@aws-sdk/client-cognito-identity-provider 3.624.0 → 3.625.0

package/dist-cjs/index.js

@@ -214,6 +214,7 @@ __export(src_exports, {
   MessageActionType: () => MessageActionType,
   NotAuthorizedException: () => NotAuthorizedException,
   OAuthFlowType: () => OAuthFlowType,
+  PasswordHistoryPolicyViolationException: () => PasswordHistoryPolicyViolationException,
   PasswordResetRequiredException: () => PasswordResetRequiredException,
   PreTokenGenerationLambdaVersionType: () => PreTokenGenerationLambdaVersionType,
   PreconditionNotMetException: () => PreconditionNotMetException,
@@ -1042,6 +1043,23 @@ var _ExpiredCodeException = class _ExpiredCodeException extends CognitoIdentityP
 };
 __name(_ExpiredCodeException, "ExpiredCodeException");
 var ExpiredCodeException = _ExpiredCodeException;
+var _PasswordHistoryPolicyViolationException = class _PasswordHistoryPolicyViolationException extends CognitoIdentityProviderServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "PasswordHistoryPolicyViolationException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "PasswordHistoryPolicyViolationException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _PasswordHistoryPolicyViolationException.prototype);
+  }
+};
+__name(_PasswordHistoryPolicyViolationException, "PasswordHistoryPolicyViolationException");
+var PasswordHistoryPolicyViolationException = _PasswordHistoryPolicyViolationException;
 var _SoftwareTokenMFANotFoundException = class _SoftwareTokenMFANotFoundException extends CognitoIdentityProviderServiceException {
   /**
    * @internal
@@ -1308,10 +1326,12 @@ var DomainStatusType = {
   UPDATING: "UPDATING"
 };
 var EventSourceName = {
+  USER_AUTH_EVENTS: "userAuthEvents",
   USER_NOTIFICATION: "userNotification"
 };
 var LogLevel = {
-  ERROR: "ERROR"
+  ERROR: "ERROR",
+  INFO: "INFO"
 };
 var _UnauthorizedException = class _UnauthorizedException extends CognitoIdentityProviderServiceException {
   /**
@@ -1330,40 +1350,6 @@ var _UnauthorizedException = class _UnauthorizedException extends CognitoIdentit
 };
 __name(_UnauthorizedException, "UnauthorizedException");
 var UnauthorizedException = _UnauthorizedException;
-var _UnsupportedOperationException = class _UnsupportedOperationException extends CognitoIdentityProviderServiceException {
-  /**
-   * @internal
-   */
-  constructor(opts) {
-    super({
-      name: "UnsupportedOperationException",
-      $fault: "client",
-      ...opts
-    });
-    this.name = "UnsupportedOperationException";
-    this.$fault = "client";
-    Object.setPrototypeOf(this, _UnsupportedOperationException.prototype);
-  }
-};
-__name(_UnsupportedOperationException, "UnsupportedOperationException");
-var UnsupportedOperationException = _UnsupportedOperationException;
-var _UnsupportedTokenTypeException = class _UnsupportedTokenTypeException extends CognitoIdentityProviderServiceException {
-  /**
-   * @internal
-   */
-  constructor(opts) {
-    super({
-      name: "UnsupportedTokenTypeException",
-      $fault: "client",
-      ...opts
-    });
-    this.name = "UnsupportedTokenTypeException";
-    this.$fault = "client";
-    Object.setPrototypeOf(this, _UnsupportedTokenTypeException.prototype);
-  }
-};
-__name(_UnsupportedTokenTypeException, "UnsupportedTokenTypeException");
-var UnsupportedTokenTypeException = _UnsupportedTokenTypeException;
 var AdminAddUserToGroupRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.Username && { Username: import_smithy_client.SENSITIVE_STRING }
@@ -1724,6 +1710,40 @@ var RevokeTokenRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
 
 // src/models/models_1.ts
 
+var _UnsupportedOperationException = class _UnsupportedOperationException extends CognitoIdentityProviderServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "UnsupportedOperationException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "UnsupportedOperationException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _UnsupportedOperationException.prototype);
+  }
+};
+__name(_UnsupportedOperationException, "UnsupportedOperationException");
+var UnsupportedOperationException = _UnsupportedOperationException;
+var _UnsupportedTokenTypeException = class _UnsupportedTokenTypeException extends CognitoIdentityProviderServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "UnsupportedTokenTypeException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "UnsupportedTokenTypeException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _UnsupportedTokenTypeException.prototype);
+  }
+};
+__name(_UnsupportedTokenTypeException, "UnsupportedTokenTypeException");
+var UnsupportedTokenTypeException = _UnsupportedTokenTypeException;
 var _EnableSoftwareTokenMFAException = class _EnableSoftwareTokenMFAException extends CognitoIdentityProviderServiceException {
   /**
    * @internal
@@ -3838,6 +3858,9 @@ var de_CommandError = /* @__PURE__ */ __name(async (output, context) => {
     case "ExpiredCodeException":
     case "com.amazonaws.cognitoidentityprovider#ExpiredCodeException":
       throw await de_ExpiredCodeExceptionRes(parsedOutput, context);
+    case "PasswordHistoryPolicyViolationException":
+    case "com.amazonaws.cognitoidentityprovider#PasswordHistoryPolicyViolationException":
+      throw await de_PasswordHistoryPolicyViolationExceptionRes(parsedOutput, context);
     case "SoftwareTokenMFANotFoundException":
     case "com.amazonaws.cognitoidentityprovider#SoftwareTokenMFANotFoundException":
       throw await de_SoftwareTokenMFANotFoundExceptionRes(parsedOutput, context);
@@ -4075,6 +4098,15 @@ var de_NotAuthorizedExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, c
   });
   return (0, import_smithy_client.decorateServiceException)(exception, body);
 }, "de_NotAuthorizedExceptionRes");
+var de_PasswordHistoryPolicyViolationExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = (0, import_smithy_client._json)(body);
+  const exception = new PasswordHistoryPolicyViolationException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_PasswordHistoryPolicyViolationExceptionRes");
 var de_PasswordResetRequiredExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
   const body = parsedOutput.body;
   const deserialized = (0, import_smithy_client._json)(body);
@@ -6665,6 +6697,7 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   InvalidEmailRoleAccessPolicyException,
   CodeMismatchException,
   ExpiredCodeException,
+  PasswordHistoryPolicyViolationException,
   SoftwareTokenMFANotFoundException,
   DeviceRememberedStatusType,
   AdvancedSecurityModeType,
@@ -6699,8 +6732,6 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   EventSourceName,
   LogLevel,
   UnauthorizedException,
-  UnsupportedOperationException,
-  UnsupportedTokenTypeException,
   AdminAddUserToGroupRequestFilterSensitiveLog,
   AdminConfirmSignUpRequestFilterSensitiveLog,
   AttributeTypeFilterSensitiveLog,
@@ -6775,6 +6806,8 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   RespondToAuthChallengeRequestFilterSensitiveLog,
   RespondToAuthChallengeResponseFilterSensitiveLog,
   RevokeTokenRequestFilterSensitiveLog,
+  UnsupportedOperationException,
+  UnsupportedTokenTypeException,
   EnableSoftwareTokenMFAException,
   VerifySoftwareTokenResponseType,
   SetRiskConfigurationRequestFilterSensitiveLog,

package/dist-es/models/models_0.js

@@ -426,6 +426,18 @@ export class ExpiredCodeException extends __BaseException {
         Object.setPrototypeOf(this, ExpiredCodeException.prototype);
     }
 }
+export class PasswordHistoryPolicyViolationException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "PasswordHistoryPolicyViolationException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "PasswordHistoryPolicyViolationException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, PasswordHistoryPolicyViolationException.prototype);
+    }
+}
 export class SoftwareTokenMFANotFoundException extends __BaseException {
     constructor(opts) {
         super({
@@ -647,10 +659,12 @@ export const DomainStatusType = {
     UPDATING: "UPDATING",
 };
 export const EventSourceName = {
+    USER_AUTH_EVENTS: "userAuthEvents",
     USER_NOTIFICATION: "userNotification",
 };
 export const LogLevel = {
     ERROR: "ERROR",
+    INFO: "INFO",
 };
 export class UnauthorizedException extends __BaseException {
     constructor(opts) {
@@ -664,30 +678,6 @@ export class UnauthorizedException extends __BaseException {
         Object.setPrototypeOf(this, UnauthorizedException.prototype);
     }
 }
-export class UnsupportedOperationException extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "UnsupportedOperationException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "UnsupportedOperationException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, UnsupportedOperationException.prototype);
-    }
-}
-export class UnsupportedTokenTypeException extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "UnsupportedTokenTypeException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "UnsupportedTokenTypeException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, UnsupportedTokenTypeException.prototype);
-    }
-}
 export const AdminAddUserToGroupRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.Username && { Username: SENSITIVE_STRING }),

package/dist-es/models/models_1.js

@@ -1,6 +1,30 @@
 import { SENSITIVE_STRING } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "./CognitoIdentityProviderServiceException";
 import { AttributeTypeFilterSensitiveLog, RiskConfigurationTypeFilterSensitiveLog, UICustomizationTypeFilterSensitiveLog, UserPoolClientTypeFilterSensitiveLog, } from "./models_0";
+export class UnsupportedOperationException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "UnsupportedOperationException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "UnsupportedOperationException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, UnsupportedOperationException.prototype);
+    }
+}
+export class UnsupportedTokenTypeException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "UnsupportedTokenTypeException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "UnsupportedTokenTypeException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, UnsupportedTokenTypeException.prototype);
+    }
+}
 export class EnableSoftwareTokenMFAException extends __BaseException {
     constructor(opts) {
         super({

package/dist-es/protocols/Aws_json1_1.js

@@ -2,8 +2,8 @@ import { loadRestJsonErrorCode, parseJsonBody as parseBody, parseJsonErrorBody a
 import { HttpRequest as __HttpRequest } from "@smithy/protocol-http";
 import { _json, collectBody, decorateServiceException as __decorateServiceException, expectBoolean as __expectBoolean, expectInt32 as __expectInt32, expectLong as __expectLong, expectNonNull as __expectNonNull, expectNumber as __expectNumber, expectString as __expectString, parseEpochTimestamp as __parseEpochTimestamp, take, withBaseException, } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "../models/CognitoIdentityProviderServiceException";
-import { AliasExistsException, CodeDeliveryFailureException, CodeMismatchException, ConcurrentModificationException, DuplicateProviderException, ExpiredCodeException, ForbiddenException, GroupExistsException, InternalErrorException, InvalidEmailRoleAccessPolicyException, InvalidLambdaResponseException, InvalidOAuthFlowException, InvalidParameterException, InvalidPasswordException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidUserPoolConfigurationException, LimitExceededException, MFAMethodNotFoundException, NotAuthorizedException, PasswordResetRequiredException, PreconditionNotMetException, ResourceNotFoundException, ScopeDoesNotExistException, SoftwareTokenMFANotFoundException, TooManyFailedAttemptsException, TooManyRequestsException, UnauthorizedException, UnexpectedLambdaException, UnsupportedIdentityProviderException, UnsupportedOperationException, UnsupportedTokenTypeException, UnsupportedUserStateException, UserImportInProgressException, UserLambdaValidationException, UsernameExistsException, UserNotConfirmedException, UserNotFoundException, UserPoolAddOnNotEnabledException, UserPoolTaggingException, } from "../models/models_0";
-import { EnableSoftwareTokenMFAException, } from "../models/models_1";
+import { AliasExistsException, CodeDeliveryFailureException, CodeMismatchException, ConcurrentModificationException, DuplicateProviderException, ExpiredCodeException, ForbiddenException, GroupExistsException, InternalErrorException, InvalidEmailRoleAccessPolicyException, InvalidLambdaResponseException, InvalidOAuthFlowException, InvalidParameterException, InvalidPasswordException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidUserPoolConfigurationException, LimitExceededException, MFAMethodNotFoundException, NotAuthorizedException, PasswordHistoryPolicyViolationException, PasswordResetRequiredException, PreconditionNotMetException, ResourceNotFoundException, ScopeDoesNotExistException, SoftwareTokenMFANotFoundException, TooManyFailedAttemptsException, TooManyRequestsException, UnauthorizedException, UnexpectedLambdaException, UnsupportedIdentityProviderException, UnsupportedUserStateException, UserImportInProgressException, UserLambdaValidationException, UsernameExistsException, UserNotConfirmedException, UserNotFoundException, UserPoolAddOnNotEnabledException, UserPoolTaggingException, } from "../models/models_0";
+import { EnableSoftwareTokenMFAException, UnsupportedOperationException, UnsupportedTokenTypeException, } from "../models/models_1";
 export const se_AddCustomAttributesCommand = async (input, context) => {
     const headers = sharedHeaders("AddCustomAttributes");
     let body;
@@ -2019,6 +2019,9 @@ const de_CommandError = async (output, context) => {
         case "ExpiredCodeException":
         case "com.amazonaws.cognitoidentityprovider#ExpiredCodeException":
             throw await de_ExpiredCodeExceptionRes(parsedOutput, context);
+        case "PasswordHistoryPolicyViolationException":
+        case "com.amazonaws.cognitoidentityprovider#PasswordHistoryPolicyViolationException":
+            throw await de_PasswordHistoryPolicyViolationExceptionRes(parsedOutput, context);
         case "SoftwareTokenMFANotFoundException":
         case "com.amazonaws.cognitoidentityprovider#SoftwareTokenMFANotFoundException":
             throw await de_SoftwareTokenMFANotFoundExceptionRes(parsedOutput, context);
@@ -2256,6 +2259,15 @@ const de_NotAuthorizedExceptionRes = async (parsedOutput, context) => {
     });
     return __decorateServiceException(exception, body);
 };
+const de_PasswordHistoryPolicyViolationExceptionRes = async (parsedOutput, context) => {
+    const body = parsedOutput.body;
+    const deserialized = _json(body);
+    const exception = new PasswordHistoryPolicyViolationException({
+        $metadata: deserializeMetadata(parsedOutput),
+        ...deserialized,
+    });
+    return __decorateServiceException(exception, body);
+};
 const de_PasswordResetRequiredExceptionRes = async (parsedOutput, context) => {
     const body = parsedOutput.body;
     const deserialized = _json(body);

package/dist-types/CognitoIdentityProvider.d.ts

@@ -727,7 +727,7 @@ export interface CognitoIdentityProvider {
 /**
  * <p>With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To
  *             authenticate users from third-party identity providers (IdPs) in this API, you can
- *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html">link IdP users to native user profiles</a>. Learn more
+ *             <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html">link IdP users to native user profiles</a>. Learn more
  *             about the authentication and authorization of federated users at <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Adding user pool sign-in through a third party</a> and in the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-userpools-server-contract-reference.html">User pool federation endpoints and hosted UI reference</a>.</p>
  *          <p>This API reference provides detailed information about API operations and object types
  *             in Amazon Cognito.</p>
@@ -759,7 +759,7 @@ export interface CognitoIdentityProvider {
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/index.html#cli-aws-cognito-idp">Amazon Web Services
- *                         Command Line Interface</a>
+ *                     Command Line Interface</a>
  *                </p>
  *             </li>
  *             <li>
@@ -785,13 +785,13 @@ export interface CognitoIdentityProvider {
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html">Amazon Web Services
- *                         SDK for JavaScript</a>
+ *                     SDK for JavaScript</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-cognito-idp-2016-04-18.html">Amazon Web Services SDK for PHP
- *                         V3</a>
+ *                     V3</a>
  *                </p>
  *             </li>
  *             <li>
@@ -802,7 +802,7 @@ export interface CognitoIdentityProvider {
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CognitoIdentityProvider/Client.html">Amazon Web Services SDK
- *                         for Ruby V3</a>
+ *                     for Ruby V3</a>
  *                </p>
  *             </li>
  *          </ul>

package/dist-types/CognitoIdentityProviderClient.d.ts

@@ -256,7 +256,7 @@ export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIden
 /**
  * <p>With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To
  *             authenticate users from third-party identity providers (IdPs) in this API, you can
- *                 <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html">link IdP users to native user profiles</a>. Learn more
+ *             <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html">link IdP users to native user profiles</a>. Learn more
  *             about the authentication and authorization of federated users at <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html">Adding user pool sign-in through a third party</a> and in the <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-userpools-server-contract-reference.html">User pool federation endpoints and hosted UI reference</a>.</p>
  *          <p>This API reference provides detailed information about API operations and object types
  *             in Amazon Cognito.</p>
@@ -288,7 +288,7 @@ export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIden
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/index.html#cli-aws-cognito-idp">Amazon Web Services
- *                         Command Line Interface</a>
+ *                     Command Line Interface</a>
  *                </p>
  *             </li>
  *             <li>
@@ -314,13 +314,13 @@ export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIden
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html">Amazon Web Services
- *                         SDK for JavaScript</a>
+ *                     SDK for JavaScript</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-cognito-idp-2016-04-18.html">Amazon Web Services SDK for PHP
- *                         V3</a>
+ *                     V3</a>
  *                </p>
  *             </li>
  *             <li>
@@ -331,7 +331,7 @@ export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIden
  *             <li>
  *                <p>
  *                   <a href="https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CognitoIdentityProvider/Client.html">Amazon Web Services SDK
- *                         for Ruby V3</a>
+ *                     for Ruby V3</a>
  *                </p>
  *             </li>
  *          </ul>

package/dist-types/commands/AdminConfirmSignUpCommand.d.ts

@@ -27,15 +27,12 @@ declare const AdminConfirmSignUpCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>This IAM-authenticated API operation provides a code that Amazon Cognito sent to your user
- *             when they signed up in your user pool. After your user enters their code, they confirm
- *             ownership of the email address or phone number that they provided, and their user
- *             account becomes active. Depending on your user pool configuration, your users will
- *             receive their confirmation code in an email or SMS message.</p>
- *          <p>Local users who signed up in your user pool are the only type of user who can confirm
- *             sign-up with a code. Users who federate through an external identity provider (IdP) have
- *             already been confirmed by their IdP. Administrator-created users confirm their accounts
- *             when they respond to their invitation email message and choose a password.</p>
+ * <p>This IAM-authenticated API operation confirms user sign-up as an administrator.
+ *             Unlike <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html">ConfirmSignUp</a>, your IAM credentials authorize user account confirmation.
+ *             No confirmation code is required.</p>
+ *          <p>This request sets a user account active in a user pool that <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#signing-up-users-in-your-app-and-confirming-them-as-admin">requires confirmation of new user accounts</a> before they can sign in. You can
+ *             configure your user pool to not send confirmation codes to new users and instead confirm
+ *             them with this API operation on the back end.</p>
  *          <note>
  *             <p>Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For
  *     this operation, you must use IAM credentials to authorize requests, and you must

package/dist-types/commands/AdminCreateUserCommand.d.ts

@@ -161,7 +161,7 @@ declare const AdminCreateUserCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link NotAuthorizedException} (client fault)

package/dist-types/commands/AdminInitiateAuthCommand.d.ts

@@ -143,7 +143,7 @@ declare const AdminInitiateAuthCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link InvalidUserPoolConfigurationException} (client fault)

package/dist-types/commands/AdminResetUserPasswordCommand.d.ts

@@ -122,7 +122,7 @@ declare const AdminResetUserPasswordCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link LimitExceededException} (client fault)

package/dist-types/commands/AdminRespondToAuthChallengeCommand.d.ts

@@ -167,7 +167,7 @@ declare const AdminRespondToAuthChallengeCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link InvalidUserPoolConfigurationException} (client fault)
@@ -180,6 +180,10 @@ declare const AdminRespondToAuthChallengeCommand_base: {
  * @throws {@link NotAuthorizedException} (client fault)
  *  <p>This exception is thrown when a user isn't authorized.</p>
  *
+ * @throws {@link PasswordHistoryPolicyViolationException} (client fault)
+ *  <p>The message returned when a user's new password matches a previous password and
+ *             doesn't comply with the password-history policy.</p>
+ *
  * @throws {@link PasswordResetRequiredException} (client fault)
  *  <p>This exception is thrown when a password reset is required.</p>
  *

package/dist-types/commands/AdminSetUserPasswordCommand.d.ts

@@ -105,6 +105,10 @@ declare const AdminSetUserPasswordCommand_base: {
  * @throws {@link NotAuthorizedException} (client fault)
  *  <p>This exception is thrown when a user isn't authorized.</p>
  *
+ * @throws {@link PasswordHistoryPolicyViolationException} (client fault)
+ *  <p>The message returned when a user's new password matches a previous password and
+ *             doesn't comply with the password-history policy.</p>
+ *
  * @throws {@link ResourceNotFoundException} (client fault)
  *  <p>This exception is thrown when the Amazon Cognito service can't find the requested
  *             resource.</p>

package/dist-types/commands/AdminUpdateUserAttributesCommand.d.ts

@@ -130,7 +130,7 @@ declare const AdminUpdateUserAttributesCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link NotAuthorizedException} (client fault)

package/dist-types/commands/AssociateSoftwareTokenCommand.d.ts

@@ -38,8 +38,8 @@ declare const AssociateSoftwareTokenCommand_base: {
  *                 token and your user pool doesn't require MFA, the user can then authenticate with
  *                 user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito
  *                 generates an <code>MFA_SETUP</code> or <code>SOFTWARE_TOKEN_SETUP</code> challenge
- *                 each time your user signs. Complete setup with <code>AssociateSoftwareToken</code>
- *                 and <code>VerifySoftwareToken</code>.</p>
+ *                 each time your user signs in. Complete setup with
+ *                     <code>AssociateSoftwareToken</code> and <code>VerifySoftwareToken</code>.</p>
  *             <p>After you set up software token MFA for your user, Amazon Cognito generates a
  *                     <code>SOFTWARE_TOKEN_MFA</code> challenge when they authenticate. Respond to
  *                 this challenge with your user's TOTP.</p>

package/dist-types/commands/ChangePasswordCommand.d.ts

@@ -79,6 +79,10 @@ declare const ChangePasswordCommand_base: {
  * @throws {@link NotAuthorizedException} (client fault)
  *  <p>This exception is thrown when a user isn't authorized.</p>
  *
+ * @throws {@link PasswordHistoryPolicyViolationException} (client fault)
+ *  <p>The message returned when a user's new password matches a previous password and
+ *             doesn't comply with the password-history policy.</p>
+ *
  * @throws {@link PasswordResetRequiredException} (client fault)
  *  <p>This exception is thrown when a password reset is required.</p>
  *

package/dist-types/commands/ConfirmForgotPasswordCommand.d.ts

@@ -100,6 +100,10 @@ declare const ConfirmForgotPasswordCommand_base: {
  * @throws {@link NotAuthorizedException} (client fault)
  *  <p>This exception is thrown when a user isn't authorized.</p>
  *
+ * @throws {@link PasswordHistoryPolicyViolationException} (client fault)
+ *  <p>The message returned when a user's new password matches a previous password and
+ *             doesn't comply with the password-history policy.</p>
+ *
  * @throws {@link ResourceNotFoundException} (client fault)
  *  <p>This exception is thrown when the Amazon Cognito service can't find the requested
  *             resource.</p>

package/dist-types/commands/CreateUserPoolCommand.d.ts

@@ -84,6 +84,7 @@ declare const CreateUserPoolCommand_base: {
  *       RequireLowercase: true || false,
  *       RequireNumbers: true || false,
  *       RequireSymbols: true || false,
+ *       PasswordHistorySize: Number("int"),
  *       TemporaryPasswordValidityDays: Number("int"),
  *     },
  *   },
@@ -213,6 +214,7 @@ declare const CreateUserPoolCommand_base: {
  * //         RequireLowercase: true || false,
  * //         RequireNumbers: true || false,
  * //         RequireSymbols: true || false,
+ * //         PasswordHistorySize: Number("int"),
  * //         TemporaryPasswordValidityDays: Number("int"),
  * //       },
  * //     },
@@ -366,7 +368,7 @@ declare const CreateUserPoolCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link LimitExceededException} (client fault)

package/dist-types/commands/DescribeUserPoolCommand.d.ts

@@ -70,6 +70,7 @@ declare const DescribeUserPoolCommand_base: {
  * //         RequireLowercase: true || false,
  * //         RequireNumbers: true || false,
  * //         RequireSymbols: true || false,
+ * //         PasswordHistorySize: Number("int"),
  * //         TemporaryPasswordValidityDays: Number("int"),
  * //       },
  * //     },

package/dist-types/commands/ForgotPasswordCommand.d.ts

@@ -130,7 +130,7 @@ declare const ForgotPasswordCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link LimitExceededException} (client fault)

package/dist-types/commands/GetLogDeliveryConfigurationCommand.d.ts

@@ -27,7 +27,7 @@ declare const GetLogDeliveryConfigurationCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets the detailed activity logging configuration for a user pool.</p>
+ * <p>Gets the logging configuration of a user pool.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -44,11 +44,17 @@ declare const GetLogDeliveryConfigurationCommand_base: {
  * //     UserPoolId: "STRING_VALUE", // required
  * //     LogConfigurations: [ // LogConfigurationListType // required
  * //       { // LogConfigurationType
- * //         LogLevel: "ERROR", // required
- * //         EventSource: "userNotification", // required
+ * //         LogLevel: "ERROR" || "INFO", // required
+ * //         EventSource: "userNotification" || "userAuthEvents", // required
  * //         CloudWatchLogsConfiguration: { // CloudWatchLogsConfigurationType
  * //           LogGroupArn: "STRING_VALUE",
  * //         },
+ * //         S3Configuration: { // S3ConfigurationType
+ * //           BucketArn: "STRING_VALUE",
+ * //         },
+ * //         FirehoseConfiguration: { // FirehoseConfigurationType
+ * //           StreamArn: "STRING_VALUE",
+ * //         },
  * //       },
  * //     ],
  * //   },

package/dist-types/commands/GetUserAttributeVerificationCodeCommand.d.ts

@@ -114,7 +114,7 @@ declare const GetUserAttributeVerificationCodeCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link LimitExceededException} (client fault)

package/dist-types/commands/InitiateAuthCommand.d.ts

@@ -125,7 +125,7 @@ declare const InitiateAuthCommand_base: {
  * @throws {@link InvalidSmsRoleTrustRelationshipException} (client fault)
  *  <p>This exception is thrown when the trust relationship is not valid for the role
  *             provided for SMS configuration. This can happen if you don't trust
- *                 <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
+ *             <code>cognito-idp.amazonaws.com</code> or the external ID provided in the role does
  *             not match what is provided in the SMS configuration for the user pool.</p>
  *
  * @throws {@link InvalidUserPoolConfigurationException} (client fault)