-     * A lifecycle rule for individual objects in an Amazon S3 bucket.
+     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
      */
-    Rules: S3BucketRule[];
+    Protocol?: "http" | "https";
+    /**
+     * Name of the host where requests are redirected.
+     */
+    HostName: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.Rule`.
- * You must specify at least one of the following properties: AbortIncompleteMultipartUpload, ExpirationDate, ExpirationInDays, NoncurrentVersionExpirationInDays, NoncurrentVersionTransition, NoncurrentVersionTransitions, Transition, or Transitions.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html}
+ * Type definition for `AWS::S3::Bucket.TagFilter`.
+ * Tags to use to identify a subset of objects for an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-tagfilter.html}
  */
-export type S3BucketRule = {
+export type S3BucketTagFilter = {
+    Value: string;
+    Key: string;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.WebsiteConfiguration`.
+ * Specifies website configuration parameters for an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html}
+ */
+export type S3BucketWebsiteConfiguration = {
     /**
-     * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
+     * The name of the index document for the website.
      */
-    AbortIncompleteMultipartUpload?: S3BucketAbortIncompleteMultipartUpload;
+    IndexDocument?: string;
     /**
-     * The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
-     * @pattern `^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$`
+     * Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.
      */
-    ExpirationDate?: string;
-    ExpirationInDays?: number;
-    ExpiredObjectDeleteMarker?: boolean;
+    RedirectAllRequestsTo?: S3BucketRedirectAllRequestsTo;
+    RoutingRules?: S3BucketRoutingRule[];
     /**
-     * @maxLength `255`
+     * The name of the error document for the website.
      */
-    Id?: string;
-    NoncurrentVersionExpirationInDays?: number;
+    ErrorDocument?: string;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.TopicConfiguration`.
+ * The topic to which notifications are sent and the events for which notifications are generated.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-topicconfig.html}
+ */
+export type S3BucketTopicConfiguration = {
     /**
-     * Container for the expiration rule that describes when noncurrent objects are expired. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 expire noncurrent object versions at a specific period in the object's lifetime
+     * The filtering rules that determine for which objects to send notifications.
      */
-    NoncurrentVersionExpiration?: S3BucketNoncurrentVersionExpiration;
+    Filter?: S3BucketNotificationFilter;
     /**
-     * Container for the transition rule that describes when noncurrent objects transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's lifetime.
+     * The Amazon S3 bucket event about which to send notifications.
      */
-    NoncurrentVersionTransition?: S3BucketNoncurrentVersionTransition;
-    NoncurrentVersionTransitions?: S3BucketNoncurrentVersionTransition[];
-    Prefix?: string;
-    Status: "Enabled" | "Disabled";
-    TagFilters?: S3BucketTagFilter[];
+    Event: string;
     /**
-     * @maxLength `20`
-     * @pattern `[0-9]+`
+     * The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.
      */
-    ObjectSizeGreaterThan?: string;
+    Topic: string;
+};
+/**
+ * Type definition for `AWS::S3::Bucket.IntelligentTieringConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-intelligenttieringconfiguration.html}
+ */
+export type S3BucketIntelligentTieringConfiguration = {
     /**
-     * @maxLength `20`
-     * @pattern `[0-9]+`
+     * Specifies the status of the configuration.
      */
-    ObjectSizeLessThan?: string;
+    Status: "Disabled" | "Enabled";
     /**
-     * You must specify at least one of "TransitionDate" and "TransitionInDays"
+     * Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS.
      */
-    Transition?: S3BucketTransition;
-    Transitions?: S3BucketTransition[];
-};
-/**
- * Type definition for `AWS::S3::Bucket.AbortIncompleteMultipartUpload`.
- * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-abortincompletemultipartupload.html}
- */
-export type S3BucketAbortIncompleteMultipartUpload = {
+    Tierings: S3BucketTiering[];
     /**
-     * Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.
+     * A container for a key-value pair.
      */
-    DaysAfterInitiation: number;
+    TagFilters?: S3BucketTagFilter[];
+    /**
+     * The ID used to identify the S3 Intelligent-Tiering configuration.
+     */
+    Id: string;
+    /**
+     * An object key name prefix that identifies the subset of objects to which the rule applies.
+     */
+    Prefix?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.NoncurrentVersionExpiration`.
- * Container for the expiration rule that describes when noncurrent objects are expired. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 expire noncurrent object versions at a specific period in the object's lifetime
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule-noncurrentversionexpiration.html}
+ * Type definition for `AWS::S3::Bucket.PublicAccessBlockConfiguration`.
+ * Configuration that defines how Amazon S3 handles public access.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html}
  */
-export type S3BucketNoncurrentVersionExpiration = {
+export type S3BucketPublicAccessBlockConfiguration = {
     /**
-     * Specified the number of days an object is noncurrent before Amazon S3 can perform the associated action
-     */
-    NoncurrentDays: number;
+       * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.
+      Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
+       */
+    RestrictPublicBuckets?: boolean;
     /**
-     * Specified the number of newer noncurrent and current versions that must exists before performing the associated action
-     */
-    NewerNoncurrentVersions?: number;
+       * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
+      Enabling this setting doesn't affect existing bucket policies.
+       */
+    BlockPublicPolicy?: boolean;
+    /**
+       * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:
+      - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
+       - PUT Object calls fail if the request includes a public ACL.
+      Enabling this setting doesn't affect existing policies or ACLs.
+       */
+    BlockPublicAcls?: boolean;
+    /**
+       * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.
+      Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
+       */
+    IgnorePublicAcls?: boolean;
 };
 /**
  * Type definition for `AWS::S3::Bucket.NoncurrentVersionTransition`.
@@ -117019,29 +118142,27 @@ export type S3BucketNoncurrentVersionTransition = {
     NewerNoncurrentVersions?: number;
 };
 /**
- * Type definition for `AWS::S3::Bucket.Transition`.
- * You must specify at least one of "TransitionDate" and "TransitionInDays"
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule-transition.html}
+ * Type definition for `AWS::S3::Bucket.StorageClassAnalysis`.
+ * Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-storageclassanalysis.html}
  */
-export type S3BucketTransition = {
-    StorageClass: "DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA";
+export type S3BucketStorageClassAnalysis = {
     /**
-     * The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
-     * @pattern `^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$`
+     * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
      */
-    TransitionDate?: string;
-    TransitionInDays?: number;
+    DataExport?: S3BucketDataExport;
 };
 /**
- * Type definition for `AWS::S3::Bucket.LoggingConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-loggingconfig.html}
+ * Type definition for `AWS::S3::Bucket.ServerSideEncryptionByDefault`.
+ * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-serversideencryptionbydefault.html}
  */
-export type S3BucketLoggingConfiguration = {
+export type S3BucketServerSideEncryptionByDefault = {
+    SSEAlgorithm: "aws:kms" | "AES256" | "aws:kms:dsse";
     /**
-     * The name of an Amazon S3 bucket where Amazon S3 store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
+     * "KMSMasterKeyID" can only be used when you set the value of SSEAlgorithm as aws:kms or aws:kms:dsse.
      */
-    DestinationBucketName?: string;
-    LogFilePrefix?: string;
+    KMSMasterKeyID?: string;
 };
 /**
  * Type definition for `AWS::S3::Bucket.MetricsConfiguration`.
@@ -117049,34 +118170,31 @@ export type S3BucketLoggingConfiguration = {
  */
 export type S3BucketMetricsConfiguration = {
     AccessPointArn?: string;
+    TagFilters?: S3BucketTagFilter[];
     Id: string;
     Prefix?: string;
-    TagFilters?: S3BucketTagFilter[];
 };
 /**
- * Type definition for `AWS::S3::Bucket.NotificationConfiguration`.
- * Describes the notification configuration for an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig.html}
+ * Type definition for `AWS::S3::Bucket.ObjectLockConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockconfiguration.html}
  */
-export type S3BucketNotificationConfiguration = {
+export type S3BucketObjectLockConfiguration = {
+    ObjectLockEnabled?: "Enabled";
     /**
-     * Describes the Amazon EventBridge notification configuration for an Amazon S3 bucket.
+     * The Object Lock rule in place for the specified object.
      */
-    EventBridgeConfiguration?: S3BucketEventBridgeConfiguration;
-    LambdaConfigurations?: S3BucketLambdaConfiguration[];
-    QueueConfigurations?: S3BucketQueueConfiguration[];
-    TopicConfigurations?: S3BucketTopicConfiguration[];
+    Rule?: S3BucketObjectLockRule;
 };
 /**
- * Type definition for `AWS::S3::Bucket.EventBridgeConfiguration`.
- * Describes the Amazon EventBridge notification configuration for an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-eventbridgeconfig.html}
+ * Type definition for `AWS::S3::Bucket.LoggingConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-loggingconfig.html}
  */
-export type S3BucketEventBridgeConfiguration = {
+export type S3BucketLoggingConfiguration = {
+    LogFilePrefix?: string;
     /**
-     * Specifies whether to send notifications to Amazon EventBridge when events occur in an Amazon S3 bucket.
+     * The name of an Amazon S3 bucket where Amazon S3 store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.
      */
-    EventBridgeEnabled: boolean;
+    DestinationBucketName?: string;
 };
 /**
  * Type definition for `AWS::S3::Bucket.LambdaConfiguration`.
@@ -117085,318 +118203,199 @@ export type S3BucketEventBridgeConfiguration = {
  */
 export type S3BucketLambdaConfiguration = {
     /**
-     * The Amazon S3 bucket event for which to invoke the AWS Lambda function.
+     * The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.
      */
-    Event: string;
+    Function: string;
     /**
      * The filtering rules that determine which objects invoke the AWS Lambda function.
      */
     Filter?: S3BucketNotificationFilter;
     /**
-     * The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.
+     * The Amazon S3 bucket event for which to invoke the AWS Lambda function.
      */
-    Function: string;
+    Event: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.QueueConfiguration`.
- * The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-queueconfig.html}
+ * Type definition for `AWS::S3::Bucket.DataExport`.
+ * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-dataexport.html}
  */
-export type S3BucketQueueConfiguration = {
-    /**
-     * The Amazon S3 bucket event about which you want to publish messages to Amazon SQS.
-     */
-    Event: string;
+export type S3BucketDataExport = {
     /**
-     * The filtering rules that determine which objects trigger notifications.
+     * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
      */
-    Filter?: S3BucketNotificationFilter;
+    Destination: S3BucketDestination;
     /**
-     * The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type.
+     * The version of the output schema to use when exporting data.
      */
-    Queue: string;
+    OutputSchemaVersion: "V_1";
 };
 /**
- * Type definition for `AWS::S3::Bucket.TopicConfiguration`.
- * The topic to which notifications are sent and the events for which notifications are generated.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-topicconfig.html}
+ * Type definition for `AWS::S3::Bucket.Tiering`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-tiering.html}
  */
-export type S3BucketTopicConfiguration = {
-    /**
-     * The Amazon S3 bucket event about which to send notifications.
-     */
-    Event: string;
-    /**
-     * The filtering rules that determine for which objects to send notifications.
-     */
-    Filter?: S3BucketNotificationFilter;
+export type S3BucketTiering = {
     /**
-     * The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.
+     * S3 Intelligent-Tiering access tier. See Storage class for automatically optimizing frequently and infrequently accessed objects for a list of access tiers in the S3 Intelligent-Tiering storage class.
      */
-    Topic: string;
-};
-/**
- * Type definition for `AWS::S3::Bucket.NotificationFilter`.
- * Specifies object key name filtering rules.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter.html}
- */
-export type S3BucketNotificationFilter = {
+    AccessTier: "ARCHIVE_ACCESS" | "DEEP_ARCHIVE_ACCESS";
     /**
-     * A container for object key name prefix and suffix filtering rules.
+     * The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).
      */
-    S3Key: S3BucketS3KeyFilter;
+    Days: number;
 };
 /**
- * Type definition for `AWS::S3::Bucket.S3KeyFilter`.
- * A container for object key name prefix and suffix filtering rules.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter-s3key.html}
+ * Type definition for `AWS::S3::Bucket.ReplicationTime`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationtime.html}
  */
-export type S3BucketS3KeyFilter = {
-    Rules: S3BucketFilterRule[];
+export type S3BucketReplicationTime = {
+    Status: "Disabled" | "Enabled";
+    Time: S3BucketReplicationTimeValue;
 };
 /**
- * Type definition for `AWS::S3::Bucket.FilterRule`.
- * Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter-s3key-rules.html}
+ * Type definition for `AWS::S3::Bucket.ReplicationRuleFilter`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrulefilter.html}
  */
-export type S3BucketFilterRule = {
+export type S3BucketReplicationRuleFilter = {
+    And?: S3BucketReplicationRuleAndOperator;
     /**
-     * @maxLength `1024`
+     * Tags to use to identify a subset of objects for an Amazon S3 bucket.
      */
-    Name: string;
-    Value: string;
+    TagFilter?: S3BucketTagFilter;
+    Prefix?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.ObjectLockConfiguration`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.RedirectRule`.
+ * Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules-redirectrule.html}
  */
-export type S3BucketObjectLockConfiguration = {
-    ObjectLockEnabled?: "Enabled";
+export type S3BucketRedirectRule = {
     /**
-     * The Object Lock rule in place for the specified object.
+     * The specific object key to use in the redirect request.d
      */
-    Rule?: S3BucketObjectLockRule;
-};
-/**
- * Type definition for `AWS::S3::Bucket.ObjectLockRule`.
- * The Object Lock rule in place for the specified object.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html}
- */
-export type S3BucketObjectLockRule = {
+    ReplaceKeyWith?: string;
     /**
-     * The default retention period that you want to apply to new objects placed in the specified bucket.
+     * The HTTP redirect code to use on the response. Not required if one of the siblings is present.
      */
-    DefaultRetention?: S3BucketDefaultRetention;
-};
-/**
- * Type definition for `AWS::S3::Bucket.DefaultRetention`.
- * The default retention period that you want to apply to new objects placed in the specified bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html}
- */
-export type S3BucketDefaultRetention = {
-    Years?: number;
-    Days?: number;
-    Mode?: "COMPLIANCE" | "GOVERNANCE";
+    HttpRedirectCode?: string;
+    /**
+     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
+     */
+    Protocol?: "http" | "https";
+    /**
+     * The host name to use in the redirect request.
+     */
+    HostName?: string;
+    /**
+     * The object key prefix to use in the redirect request.
+     */
+    ReplaceKeyPrefixWith?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.OwnershipControls`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html}
+ * Type definition for `AWS::S3::Bucket.EncryptionConfiguration`.
+ * Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-encryptionconfiguration.html}
  */
-export type S3BucketOwnershipControls = {
-    Rules: S3BucketOwnershipControlsRule[];
+export type S3BucketEncryptionConfiguration = {
+    /**
+     * Specifies the ID (Key ARN or Alias ARN) of the customer managed customer master key (CMK) stored in AWS Key Management Service (KMS) for the destination bucket.
+     */
+    ReplicaKmsKeyID: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.OwnershipControlsRule`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrolsrule.html}
+ * Type definition for `AWS::S3::Bucket.BucketEncryption`.
+ * Specifies default encryption for a bucket using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-bucketencryption.html}
  */
-export type S3BucketOwnershipControlsRule = {
+export type S3BucketBucketEncryption = {
     /**
-     * Specifies an object ownership rule.
+     * Specifies the default server-side-encryption configuration.
      */
-    ObjectOwnership?: "ObjectWriter" | "BucketOwnerPreferred" | "BucketOwnerEnforced";
+    ServerSideEncryptionConfiguration: S3BucketServerSideEncryptionRule[];
 };
 /**
- * Type definition for `AWS::S3::Bucket.PublicAccessBlockConfiguration`.
- * Configuration that defines how Amazon S3 handles public access.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.NotificationConfiguration`.
+ * Describes the notification configuration for an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig.html}
  */
-export type S3BucketPublicAccessBlockConfiguration = {
-    /**
-       * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:
-      - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
-       - PUT Object calls fail if the request includes a public ACL.
-      Enabling this setting doesn't affect existing policies or ACLs.
-       */
-    BlockPublicAcls?: boolean;
-    /**
-       * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
-      Enabling this setting doesn't affect existing bucket policies.
-       */
-    BlockPublicPolicy?: boolean;
-    /**
-       * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.
-      Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
-       */
-    IgnorePublicAcls?: boolean;
+export type S3BucketNotificationConfiguration = {
+    TopicConfigurations?: S3BucketTopicConfiguration[];
+    QueueConfigurations?: S3BucketQueueConfiguration[];
+    LambdaConfigurations?: S3BucketLambdaConfiguration[];
     /**
-       * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.
-      Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
-       */
-    RestrictPublicBuckets?: boolean;
+     * Describes the Amazon EventBridge notification configuration for an Amazon S3 bucket.
+     */
+    EventBridgeConfiguration?: S3BucketEventBridgeConfiguration;
 };
 /**
- * Type definition for `AWS::S3::Bucket.ReplicationConfiguration`.
- * A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.LifecycleConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig.html}
  */
-export type S3BucketReplicationConfiguration = {
-    /**
-     * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects.
-     */
-    Role: string;
+export type S3BucketLifecycleConfiguration = {
     /**
-     * A container for one or more replication rules.
+     * A lifecycle rule for individual objects in an Amazon S3 bucket.
      */
-    Rules: S3BucketReplicationRule[];
+    Rules: S3BucketRule[];
 };
 /**
- * Type definition for `AWS::S3::Bucket.ReplicationRule`.
- * Specifies which Amazon S3 objects to replicate and where to store the replicas.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration-rules.html}
+ * Type definition for `AWS::S3::Bucket.InventoryConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-inventoryconfiguration.html}
  */
-export type S3BucketReplicationRule = {
-    DeleteMarkerReplication?: S3BucketDeleteMarkerReplication;
-    /**
-     * Specifies which Amazon S3 bucket to store replicated objects in and their storage class.
-     */
-    Destination: S3BucketReplicationDestination;
-    Filter?: S3BucketReplicationRuleFilter;
-    /**
-     * A unique identifier for the rule.
-     * @maxLength `255`
-     */
-    Id?: string;
-    /**
-     * An object key name prefix that identifies the object or objects to which the rule applies.
-     * @maxLength `1024`
-     */
-    Prefix?: string;
-    Priority?: number;
+export type S3BucketInventoryConfiguration = {
     /**
-     * A container that describes additional filters for identifying the source objects that you want to replicate.
+     * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
      */
-    SourceSelectionCriteria?: S3BucketSourceSelectionCriteria;
+    Destination: S3BucketDestination;
     /**
-     * Specifies whether the rule is enabled.
+     * Contains the optional fields that are included in the inventory results.
      */
-    Status: "Disabled" | "Enabled";
-};
-/**
- * Type definition for `AWS::S3::Bucket.DeleteMarkerReplication`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-deletemarkerreplication.html}
- */
-export type S3BucketDeleteMarkerReplication = {
-    Status?: "Disabled" | "Enabled";
-};
-/**
- * Type definition for `AWS::S3::Bucket.ReplicationDestination`.
- * Specifies which Amazon S3 bucket to store replicated objects in and their storage class.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationconfiguration-rules-destination.html}
- */
-export type S3BucketReplicationDestination = {
+    OptionalFields?: ("Size" | "LastModifiedDate" | "StorageClass" | "ETag" | "IsMultipartUploaded" | "ReplicationStatus" | "EncryptionStatus" | "ObjectLockRetainUntilDate" | "ObjectLockMode" | "ObjectLockLegalHoldStatus" | "IntelligentTieringAccessTier" | "BucketKeyStatus")[];
     /**
-     * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.
+     * Object versions to include in the inventory list.
      */
-    AccessControlTranslation?: S3BucketAccessControlTranslation;
-    Account?: string;
-    Bucket: string;
+    IncludedObjectVersions: "All" | "Current";
     /**
-     * Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.
+     * Specifies whether the inventory is enabled or disabled.
      */
-    EncryptionConfiguration?: S3BucketEncryptionConfiguration;
-    Metrics?: S3BucketMetrics;
-    ReplicationTime?: S3BucketReplicationTime;
+    Enabled: boolean;
     /**
-     * The storage class to use when replicating objects, such as S3 Standard or reduced redundancy.
+     * The ID used to identify the inventory configuration.
      */
-    StorageClass?: "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
-};
-/**
- * Type definition for `AWS::S3::Bucket.AccessControlTranslation`.
- * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-accesscontroltranslation.html}
- */
-export type S3BucketAccessControlTranslation = {
-    Owner: "Destination";
-};
-/**
- * Type definition for `AWS::S3::Bucket.EncryptionConfiguration`.
- * Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-encryptionconfiguration.html}
- */
-export type S3BucketEncryptionConfiguration = {
+    Id: string;
     /**
-     * Specifies the ID (Key ARN or Alias ARN) of the customer managed customer master key (CMK) stored in AWS Key Management Service (KMS) for the destination bucket.
+     * The prefix that is prepended to all inventory results.
      */
-    ReplicaKmsKeyID: string;
-};
-/**
- * Type definition for `AWS::S3::Bucket.Metrics`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-metrics.html}
- */
-export type S3BucketMetrics = {
-    EventThreshold?: S3BucketReplicationTimeValue;
-    Status: "Disabled" | "Enabled";
-};
-/**
- * Type definition for `AWS::S3::Bucket.ReplicationTimeValue`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationtimevalue.html}
- */
-export type S3BucketReplicationTimeValue = {
-    Minutes: number;
-};
-/**
- * Type definition for `AWS::S3::Bucket.ReplicationTime`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationtime.html}
- */
-export type S3BucketReplicationTime = {
-    Status: "Disabled" | "Enabled";
-    Time: S3BucketReplicationTimeValue;
-};
-/**
- * Type definition for `AWS::S3::Bucket.ReplicationRuleFilter`.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrulefilter.html}
- */
-export type S3BucketReplicationRuleFilter = {
-    And?: S3BucketReplicationRuleAndOperator;
     Prefix?: string;
     /**
-     * Tags to use to identify a subset of objects for an Amazon S3 bucket.
+     * Specifies the schedule for generating inventory results.
      */
-    TagFilter?: S3BucketTagFilter;
+    ScheduleFrequency: "Daily" | "Weekly";
 };
 /**
  * Type definition for `AWS::S3::Bucket.ReplicationRuleAndOperator`.
  * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationruleandoperator.html}
  */
 export type S3BucketReplicationRuleAndOperator = {
-    Prefix?: string;
     TagFilters?: S3BucketTagFilter[];
+    Prefix?: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.SourceSelectionCriteria`.
- * A container that describes additional filters for identifying the source objects that you want to replicate.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-sourceselectioncriteria.html}
+ * Type definition for `AWS::S3::Bucket.VersioningConfiguration`.
+ * Describes the versioning state of an Amazon S3 bucket.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-versioningconfig.html}
  */
-export type S3BucketSourceSelectionCriteria = {
-    /**
-     * A filter that you can specify for selection for modifications on replicas.
-     */
-    ReplicaModifications?: S3BucketReplicaModifications;
+export type S3BucketVersioningConfiguration = {
     /**
-     * A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.
+     * The versioning state of the bucket.
      */
-    SseKmsEncryptedObjects?: S3BucketSseKmsEncryptedObjects;
+    Status: "Enabled" | "Suspended";
+};
+/**
+ * Type definition for `AWS::S3::Bucket.CorsConfiguration`.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html}
+ */
+export type S3BucketCorsConfiguration = {
+    CorsRules: S3BucketCorsRule[];
 };
 /**
  * Type definition for `AWS::S3::Bucket.ReplicaModifications`.
@@ -117409,133 +118408,88 @@ export type S3BucketReplicaModifications = {
     Status: "Enabled" | "Disabled";
 };
 /**
- * Type definition for `AWS::S3::Bucket.SseKmsEncryptedObjects`.
- * A container for filter information for the selection of S3 objects encrypted with AWS KMS.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ssekmsencryptedobjects.html}
- */
-export type S3BucketSseKmsEncryptedObjects = {
-    /**
-     * Specifies whether Amazon S3 replicates objects created with server-side encryption using a customer master key (CMK) stored in AWS Key Management Service.
-     */
-    Status: "Disabled" | "Enabled";
-};
-/**
- * Type definition for `AWS::S3::Bucket.Tag`.
+ * Type definition for `AWS::S3::Bucket.NoncurrentVersionExpiration`.
+ * Container for the expiration rule that describes when noncurrent objects are expired. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 expire noncurrent object versions at a specific period in the object's lifetime
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule-noncurrentversionexpiration.html}
  */
-export type S3BucketTag = {
-    /**
-     * @minLength `1`
-     * @maxLength `128`
-     */
-    Key: string;
+export type S3BucketNoncurrentVersionExpiration = {
     /**
-     * @minLength `1`
-     * @maxLength `256`
+     * Specified the number of days an object is noncurrent before Amazon S3 can perform the associated action
      */
-    Value: string;
-};
-/**
- * Type definition for `AWS::S3::Bucket.VersioningConfiguration`.
- * Describes the versioning state of an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-versioningconfig.html}
- */
-export type S3BucketVersioningConfiguration = {
+    NoncurrentDays: number;
     /**
-     * The versioning state of the bucket.
+     * Specified the number of newer noncurrent and current versions that must exists before performing the associated action
      */
-    Status: "Enabled" | "Suspended";
+    NewerNoncurrentVersions?: number;
 };
 /**
- * Type definition for `AWS::S3::Bucket.WebsiteConfiguration`.
- * Specifies website configuration parameters for an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration.html}
+ * Type definition for `AWS::S3::Bucket.QueueConfiguration`.
+ * The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-queueconfig.html}
  */
-export type S3BucketWebsiteConfiguration = {
+export type S3BucketQueueConfiguration = {
     /**
-     * The name of the error document for the website.
+     * The filtering rules that determine which objects trigger notifications.
      */
-    ErrorDocument?: string;
+    Filter?: S3BucketNotificationFilter;
     /**
-     * The name of the index document for the website.
+     * The Amazon S3 bucket event about which you want to publish messages to Amazon SQS.
      */
-    IndexDocument?: string;
-    RoutingRules?: S3BucketRoutingRule[];
+    Event: string;
     /**
-     * Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.
+     * The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type.
      */
-    RedirectAllRequestsTo?: S3BucketRedirectAllRequestsTo;
+    Queue: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.RoutingRule`.
- * Specifies the redirect behavior and when a redirect is applied.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html}
+ * Type definition for `AWS::S3::Bucket.Transition`.
+ * You must specify at least one of "TransitionDate" and "TransitionInDays"
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule-transition.html}
  */
-export type S3BucketRoutingRule = {
-    /**
-     * Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
-     */
-    RedirectRule: S3BucketRedirectRule;
+export type S3BucketTransition = {
     /**
-     * A container for describing a condition that must be met for the specified redirect to apply.You must specify at least one of HttpErrorCodeReturnedEquals and KeyPrefixEquals
+     * The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)
+     * @pattern `^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$`
      */
-    RoutingRuleCondition?: S3BucketRoutingRuleCondition;
+    TransitionDate?: string;
+    StorageClass: "DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA";
+    TransitionInDays?: number;
 };
 /**
- * Type definition for `AWS::S3::Bucket.RedirectRule`.
- * Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules-redirectrule.html}
+ * Type definition for `AWS::S3::Bucket.SseKmsEncryptedObjects`.
+ * A container for filter information for the selection of S3 objects encrypted with AWS KMS.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ssekmsencryptedobjects.html}
  */
-export type S3BucketRedirectRule = {
-    /**
-     * The host name to use in the redirect request.
-     */
-    HostName?: string;
-    /**
-     * The HTTP redirect code to use on the response. Not required if one of the siblings is present.
-     */
-    HttpRedirectCode?: string;
-    /**
-     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
-     */
-    Protocol?: "http" | "https";
-    /**
-     * The object key prefix to use in the redirect request.
-     */
-    ReplaceKeyPrefixWith?: string;
+export type S3BucketSseKmsEncryptedObjects = {
     /**
-     * The specific object key to use in the redirect request.d
+     * Specifies whether Amazon S3 replicates objects created with server-side encryption using a customer master key (CMK) stored in AWS Key Management Service.
      */
-    ReplaceKeyWith?: string;
+    Status: "Disabled" | "Enabled";
 };
 /**
- * Type definition for `AWS::S3::Bucket.RoutingRuleCondition`.
- * A container for describing a condition that must be met for the specified redirect to apply.You must specify at least one of HttpErrorCodeReturnedEquals and KeyPrefixEquals
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules-routingrulecondition.html}
+ * Type definition for `AWS::S3::Bucket.Tag`.
  */
-export type S3BucketRoutingRuleCondition = {
+export type S3BucketTag = {
     /**
-     * The object key name prefix when the redirect is applied.
+     * @maxLength `256`
      */
-    KeyPrefixEquals?: string;
+    Value: string;
     /**
-     * The HTTP error code when the redirect is applied.
+     * @minLength `1`
+     * @maxLength `128`
      */
-    HttpErrorCodeReturnedEquals?: string;
+    Key: string;
 };
 /**
- * Type definition for `AWS::S3::Bucket.RedirectAllRequestsTo`.
- * Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.
- * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-redirectallrequeststo.html}
+ * Type definition for `AWS::S3::Bucket.AbortIncompleteMultipartUpload`.
+ * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.
+ * @see {@link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-abortincompletemultipartupload.html}
  */
-export type S3BucketRedirectAllRequestsTo = {
-    /**
-     * Name of the host where requests are redirected.
-     */
-    HostName: string;
+export type S3BucketAbortIncompleteMultipartUpload = {
     /**
-     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
+     * Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.
      */
-    Protocol?: "http" | "https";
+    DaysAfterInitiation: number;
 };
 /**
  * Type definition for `AWS::S3::BucketPolicy`.
@@ -118007,6 +118961,169 @@ export type S3StorageLensStorageLensConfiguration = {
      */
     StorageLensArn?: string;
 };
+/**
+ * Type definition for `AWS::S3::StorageLensGroup`.
+ * The AWS::S3::StorageLensGroup resource is an Amazon S3 resource type that you can use to create Storage Lens Group.
+ */
+export type S3StorageLensGroupProps = {
+    /**
+     * The name that identifies the Amazon S3 Storage Lens Group.
+     * @minLength `1`
+     * @maxLength `64`
+     * @pattern `^[a-zA-Z0-9\-_]+$`
+     */
+    Name: string;
+    /**
+     * Sets the Storage Lens Group filter.
+     */
+    Filter: S3StorageLensGroupFilter;
+    /**
+     * A set of tags (key-value pairs) for this Amazon S3 Storage Lens Group.
+     */
+    Tags?: S3StorageLensGroupTag[];
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup`.
+ * The AWS::S3::StorageLensGroup resource is an Amazon S3 resource type that you can use to create Storage Lens Group.
+ */
+export type S3StorageLensGroupAttributes = {
+    /**
+     * The ARN for the Amazon S3 Storage Lens Group.
+     */
+    StorageLensGroupArn: string;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.MatchObjectAge`.
+ * Filter to match all of the specified values for the minimum and maximum object age.
+ */
+export type S3StorageLensGroupMatchObjectAge = {
+    /**
+     * Minimum object age to which the rule applies.
+     * @min `1`
+     */
+    DaysGreaterThan?: number;
+    /**
+     * Maximum object age to which the rule applies.
+     * @min `1`
+     */
+    DaysLessThan?: number;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.MatchObjectSize`.
+ * Filter to match all of the specified values for the minimum and maximum object size.
+ */
+export type S3StorageLensGroupMatchObjectSize = {
+    /**
+     * Minimum object size to which the rule applies.
+     * @min `1`
+     */
+    BytesGreaterThan?: number;
+    /**
+     * Maximum object size to which the rule applies.
+     * @min `1`
+     */
+    BytesLessThan?: number;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.And`.
+ * The Storage Lens group will include objects that match all of the specified filter values.
+ */
+export type S3StorageLensGroupAnd = {
+    /**
+     * Filter to match any of the specified prefixes.
+     */
+    MatchAnyPrefix?: string[];
+    /**
+     * Filter to match any of the specified suffixes.
+     */
+    MatchAnySuffix?: string[];
+    /**
+     * Filter to match any of the specified object tags.
+     */
+    MatchAnyTag?: S3StorageLensGroupTag[];
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object size.
+     */
+    MatchObjectSize?: S3StorageLensGroupMatchObjectSize;
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object age.
+     */
+    MatchObjectAge?: S3StorageLensGroupMatchObjectAge;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.Or`.
+ * The Storage Lens group will include objects that match any of the specified filter values.
+ */
+export type S3StorageLensGroupOr = {
+    /**
+     * Filter to match any of the specified prefixes.
+     */
+    MatchAnyPrefix?: string[];
+    /**
+     * Filter to match any of the specified suffixes.
+     */
+    MatchAnySuffix?: string[];
+    /**
+     * Filter to match any of the specified object tags.
+     */
+    MatchAnyTag?: S3StorageLensGroupTag[];
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object size.
+     */
+    MatchObjectSize?: S3StorageLensGroupMatchObjectSize;
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object age.
+     */
+    MatchObjectAge?: S3StorageLensGroupMatchObjectAge;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.Filter`.
+ * Sets the Storage Lens Group filter.
+ */
+export type S3StorageLensGroupFilter = {
+    /**
+     * Filter to match any of the specified prefixes.
+     */
+    MatchAnyPrefix?: string[];
+    /**
+     * Filter to match any of the specified suffixes.
+     */
+    MatchAnySuffix?: string[];
+    /**
+     * Filter to match any of the specified object tags.
+     */
+    MatchAnyTag?: S3StorageLensGroupTag[];
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object size.
+     */
+    MatchObjectSize?: S3StorageLensGroupMatchObjectSize;
+    /**
+     * Filter to match all of the specified values for the minimum and maximum object age.
+     */
+    MatchObjectAge?: S3StorageLensGroupMatchObjectAge;
+    /**
+     * The Storage Lens group will include objects that match all of the specified filter values.
+     */
+    And?: S3StorageLensGroupAnd;
+    /**
+     * The Storage Lens group will include objects that match any of the specified filter values.
+     */
+    Or?: S3StorageLensGroupOr;
+};
+/**
+ * Type definition for `AWS::S3::StorageLensGroup.Tag`.
+ */
+export type S3StorageLensGroupTag = {
+    /**
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * @maxLength `256`
+     */
+    Value: string;
+};
 /**
  * Type definition for `AWS::S3ObjectLambda::AccessPoint`.
  * The AWS::S3ObjectLambda::AccessPoint resource is an Amazon S3ObjectLambda resource type that you can use to add computation to S3 actions
@@ -138142,6 +139259,7 @@ export interface ResourceTypes {
     "AWS::ImageBuilder::ImagePipeline": ImageBuilderImagePipelineProps;
     "AWS::ImageBuilder::ImageRecipe": ImageBuilderImageRecipeProps;
     "AWS::ImageBuilder::InfrastructureConfiguration": ImageBuilderInfrastructureConfigurationProps;
+    "AWS::ImageBuilder::LifecyclePolicy": ImageBuilderLifecyclePolicyProps;
     "AWS::Inspector::AssessmentTarget": InspectorAssessmentTargetProps;
     "AWS::Inspector::AssessmentTemplate": InspectorAssessmentTemplateProps;
     "AWS::Inspector::ResourceGroup": InspectorResourceGroupProps;
@@ -138382,6 +139500,7 @@ export interface ResourceTypes {
     "AWS::Omics::Workflow": OmicsWorkflowProps;
     "AWS::OpenSearchServerless::AccessPolicy": OpenSearchServerlessAccessPolicyProps;
     "AWS::OpenSearchServerless::Collection": OpenSearchServerlessCollectionProps;
+    "AWS::OpenSearchServerless::LifecyclePolicy": OpenSearchServerlessLifecyclePolicyProps;
     "AWS::OpenSearchServerless::SecurityConfig": OpenSearchServerlessSecurityConfigProps;
     "AWS::OpenSearchServerless::SecurityPolicy": OpenSearchServerlessSecurityPolicyProps;
     "AWS::OpenSearchServerless::VpcEndpoint": OpenSearchServerlessVpcEndpointProps;
@@ -138531,6 +139650,7 @@ export interface ResourceTypes {
     "AWS::S3::MultiRegionAccessPoint": S3MultiRegionAccessPointProps;
     "AWS::S3::MultiRegionAccessPointPolicy": S3MultiRegionAccessPointPolicyProps;
     "AWS::S3::StorageLens": S3StorageLensProps;
+    "AWS::S3::StorageLensGroup": S3StorageLensGroupProps;
     "AWS::S3ObjectLambda::AccessPoint": S3ObjectLambdaAccessPointProps;
     "AWS::S3ObjectLambda::AccessPointPolicy": S3ObjectLambdaAccessPointPolicyProps;
     "AWS::S3Outposts::AccessPoint": S3OutpostsAccessPointProps;
@@ -139236,6 +140356,7 @@ export interface AttributeTypes {
     "AWS::ImageBuilder::ImagePipeline": ImageBuilderImagePipelineAttributes;
     "AWS::ImageBuilder::ImageRecipe": ImageBuilderImageRecipeAttributes;
     "AWS::ImageBuilder::InfrastructureConfiguration": ImageBuilderInfrastructureConfigurationAttributes;
+    "AWS::ImageBuilder::LifecyclePolicy": ImageBuilderLifecyclePolicyAttributes;
     "AWS::Inspector::AssessmentTarget": InspectorAssessmentTargetAttributes;
     "AWS::Inspector::AssessmentTemplate": InspectorAssessmentTemplateAttributes;
     "AWS::Inspector::ResourceGroup": InspectorResourceGroupAttributes;
@@ -139586,6 +140707,7 @@ export interface AttributeTypes {
     "AWS::S3::MultiRegionAccessPoint": S3MultiRegionAccessPointAttributes;
     "AWS::S3::MultiRegionAccessPointPolicy": S3MultiRegionAccessPointPolicyAttributes;
     "AWS::S3::StorageLens": S3StorageLensAttributes;
+    "AWS::S3::StorageLensGroup": S3StorageLensGroupAttributes;
     "AWS::S3ObjectLambda::AccessPoint": S3ObjectLambdaAccessPointAttributes;
     "AWS::S3Outposts::AccessPoint": S3OutpostsAccessPointAttributes;
     "AWS::S3Outposts::Bucket": S3OutpostsBucketAttributes;
@@ -140327,6 +141449,7 @@ export declare const ResourceType: {
     readonly ImageBuilderImagePipelineProps: "AWS::ImageBuilder::ImagePipeline";
     readonly ImageBuilderImageRecipeProps: "AWS::ImageBuilder::ImageRecipe";
     readonly ImageBuilderInfrastructureConfigurationProps: "AWS::ImageBuilder::InfrastructureConfiguration";
+    readonly ImageBuilderLifecyclePolicyProps: "AWS::ImageBuilder::LifecyclePolicy";
     readonly InspectorAssessmentTargetProps: "AWS::Inspector::AssessmentTarget";
     readonly InspectorAssessmentTemplateProps: "AWS::Inspector::AssessmentTemplate";
     readonly InspectorResourceGroupProps: "AWS::Inspector::ResourceGroup";
@@ -140567,6 +141690,7 @@ export declare const ResourceType: {
     readonly OmicsWorkflowProps: "AWS::Omics::Workflow";
     readonly OpenSearchServerlessAccessPolicyProps: "AWS::OpenSearchServerless::AccessPolicy";
     readonly OpenSearchServerlessCollectionProps: "AWS::OpenSearchServerless::Collection";
+    readonly OpenSearchServerlessLifecyclePolicyProps: "AWS::OpenSearchServerless::LifecyclePolicy";
     readonly OpenSearchServerlessSecurityConfigProps: "AWS::OpenSearchServerless::SecurityConfig";
     readonly OpenSearchServerlessSecurityPolicyProps: "AWS::OpenSearchServerless::SecurityPolicy";
     readonly OpenSearchServerlessVpcEndpointProps: "AWS::OpenSearchServerless::VpcEndpoint";
@@ -140716,6 +141840,7 @@ export declare const ResourceType: {
     readonly S3MultiRegionAccessPointProps: "AWS::S3::MultiRegionAccessPoint";
     readonly S3MultiRegionAccessPointPolicyProps: "AWS::S3::MultiRegionAccessPointPolicy";
     readonly S3StorageLensProps: "AWS::S3::StorageLens";
+    readonly S3StorageLensGroupProps: "AWS::S3::StorageLensGroup";
     readonly S3ObjectLambdaAccessPointProps: "AWS::S3ObjectLambda::AccessPoint";
     readonly S3ObjectLambdaAccessPointPolicyProps: "AWS::S3ObjectLambda::AccessPointPolicy";
     readonly S3OutpostsAccessPointProps: "AWS::S3Outposts::AccessPoint";