npm - @aws-sdk/client-securityhub - Versions diffs - 3.42.0 → 3.47.0 - Mend

@aws-sdk/client-securityhub 3.42.0 → 3.47.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/CHANGELOG.md +47 -0
package/dist-cjs/endpoints.js +1 -24
package/dist-cjs/models/models_0.js +228 -263
package/dist-cjs/models/models_1.js +244 -11
package/dist-cjs/protocols/Aws_restJson1.js +1225 -74
package/dist-cjs/runtimeConfig.browser.js +7 -2
package/dist-cjs/runtimeConfig.js +9 -3
package/dist-es/endpoints.js +1 -24
package/dist-es/models/models_0.js +148 -173
package/dist-es/models/models_1.js +162 -4
package/dist-es/protocols/Aws_restJson1.js +1020 -17
package/dist-es/runtimeConfig.browser.js +12 -3
package/dist-es/runtimeConfig.js +13 -6
package/dist-types/SecurityHub.d.ts +13 -3
package/dist-types/SecurityHubClient.d.ts +5 -1
package/dist-types/commands/BatchImportFindingsCommand.d.ts +13 -2
package/dist-types/commands/CreateMembersCommand.d.ts +0 -1
package/dist-types/models/models_0.d.ts +1026 -1814
package/dist-types/models/models_1.d.ts +1681 -11
package/dist-types/runtimeConfig.browser.d.ts +3 -2
package/dist-types/runtimeConfig.d.ts +4 -3
package/dist-types/runtimeConfig.native.d.ts +1 -0
package/dist-types/ts3.4/SecurityHubClient.d.ts +3 -1
package/dist-types/ts3.4/models/models_0.d.ts +532 -837
package/dist-types/ts3.4/models/models_1.d.ts +783 -5
package/dist-types/ts3.4/runtimeConfig.browser.d.ts +3 -2
package/dist-types/ts3.4/runtimeConfig.d.ts +4 -3
package/dist-types/ts3.4/runtimeConfig.native.d.ts +1 -0
package/package.json +38 -45

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -32,12 +32,6 @@ export interface InternalException extends __SmithyException, $MetadataBearer {
     Message?: string;
     Code?: string;
 }
-export declare namespace InternalException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InternalException) => any;
-}
 /**
  * <p>There is an issue with the account used to make the request. Either Security Hub is not enabled
  *          for the account, or the account does not have permission to perform this action.</p>
@@ -48,12 +42,6 @@ export interface InvalidAccessException extends __SmithyException, $MetadataBear
     Message?: string;
     Code?: string;
 }
-export declare namespace InvalidAccessException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InvalidAccessException) => any;
-}
 /**
  * <p>The request was rejected because you supplied an invalid or out-of-range value for an
  *          input parameter.</p>
@@ -64,12 +52,6 @@ export interface InvalidInputException extends __SmithyException, $MetadataBeare
     Message?: string;
     Code?: string;
 }
-export declare namespace InvalidInputException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InvalidInputException) => any;
-}
 /**
  * <p>The request was rejected because it attempted to create resources beyond the current Amazon Web Services
  *          account or throttling limits. The error code describes the limit exceeded.</p>
@@ -80,12 +62,6 @@ export interface LimitExceededException extends __SmithyException, $MetadataBear
     Message?: string;
     Code?: string;
 }
-export declare namespace LimitExceededException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: LimitExceededException) => any;
-}
 /**
  * <p>The request was rejected because we can't find the specified resource.</p>
  */
@@ -95,12 +71,6 @@ export interface ResourceNotFoundException extends __SmithyException, $MetadataB
     Message?: string;
     Code?: string;
 }
-export declare namespace ResourceNotFoundException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: ResourceNotFoundException) => any;
-}
 export interface AcceptInvitationRequest {
     /**
      * <p>The account ID of the Security Hub administrator account that sent the invitation.</p>
@@ -134,12 +104,6 @@ export interface AccessDeniedException extends __SmithyException, $MetadataBeare
     Message?: string;
     Code?: string;
 }
-export declare namespace AccessDeniedException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AccessDeniedException) => any;
-}
 /**
  * <p>The details of an Amazon Web Services account.</p>
  */
@@ -1189,6 +1153,136 @@ export declare namespace AwsApiGatewayV2StageDetails {
      */
     const filterSensitiveLog: (obj: AwsApiGatewayV2StageDetails) => any;
 }
+/**
+ * <p>An Availability Zone for the automatic scaling group.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails {
+    /**
+     * <p>The name of the Availability Zone.</p>
+     */
+    Value?: string;
+}
+export declare namespace AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails) => any;
+}
+/**
+ * <p>Information about the instances distribution.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails {
+    /**
+     * <p>How to allocate instance types to fulfill On-Demand capacity.</p>
+     */
+    OnDemandAllocationStrategy?: string;
+    /**
+     * <p>The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances.</p>
+     */
+    OnDemandBaseCapacity?: number;
+    /**
+     * <p>The percentage of On-Demand Instances and Spot Instances for additional capacity beyond <code>OnDemandBaseCapacity</code>.</p>
+     */
+    OnDemandPercentageAboveBaseCapacity?: number;
+    /**
+     * <p>How to allocate instances across Spot Instance pools.</p>
+     */
+    SpotAllocationStrategy?: string;
+    /**
+     * <p>The number of Spot Instance pools across which to allocate your Spot Instances.</p>
+     */
+    SpotInstancePools?: number;
+    /**
+     * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance.</p>
+     */
+    SpotMaxPrice?: string;
+}
+export declare namespace AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails) => any;
+}
+/**
+ * <p>Details about the launch template to use.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification {
+    /**
+     * <p>The identifier of the launch template. You must specify either <code>LaunchTemplateId</code> or <code>LaunchTemplateName</code>.</p>
+     */
+    LaunchTemplateId?: string;
+    /**
+     * <p>The name of the launch template. You must specify either <code>LaunchTemplateId</code> or <code>LaunchTemplateName</code>.</p>
+     */
+    LaunchTemplateName?: string;
+    /**
+     * <p>Identifies the version of the launch template. You can specify a version identifier, or use the values <code>$Latest</code> or <code>$Default</code>.</p>
+     */
+    Version?: string;
+}
+export declare namespace AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification) => any;
+}
+/**
+ * <p>Property values to use to override the values in the launch template.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails {
+    /**
+     * <p>The instance type. For example, <code>m3.xlarge</code>.</p>
+     */
+    InstanceType?: string;
+    /**
+     * <p>The number of capacity units provided by the specified instance type in terms of virtual CPUs, memory, storage, throughput, or other relative performance characteristic.</p>
+     */
+    WeightedCapacity?: string;
+}
+export declare namespace AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails) => any;
+}
+/**
+ * <p>Describes a launch template and overrides for a mixed instances policy.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails {
+    /**
+     * <p>The launch template to use.</p>
+     */
+    LaunchTemplateSpecification?: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification;
+    /**
+     * <p>Property values to use to override the values in the launch template.</p>
+     */
+    Overrides?: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails[];
+}
+export declare namespace AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails) => any;
+}
+/**
+ * <p>The mixed instances policy for the automatic scaling group.</p>
+ */
+export interface AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails {
+    /**
+     * <p>The instances distribution. The instances distribution specifies the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances, and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacity.</p>
+     */
+    InstancesDistribution?: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails;
+    /**
+     * <p>The launch template to use and the instance types (overrides) to use to provision EC2 instances to fulfill On-Demand and Spot capacities.</p>
+     */
+    LaunchTemplate?: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails;
+}
+export declare namespace AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails) => any;
+}
 /**
  * <p>Provides details about an auto scaling group.</p>
  */
@@ -1217,6 +1311,14 @@ export interface AwsAutoScalingAutoScalingGroupDetails {
      *             <code>2020-03-22T13:22:13.933Z</code>.</p>
      */
     CreatedTime?: string;
+    /**
+     * <p>The mixed instances policy for the automatic scaling group.</p>
+     */
+    MixedInstancesPolicy?: AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails;
+    /**
+     * <p>The list of Availability Zones for the automatic scaling group.</p>
+     */
+    AvailabilityZones?: AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails[];
 }
 export declare namespace AwsAutoScalingAutoScalingGroupDetails {
     /**
@@ -1323,6 +1425,29 @@ export declare namespace AwsAutoScalingLaunchConfigurationInstanceMonitoringDeta
      */
     const filterSensitiveLog: (obj: AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails) => any;
 }
+/**
+ * <p>The metadata options for the instances.</p>
+ */
+export interface AwsAutoScalingLaunchConfigurationMetadataOptions {
+    /**
+     * <p>Enables or disables the HTTP metadata endpoint on your instances. By default, the metadata endpoint is enabled.</p>
+     */
+    HttpEndpoint?: string;
+    /**
+     * <p>The HTTP <code>PUT</code> response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.</p>
+     */
+    HttpPutResponseHopLimit?: number;
+    /**
+     * <p>Indicates whether token usage is <code>required</code> or <code>optional</code> for metadata requests. By default, token usage is <code>optional</code>.</p>
+     */
+    HttpTokens?: string;
+}
+export declare namespace AwsAutoScalingLaunchConfigurationMetadataOptions {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsAutoScalingLaunchConfigurationMetadataOptions) => any;
+}
 /**
  * <p>Details about a launch configuration.</p>
  */
@@ -1407,6 +1532,10 @@ export interface AwsAutoScalingLaunchConfigurationDetails {
      *          text.</p>
      */
     UserData?: string;
+    /**
+     * <p>The metadata options for the instances.</p>
+     */
+    MetadataOptions?: AwsAutoScalingLaunchConfigurationMetadataOptions;
 }
 export declare namespace AwsAutoScalingLaunchConfigurationDetails {
     /**
@@ -7540,2470 +7669,1553 @@ export declare namespace AwsLambdaLayerVersionDetails {
     const filterSensitiveLog: (obj: AwsLambdaLayerVersionDetails) => any;
 }
 /**
- * <p>Configuration options for zone awareness.</p>
+ * <p>A public subnet that Network Firewall uses for the firewall.</p>
  */
-export interface AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails {
+export interface AwsNetworkFirewallFirewallSubnetMappingsDetails {
     /**
-     * <p>The number of Availability Zones that the domain uses. Valid values are 2 and 3. The default is 2.</p>
+     * <p>The identifier of the subnet</p>
      */
-    AvailabilityZoneCount?: number;
+    SubnetId?: string;
 }
-export declare namespace AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails {
+export declare namespace AwsNetworkFirewallFirewallSubnetMappingsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails) => any;
+    const filterSensitiveLog: (obj: AwsNetworkFirewallFirewallSubnetMappingsDetails) => any;
 }
 /**
- * <p>Details about the configuration of an OpenSearch cluster.</p>
+ * <p>Details about an Network Firewall firewall.</p>
  */
-export interface AwsOpenSearchServiceDomainClusterConfigDetails {
+export interface AwsNetworkFirewallFirewallDetails {
     /**
-     * <p>The number of data nodes to use in the OpenSearch domain.</p>
+     * <p>Whether the firewall is protected from deletion. If set to <code>true</code>, then the firewall cannot be deleted.</p>
      */
-    InstanceCount?: number;
+    DeleteProtection?: boolean;
     /**
-     * <p>Whether UltraWarm is enabled.</p>
+     * <p>A description of the firewall.</p>
      */
-    WarmEnabled?: boolean;
+    Description?: string;
     /**
-     * <p>The number of UltraWarm instances.</p>
+     * <p>The ARN of the firewall.</p>
      */
-    WarmCount?: number;
+    FirewallArn?: string;
     /**
-     * <p>Whether to use a dedicated master node for the OpenSearch domain. A dedicated master node performs cluster management tasks, but does not hold data or respond to data upload requests.</p>
+     * <p>The identifier of the firewall.</p>
      */
-    DedicatedMasterEnabled?: boolean;
+    FirewallId?: string;
     /**
-     * <p>Configuration options for zone awareness. Provided if <code>ZoneAwarenessEnabled</code> is <code>true</code>.</p>
+     * <p>A descriptive name of the firewall.</p>
      */
-    ZoneAwarenessConfig?: AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails;
+    FirewallName?: string;
     /**
-     * <p>The number of instances to use for the master node. If this attribute is specified, then <code>DedicatedMasterEnabled</code> must be <code>true</code>.</p>
+     * <p>The ARN of the firewall policy.</p>
      */
-    DedicatedMasterCount?: number;
+    FirewallPolicyArn?: string;
     /**
-     * <p>The instance type for your data nodes. </p>
+     * <p>Whether the firewall is protected from a change to the firewall policy. If set to <code>true</code>, you cannot associate a different policy with the firewall.</p>
      */
-    InstanceType?: string;
+    FirewallPolicyChangeProtection?: boolean;
     /**
-     * <p>The type of UltraWarm instance.</p>
+     * <p>Whether the firewall is protected from a change to the subnet associations. If set to <code>true</code>, you cannot map different subnets to the firewall.</p>
      */
-    WarmType?: string;
+    SubnetChangeProtection?: boolean;
     /**
-     * <p>Whether to enable zone awareness for the OpenSearch domain. When zone awareness is enabled, OpenSearch Service allocates the cluster's nodes and replica index shards across Availability Zones (AZs) in the same Region. This prevents data loss and minimizes downtime if a node or data center fails.</p>
+     * <p>The public subnets that Network Firewall uses for the firewall. Each subnet must belong to a different Availability Zone.</p>
      */
-    ZoneAwarenessEnabled?: boolean;
+    SubnetMappings?: AwsNetworkFirewallFirewallSubnetMappingsDetails[];
     /**
-     * <p>The hardware configuration of the computer that hosts the dedicated master node.</p>
-     *          <p>If this attribute is specified, then <code>DedicatedMasterEnabled</code> must be <code>true</code>.
-     *       </p>
+     * <p>The identifier of the VPC where the firewall is used.</p>
      */
-    DedicatedMasterType?: string;
+    VpcId?: string;
 }
-export declare namespace AwsOpenSearchServiceDomainClusterConfigDetails {
+export declare namespace AwsNetworkFirewallFirewallDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainClusterConfigDetails) => any;
+    const filterSensitiveLog: (obj: AwsNetworkFirewallFirewallDetails) => any;
 }
 /**
- * <p>Information about additional options for the domain endpoint.</p>
+ * <p>A stateful rule group that is used by the firewall policy.</p>
  */
-export interface AwsOpenSearchServiceDomainDomainEndpointOptionsDetails {
+export interface FirewallPolicyStatefulRuleGroupReferencesDetails {
     /**
-     * <p>The ARN for the security certificate. The certificate is managed in ACM.</p>
+     * <p>The ARN of the stateful rule group.</p>
      */
-    CustomEndpointCertificateArn?: string;
+    ResourceArn?: string;
+}
+export declare namespace FirewallPolicyStatefulRuleGroupReferencesDetails {
     /**
-     * <p>Whether to enable a custom endpoint for the domain.</p>
+     * @internal
      */
-    CustomEndpointEnabled?: boolean;
+    const filterSensitiveLog: (obj: FirewallPolicyStatefulRuleGroupReferencesDetails) => any;
+}
+/**
+ * <p>Defines a CloudWatch dimension value to publish.</p>
+ */
+export interface StatelessCustomPublishMetricActionDimension {
     /**
-     * <p>Whether to require that all traffic to the domain arrive over HTTPS.</p>
+     * <p>The value to use for the custom metric dimension.</p>
      */
-    EnforceHTTPS?: boolean;
+    Value?: string;
+}
+export declare namespace StatelessCustomPublishMetricActionDimension {
     /**
-     * <p>The fully qualified URL for the custom endpoint.</p>
+     * @internal
      */
-    CustomEndpoint?: string;
+    const filterSensitiveLog: (obj: StatelessCustomPublishMetricActionDimension) => any;
+}
+/**
+ * <p>Information about metrics to publish to CloudWatch.</p>
+ */
+export interface StatelessCustomPublishMetricAction {
     /**
-     * <p>The TLS security policy to apply to the HTTPS endpoint of the OpenSearch domain.</p>
+     * <p>Defines CloudWatch dimension values to publish.</p>
      */
-    TLSSecurityPolicy?: string;
+    Dimensions?: StatelessCustomPublishMetricActionDimension[];
 }
-export declare namespace AwsOpenSearchServiceDomainDomainEndpointOptionsDetails {
+export declare namespace StatelessCustomPublishMetricAction {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainDomainEndpointOptionsDetails) => any;
+    const filterSensitiveLog: (obj: StatelessCustomPublishMetricAction) => any;
 }
 /**
- * <p>Details about the configuration for encryption at rest for the OpenSearch domain.</p>
+ * <p>The definition of a custom action that can be used for stateless packet handling.</p>
  */
-export interface AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails {
-    /**
-     * <p>Whether encryption at rest is enabled.</p>
-     */
-    Enabled?: boolean;
+export interface StatelessCustomActionDefinition {
     /**
-     * <p>The KMS key ID.</p>
+     * <p>Information about metrics to publish to CloudWatch.</p>
      */
-    KmsKeyId?: string;
+    PublishMetricAction?: StatelessCustomPublishMetricAction;
 }
-export declare namespace AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails {
+export declare namespace StatelessCustomActionDefinition {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails) => any;
+    const filterSensitiveLog: (obj: StatelessCustomActionDefinition) => any;
 }
 /**
- * <p>Configuration details for a log publishing option.</p>
+ * <p>A custom action that can be used for stateless packet handling.</p>
  */
-export interface AwsOpenSearchServiceDomainLogPublishingOption {
+export interface FirewallPolicyStatelessCustomActionsDetails {
     /**
-     * <p>The ARN of the CloudWatch Logs group to publish the logs to.</p>
+     * <p>The definition of the custom action.</p>
      */
-    CloudWatchLogsLogGroupArn?: string;
+    ActionDefinition?: StatelessCustomActionDefinition;
     /**
-     * <p>Whether the log publishing is enabled.</p>
+     * <p>The name of the custom action.</p>
      */
-    Enabled?: boolean;
+    ActionName?: string;
 }
-export declare namespace AwsOpenSearchServiceDomainLogPublishingOption {
+export declare namespace FirewallPolicyStatelessCustomActionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainLogPublishingOption) => any;
+    const filterSensitiveLog: (obj: FirewallPolicyStatelessCustomActionsDetails) => any;
 }
 /**
- * <p>Configures the CloudWatch Logs to publish for the OpenSearch domain.</p>
+ * <p>A stateless rule group that is used by the firewall policy.</p>
  */
-export interface AwsOpenSearchServiceDomainLogPublishingOptionsDetails {
-    /**
-     * <p>Configures the OpenSearch index logs publishing.</p>
-     */
-    IndexSlowLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
+export interface FirewallPolicyStatelessRuleGroupReferencesDetails {
     /**
-     * <p>Configures the OpenSearch search slow log publishing.</p>
+     * <p>The order in which to run the stateless rule group.</p>
      */
-    SearchSlowLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
+    Priority?: number;
     /**
-     * <p>Configures the OpenSearch audit logs publishing.</p>
+     * <p>The ARN of the stateless rule group.</p>
      */
-    AuditLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
+    ResourceArn?: string;
 }
-export declare namespace AwsOpenSearchServiceDomainLogPublishingOptionsDetails {
+export declare namespace FirewallPolicyStatelessRuleGroupReferencesDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainLogPublishingOptionsDetails) => any;
+    const filterSensitiveLog: (obj: FirewallPolicyStatelessRuleGroupReferencesDetails) => any;
 }
 /**
- * <p>Provides details about the configuration for node-to-node encryption.</p>
+ * <p>Defines the behavior of the firewall.</p>
  */
-export interface AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails {
+export interface FirewallPolicyDetails {
     /**
-     * <p>Whether node-to-node encryption is enabled.</p>
+     * <p>The stateful rule groups that are used in the firewall policy.</p>
      */
-    Enabled?: boolean;
+    StatefulRuleGroupReferences?: FirewallPolicyStatefulRuleGroupReferencesDetails[];
+    /**
+     * <p>The custom action definitions that are available to use in the firewall policy's <code>StatelessDefaultActions</code> setting.</p>
+     */
+    StatelessCustomActions?: FirewallPolicyStatelessCustomActionsDetails[];
+    /**
+     * <p>The actions to take on a packet if it doesn't match any of the stateless rules in the policy.</p>
+     *          <p>You must specify a standard action (<code>aws:pass</code>, <code>aws:drop</code>, <code>aws:forward_to_sfe</code>), and can optionally include a custom action from <code>StatelessCustomActions</code>.
+     *       </p>
+     */
+    StatelessDefaultActions?: string[];
+    /**
+     * <p>The actions to take on a fragmented UDP packet if it doesn't match any of the stateless rules in the policy.</p>
+     *          <p>You must specify a standard action (<code>aws:pass</code>, <code>aws:drop</code>, <code>aws:forward_to_sfe</code>), and can optionally include a custom action from <code>StatelessCustomActions</code>.
+     *       </p>
+     */
+    StatelessFragmentDefaultActions?: string[];
+    /**
+     * <p>The stateless rule groups that are used in the firewall policy.</p>
+     */
+    StatelessRuleGroupReferences?: FirewallPolicyStatelessRuleGroupReferencesDetails[];
 }
-export declare namespace AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails {
+export declare namespace FirewallPolicyDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails) => any;
+    const filterSensitiveLog: (obj: FirewallPolicyDetails) => any;
 }
 /**
- * <p>Provides information about the state of the domain relative to the latest service software.</p>
+ * <p>Details about a firewall policy. A firewall policy defines the behavior of a network firewall.</p>
  */
-export interface AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails {
+export interface AwsNetworkFirewallFirewallPolicyDetails {
     /**
-     * <p>The epoch time when the deployment window closes for required updates. After this time, OpenSearch Service schedules the software upgrade automatically.</p>
+     * <p>The firewall policy configuration.</p>
      */
-    AutomatedUpdateDate?: string;
+    FirewallPolicy?: FirewallPolicyDetails;
     /**
-     * <p>Whether a request to update the domain can be canceled.</p>
+     * <p>The ARN of the firewall policy.</p>
      */
-    Cancellable?: boolean;
+    FirewallPolicyArn?: string;
     /**
-     * <p>The version of the service software that is currently installed on the domain.</p>
+     * <p>The identifier of the firewall policy.</p>
      */
-    CurrentVersion?: string;
+    FirewallPolicyId?: string;
     /**
-     * <p>A more detailed description of the service software status.</p>
+     * <p>The name of the firewall policy.</p>
+     */
+    FirewallPolicyName?: string;
+    /**
+     * <p>A description of the firewall policy.</p>
      */
     Description?: string;
+}
+export declare namespace AwsNetworkFirewallFirewallPolicyDetails {
     /**
-     * <p>The most recent version of the service software.</p>
+     * @internal
      */
-    NewVersion?: string;
+    const filterSensitiveLog: (obj: AwsNetworkFirewallFirewallPolicyDetails) => any;
+}
+/**
+ * <p>Stateful inspection criteria for a domain list rule group.</p>
+ */
+export interface RuleGroupSourceListDetails {
     /**
-     * <p>Whether a service software update is available for the domain.</p>
+     * <p>Indicates whether to allow or deny access to the domains listed in <code>Targets</code>.</p>
      */
-    UpdateAvailable?: boolean;
+    GeneratedRulesType?: string;
     /**
-     * <p>The status of the service software update.</p>
+     * <p>The protocols that you want to inspect. Specify <code>LS_SNI</code> for HTTPS. Specify <code>HTTP_HOST</code> for HTTP. You can specify either or both.</p>
      */
-    UpdateStatus?: string;
+    TargetTypes?: string[];
     /**
-     * <p>Whether the service software update is optional.</p>
+     * <p>The domains that you want to inspect for in your traffic flows. You can provide full domain names, or use the '.' prefix as a wildcard. For example, <code>.example.com</code> matches all domains that end with <code>example.com</code>.</p>
      */
-    OptionalDeployment?: boolean;
+    Targets?: string[];
 }
-export declare namespace AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails {
+export declare namespace RuleGroupSourceListDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails) => any;
+    const filterSensitiveLog: (obj: RuleGroupSourceListDetails) => any;
 }
 /**
- * <p>Contains information that OpenSearch Service derives based on the <code>VPCOptions</code> for the domain.</p>
+ * <p>The inspection criteria for a stateful rule.</p>
  */
-export interface AwsOpenSearchServiceDomainVpcOptionsDetails {
+export interface RuleGroupSourceStatefulRulesHeaderDetails {
     /**
-     * <p>The list of security group IDs that are associated with the VPC endpoints for the domain.</p>
+     * <p>The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify <code>ANY</code>.</p>
      */
-    SecurityGroupIds?: string[];
-    /**
-     * <p>A list of subnet IDs that are associated with the VPC endpoints for the domain.</p>
-     */
-    SubnetIds?: string[];
-}
-export declare namespace AwsOpenSearchServiceDomainVpcOptionsDetails {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainVpcOptionsDetails) => any;
-}
-/**
- * <p>Information about an Amazon OpenSearch Service domain.</p>
- */
-export interface AwsOpenSearchServiceDomainDetails {
-    /**
-     * <p>The ARN of the OpenSearch Service domain.</p>
-     */
-    Arn?: string;
-    /**
-     * <p>IAM policy document that specifies the access policies for the OpenSearch Service domain.</p>
-     */
-    AccessPolicies?: string;
-    /**
-     * <p>The name of the endpoint.</p>
-     */
-    DomainName?: string;
-    /**
-     * <p>The identifier of the domain.</p>
-     */
-    Id?: string;
-    /**
-     * <p>The domain endpoint.</p>
-     */
-    DomainEndpoint?: string;
-    /**
-     * <p>The version of the domain engine.</p>
-     */
-    EngineVersion?: string;
-    /**
-     * <p>Details about the configuration for encryption at rest.</p>
-     */
-    EncryptionAtRestOptions?: AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails;
-    /**
-     * <p>Details about the configuration for node-to-node encryption.</p>
-     */
-    NodeToNodeEncryptionOptions?: AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails;
-    /**
-     * <p>Information about the status of a domain relative to the latest service software.</p>
-     */
-    ServiceSoftwareOptions?: AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails;
-    /**
-     * <p>Details about the configuration of an OpenSearch cluster.</p>
-     */
-    ClusterConfig?: AwsOpenSearchServiceDomainClusterConfigDetails;
-    /**
-     * <p>Additional options for the domain endpoint.</p>
-     */
-    DomainEndpointOptions?: AwsOpenSearchServiceDomainDomainEndpointOptionsDetails;
-    /**
-     * <p>Information that OpenSearch Service derives based on <code>VPCOptions</code> for the domain.</p>
-     */
-    VpcOptions?: AwsOpenSearchServiceDomainVpcOptionsDetails;
-    /**
-     * <p>Configures the CloudWatch Logs to publish for the OpenSearch domain.</p>
-     */
-    LogPublishingOptions?: AwsOpenSearchServiceDomainLogPublishingOptionsDetails;
-    /**
-     * <p>The domain endpoints. Used if the OpenSearch domain resides in a VPC.</p>
-     *          <p>This is a map of key-value pairs. The key is always <code>vpc</code>. The value is the endpoint.</p>
-     */
-    DomainEndpoints?: {
-        [key: string]: string;
-    };
-}
-export declare namespace AwsOpenSearchServiceDomainDetails {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainDetails) => any;
-}
-/**
- * <p>An IAM role that is associated with the Amazon RDS DB cluster.</p>
- */
-export interface AwsRdsDbClusterAssociatedRole {
-    /**
-     * <p>The ARN of the IAM role.</p>
-     */
-    RoleArn?: string;
-    /**
-     * <p>The status of the association between the IAM role and the DB cluster.</p>
-     */
-    Status?: string;
-}
-export declare namespace AwsRdsDbClusterAssociatedRole {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbClusterAssociatedRole) => any;
-}
-/**
- * <p>Information about an instance in the DB cluster.</p>
- */
-export interface AwsRdsDbClusterMember {
-    /**
-     * <p>Whether the cluster member is the primary instance for the DB cluster.</p>
-     */
-    IsClusterWriter?: boolean;
-    /**
-     * <p>Specifies the order in which an Aurora replica is promoted to the primary instance when
-     *          the existing primary instance fails.</p>
-     */
-    PromotionTier?: number;
-    /**
-     * <p>The instance identifier for this member of the DB cluster.</p>
-     */
-    DbInstanceIdentifier?: string;
-    /**
-     * <p>The status of the DB cluster parameter group for this member of the DB cluster.</p>
-     */
-    DbClusterParameterGroupStatus?: string;
-}
-export declare namespace AwsRdsDbClusterMember {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbClusterMember) => any;
-}
-/**
- * <p>Information about an option group membership for a DB cluster.</p>
- */
-export interface AwsRdsDbClusterOptionGroupMembership {
-    /**
-     * <p>The name of the DB cluster option group.</p>
-     */
-    DbClusterOptionGroupName?: string;
-    /**
-     * <p>The status of the DB cluster option group.</p>
-     */
-    Status?: string;
-}
-export declare namespace AwsRdsDbClusterOptionGroupMembership {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbClusterOptionGroupMembership) => any;
-}
-/**
- * <p>Information about an Active Directory domain membership record associated with the DB
- *          instance.</p>
- */
-export interface AwsRdsDbDomainMembership {
-    /**
-     * <p>The identifier of the Active Directory domain.</p>
-     */
-    Domain?: string;
-    /**
-     * <p>The status of the Active Directory Domain membership for the DB instance.</p>
-     */
-    Status?: string;
-    /**
-     * <p>The fully qualified domain name of the Active Directory domain.</p>
-     */
-    Fqdn?: string;
-    /**
-     * <p>The name of the IAM role to use when making API calls to the Directory Service.</p>
-     */
-    IamRoleName?: string;
-}
-export declare namespace AwsRdsDbDomainMembership {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbDomainMembership) => any;
-}
-/**
- * <p>A VPC security groups that the DB instance belongs to.</p>
- */
-export interface AwsRdsDbInstanceVpcSecurityGroup {
-    /**
-     * <p>The name of the VPC security group.</p>
-     */
-    VpcSecurityGroupId?: string;
-    /**
-     * <p>The status of the VPC security group.</p>
-     */
-    Status?: string;
-}
-export declare namespace AwsRdsDbInstanceVpcSecurityGroup {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbInstanceVpcSecurityGroup) => any;
-}
-/**
- * <p>Information about an Amazon RDS DB cluster.</p>
- */
-export interface AwsRdsDbClusterDetails {
-    /**
-     * <p>For all database engines except Aurora, specifies the allocated storage size in
-     *          gibibytes (GiB).</p>
-     */
-    AllocatedStorage?: number;
-    /**
-     * <p>A list of Availability Zones (AZs) where instances in the DB cluster can be
-     *          created.</p>
-     */
-    AvailabilityZones?: string[];
-    /**
-     * <p>The number of days for which automated backups are retained.</p>
-     */
-    BackupRetentionPeriod?: number;
-    /**
-     * <p>The name of the database.</p>
-     */
-    DatabaseName?: string;
-    /**
-     * <p>The current status of this DB cluster.</p>
-     */
-    Status?: string;
-    /**
-     * <p>The connection endpoint for the primary instance of the DB cluster.</p>
-     */
-    Endpoint?: string;
-    /**
-     * <p>The reader endpoint for the DB cluster.</p>
-     */
-    ReaderEndpoint?: string;
-    /**
-     * <p>A list of custom endpoints for the DB cluster.</p>
-     */
-    CustomEndpoints?: string[];
-    /**
-     * <p>Whether the DB cluster has instances in multiple Availability Zones.</p>
-     */
-    MultiAz?: boolean;
-    /**
-     * <p>The name of the database engine to use for this DB cluster.</p>
-     */
-    Engine?: string;
-    /**
-     * <p>The version number of the database engine to use.</p>
-     */
-    EngineVersion?: string;
-    /**
-     * <p>The port number on which the DB instances in the DB cluster accept connections.</p>
-     */
-    Port?: number;
-    /**
-     * <p>The name of the master user for the DB cluster.</p>
-     */
-    MasterUsername?: string;
-    /**
-     * <p>The range of time each day when automated backups are created, if automated backups are
-     *          enabled.</p>
-     *          <p>Uses the format <code>HH:MM-HH:MM</code>. For example, <code>04:52-05:22</code>.</p>
-     */
-    PreferredBackupWindow?: string;
-    /**
-     * <p>The weekly time range during which system maintenance can occur, in Universal
-     *          Coordinated Time (UTC).</p>
-     *          <p>Uses the format <code><day>:HH:MM-<day>:HH:MM</code>.</p>
-     *          <p>For the day values, use
-     *             <code>mon</code>|<code>tue</code>|<code>wed</code>|<code>thu</code>|<code>fri</code>|<code>sat</code>|<code>sun</code>.</p>
-     *          <p>For example, <code>sun:09:32-sun:10:02</code>.</p>
-     */
-    PreferredMaintenanceWindow?: string;
-    /**
-     * <p>The identifiers of the read replicas that are associated with this DB cluster.</p>
-     */
-    ReadReplicaIdentifiers?: string[];
-    /**
-     * <p>A list of VPC security groups that the DB cluster belongs to.</p>
-     */
-    VpcSecurityGroups?: AwsRdsDbInstanceVpcSecurityGroup[];
-    /**
-     * <p>Specifies the identifier that Amazon Route 53 assigns when you create a hosted
-     *          zone.</p>
-     */
-    HostedZoneId?: string;
-    /**
-     * <p>Whether the DB cluster is encrypted.</p>
-     */
-    StorageEncrypted?: boolean;
-    /**
-     * <p>The ARN of the KMS master key that is used to encrypt the database instances in the
-     *          DB cluster.</p>
-     */
-    KmsKeyId?: string;
-    /**
-     * <p>The identifier of the DB cluster. The identifier must be unique within each Amazon Web Services Region
-     *          and is immutable.</p>
-     */
-    DbClusterResourceId?: string;
-    /**
-     * <p>A list of the IAM roles that are associated with the DB cluster.</p>
-     */
-    AssociatedRoles?: AwsRdsDbClusterAssociatedRole[];
-    /**
-     * <p>Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    ClusterCreateTime?: string;
-    /**
-     * <p>A list of log types that this DB cluster is configured to export to CloudWatch
-     *          Logs.</p>
-     */
-    EnabledCloudWatchLogsExports?: string[];
-    /**
-     * <p>The database engine mode of the DB cluster.</p>
-     */
-    EngineMode?: string;
-    /**
-     * <p>Whether the DB cluster has deletion protection enabled.</p>
-     */
-    DeletionProtection?: boolean;
-    /**
-     * <p>Whether the HTTP endpoint for an Aurora Serverless DB cluster is enabled.</p>
-     */
-    HttpEndpointEnabled?: boolean;
-    /**
-     * <p>The status of the database activity stream.</p>
-     */
-    ActivityStreamStatus?: string;
-    /**
-     * <p>Whether tags are copied from the DB cluster to snapshots of the DB cluster.</p>
-     */
-    CopyTagsToSnapshot?: boolean;
-    /**
-     * <p>Whether the DB cluster is a clone of a DB cluster owned by a different Amazon Web Services
-     *          account.</p>
-     */
-    CrossAccountClone?: boolean;
-    /**
-     * <p>The Active Directory domain membership records that are associated with the DB
-     *          cluster.</p>
-     */
-    DomainMemberships?: AwsRdsDbDomainMembership[];
-    /**
-     * <p>The name of the DB cluster parameter group for the DB cluster.</p>
-     */
-    DbClusterParameterGroup?: string;
-    /**
-     * <p>The subnet group that is associated with the DB cluster, including the name,
-     *          description, and subnets in the subnet group.</p>
-     */
-    DbSubnetGroup?: string;
-    /**
-     * <p>The list of option group memberships for this DB cluster.</p>
-     */
-    DbClusterOptionGroupMemberships?: AwsRdsDbClusterOptionGroupMembership[];
-    /**
-     * <p>The DB cluster identifier that the user assigned to the cluster. This identifier is the
-     *          unique key that identifies a DB cluster.</p>
-     */
-    DbClusterIdentifier?: string;
-    /**
-     * <p>The list of instances that make up the DB cluster.</p>
-     */
-    DbClusterMembers?: AwsRdsDbClusterMember[];
-    /**
-     * <p>Whether the mapping of IAM accounts to database accounts is enabled.</p>
-     */
-    IamDatabaseAuthenticationEnabled?: boolean;
-}
-export declare namespace AwsRdsDbClusterDetails {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbClusterDetails) => any;
-}
-/**
- * <p>Information about an Amazon RDS DB cluster snapshot.</p>
- */
-export interface AwsRdsDbClusterSnapshotDetails {
-    /**
-     * <p>A list of Availability Zones where instances in the DB cluster can be created.</p>
-     */
-    AvailabilityZones?: string[];
-    /**
-     * <p>Indicates when the snapshot was taken.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    SnapshotCreateTime?: string;
-    /**
-     * <p>The name of the database engine that you want to use for this DB instance.</p>
-     */
-    Engine?: string;
-    /**
-     * <p>Specifies the allocated storage size in gibibytes (GiB).</p>
-     */
-    AllocatedStorage?: number;
-    /**
-     * <p>The status of this DB cluster snapshot.</p>
-     */
-    Status?: string;
-    /**
-     * <p>The port number on which the DB instances in the DB cluster accept connections.</p>
-     */
-    Port?: number;
-    /**
-     * <p>The VPC ID that is associated with the DB cluster snapshot.</p>
-     */
-    VpcId?: string;
-    /**
-     * <p>Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    ClusterCreateTime?: string;
-    /**
-     * <p>The name of the master user for the DB cluster.</p>
-     */
-    MasterUsername?: string;
-    /**
-     * <p>The version of the database engine to use.</p>
-     */
-    EngineVersion?: string;
-    /**
-     * <p>The license model information for this DB cluster snapshot.</p>
-     */
-    LicenseModel?: string;
-    /**
-     * <p>The type of DB cluster snapshot.</p>
-     */
-    SnapshotType?: string;
-    /**
-     * <p>Specifies the percentage of the estimated data that has been transferred.</p>
-     */
-    PercentProgress?: number;
-    /**
-     * <p>Whether the DB cluster is encrypted.</p>
-     */
-    StorageEncrypted?: boolean;
-    /**
-     * <p>The ARN of the KMS master key that is used to encrypt the database instances in the
-     *          DB cluster.</p>
-     */
-    KmsKeyId?: string;
-    /**
-     * <p>The DB cluster identifier.</p>
-     */
-    DbClusterIdentifier?: string;
-    /**
-     * <p>The identifier of the DB cluster snapshot.</p>
-     */
-    DbClusterSnapshotIdentifier?: string;
-    /**
-     * <p>Whether mapping of IAM accounts to database accounts is enabled.</p>
-     */
-    IamDatabaseAuthenticationEnabled?: boolean;
-}
-export declare namespace AwsRdsDbClusterSnapshotDetails {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbClusterSnapshotDetails) => any;
-}
-/**
- * <p>An IAM role associated with the DB instance.</p>
- */
-export interface AwsRdsDbInstanceAssociatedRole {
-    /**
-     * <p>The ARN of the IAM role that is associated with the DB
-     *          instance.</p>
-     */
-    RoleArn?: string;
-    /**
-     * <p>The name of the feature associated with the IAM role.</p>
-     */
-    FeatureName?: string;
-    /**
-     * <p>Describes the state of the association between the IAM role and the DB instance. The
-     *             <code>Status</code> property returns one of the following values:</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>ACTIVE</code> - The IAM role ARN is associated with the DB instance and can
-     *                be used to access other Amazon Web Services services on your behalf.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>PENDING</code> - The IAM role ARN is being associated with the DB
-     *                instance.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>INVALID</code> - The IAM role ARN is associated with the DB instance. But
-     *                the DB instance is unable to assume the IAM role in order to access other Amazon Web Services
-     *                services on your behalf. </p>
-     *             </li>
-     *          </ul>
-     */
-    Status?: string;
-}
-export declare namespace AwsRdsDbInstanceAssociatedRole {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbInstanceAssociatedRole) => any;
-}
-/**
- * <p>Provides information about a parameter group for a DB instance.</p>
- */
-export interface AwsRdsDbParameterGroup {
-    /**
-     * <p>The name of the parameter group.</p>
-     */
-    DbParameterGroupName?: string;
-    /**
-     * <p>The status of parameter updates.</p>
-     */
-    ParameterApplyStatus?: string;
-}
-export declare namespace AwsRdsDbParameterGroup {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbParameterGroup) => any;
-}
-/**
- * <p>An Availability Zone for a subnet in a subnet group.</p>
- */
-export interface AwsRdsDbSubnetGroupSubnetAvailabilityZone {
-    /**
-     * <p>The name of the Availability Zone for a subnet in the subnet group.</p>
-     */
-    Name?: string;
-}
-export declare namespace AwsRdsDbSubnetGroupSubnetAvailabilityZone {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroupSubnetAvailabilityZone) => any;
-}
-/**
- * <p>Information about a subnet in a subnet group.</p>
- */
-export interface AwsRdsDbSubnetGroupSubnet {
-    /**
-     * <p>The identifier of a subnet in the subnet group.</p>
-     */
-    SubnetIdentifier?: string;
-    /**
-     * <p>Information about the Availability Zone for a subnet in the subnet group.</p>
-     */
-    SubnetAvailabilityZone?: AwsRdsDbSubnetGroupSubnetAvailabilityZone;
-    /**
-     * <p>The status of a subnet in the subnet group.</p>
-     */
-    SubnetStatus?: string;
-}
-export declare namespace AwsRdsDbSubnetGroupSubnet {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroupSubnet) => any;
-}
-/**
- * <p>Information about the subnet group for the database instance.</p>
- */
-export interface AwsRdsDbSubnetGroup {
-    /**
-     * <p>The name of the subnet group.</p>
-     */
-    DbSubnetGroupName?: string;
-    /**
-     * <p>The description of the subnet group.</p>
-     */
-    DbSubnetGroupDescription?: string;
-    /**
-     * <p>The VPC ID of the subnet group.</p>
-     */
-    VpcId?: string;
-    /**
-     * <p>The status of the subnet group.</p>
-     */
-    SubnetGroupStatus?: string;
-    /**
-     * <p>A list of subnets in the subnet group.</p>
-     */
-    Subnets?: AwsRdsDbSubnetGroupSubnet[];
-    /**
-     * <p>The ARN of the subnet group.</p>
-     */
-    DbSubnetGroupArn?: string;
-}
-export declare namespace AwsRdsDbSubnetGroup {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroup) => any;
-}
-/**
- * <p>Specifies the connection endpoint.</p>
- */
-export interface AwsRdsDbInstanceEndpoint {
-    /**
-     * <p>Specifies the DNS address of the DB instance.</p>
-     */
-    Address?: string;
-    /**
-     * <p>Specifies the port that the database engine is listening on.</p>
-     */
-    Port?: number;
-    /**
-     * <p>Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.</p>
-     */
-    HostedZoneId?: string;
-}
-export declare namespace AwsRdsDbInstanceEndpoint {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbInstanceEndpoint) => any;
-}
-/**
- * <p>An option group membership.</p>
- */
-export interface AwsRdsDbOptionGroupMembership {
-    /**
-     * <p>The name of the option group.</p>
-     */
-    OptionGroupName?: string;
-    /**
-     * <p>The status of the option group membership.</p>
-     */
-    Status?: string;
-}
-export declare namespace AwsRdsDbOptionGroupMembership {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbOptionGroupMembership) => any;
-}
-/**
- * <p>Identifies the log types to enable and disable.</p>
- */
-export interface AwsRdsPendingCloudWatchLogsExports {
-    /**
-     * <p>A list of log types that are being enabled.</p>
-     */
-    LogTypesToEnable?: string[];
-    /**
-     * <p>A list of log types that are being disabled.</p>
-     */
-    LogTypesToDisable?: string[];
-}
-export declare namespace AwsRdsPendingCloudWatchLogsExports {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsPendingCloudWatchLogsExports) => any;
-}
-/**
- * <p>A processor feature.</p>
- */
-export interface AwsRdsDbProcessorFeature {
-    /**
-     * <p>The name of the processor feature.</p>
-     */
-    Name?: string;
+    Destination?: string;
     /**
-     * <p>The value of the processor feature.</p>
+     * <p>The destination port to inspect for. You can specify an individual port, such as <code>1994</code>. You also can specify a port range, such as <code>1990:1994</code>. To match with any port, specify <code>ANY</code>.</p>
      */
-    Value?: string;
-}
-export declare namespace AwsRdsDbProcessorFeature {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbProcessorFeature) => any;
-}
-/**
- * <p>Changes to a DB instance that are currently pending.</p>
- */
-export interface AwsRdsDbPendingModifiedValues {
-    /**
-     * <p>The new DB instance class for the DB instance.</p>
-     */
-    DbInstanceClass?: string;
-    /**
-     * <p>The new value of the allocated storage for the DB instance.</p>
-     */
-    AllocatedStorage?: number;
-    /**
-     * <p>The new master user password for the DB instance.</p>
-     */
-    MasterUserPassword?: string;
-    /**
-     * <p>The new port for the DB instance.</p>
-     */
-    Port?: number;
-    /**
-     * <p>The new backup retention period for the DB instance.</p>
-     */
-    BackupRetentionPeriod?: number;
-    /**
-     * <p>Indicates that a single Availability Zone DB instance is changing to a multiple Availability Zone deployment.</p>
-     */
-    MultiAZ?: boolean;
-    /**
-     * <p>The new engine version for the DB instance.</p>
-     */
-    EngineVersion?: string;
-    /**
-     * <p>The new license model value for the DB instance.</p>
-     */
-    LicenseModel?: string;
-    /**
-     * <p>The new provisioned IOPS value for the DB instance.</p>
-     */
-    Iops?: number;
-    /**
-     * <p>The new DB instance identifier for the DB instance.</p>
-     */
-    DbInstanceIdentifier?: string;
-    /**
-     * <p>The new storage type for the DB instance.</p>
-     */
-    StorageType?: string;
-    /**
-     * <p>The new CA certificate identifier for the DB instance.</p>
-     */
-    CaCertificateIdentifier?: string;
-    /**
-     * <p>The name of the new subnet group for the DB instance.</p>
-     */
-    DbSubnetGroupName?: string;
-    /**
-     * <p>A list of log types that are being enabled or disabled.</p>
-     */
-    PendingCloudWatchLogsExports?: AwsRdsPendingCloudWatchLogsExports;
-    /**
-     * <p>Processor features that are being updated.</p>
-     */
-    ProcessorFeatures?: AwsRdsDbProcessorFeature[];
-}
-export declare namespace AwsRdsDbPendingModifiedValues {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbPendingModifiedValues) => any;
-}
-/**
- * <p>Information about the status of a read replica.</p>
- */
-export interface AwsRdsDbStatusInfo {
-    /**
-     * <p>The type of status. For a read replica, the status type is read replication.</p>
-     */
-    StatusType?: string;
-    /**
-     * <p>Whether the read replica instance is operating normally.</p>
-     */
-    Normal?: boolean;
-    /**
-     * <p>The status of the read replica instance.</p>
-     */
-    Status?: string;
-    /**
-     * <p>If the read replica is currently in an error state, provides the error details.</p>
-     */
-    Message?: string;
-}
-export declare namespace AwsRdsDbStatusInfo {
+    DestinationPort?: string;
     /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: AwsRdsDbStatusInfo) => any;
-}
-/**
- * <p>Contains the details of an Amazon RDS DB instance.</p>
- */
-export interface AwsRdsDbInstanceDetails {
-    /**
-     * <p>The IAM roles associated with the DB
-     *          instance.</p>
-     */
-    AssociatedRoles?: AwsRdsDbInstanceAssociatedRole[];
-    /**
-     * <p>The identifier of the CA certificate for this DB instance.</p>
-     */
-    CACertificateIdentifier?: string;
-    /**
-     * <p>If the DB instance is a member of a DB cluster, contains the name of the DB cluster that
-     *          the DB instance is a member of.</p>
-     */
-    DBClusterIdentifier?: string;
-    /**
-     * <p>Contains a user-supplied database identifier. This identifier is the unique key that
-     *          identifies a DB instance.</p>
-     */
-    DBInstanceIdentifier?: string;
-    /**
-     * <p>Contains the name of the compute and memory capacity class of the DB instance.</p>
-     */
-    DBInstanceClass?: string;
-    /**
-     * <p>Specifies the port that the DB instance listens on. If the DB instance is part of a DB
-     *          cluster, this can be a different port than the DB cluster port.</p>
-     */
-    DbInstancePort?: number;
-    /**
-     * <p>The Amazon Web Services Region-unique, immutable identifier for the DB instance. This identifier is
-     *          found in CloudTrail log entries whenever the KMS key for the DB instance is
-     *          accessed. </p>
-     */
-    DbiResourceId?: string;
-    /**
-     * <p>The meaning of this parameter differs according to the database engine you use.</p>
-     *          <p>
-     *             <b>MySQL, MariaDB, SQL Server, PostgreSQL</b>
-     *          </p>
-     *          <p>Contains the name of the initial database of this instance that was provided at create
-     *          time, if one was specified when the DB instance was created. This same name is returned for
-     *          the life of the DB instance.</p>
-     *          <p>
-     *             <b>Oracle</b>
-     *          </p>
-     *          <p>Contains the Oracle System ID (SID) of the created DB instance. Not shown when the
-     *          returned parameters do not apply to an Oracle DB instance. </p>
-     */
-    DBName?: string;
-    /**
-     * <p>Indicates whether the DB instance has deletion protection enabled.</p>
-     *          <p>When deletion protection is enabled, the database cannot be deleted.</p>
-     */
-    DeletionProtection?: boolean;
-    /**
-     * <p>Specifies the connection endpoint.</p>
-     */
-    Endpoint?: AwsRdsDbInstanceEndpoint;
-    /**
-     * <p>Provides the name of the database engine to use for this DB instance.</p>
+     * <p>The direction of traffic flow to inspect. If set to <code>ANY</code>, the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to <code>FORWARD</code>, the inspection only matches traffic going from the source to the destination.</p>
      */
-    Engine?: string;
-    /**
-     * <p>Indicates the database engine version.</p>
-     */
-    EngineVersion?: string;
-    /**
-     * <p>True if mapping of IAM accounts to database
-     *          accounts is enabled, and otherwise false.</p>
-     *          <p>IAM database authentication can be enabled for the following database engines.</p>
-     *          <ul>
-     *             <li>
-     *                <p>For MySQL 5.6, minor version 5.6.34 or higher</p>
-     *             </li>
-     *             <li>
-     *                <p>For MySQL 5.7, minor version 5.7.16 or higher</p>
-     *             </li>
-     *             <li>
-     *                <p>Aurora 5.6 or higher</p>
-     *             </li>
-     *          </ul>
-     */
-    IAMDatabaseAuthenticationEnabled?: boolean;
-    /**
-     * <p>Indicates when the DB instance was created.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    InstanceCreateTime?: string;
-    /**
-     * <p>If <code>StorageEncrypted</code> is true, the KMS key identifier for the encrypted
-     *          DB instance.</p>
-     */
-    KmsKeyId?: string;
-    /**
-     * <p>Specifies the accessibility options for the DB instance.</p>
-     *          <p>A value of true specifies an Internet-facing instance with a publicly resolvable DNS
-     *          name, which resolves to a public IP address.</p>
-     *          <p>A value of false specifies an internal instance with a DNS name that resolves to a
-     *          private IP address. </p>
-     */
-    PubliclyAccessible?: boolean;
+    Direction?: string;
     /**
-     * <p>Specifies whether the DB instance is encrypted.</p>
+     * <p>The protocol to inspect for. To inspector for all protocols, use <code>IP</code>.</p>
      */
-    StorageEncrypted?: boolean;
-    /**
-     * <p>The ARN from the key store with which the instance is associated for TDE
-     *          encryption.</p>
-     */
-    TdeCredentialArn?: string;
-    /**
-     * <p>A list of VPC security groups that the DB instance belongs to.</p>
-     */
-    VpcSecurityGroups?: AwsRdsDbInstanceVpcSecurityGroup[];
+    Protocol?: string;
     /**
-     * <p>Whether the DB instance is a multiple Availability Zone deployment.</p>
+     * <p>The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify <code>ANY</code>.</p>
      */
-    MultiAz?: boolean;
+    Source?: string;
     /**
-     * <p>The ARN of the CloudWatch Logs log stream that receives the enhanced monitoring metrics
-     *          data for the DB instance.</p>
+     * <p>The source port to inspect for. You can specify an individual port, such as <code>1994</code>. You also can specify a port range, such as <code>1990:1994</code>. To match with any port, specify <code>ANY</code>.</p>
      */
-    EnhancedMonitoringResourceArn?: string;
+    SourcePort?: string;
+}
+export declare namespace RuleGroupSourceStatefulRulesHeaderDetails {
     /**
-     * <p>The current status of the DB instance.</p>
+     * @internal
      */
-    DbInstanceStatus?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatefulRulesHeaderDetails) => any;
+}
+/**
+ * <p>A rule option for a stateful rule.</p>
+ */
+export interface RuleGroupSourceStatefulRulesOptionsDetails {
     /**
-     * <p>The master user name of the DB instance.</p>
+     * <p>A keyword to look for.</p>
      */
-    MasterUsername?: string;
+    Keyword?: string;
     /**
-     * <p>The amount of storage (in gigabytes) to initially allocate for the DB instance.</p>
+     * <p>A list of settings.</p>
      */
-    AllocatedStorage?: number;
+    Settings?: string[];
+}
+export declare namespace RuleGroupSourceStatefulRulesOptionsDetails {
     /**
-     * <p>The range of time each day when automated backups are created, if automated backups are
-     *          enabled.</p>
-     *          <p>Uses the format <code>HH:MM-HH:MM</code>. For example, <code>04:52-05:22</code>.</p>
+     * @internal
      */
-    PreferredBackupWindow?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatefulRulesOptionsDetails) => any;
+}
+/**
+ * <p>A Suricata rule specification.</p>
+ */
+export interface RuleGroupSourceStatefulRulesDetails {
     /**
-     * <p>The number of days for which to retain automated backups.</p>
+     * <p>Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria.</p>
      */
-    BackupRetentionPeriod?: number;
+    Action?: string;
     /**
-     * <p>A list of the DB security groups to assign to the DB instance.</p>
+     * <p>The stateful inspection criteria for the rule.</p>
      */
-    DbSecurityGroups?: string[];
+    Header?: RuleGroupSourceStatefulRulesHeaderDetails;
     /**
-     * <p>A list of the DB parameter groups to assign to the DB instance.</p>
+     * <p>Additional options for the rule.</p>
      */
-    DbParameterGroups?: AwsRdsDbParameterGroup[];
+    RuleOptions?: RuleGroupSourceStatefulRulesOptionsDetails[];
+}
+export declare namespace RuleGroupSourceStatefulRulesDetails {
     /**
-     * <p>The Availability Zone where the DB instance will be created.</p>
+     * @internal
      */
-    AvailabilityZone?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatefulRulesDetails) => any;
+}
+/**
+ * <p>A custom action definition. A custom action is an optional, non-standard action to use for stateless packet handling.</p>
+ */
+export interface RuleGroupSourceCustomActionsDetails {
     /**
-     * <p>Information about the subnet group that is associated with the DB instance.</p>
+     * <p>The definition of a custom action.</p>
      */
-    DbSubnetGroup?: AwsRdsDbSubnetGroup;
+    ActionDefinition?: StatelessCustomActionDefinition;
     /**
-     * <p>The weekly time range during which system maintenance can occur, in Universal
-     *          Coordinated Time (UTC).</p>
-     *          <p>Uses the format <code><day>:HH:MM-<day>:HH:MM</code>.</p>
-     *          <p>For the day values, use
-     *             <code>mon</code>|<code>tue</code>|<code>wed</code>|<code>thu</code>|<code>fri</code>|<code>sat</code>|<code>sun</code>.</p>
-     *          <p>For example, <code>sun:09:32-sun:10:02</code>.</p>
+     * <p>A descriptive name of the custom action.</p>
      */
-    PreferredMaintenanceWindow?: string;
+    ActionName?: string;
+}
+export declare namespace RuleGroupSourceCustomActionsDetails {
     /**
-     * <p>Changes to the DB instance that are currently pending.</p>
+     * @internal
      */
-    PendingModifiedValues?: AwsRdsDbPendingModifiedValues;
+    const filterSensitiveLog: (obj: RuleGroupSourceCustomActionsDetails) => any;
+}
+/**
+ * <p>A port range to specify the destination ports to inspect for.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts {
     /**
-     * <p>Specifies the latest time to which a database can be restored with point-in-time
-     *          restore.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * <p>The starting port value for the port range.</p>
      */
-    LatestRestorableTime?: string;
+    FromPort?: number;
     /**
-     * <p>Indicates whether minor version patches are applied automatically.</p>
+     * <p>The ending port value for the port range.</p>
      */
-    AutoMinorVersionUpgrade?: boolean;
+    ToPort?: number;
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts {
     /**
-     * <p>If this DB instance is a read replica, contains the identifier of the source DB
-     *          instance.</p>
+     * @internal
      */
-    ReadReplicaSourceDBInstanceIdentifier?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts) => any;
+}
+/**
+ * <p>A destination IP address or range.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributesDestinations {
     /**
-     * <p>List of identifiers of the read replicas associated with this DB instance.</p>
+     * <p>An IP address or a block of IP addresses.</p>
      */
-    ReadReplicaDBInstanceIdentifiers?: string[];
+    AddressDefinition?: string;
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributesDestinations {
     /**
-     * <p>List of identifiers of Aurora DB clusters to which the RDS DB instance is replicated as
-     *          a read replica.</p>
+     * @internal
      */
-    ReadReplicaDBClusterIdentifiers?: string[];
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributesDestinations) => any;
+}
+/**
+ * <p>A port range to specify the source ports to inspect for.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributesSourcePorts {
     /**
-     * <p>License model information for this DB instance.</p>
+     * <p>The starting port value for the port range.</p>
      */
-    LicenseModel?: string;
+    FromPort?: number;
     /**
-     * <p>Specifies the provisioned IOPS (I/O operations per second) for this DB instance.</p>
+     * <p>The ending port value for the port range.</p>
      */
-    Iops?: number;
+    ToPort?: number;
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributesSourcePorts {
     /**
-     * <p>The list of option group memberships for this DB instance.</p>
+     * @internal
      */
-    OptionGroupMemberships?: AwsRdsDbOptionGroupMembership[];
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributesSourcePorts) => any;
+}
+/**
+ * <p>A source IP addresses and address range to inspect for.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributesSources {
     /**
-     * <p>The name of the character set that this DB instance is associated with.</p>
+     * <p>An IP address or a block of IP addresses.</p>
      */
-    CharacterSetName?: string;
+    AddressDefinition?: string;
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributesSources {
     /**
-     * <p>For a DB instance with multi-Availability Zone support, the name of the secondary
-     *          Availability Zone.</p>
+     * @internal
      */
-    SecondaryAvailabilityZone?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributesSources) => any;
+}
+/**
+ * <p>A set of TCP flags and masks to inspect for.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributesTcpFlags {
     /**
-     * <p>The status of a read replica. If the instance isn't a read replica, this is
-     *          empty.</p>
+     * <p>Defines the flags from the <code>Masks</code> setting that must be set in order for the packet to match. Flags that are listed must be set. Flags that are not listed must not be set.</p>
      */
-    StatusInfos?: AwsRdsDbStatusInfo[];
+    Flags?: string[];
     /**
-     * <p>The storage type for the DB instance.</p>
+     * <p>The set of flags to consider in the inspection. If not specified, then all flags are inspected.</p>
      */
-    StorageType?: string;
+    Masks?: string[];
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributesTcpFlags {
     /**
-     * <p>The Active Directory domain membership records associated with the DB instance.</p>
+     * @internal
      */
-    DomainMemberships?: AwsRdsDbDomainMembership[];
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributesTcpFlags) => any;
+}
+/**
+ * <p>Criteria for the stateless rule.</p>
+ */
+export interface RuleGroupSourceStatelessRuleMatchAttributes {
     /**
-     * <p>Whether to copy resource tags to snapshots of the DB instance.</p>
+     * <p>A list of port ranges to specify the destination ports to inspect for.</p>
      */
-    CopyTagsToSnapshot?: boolean;
+    DestinationPorts?: RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts[];
     /**
-     * <p>The interval, in seconds, between points when enhanced monitoring metrics are collected
-     *          for the DB instance.</p>
+     * <p>The destination IP addresses and address ranges to inspect for, in CIDR notation.</p>
      */
-    MonitoringInterval?: number;
+    Destinations?: RuleGroupSourceStatelessRuleMatchAttributesDestinations[];
     /**
-     * <p>The ARN for the IAM role that permits Amazon RDS to send enhanced monitoring metrics to
-     *          CloudWatch Logs.</p>
+     * <p>The protocols to inspect for.</p>
      */
-    MonitoringRoleArn?: string;
+    Protocols?: number[];
     /**
-     * <p>The order in which to promote an Aurora replica to the primary instance after a failure
-     *          of the existing primary instance.</p>
+     * <p>A list of port ranges to specify the source ports to inspect for.</p>
      */
-    PromotionTier?: number;
+    SourcePorts?: RuleGroupSourceStatelessRuleMatchAttributesSourcePorts[];
     /**
-     * <p>The time zone of the DB instance.</p>
+     * <p>The source IP addresses and address ranges to inspect for, in CIDR notation.</p>
      */
-    Timezone?: string;
+    Sources?: RuleGroupSourceStatelessRuleMatchAttributesSources[];
     /**
-     * <p>Indicates whether Performance Insights is enabled for the DB instance.</p>
+     * <p>The TCP flags and masks to inspect for.</p>
      */
-    PerformanceInsightsEnabled?: boolean;
+    TcpFlags?: RuleGroupSourceStatelessRuleMatchAttributesTcpFlags[];
+}
+export declare namespace RuleGroupSourceStatelessRuleMatchAttributes {
     /**
-     * <p>The identifier of the KMS key used to encrypt the Performance Insights data.</p>
+     * @internal
      */
-    PerformanceInsightsKmsKeyId?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleMatchAttributes) => any;
+}
+/**
+ * <p>The definition of the stateless rule.</p>
+ */
+export interface RuleGroupSourceStatelessRuleDefinition {
     /**
-     * <p>The number of days to retain Performance Insights data.</p>
+     * <p>The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action (<code>aws:pass</code>, <code>aws:drop</code>, or <code>aws:forward_to_sfe</code>). You can then add custom actions.</p>
      */
-    PerformanceInsightsRetentionPeriod?: number;
+    Actions?: string[];
     /**
-     * <p>A list of log types that this DB instance is configured to export to CloudWatch Logs.</p>
+     * <p>The criteria for Network Firewall to use to inspect an individual packet in a stateless rule inspection.</p>
      */
-    EnabledCloudWatchLogsExports?: string[];
+    MatchAttributes?: RuleGroupSourceStatelessRuleMatchAttributes;
+}
+export declare namespace RuleGroupSourceStatelessRuleDefinition {
     /**
-     * <p>The number of CPU cores and the number of threads per core for the DB instance class of
-     *          the DB instance.</p>
+     * @internal
      */
-    ProcessorFeatures?: AwsRdsDbProcessorFeature[];
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRuleDefinition) => any;
+}
+/**
+ * <p>A stateless rule in the rule group.</p>
+ */
+export interface RuleGroupSourceStatelessRulesDetails {
     /**
-     * <p>Specifies the connection endpoint.</p>
+     * <p>Indicates the order in which to run this rule relative to all of the rules in the stateless rule group.</p>
      */
-    ListenerEndpoint?: AwsRdsDbInstanceEndpoint;
+    Priority?: number;
     /**
-     * <p>The upper limit to which Amazon RDS can automatically scale the storage of the DB
-     *          instance.</p>
+     * <p>Provides the definition of the stateless rule.</p>
      */
-    MaxAllocatedStorage?: number;
+    RuleDefinition?: RuleGroupSourceStatelessRuleDefinition;
 }
-export declare namespace AwsRdsDbInstanceDetails {
+export declare namespace RuleGroupSourceStatelessRulesDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRdsDbInstanceDetails) => any;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRulesDetails) => any;
 }
 /**
- * <p>Provides details about an Amazon RDS DB cluster snapshot.</p>
+ * <p>Stateless rules and custom actions for a stateless rule group.</p>
  */
-export interface AwsRdsDbSnapshotDetails {
+export interface RuleGroupSourceStatelessRulesAndCustomActionsDetails {
     /**
-     * <p>The name or ARN of the DB snapshot that is used to restore the DB instance.</p>
+     * <p>Custom actions for the rule group.</p>
      */
-    DbSnapshotIdentifier?: string;
+    CustomActions?: RuleGroupSourceCustomActionsDetails[];
     /**
-     * <p>A name for the DB instance.</p>
+     * <p>Stateless rules for the rule group.</p>
      */
-    DbInstanceIdentifier?: string;
+    StatelessRules?: RuleGroupSourceStatelessRulesDetails[];
+}
+export declare namespace RuleGroupSourceStatelessRulesAndCustomActionsDetails {
     /**
-     * <p>When the snapshot was taken in Coordinated Universal Time (UTC).</p>
+     * @internal
      */
-    SnapshotCreateTime?: string;
+    const filterSensitiveLog: (obj: RuleGroupSourceStatelessRulesAndCustomActionsDetails) => any;
+}
+/**
+ * <p>The rules and actions for the rule group.</p>
+ */
+export interface RuleGroupSource {
     /**
-     * <p>The name of the database engine to use for this DB instance.</p>
+     * <p>Stateful inspection criteria for a domain list rule group. A domain list rule group determines access by specific protocols to specific domains.</p>
      */
-    Engine?: string;
+    RulesSourceList?: RuleGroupSourceListDetails;
     /**
-     * <p>The amount of storage (in gigabytes) to be initially allocated for the database instance.</p>
+     * <p>Stateful inspection criteria, provided in Suricata compatible intrusion prevention system (IPS) rules.</p>
      */
-    AllocatedStorage?: number;
+    RulesString?: string;
     /**
-     * <p>The status of this DB snapshot.</p>
+     * <p>Suricata rule specifications.</p>
      */
-    Status?: string;
+    StatefulRules?: RuleGroupSourceStatefulRulesDetails[];
     /**
-     * <p>The port that the database engine was listening on at the time of the snapshot.</p>
+     * <p>The stateless rules and custom actions used by a stateless rule group.</p>
      */
-    Port?: number;
+    StatelessRulesAndCustomActions?: RuleGroupSourceStatelessRulesAndCustomActionsDetails;
+}
+export declare namespace RuleGroupSource {
     /**
-     * <p>Specifies the name of the Availability Zone in which the DB instance was located at the time of the DB snapshot.</p>
+     * @internal
      */
-    AvailabilityZone?: string;
+    const filterSensitiveLog: (obj: RuleGroupSource) => any;
+}
+/**
+ * <p>A list of IP addresses and address ranges, in CIDR notation.</p>
+ */
+export interface RuleGroupVariablesIpSetsDetails {
     /**
-     * <p>The VPC ID associated with the DB snapshot.</p>
+     * <p>The list of IP addresses and ranges.</p>
      */
-    VpcId?: string;
+    Definition?: string[];
+}
+export declare namespace RuleGroupVariablesIpSetsDetails {
     /**
-     * <p>Specifies the time in Coordinated Universal Time (UTC) when the DB instance, from which the snapshot was taken, was created.</p>
+     * @internal
      */
-    InstanceCreateTime?: string;
+    const filterSensitiveLog: (obj: RuleGroupVariablesIpSetsDetails) => any;
+}
+/**
+ * <p>A list of port ranges.</p>
+ */
+export interface RuleGroupVariablesPortSetsDetails {
     /**
-     * <p>The master user name for the DB snapshot.</p>
+     * <p>The list of port ranges.</p>
      */
-    MasterUsername?: string;
+    Definition?: string[];
+}
+export declare namespace RuleGroupVariablesPortSetsDetails {
     /**
-     * <p>The version of the database engine.</p>
+     * @internal
      */
-    EngineVersion?: string;
+    const filterSensitiveLog: (obj: RuleGroupVariablesPortSetsDetails) => any;
+}
+/**
+ * <p>Additional settings to use in the specified rules.</p>
+ */
+export interface RuleGroupVariables {
     /**
-     * <p>License model information for the restored DB instance.</p>
+     * <p>A list of IP addresses and address ranges, in CIDR notation.</p>
      */
-    LicenseModel?: string;
+    IpSets?: RuleGroupVariablesIpSetsDetails;
     /**
-     * <p>The type of the DB snapshot.</p>
+     * <p>A list of port ranges.</p>
      */
-    SnapshotType?: string;
+    PortSets?: RuleGroupVariablesPortSetsDetails;
+}
+export declare namespace RuleGroupVariables {
     /**
-     * <p>The provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.</p>
+     * @internal
      */
-    Iops?: number;
+    const filterSensitiveLog: (obj: RuleGroupVariables) => any;
+}
+/**
+ * <p>Details about the rule group.</p>
+ */
+export interface RuleGroupDetails {
     /**
-     * <p>The option group name for the DB snapshot.</p>
+     * <p>Additional settings to use in the specified rules.</p>
      */
-    OptionGroupName?: string;
+    RuleVariables?: RuleGroupVariables;
     /**
-     * <p>The percentage of the estimated data that has been transferred.</p>
+     * <p>The rules and actions for the rule group.</p>
+     *          <p>For stateful rule groups, can contain <code>RulesString</code>, <code>RulesSourceList</code>, or <code>StatefulRules</code>.</p>
+     *          <p>For stateless rule groups, contains <code>StatelessRulesAndCustomActions</code>.</p>
      */
-    PercentProgress?: number;
+    RulesSource?: RuleGroupSource;
+}
+export declare namespace RuleGroupDetails {
     /**
-     * <p>The Amazon Web Services Region that the DB snapshot was created in or copied from.</p>
+     * @internal
      */
-    SourceRegion?: string;
+    const filterSensitiveLog: (obj: RuleGroupDetails) => any;
+}
+/**
+ * <p>Details about an Network Firewall rule group. Rule groups are used to inspect and control network traffic. Stateless rule groups apply to individual packets. Stateful rule groups apply to packets in the context of their traffic flow.</p>
+ *          <p>Rule groups are referenced in firewall policies.
+ *       </p>
+ */
+export interface AwsNetworkFirewallRuleGroupDetails {
     /**
-     * <p>The DB snapshot ARN that the DB snapshot was copied from.</p>
+     * <p>The maximum number of operating resources that this rule group can use.</p>
      */
-    SourceDbSnapshotIdentifier?: string;
+    Capacity?: number;
     /**
-     * <p>The storage type associated with the DB snapshot.</p>
+     * <p>A description of the rule group.</p>
      */
-    StorageType?: string;
+    Description?: string;
     /**
-     * <p>The ARN from the key store with which to associate the instance for TDE encryption.</p>
+     * <p>Details about the rule group.</p>
      */
-    TdeCredentialArn?: string;
+    RuleGroup?: RuleGroupDetails;
     /**
-     * <p>Whether the DB snapshot is encrypted.</p>
+     * <p>The ARN of the rule group.</p>
      */
-    Encrypted?: boolean;
+    RuleGroupArn?: string;
     /**
-     * <p>If <code>Encrypted</code> is <code>true</code>, the KMS key identifier for the encrypted DB snapshot.</p>
+     * <p>The identifier of the rule group.</p>
      */
-    KmsKeyId?: string;
+    RuleGroupId?: string;
     /**
-     * <p>The time zone of the DB snapshot.</p>
+     * <p>The descriptive name of the rule group.</p>
      */
-    Timezone?: string;
+    RuleGroupName?: string;
     /**
-     * <p>Whether mapping of IAM accounts to database accounts is enabled.</p>
+     * <p>The type of rule group. A rule group can be stateful or stateless.</p>
      */
-    IamDatabaseAuthenticationEnabled?: boolean;
+    Type?: string;
+}
+export declare namespace AwsNetworkFirewallRuleGroupDetails {
     /**
-     * <p>The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.</p>
+     * @internal
      */
-    ProcessorFeatures?: AwsRdsDbProcessorFeature[];
+    const filterSensitiveLog: (obj: AwsNetworkFirewallRuleGroupDetails) => any;
+}
+/**
+ * <p>Configuration options for zone awareness.</p>
+ */
+export interface AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails {
     /**
-     * <p>The identifier for the source DB instance.</p>
+     * <p>The number of Availability Zones that the domain uses. Valid values are 2 and 3. The default is 2.</p>
      */
-    DbiResourceId?: string;
+    AvailabilityZoneCount?: number;
 }
-export declare namespace AwsRdsDbSnapshotDetails {
+export declare namespace AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRdsDbSnapshotDetails) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails) => any;
 }
 /**
- * <p>Details about an Amazon RDS event notification subscription. The subscription allows Amazon RDS to post events to an SNS topic.</p>
+ * <p>Details about the configuration of an OpenSearch cluster.</p>
  */
-export interface AwsRdsEventSubscriptionDetails {
+export interface AwsOpenSearchServiceDomainClusterConfigDetails {
     /**
-     * <p>The identifier of the account that is associated with the event notification subscription.</p>
+     * <p>The number of data nodes to use in the OpenSearch domain.</p>
      */
-    CustSubscriptionId?: string;
+    InstanceCount?: number;
     /**
-     * <p>The identifier of the event notification subscription.</p>
+     * <p>Whether UltraWarm is enabled.</p>
      */
-    CustomerAwsId?: string;
+    WarmEnabled?: boolean;
     /**
-     * <p>Whether the event notification subscription is enabled.</p>
+     * <p>The number of UltraWarm instances.</p>
      */
-    Enabled?: boolean;
+    WarmCount?: number;
     /**
-     * <p>The list of event categories for the event notification subscription.</p>
+     * <p>Whether to use a dedicated master node for the OpenSearch domain. A dedicated master node performs cluster management tasks, but does not hold data or respond to data upload requests.</p>
      */
-    EventCategoriesList?: string[];
+    DedicatedMasterEnabled?: boolean;
     /**
-     * <p>The ARN of the event notification subscription.</p>
+     * <p>Configuration options for zone awareness. Provided if <code>ZoneAwarenessEnabled</code> is <code>true</code>.</p>
      */
-    EventSubscriptionArn?: string;
+    ZoneAwarenessConfig?: AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails;
     /**
-     * <p>The ARN of the SNS topic to post the event notifications to.</p>
+     * <p>The number of instances to use for the master node. If this attribute is specified, then <code>DedicatedMasterEnabled</code> must be <code>true</code>.</p>
      */
-    SnsTopicArn?: string;
+    DedicatedMasterCount?: number;
     /**
-     * <p>A list of source identifiers for the event notification subscription.</p>
+     * <p>The instance type for your data nodes. </p>
      */
-    SourceIdsList?: string[];
+    InstanceType?: string;
     /**
-     * <p>The source type for the event notification subscription.</p>
+     * <p>The type of UltraWarm instance.</p>
      */
-    SourceType?: string;
+    WarmType?: string;
     /**
-     * <p>The status of the event notification subscription.</p>
-     *          <p>Valid values: <code>creating</code> | <code>modifying</code> | <code>deleting</code> | <code>active</code> | <code>no-permission</code> | <code>topic-not-exist</code>
-     *          </p>
+     * <p>Whether to enable zone awareness for the OpenSearch domain. When zone awareness is enabled, OpenSearch Service allocates the cluster's nodes and replica index shards across Availability Zones (AZs) in the same Region. This prevents data loss and minimizes downtime if a node or data center fails.</p>
      */
-    Status?: string;
+    ZoneAwarenessEnabled?: boolean;
     /**
-     * <p>The datetime when the event notification subscription was created.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *          Date/Time Format</a>. The value cannot contain spaces. For example,
-     *          <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * <p>The hardware configuration of the computer that hosts the dedicated master node.</p>
+     *          <p>If this attribute is specified, then <code>DedicatedMasterEnabled</code> must be <code>true</code>.
+     *       </p>
      */
-    SubscriptionCreationTime?: string;
+    DedicatedMasterType?: string;
 }
-export declare namespace AwsRdsEventSubscriptionDetails {
+export declare namespace AwsOpenSearchServiceDomainClusterConfigDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRdsEventSubscriptionDetails) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainClusterConfigDetails) => any;
 }
 /**
- * <p>A node in an Amazon Redshift cluster.</p>
+ * <p>Information about additional options for the domain endpoint.</p>
  */
-export interface AwsRedshiftClusterClusterNode {
+export interface AwsOpenSearchServiceDomainDomainEndpointOptionsDetails {
+    /**
+     * <p>The ARN for the security certificate. The certificate is managed in ACM.</p>
+     */
+    CustomEndpointCertificateArn?: string;
     /**
-     * <p>The role of the node. A node might be a leader node or a compute node.</p>
+     * <p>Whether to enable a custom endpoint for the domain.</p>
      */
-    NodeRole?: string;
+    CustomEndpointEnabled?: boolean;
     /**
-     * <p>The private IP address of the node.</p>
+     * <p>Whether to require that all traffic to the domain arrive over HTTPS.</p>
      */
-    PrivateIpAddress?: string;
+    EnforceHTTPS?: boolean;
     /**
-     * <p>The public IP address of the node.</p>
+     * <p>The fully qualified URL for the custom endpoint.</p>
+     */
+    CustomEndpoint?: string;
+    /**
+     * <p>The TLS security policy to apply to the HTTPS endpoint of the OpenSearch domain.</p>
      */
-    PublicIpAddress?: string;
+    TLSSecurityPolicy?: string;
 }
-export declare namespace AwsRedshiftClusterClusterNode {
+export declare namespace AwsOpenSearchServiceDomainDomainEndpointOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterClusterNode) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainDomainEndpointOptionsDetails) => any;
 }
 /**
- * <p>The status of a parameter in a cluster parameter group for an Amazon Redshift
- *          cluster.</p>
+ * <p>Details about the configuration for encryption at rest for the OpenSearch domain.</p>
  */
-export interface AwsRedshiftClusterClusterParameterStatus {
-    /**
-     * <p>The name of the parameter.</p>
-     */
-    ParameterName?: string;
+export interface AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails {
     /**
-     * <p>The status of the parameter. Indicates whether the parameter is in sync with the
-     *          database, waiting for a cluster reboot, or encountered an error when it was applied.</p>
-     *          <p>Valid values: <code>in-sync</code> | <code>pending-reboot</code> | <code>applying</code>
-     *          | <code>invalid-parameter</code> | <code>apply-deferred</code> | <code>apply-error</code> |
-     *             <code>unknown-error</code>
-     *          </p>
+     * <p>Whether encryption at rest is enabled.</p>
      */
-    ParameterApplyStatus?: string;
+    Enabled?: boolean;
     /**
-     * <p>The error that prevented the parameter from being applied to the database.</p>
+     * <p>The KMS key ID.</p>
      */
-    ParameterApplyErrorDescription?: string;
+    KmsKeyId?: string;
 }
-export declare namespace AwsRedshiftClusterClusterParameterStatus {
+export declare namespace AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterClusterParameterStatus) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails) => any;
 }
 /**
- * <p>A cluster parameter group that is associated with an Amazon Redshift cluster.</p>
+ * <p>Configuration details for a log publishing option.</p>
  */
-export interface AwsRedshiftClusterClusterParameterGroup {
-    /**
-     * <p>The list of parameter statuses.</p>
-     */
-    ClusterParameterStatusList?: AwsRedshiftClusterClusterParameterStatus[];
+export interface AwsOpenSearchServiceDomainLogPublishingOption {
     /**
-     * <p>The status of updates to the parameters.</p>
+     * <p>The ARN of the CloudWatch Logs group to publish the logs to.</p>
      */
-    ParameterApplyStatus?: string;
+    CloudWatchLogsLogGroupArn?: string;
     /**
-     * <p>The name of the parameter group.</p>
+     * <p>Whether the log publishing is enabled.</p>
      */
-    ParameterGroupName?: string;
+    Enabled?: boolean;
 }
-export declare namespace AwsRedshiftClusterClusterParameterGroup {
+export declare namespace AwsOpenSearchServiceDomainLogPublishingOption {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterClusterParameterGroup) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainLogPublishingOption) => any;
 }
 /**
- * <p>A security group that is associated with the cluster.</p>
+ * <p>Configures the CloudWatch Logs to publish for the OpenSearch domain.</p>
  */
-export interface AwsRedshiftClusterClusterSecurityGroup {
+export interface AwsOpenSearchServiceDomainLogPublishingOptionsDetails {
     /**
-     * <p>The name of the cluster security group.</p>
+     * <p>Configures the OpenSearch index logs publishing.</p>
      */
-    ClusterSecurityGroupName?: string;
+    IndexSlowLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
     /**
-     * <p>The status of the cluster security group.</p>
+     * <p>Configures the OpenSearch search slow log publishing.</p>
      */
-    Status?: string;
+    SearchSlowLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
+    /**
+     * <p>Configures the OpenSearch audit logs publishing.</p>
+     */
+    AuditLogs?: AwsOpenSearchServiceDomainLogPublishingOption;
 }
-export declare namespace AwsRedshiftClusterClusterSecurityGroup {
+export declare namespace AwsOpenSearchServiceDomainLogPublishingOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterClusterSecurityGroup) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainLogPublishingOptionsDetails) => any;
 }
 /**
- * <p>Information about a cross-Region snapshot copy.</p>
+ * <p>Provides details about the configuration for node-to-node encryption.</p>
  */
-export interface AwsRedshiftClusterClusterSnapshotCopyStatus {
-    /**
-     * <p>The destination Region that snapshots are automatically copied to when cross-Region
-     *          snapshot copy is enabled.</p>
-     */
-    DestinationRegion?: string;
-    /**
-     * <p>The number of days that manual snapshots are retained in the destination region after
-     *          they are copied from a source region.</p>
-     *          <p>If the value is -1, then the manual snapshot is retained indefinitely.</p>
-     *          <p>Valid values: Either -1 or an integer between 1 and 3,653</p>
-     */
-    ManualSnapshotRetentionPeriod?: number;
-    /**
-     * <p>The number of days to retain automated snapshots in the destination Region after they
-     *          are copied from a source Region.</p>
-     */
-    RetentionPeriod?: number;
+export interface AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails {
     /**
-     * <p>The name of the snapshot copy grant.</p>
+     * <p>Whether node-to-node encryption is enabled.</p>
      */
-    SnapshotCopyGrantName?: string;
+    Enabled?: boolean;
 }
-export declare namespace AwsRedshiftClusterClusterSnapshotCopyStatus {
+export declare namespace AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterClusterSnapshotCopyStatus) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails) => any;
 }
 /**
- * <p>A time windows during which maintenance was deferred for an Amazon Redshift
- *          cluster.</p>
+ * <p>Provides information about the state of the domain relative to the latest service software.</p>
  */
-export interface AwsRedshiftClusterDeferredMaintenanceWindow {
-    /**
-     * <p>The end of the time window for which maintenance was deferred.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    DeferMaintenanceEndTime?: string;
+export interface AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails {
     /**
-     * <p>The identifier of the maintenance window.</p>
+     * <p>The epoch time when the deployment window closes for required updates. After this time, OpenSearch Service schedules the software upgrade automatically.</p>
      */
-    DeferMaintenanceIdentifier?: string;
+    AutomatedUpdateDate?: string;
     /**
-     * <p>The start of the time window for which maintenance was deferred.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * <p>Whether a request to update the domain can be canceled.</p>
      */
-    DeferMaintenanceStartTime?: string;
-}
-export declare namespace AwsRedshiftClusterDeferredMaintenanceWindow {
+    Cancellable?: boolean;
     /**
-     * @internal
+     * <p>The version of the service software that is currently installed on the domain.</p>
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterDeferredMaintenanceWindow) => any;
-}
-/**
- * <p>The status of the elastic IP (EIP) address for an Amazon Redshift cluster.</p>
- */
-export interface AwsRedshiftClusterElasticIpStatus {
+    CurrentVersion?: string;
     /**
-     * <p>The elastic IP address for the cluster.</p>
+     * <p>A more detailed description of the service software status.</p>
      */
-    ElasticIp?: string;
+    Description?: string;
     /**
-     * <p>The status of the elastic IP address.</p>
+     * <p>The most recent version of the service software.</p>
      */
-    Status?: string;
-}
-export declare namespace AwsRedshiftClusterElasticIpStatus {
+    NewVersion?: string;
     /**
-     * @internal
+     * <p>Whether a service software update is available for the domain.</p>
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterElasticIpStatus) => any;
-}
-/**
- * <p>The connection endpoint for an Amazon Redshift cluster.</p>
- */
-export interface AwsRedshiftClusterEndpoint {
+    UpdateAvailable?: boolean;
     /**
-     * <p>The DNS address of the cluster.</p>
+     * <p>The status of the service software update.</p>
      */
-    Address?: string;
+    UpdateStatus?: string;
     /**
-     * <p>The port that the database engine listens on.</p>
+     * <p>Whether the service software update is optional.</p>
      */
-    Port?: number;
+    OptionalDeployment?: boolean;
 }
-export declare namespace AwsRedshiftClusterEndpoint {
+export declare namespace AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterEndpoint) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails) => any;
 }
 /**
- * <p>Information about whether an Amazon Redshift cluster finished applying any hardware
- *          changes to security module (HSM) settings that were specified in a modify cluster
- *          command.</p>
+ * <p>Contains information that OpenSearch Service derives based on the <code>VPCOptions</code> for the domain.</p>
  */
-export interface AwsRedshiftClusterHsmStatus {
-    /**
-     * <p>The name of the HSM client certificate that the Amazon Redshift cluster uses to retrieve
-     *          the data encryption keys that are stored in an HSM.</p>
-     */
-    HsmClientCertificateIdentifier?: string;
+export interface AwsOpenSearchServiceDomainVpcOptionsDetails {
     /**
-     * <p>The name of the HSM configuration that contains the information that the Amazon Redshift
-     *          cluster can use to retrieve and store keys in an HSM.</p>
+     * <p>The list of security group IDs that are associated with the VPC endpoints for the domain.</p>
      */
-    HsmConfigurationIdentifier?: string;
+    SecurityGroupIds?: string[];
     /**
-     * <p>Indicates whether the Amazon Redshift cluster has finished applying any HSM settings
-     *          changes specified in a modify cluster command.</p>
-     *          <p>Type: String</p>
-     *          <p>Valid values: <code>active</code> | <code>applying</code>
-     *          </p>
+     * <p>A list of subnet IDs that are associated with the VPC endpoints for the domain.</p>
      */
-    Status?: string;
+    SubnetIds?: string[];
 }
-export declare namespace AwsRedshiftClusterHsmStatus {
+export declare namespace AwsOpenSearchServiceDomainVpcOptionsDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterHsmStatus) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainVpcOptionsDetails) => any;
 }
 /**
- * <p>An IAM role that the cluster can use to access other Amazon Web Services services.</p>
+ * <p>Information about an Amazon OpenSearch Service domain.</p>
  */
-export interface AwsRedshiftClusterIamRole {
+export interface AwsOpenSearchServiceDomainDetails {
     /**
-     * <p>The status of the IAM role's association with the cluster.</p>
-     *          <p>Valid values: <code>in-sync</code> | <code>adding</code> | <code>removing</code>
-     *          </p>
+     * <p>The ARN of the OpenSearch Service domain.</p>
      */
-    ApplyStatus?: string;
+    Arn?: string;
     /**
-     * <p>The ARN of the IAM role.</p>
+     * <p>IAM policy document that specifies the access policies for the OpenSearch Service domain.</p>
      */
-    IamRoleArn?: string;
-}
-export declare namespace AwsRedshiftClusterIamRole {
+    AccessPolicies?: string;
     /**
-     * @internal
+     * <p>The name of the endpoint.</p>
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterIamRole) => any;
-}
-/**
- * <p>Changes to the Amazon Redshift cluster that are currently pending.</p>
- */
-export interface AwsRedshiftClusterPendingModifiedValues {
+    DomainName?: string;
     /**
-     * <p>The pending or in-progress change to the automated snapshot retention period.</p>
+     * <p>The identifier of the domain.</p>
      */
-    AutomatedSnapshotRetentionPeriod?: number;
+    Id?: string;
     /**
-     * <p>The pending or in-progress change to the identifier for the cluster.</p>
+     * <p>The domain endpoint.</p>
      */
-    ClusterIdentifier?: string;
+    DomainEndpoint?: string;
     /**
-     * <p>The pending or in-progress change to the cluster type.</p>
+     * <p>The version of the domain engine.</p>
      */
-    ClusterType?: string;
+    EngineVersion?: string;
     /**
-     * <p>The pending or in-progress change to the service version.</p>
+     * <p>Details about the configuration for encryption at rest.</p>
      */
-    ClusterVersion?: string;
+    EncryptionAtRestOptions?: AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails;
     /**
-     * <p>The encryption type for a cluster.</p>
+     * <p>Details about the configuration for node-to-node encryption.</p>
      */
-    EncryptionType?: string;
+    NodeToNodeEncryptionOptions?: AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails;
     /**
-     * <p>Indicates whether to create the cluster with enhanced VPC routing enabled.</p>
+     * <p>Information about the status of a domain relative to the latest service software.</p>
      */
-    EnhancedVpcRouting?: boolean;
+    ServiceSoftwareOptions?: AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails;
     /**
-     * <p>The name of the maintenance track that the cluster changes to during the next
-     *          maintenance window.</p>
+     * <p>Details about the configuration of an OpenSearch cluster.</p>
      */
-    MaintenanceTrackName?: string;
+    ClusterConfig?: AwsOpenSearchServiceDomainClusterConfigDetails;
     /**
-     * <p>The pending or in-progress change to the master user password for the cluster.</p>
+     * <p>Additional options for the domain endpoint.</p>
      */
-    MasterUserPassword?: string;
+    DomainEndpointOptions?: AwsOpenSearchServiceDomainDomainEndpointOptionsDetails;
     /**
-     * <p>The pending or in-progress change to the cluster's node type.</p>
+     * <p>Information that OpenSearch Service derives based on <code>VPCOptions</code> for the domain.</p>
      */
-    NodeType?: string;
+    VpcOptions?: AwsOpenSearchServiceDomainVpcOptionsDetails;
     /**
-     * <p>The pending or in-progress change to the number of nodes in the cluster.</p>
+     * <p>Configures the CloudWatch Logs to publish for the OpenSearch domain.</p>
      */
-    NumberOfNodes?: number;
+    LogPublishingOptions?: AwsOpenSearchServiceDomainLogPublishingOptionsDetails;
     /**
-     * <p>The pending or in-progress change to whether the cluster can be connected to from the
-     *          public network.</p>
+     * <p>The domain endpoints. Used if the OpenSearch domain resides in a VPC.</p>
+     *          <p>This is a map of key-value pairs. The key is always <code>vpc</code>. The value is the endpoint.</p>
      */
-    PubliclyAccessible?: boolean;
+    DomainEndpoints?: {
+        [key: string]: string;
+    };
 }
-export declare namespace AwsRedshiftClusterPendingModifiedValues {
+export declare namespace AwsOpenSearchServiceDomainDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterPendingModifiedValues) => any;
+    const filterSensitiveLog: (obj: AwsOpenSearchServiceDomainDetails) => any;
 }
 /**
- * <p>Information about the resize operation for the cluster.</p>
+ * <p>An IAM role that is associated with the Amazon RDS DB cluster.</p>
  */
-export interface AwsRedshiftClusterResizeInfo {
+export interface AwsRdsDbClusterAssociatedRole {
     /**
-     * <p>Indicates whether the resize operation can be canceled.</p>
+     * <p>The ARN of the IAM role.</p>
      */
-    AllowCancelResize?: boolean;
+    RoleArn?: string;
     /**
-     * <p>The type of resize operation.</p>
-     *          <p>Valid values: <code>ClassicResize</code>
-     *          </p>
+     * <p>The status of the association between the IAM role and the DB cluster.</p>
      */
-    ResizeType?: string;
+    Status?: string;
 }
-export declare namespace AwsRedshiftClusterResizeInfo {
+export declare namespace AwsRdsDbClusterAssociatedRole {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterResizeInfo) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbClusterAssociatedRole) => any;
 }
 /**
- * <p>Information about the status of a cluster restore action. It only applies if the cluster
- *          was created by restoring a snapshot.</p>
+ * <p>Information about an instance in the DB cluster.</p>
  */
-export interface AwsRedshiftClusterRestoreStatus {
-    /**
-     * <p>The number of megabytes per second being transferred from the backup storage. Returns
-     *          the average rate for a completed backup.</p>
-     *          <p>This field is only updated when you restore to DC2 and DS2 node types.</p>
-     */
-    CurrentRestoreRateInMegaBytesPerSecond?: number;
-    /**
-     * <p>The amount of time an in-progress restore has been running, or the amount of time it
-     *          took a completed restore to finish.</p>
-     *          <p>This field is only updated when you restore to DC2 and DS2 node types.</p>
-     */
-    ElapsedTimeInSeconds?: number;
+export interface AwsRdsDbClusterMember {
     /**
-     * <p>The estimate of the time remaining before the restore is complete. Returns 0 for a
-     *          completed restore.</p>
-     *          <p>This field is only updated when you restore to DC2 and DS2 node types.</p>
+     * <p>Whether the cluster member is the primary instance for the DB cluster.</p>
      */
-    EstimatedTimeToCompletionInSeconds?: number;
+    IsClusterWriter?: boolean;
     /**
-     * <p>The number of megabytes that were transferred from snapshot storage.</p>
-     *          <p>This field is only updated when you restore to DC2 and DS2 node types.</p>
+     * <p>Specifies the order in which an Aurora replica is promoted to the primary instance when
+     *          the existing primary instance fails.</p>
      */
-    ProgressInMegaBytes?: number;
+    PromotionTier?: number;
     /**
-     * <p>The size of the set of snapshot data that was used to restore the cluster.</p>
-     *          <p>This field is only updated when you restore to DC2 and DS2 node types.</p>
+     * <p>The instance identifier for this member of the DB cluster.</p>
      */
-    SnapshotSizeInMegaBytes?: number;
+    DbInstanceIdentifier?: string;
     /**
-     * <p>The status of the restore action.</p>
-     *          <p>Valid values: <code>starting</code> | <code>restoring</code> | <code>completed</code> |
-     *             <code>failed</code>
-     *          </p>
+     * <p>The status of the DB cluster parameter group for this member of the DB cluster.</p>
      */
-    Status?: string;
+    DbClusterParameterGroupStatus?: string;
 }
-export declare namespace AwsRedshiftClusterRestoreStatus {
+export declare namespace AwsRdsDbClusterMember {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterRestoreStatus) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbClusterMember) => any;
 }
 /**
- * <p>A VPC security group that the cluster belongs to, if the cluster is in a VPC.</p>
+ * <p>Information about an option group membership for a DB cluster.</p>
  */
-export interface AwsRedshiftClusterVpcSecurityGroup {
+export interface AwsRdsDbClusterOptionGroupMembership {
     /**
-     * <p>The status of the VPC security group.</p>
+     * <p>The name of the DB cluster option group.</p>
      */
-    Status?: string;
+    DbClusterOptionGroupName?: string;
     /**
-     * <p>The identifier of the VPC security group.</p>
+     * <p>The status of the DB cluster option group.</p>
      */
-    VpcSecurityGroupId?: string;
+    Status?: string;
 }
-export declare namespace AwsRedshiftClusterVpcSecurityGroup {
+export declare namespace AwsRdsDbClusterOptionGroupMembership {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterVpcSecurityGroup) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbClusterOptionGroupMembership) => any;
 }
 /**
- * <p>Details about an Amazon Redshift cluster.</p>
+ * <p>Information about an Active Directory domain membership record associated with the DB
+ *          instance.</p>
  */
-export interface AwsRedshiftClusterDetails {
+export interface AwsRdsDbDomainMembership {
     /**
-     * <p>Indicates whether major version upgrades are applied automatically to the cluster during
-     *          the maintenance window.</p>
+     * <p>The identifier of the Active Directory domain.</p>
      */
-    AllowVersionUpgrade?: boolean;
+    Domain?: string;
     /**
-     * <p>The number of days that automatic cluster snapshots are retained.</p>
+     * <p>The status of the Active Directory Domain membership for the DB instance.</p>
      */
-    AutomatedSnapshotRetentionPeriod?: number;
+    Status?: string;
     /**
-     * <p>The name of the Availability Zone in which the cluster is located.</p>
+     * <p>The fully qualified domain name of the Active Directory domain.</p>
      */
-    AvailabilityZone?: string;
+    Fqdn?: string;
     /**
-     * <p>The availability status of the cluster for queries. Possible values are the
-     *          following:</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>Available</code> - The cluster is available for queries.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>Unavailable</code> - The cluster is not available for queries.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>Maintenance</code> - The cluster is intermittently available for queries due
-     *                to maintenance activities.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>Modifying</code> -The cluster is intermittently available for queries due to
-     *                changes that modify the cluster.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>Failed</code> - The cluster failed and is not available for queries.</p>
-     *             </li>
-     *          </ul>
+     * <p>The name of the IAM role to use when making API calls to the Directory Service.</p>
      */
-    ClusterAvailabilityStatus?: string;
+    IamRoleName?: string;
+}
+export declare namespace AwsRdsDbDomainMembership {
     /**
-     * <p>Indicates when the cluster was created.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * @internal
      */
-    ClusterCreateTime?: string;
+    const filterSensitiveLog: (obj: AwsRdsDbDomainMembership) => any;
+}
+/**
+ * <p>A VPC security groups that the DB instance belongs to.</p>
+ */
+export interface AwsRdsDbInstanceVpcSecurityGroup {
     /**
-     * <p>The unique identifier of the cluster.</p>
+     * <p>The name of the VPC security group.</p>
      */
-    ClusterIdentifier?: string;
+    VpcSecurityGroupId?: string;
     /**
-     * <p>The nodes in the cluster.</p>
+     * <p>The status of the VPC security group.</p>
      */
-    ClusterNodes?: AwsRedshiftClusterClusterNode[];
+    Status?: string;
+}
+export declare namespace AwsRdsDbInstanceVpcSecurityGroup {
     /**
-     * <p>The list of cluster parameter groups that are associated with this cluster.</p>
+     * @internal
      */
-    ClusterParameterGroups?: AwsRedshiftClusterClusterParameterGroup[];
+    const filterSensitiveLog: (obj: AwsRdsDbInstanceVpcSecurityGroup) => any;
+}
+/**
+ * <p>Information about an Amazon RDS DB cluster.</p>
+ */
+export interface AwsRdsDbClusterDetails {
     /**
-     * <p>The public key for the cluster.</p>
+     * <p>For all database engines except Aurora, specifies the allocated storage size in
+     *          gibibytes (GiB).</p>
      */
-    ClusterPublicKey?: string;
+    AllocatedStorage?: number;
     /**
-     * <p>The specific revision number of the database in the cluster.</p>
+     * <p>A list of Availability Zones (AZs) where instances in the DB cluster can be
+     *          created.</p>
      */
-    ClusterRevisionNumber?: string;
+    AvailabilityZones?: string[];
     /**
-     * <p>A list of cluster security groups that are associated with the cluster.</p>
+     * <p>The number of days for which automated backups are retained.</p>
      */
-    ClusterSecurityGroups?: AwsRedshiftClusterClusterSecurityGroup[];
+    BackupRetentionPeriod?: number;
     /**
-     * <p>Information about the destination Region and retention period for the cross-Region
-     *          snapshot copy.</p>
+     * <p>The name of the database.</p>
      */
-    ClusterSnapshotCopyStatus?: AwsRedshiftClusterClusterSnapshotCopyStatus;
+    DatabaseName?: string;
     /**
-     * <p>The current status of the cluster.</p>
-     *          <p>Valid values: <code>available</code> | <code>available, prep-for-resize</code> |
-     *             <code>available, resize-cleanup</code> |<code> cancelling-resize</code> |
-     *             <code>creating</code> | <code>deleting</code> | <code>final-snapshot</code> |
-     *             <code>hardware-failure</code> | <code>incompatible-hsm</code> |<code>
-     *             incompatible-network</code> | <code>incompatible-parameters</code> |
-     *             <code>incompatible-restore</code> | <code>modifying</code> | <code>paused</code> |
-     *             <code>rebooting</code> | <code>renaming</code> | <code>resizing</code> |
-     *             <code>rotating-keys</code> | <code>storage-full</code> |
-     *          <code>updating-hsm</code>
-     *          </p>
+     * <p>The current status of this DB cluster.</p>
      */
-    ClusterStatus?: string;
+    Status?: string;
     /**
-     * <p>The name of the subnet group that is associated with the cluster. This parameter is
-     *          valid only when the cluster is in a VPC.</p>
+     * <p>The connection endpoint for the primary instance of the DB cluster.</p>
      */
-    ClusterSubnetGroupName?: string;
+    Endpoint?: string;
     /**
-     * <p>The version ID of the Amazon Redshift engine that runs on the cluster.</p>
+     * <p>The reader endpoint for the DB cluster.</p>
      */
-    ClusterVersion?: string;
+    ReaderEndpoint?: string;
     /**
-     * <p>The name of the initial database that was created when the cluster was created.</p>
-     *          <p>The same name is returned for the life of the cluster.</p>
-     *          <p>If an initial database is not specified, a database named <code>devdev</code> is created
-     *          by default.</p>
+     * <p>A list of custom endpoints for the DB cluster.</p>
      */
-    DBName?: string;
+    CustomEndpoints?: string[];
     /**
-     * <p>List of time windows during which maintenance was deferred.</p>
+     * <p>Whether the DB cluster has instances in multiple Availability Zones.</p>
      */
-    DeferredMaintenanceWindows?: AwsRedshiftClusterDeferredMaintenanceWindow[];
+    MultiAz?: boolean;
     /**
-     * <p>Information about the status of the Elastic IP (EIP) address.</p>
+     * <p>The name of the database engine to use for this DB cluster.</p>
      */
-    ElasticIpStatus?: AwsRedshiftClusterElasticIpStatus;
+    Engine?: string;
     /**
-     * <p>The number of nodes that you can use the elastic resize method to resize the cluster
-     *          to.</p>
+     * <p>The version number of the database engine to use.</p>
      */
-    ElasticResizeNumberOfNodeOptions?: string;
+    EngineVersion?: string;
     /**
-     * <p>Indicates whether the data in the cluster is encrypted at rest.</p>
+     * <p>The port number on which the DB instances in the DB cluster accept connections.</p>
      */
-    Encrypted?: boolean;
+    Port?: number;
     /**
-     * <p>The connection endpoint.</p>
+     * <p>The name of the master user for the DB cluster.</p>
      */
-    Endpoint?: AwsRedshiftClusterEndpoint;
+    MasterUsername?: string;
     /**
-     * <p>Indicates whether to create the cluster with enhanced VPC routing enabled.</p>
+     * <p>The range of time each day when automated backups are created, if automated backups are
+     *          enabled.</p>
+     *          <p>Uses the format <code>HH:MM-HH:MM</code>. For example, <code>04:52-05:22</code>.</p>
      */
-    EnhancedVpcRouting?: boolean;
+    PreferredBackupWindow?: string;
     /**
-     * <p>Indicates when the next snapshot is expected to be taken. The cluster must have a valid
-     *          snapshot schedule and have backups enabled.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * <p>The weekly time range during which system maintenance can occur, in Universal
+     *          Coordinated Time (UTC).</p>
+     *          <p>Uses the format <code><day>:HH:MM-<day>:HH:MM</code>.</p>
+     *          <p>For the day values, use
+     *             <code>mon</code>|<code>tue</code>|<code>wed</code>|<code>thu</code>|<code>fri</code>|<code>sat</code>|<code>sun</code>.</p>
+     *          <p>For example, <code>sun:09:32-sun:10:02</code>.</p>
      */
-    ExpectedNextSnapshotScheduleTime?: string;
+    PreferredMaintenanceWindow?: string;
     /**
-     * <p>The status of the next expected snapshot.</p>
-     *          <p>Valid values: <code>OnTrack</code> | <code>Pending</code>
-     *          </p>
+     * <p>The identifiers of the read replicas that are associated with this DB cluster.</p>
      */
-    ExpectedNextSnapshotScheduleTimeStatus?: string;
+    ReadReplicaIdentifiers?: string[];
     /**
-     * <p>Information about whether the Amazon Redshift cluster finished applying any changes to
-     *          hardware security module (HSM) settings that were specified in a modify cluster
-     *          command.</p>
+     * <p>A list of VPC security groups that the DB cluster belongs to.</p>
      */
-    HsmStatus?: AwsRedshiftClusterHsmStatus;
+    VpcSecurityGroups?: AwsRdsDbInstanceVpcSecurityGroup[];
     /**
-     * <p>A list of IAM roles that the cluster can use to access other Amazon Web Services services.</p>
+     * <p>Specifies the identifier that Amazon Route 53 assigns when you create a hosted
+     *          zone.</p>
      */
-    IamRoles?: AwsRedshiftClusterIamRole[];
+    HostedZoneId?: string;
     /**
-     * <p>The identifier of the KMS encryption key that is used to encrypt data in the
-     *          cluster.</p>
+     * <p>Whether the DB cluster is encrypted.</p>
      */
-    KmsKeyId?: string;
+    StorageEncrypted?: boolean;
     /**
-     * <p>The name of the maintenance track for the cluster.</p>
+     * <p>The ARN of the KMS master key that is used to encrypt the database instances in the
+     *          DB cluster.</p>
      */
-    MaintenanceTrackName?: string;
+    KmsKeyId?: string;
     /**
-     * <p>The default number of days to retain a manual snapshot.</p>
-     *          <p>If the value is -1, the snapshot is retained indefinitely.</p>
-     *          <p>This setting doesn't change the retention period of existing snapshots.</p>
-     *          <p>Valid values: Either -1 or an integer between 1 and 3,653</p>
+     * <p>The identifier of the DB cluster. The identifier must be unique within each Amazon Web Services Region
+     *          and is immutable.</p>
      */
-    ManualSnapshotRetentionPeriod?: number;
+    DbClusterResourceId?: string;
     /**
-     * <p>The master user name for the cluster. This name is used to connect to the database that
-     *          is specified in as the value of <code>DBName</code>.</p>
+     * <p>A list of the IAM roles that are associated with the DB cluster.</p>
      */
-    MasterUsername?: string;
+    AssociatedRoles?: AwsRdsDbClusterAssociatedRole[];
     /**
-     * <p>Indicates the start of the next maintenance window.</p>
+     * <p>Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).</p>
      *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
      *             Date/Time Format</a>. The value cannot contain spaces. For example,
      *             <code>2020-03-22T13:22:13.933Z</code>.</p>
      */
-    NextMaintenanceWindowStartTime?: string;
+    ClusterCreateTime?: string;
+    /**
+     * <p>A list of log types that this DB cluster is configured to export to CloudWatch
+     *          Logs.</p>
+     */
+    EnabledCloudWatchLogsExports?: string[];
+    /**
+     * <p>The database engine mode of the DB cluster.</p>
+     */
+    EngineMode?: string;
     /**
-     * <p>The node type for the nodes in the cluster.</p>
+     * <p>Whether the DB cluster has deletion protection enabled.</p>
      */
-    NodeType?: string;
+    DeletionProtection?: boolean;
     /**
-     * <p>The number of compute nodes in the cluster.</p>
+     * <p>Whether the HTTP endpoint for an Aurora Serverless DB cluster is enabled.</p>
      */
-    NumberOfNodes?: number;
+    HttpEndpointEnabled?: boolean;
     /**
-     * <p>A list of cluster operations that are waiting to start.</p>
+     * <p>The status of the database activity stream.</p>
      */
-    PendingActions?: string[];
+    ActivityStreamStatus?: string;
     /**
-     * <p>A list of changes to the cluster that are currently pending.</p>
+     * <p>Whether tags are copied from the DB cluster to snapshots of the DB cluster.</p>
      */
-    PendingModifiedValues?: AwsRedshiftClusterPendingModifiedValues;
+    CopyTagsToSnapshot?: boolean;
     /**
-     * <p>The weekly time range, in Universal Coordinated Time (UTC), during which system
-     *          maintenance can occur.</p>
-     *          <p>Format:
-     *             <code>
-     *                <i><day></i>:HH:MM-<i><day></i>:HH:MM</code>
-     *          </p>
-     *          <p>For the day values, use <code>mon</code> | <code>tue</code> | <code>wed</code> |
-     *             <code>thu</code> | <code>fri</code> | <code>sat</code> | <code>sun</code>
-     *          </p>
-     *          <p>For example, <code>sun:09:32-sun:10:02</code>
-     *          </p>
+     * <p>Whether the DB cluster is a clone of a DB cluster owned by a different Amazon Web Services
+     *          account.</p>
      */
-    PreferredMaintenanceWindow?: string;
+    CrossAccountClone?: boolean;
     /**
-     * <p>Whether the cluster can be accessed from a public network.</p>
+     * <p>The Active Directory domain membership records that are associated with the DB
+     *          cluster.</p>
      */
-    PubliclyAccessible?: boolean;
+    DomainMemberships?: AwsRdsDbDomainMembership[];
     /**
-     * <p>Information about the resize operation for the cluster.</p>
+     * <p>The name of the DB cluster parameter group for the DB cluster.</p>
      */
-    ResizeInfo?: AwsRedshiftClusterResizeInfo;
+    DbClusterParameterGroup?: string;
     /**
-     * <p>Information about the status of a cluster restore action. Only applies to a cluster that
-     *          was created by restoring a snapshot.</p>
+     * <p>The subnet group that is associated with the DB cluster, including the name,
+     *          description, and subnets in the subnet group.</p>
      */
-    RestoreStatus?: AwsRedshiftClusterRestoreStatus;
+    DbSubnetGroup?: string;
     /**
-     * <p>A unique identifier for the cluster snapshot schedule.</p>
+     * <p>The list of option group memberships for this DB cluster.</p>
      */
-    SnapshotScheduleIdentifier?: string;
+    DbClusterOptionGroupMemberships?: AwsRdsDbClusterOptionGroupMembership[];
     /**
-     * <p>The current state of the cluster snapshot schedule.</p>
-     *          <p>Valid values: <code>MODIFYING</code> | <code>ACTIVE</code> | <code>FAILED</code>
-     *          </p>
+     * <p>The DB cluster identifier that the user assigned to the cluster. This identifier is the
+     *          unique key that identifies a DB cluster.</p>
      */
-    SnapshotScheduleState?: string;
+    DbClusterIdentifier?: string;
     /**
-     * <p>The identifier of the VPC that the cluster is in, if the cluster is in a VPC.</p>
+     * <p>The list of instances that make up the DB cluster.</p>
      */
-    VpcId?: string;
+    DbClusterMembers?: AwsRdsDbClusterMember[];
     /**
-     * <p>The list of VPC security groups that the cluster belongs to, if the cluster is in a
-     *          VPC.</p>
+     * <p>Whether the mapping of IAM accounts to database accounts is enabled.</p>
      */
-    VpcSecurityGroups?: AwsRedshiftClusterVpcSecurityGroup[];
+    IamDatabaseAuthenticationEnabled?: boolean;
 }
-export declare namespace AwsRedshiftClusterDetails {
+export declare namespace AwsRdsDbClusterDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsRedshiftClusterDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbClusterDetails) => any;
 }
 /**
- * <p>provides information about the Amazon S3 Public Access Block configuration for accounts.</p>
+ * <p>Information about an Amazon RDS DB cluster snapshot.</p>
  */
-export interface AwsS3AccountPublicAccessBlockDetails {
+export interface AwsRdsDbClusterSnapshotDetails {
     /**
-     * <p>Indicates whether to reject calls to update an S3 bucket if the calls include a public access control list (ACL).</p>
+     * <p>A list of Availability Zones where instances in the DB cluster can be created.</p>
      */
-    BlockPublicAcls?: boolean;
+    AvailabilityZones?: string[];
     /**
-     * <p>Indicates whether to reject calls to update the access policy for an S3 bucket or access point if the policy allows public access.</p>
+     * <p>Indicates when the snapshot was taken.</p>
+     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
+     *             Date/Time Format</a>. The value cannot contain spaces. For example,
+     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
      */
-    BlockPublicPolicy?: boolean;
+    SnapshotCreateTime?: string;
     /**
-     * <p>Indicates whether Amazon S3 ignores public ACLs that are associated with an S3 bucket.</p>
+     * <p>The name of the database engine that you want to use for this DB instance.</p>
      */
-    IgnorePublicAcls?: boolean;
+    Engine?: string;
     /**
-     * <p>Indicates whether to restrict access to an access point or S3 bucket that has a public policy to only Amazon Web Services service principals and authorized users within the S3 bucket owner's account.</p>
+     * <p>Specifies the allocated storage size in gibibytes (GiB).</p>
      */
-    RestrictPublicBuckets?: boolean;
-}
-export declare namespace AwsS3AccountPublicAccessBlockDetails {
+    AllocatedStorage?: number;
     /**
-     * @internal
+     * <p>The status of this DB cluster snapshot.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3AccountPublicAccessBlockDetails) => any;
-}
-/**
- * <p>Information about what Amazon S3
- *          does when a multipart upload is incomplete.</p>
- */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails {
+    Status?: string;
     /**
-     * <p>The number of days after which Amazon S3 cancels an incomplete multipart upload.</p>
+     * <p>The port number on which the DB instances in the DB cluster accept connections.</p>
      */
-    DaysAfterInitiation?: number;
-}
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails {
+    Port?: number;
     /**
-     * @internal
+     * <p>The VPC ID that is associated with the DB cluster snapshot.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails) => any;
-}
-/**
- * <p>A tag that is assigned to matching objects.</p>
- */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails {
+    VpcId?: string;
     /**
-     * <p>The tag key.</p>
+     * <p>Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).</p>
+     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
+     *             Date/Time Format</a>. The value cannot contain spaces. For example,
+     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
      */
-    Key?: string;
+    ClusterCreateTime?: string;
     /**
-     * <p>The tag value.</p>
+     * <p>The name of the master user for the DB cluster.</p>
      */
-    Value?: string;
-}
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails {
+    MasterUsername?: string;
     /**
-     * @internal
+     * <p>The version of the database engine to use.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails) => any;
-}
-/**
- * <p>A value to use for the filter.</p>
- */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails {
+    EngineVersion?: string;
     /**
-     * <p>Prefix text for matching objects.</p>
+     * <p>The license model information for this DB cluster snapshot.</p>
      */
-    Prefix?: string;
+    LicenseModel?: string;
     /**
-     * <p>A tag that is assigned to matching objects.</p>
+     * <p>The type of DB cluster snapshot.</p>
      */
-    Tag?: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails;
+    SnapshotType?: string;
     /**
-     * <p>The type of filter value.</p>
+     * <p>Specifies the percentage of the estimated data that has been transferred.</p>
      */
-    Type?: string;
-}
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails {
+    PercentProgress?: number;
     /**
-     * @internal
+     * <p>Whether the DB cluster is encrypted.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails) => any;
-}
-/**
- * <p>A tag filter.</p>
- */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails {
+    StorageEncrypted?: boolean;
     /**
-     * <p>The tag key.</p>
+     * <p>The ARN of the KMS master key that is used to encrypt the database instances in the
+     *          DB cluster.</p>
      */
-    Key?: string;
+    KmsKeyId?: string;
     /**
-     * <p>The tag value</p>
+     * <p>The DB cluster identifier.</p>
      */
-    Value?: string;
+    DbClusterIdentifier?: string;
+    /**
+     * <p>The identifier of the DB cluster snapshot.</p>
+     */
+    DbClusterSnapshotIdentifier?: string;
+    /**
+     * <p>Whether mapping of IAM accounts to database accounts is enabled.</p>
+     */
+    IamDatabaseAuthenticationEnabled?: boolean;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails {
+export declare namespace AwsRdsDbClusterSnapshotDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbClusterSnapshotDetails) => any;
 }
 /**
- * <p>The configuration for the filter.</p>
+ * <p>An IAM role associated with the DB instance.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails {
-    /**
-     * <p>The values to use for the filter.</p>
-     */
-    Operands?: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails[];
+export interface AwsRdsDbInstanceAssociatedRole {
     /**
-     * <p>A prefix filter.</p>
+     * <p>The ARN of the IAM role that is associated with the DB
+     *          instance.</p>
      */
-    Prefix?: string;
+    RoleArn?: string;
     /**
-     * <p>A tag filter.</p>
+     * <p>The name of the feature associated with the IAM role.</p>
      */
-    Tag?: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails;
+    FeatureName?: string;
     /**
-     * <p>Whether to use <code>AND</code> or <code>OR</code> to join the operands.</p>
+     * <p>Describes the state of the association between the IAM role and the DB instance. The
+     *             <code>Status</code> property returns one of the following values:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>ACTIVE</code> - The IAM role ARN is associated with the DB instance and can
+     *                be used to access other Amazon Web Services services on your behalf.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>PENDING</code> - The IAM role ARN is being associated with the DB
+     *                instance.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>INVALID</code> - The IAM role ARN is associated with the DB instance. But
+     *                the DB instance is unable to assume the IAM role in order to access other Amazon Web Services
+     *                services on your behalf. </p>
+     *             </li>
+     *          </ul>
      */
-    Type?: string;
+    Status?: string;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails {
+export declare namespace AwsRdsDbInstanceAssociatedRole {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbInstanceAssociatedRole) => any;
 }
 /**
- * <p>Identifies the objects that a rule applies to.</p>
+ * <p>Provides information about a parameter group for a DB instance.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesFilterDetails {
+export interface AwsRdsDbParameterGroup {
+    /**
+     * <p>The name of the parameter group.</p>
+     */
+    DbParameterGroupName?: string;
     /**
-     * <p>The configuration for the filter.</p>
+     * <p>The status of parameter updates.</p>
      */
-    Predicate?: AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails;
+    ParameterApplyStatus?: string;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesFilterDetails {
+export declare namespace AwsRdsDbParameterGroup {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesFilterDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbParameterGroup) => any;
 }
 /**
- * <p>A transition rule that describes when noncurrent objects transition to a specified storage class.</p>
+ * <p>An Availability Zone for a subnet in a subnet group.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails {
-    /**
-     * <p>The number of days that an object is noncurrent before Amazon S3 can perform the associated action.</p>
-     */
-    Days?: number;
+export interface AwsRdsDbSubnetGroupSubnetAvailabilityZone {
     /**
-     * <p>The class of storage to change the object to after the object is noncurrent for the specified number of days.</p>
+     * <p>The name of the Availability Zone for a subnet in the subnet group.</p>
      */
-    StorageClass?: string;
+    Name?: string;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails {
+export declare namespace AwsRdsDbSubnetGroupSubnetAvailabilityZone {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroupSubnetAvailabilityZone) => any;
 }
 /**
- * <p>A rule for when objects transition to specific storage classes.</p>
+ * <p>Information about a subnet in a subnet group.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails {
+export interface AwsRdsDbSubnetGroupSubnet {
     /**
-     * <p>A date on which to transition objects to the specified storage class. If you provide <code>Date</code>, you cannot provide <code>Days</code>.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *          Date/Time Format</a>. The value cannot contain spaces. For example,
-     *          <code>2020-03-22T13:22:13.933Z</code>.</p>
+     * <p>The identifier of a subnet in the subnet group.</p>
      */
-    Date?: string;
+    SubnetIdentifier?: string;
     /**
-     * <p>The number of days after which to transition the object to the specified storage class. If you provide <code>Days</code>, you cannot provide <code>Date</code>.</p>
+     * <p>Information about the Availability Zone for a subnet in the subnet group.</p>
      */
-    Days?: number;
+    SubnetAvailabilityZone?: AwsRdsDbSubnetGroupSubnetAvailabilityZone;
     /**
-     * <p>The storage class to transition the object to.</p>
+     * <p>The status of a subnet in the subnet group.</p>
      */
-    StorageClass?: string;
+    SubnetStatus?: string;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails {
+export declare namespace AwsRdsDbSubnetGroupSubnet {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroupSubnet) => any;
 }
 /**
- * <p>Configuration for a lifecycle rule.</p>
+ * <p>Information about the subnet group for the database instance.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationRulesDetails {
-    /**
-     * <p>How Amazon S3 responds when a multipart upload is incomplete. Specifically, provides a number
-     *          of days before Amazon S3 cancels the entire upload.</p>
-     */
-    AbortIncompleteMultipartUpload?: AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails;
-    /**
-     * <p>The date when objects are moved or deleted.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *          Date/Time Format</a>. The value cannot contain spaces. For example,
-     *          <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    ExpirationDate?: string;
-    /**
-     * <p>The length in days of the lifetime for objects that are subject to the rule.</p>
-     */
-    ExpirationInDays?: number;
-    /**
-     * <p>Whether Amazon S3 removes a delete marker that has no noncurrent versions. If set to
-     *          <code>true</code>, the delete marker is expired. If set to <code>false</code>, the policy
-     *          takes no action.</p>
-     *          <p>If you provide <code>ExpiredObjectDeleteMarker</code>, you cannot provide
-     *          <code>ExpirationInDays</code> or <code>ExpirationDate</code>.</p>
-     */
-    ExpiredObjectDeleteMarker?: boolean;
-    /**
-     * <p>Identifies the objects that a rule applies to.</p>
-     */
-    Filter?: AwsS3BucketBucketLifecycleConfigurationRulesFilterDetails;
+export interface AwsRdsDbSubnetGroup {
     /**
-     * <p>The unique identifier of the rule.</p>
+     * <p>The name of the subnet group.</p>
      */
-    ID?: string;
+    DbSubnetGroupName?: string;
     /**
-     * <p>The number of days that an object is noncurrent before Amazon S3 can perform the associated action.</p>
+     * <p>The description of the subnet group.</p>
      */
-    NoncurrentVersionExpirationInDays?: number;
+    DbSubnetGroupDescription?: string;
     /**
-     * <p>Transition rules that describe when noncurrent objects transition to a specified storage class.</p>
+     * <p>The VPC ID of the subnet group.</p>
      */
-    NoncurrentVersionTransitions?: AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails[];
+    VpcId?: string;
     /**
-     * <p>A prefix that identifies one or more objects that the rule applies to.</p>
+     * <p>The status of the subnet group.</p>
      */
-    Prefix?: string;
+    SubnetGroupStatus?: string;
     /**
-     * <p>The current status of the rule. Indicates whether the rule is currently being applied.</p>
+     * <p>A list of subnets in the subnet group.</p>
      */
-    Status?: string;
+    Subnets?: AwsRdsDbSubnetGroupSubnet[];
     /**
-     * <p>Transition rules that indicate when objects transition to a specified storage class.</p>
+     * <p>The ARN of the subnet group.</p>
      */
-    Transitions?: AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails[];
+    DbSubnetGroupArn?: string;
 }
-export declare namespace AwsS3BucketBucketLifecycleConfigurationRulesDetails {
+export declare namespace AwsRdsDbSubnetGroup {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationRulesDetails) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbSubnetGroup) => any;
 }
 /**
- * <p>The lifecycle configuration for the objects in the S3 bucket.</p>
+ * <p>Specifies the connection endpoint.</p>
  */
-export interface AwsS3BucketBucketLifecycleConfigurationDetails {
-    /**
-     * <p>The lifecycle rules.</p>
-     */
-    Rules?: AwsS3BucketBucketLifecycleConfigurationRulesDetails[];
-}
-export declare namespace AwsS3BucketBucketLifecycleConfigurationDetails {
+export interface AwsRdsDbInstanceEndpoint {
     /**
-     * @internal
+     * <p>Specifies the DNS address of the DB instance.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3BucketBucketLifecycleConfigurationDetails) => any;
-}
-/**
- * <p>Information about logging for
- *          the S3 bucket</p>
- */
-export interface AwsS3BucketLoggingConfiguration {
+    Address?: string;
     /**
-     * <p>The name of the S3 bucket where log files for the S3 bucket are stored.</p>
+     * <p>Specifies the port that the database engine is listening on.</p>
      */
-    DestinationBucketName?: string;
+    Port?: number;
     /**
-     * <p>The prefix added to log files for the S3 bucket.</p>
+     * <p>Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.</p>
      */
-    LogFilePrefix?: string;
+    HostedZoneId?: string;
 }
-export declare namespace AwsS3BucketLoggingConfiguration {
+export declare namespace AwsRdsDbInstanceEndpoint {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketLoggingConfiguration) => any;
-}
-export declare enum AwsS3BucketNotificationConfigurationS3KeyFilterRuleName {
-    PREFIX = "Prefix",
-    SUFFIX = "Suffix"
+    const filterSensitiveLog: (obj: AwsRdsDbInstanceEndpoint) => any;
 }
 /**
- * <p>Details for a filter rule.</p>
+ * <p>An option group membership.</p>
  */
-export interface AwsS3BucketNotificationConfigurationS3KeyFilterRule {
+export interface AwsRdsDbOptionGroupMembership {
     /**
-     * <p>Indicates whether the filter is based on the prefix or suffix of the Amazon S3 key.</p>
+     * <p>The name of the option group.</p>
      */
-    Name?: AwsS3BucketNotificationConfigurationS3KeyFilterRuleName | string;
+    OptionGroupName?: string;
     /**
-     * <p>The filter value.</p>
+     * <p>The status of the option group membership.</p>
      */
-    Value?: string;
+    Status?: string;
 }
-export declare namespace AwsS3BucketNotificationConfigurationS3KeyFilterRule {
+export declare namespace AwsRdsDbOptionGroupMembership {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketNotificationConfigurationS3KeyFilterRule) => any;
+    const filterSensitiveLog: (obj: AwsRdsDbOptionGroupMembership) => any;
 }
 /**
- * <p>Details for an Amazon S3 filter.</p>
+ * <p>Identifies the log types to enable and disable.</p>
  */
-export interface AwsS3BucketNotificationConfigurationS3KeyFilter {
-    /**
-     * <p>The filter rules for the filter.</p>
-     */
-    FilterRules?: AwsS3BucketNotificationConfigurationS3KeyFilterRule[];
-}
-export declare namespace AwsS3BucketNotificationConfigurationS3KeyFilter {
+export interface AwsRdsPendingCloudWatchLogsExports {
     /**
-     * @internal
+     * <p>A list of log types that are being enabled.</p>
      */
-    const filterSensitiveLog: (obj: AwsS3BucketNotificationConfigurationS3KeyFilter) => any;
-}
-/**
- * <p>Filtering information for the notifications. The
- *          filtering is based on Amazon S3 key names.</p>
- */
-export interface AwsS3BucketNotificationConfigurationFilter {
+    LogTypesToEnable?: string[];
     /**
-     * <p>Details for an Amazon S3 filter.</p>
+     * <p>A list of log types that are being disabled.</p>
      */
-    S3KeyFilter?: AwsS3BucketNotificationConfigurationS3KeyFilter;
+    LogTypesToDisable?: string[];
 }
-export declare namespace AwsS3BucketNotificationConfigurationFilter {
+export declare namespace AwsRdsPendingCloudWatchLogsExports {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: AwsS3BucketNotificationConfigurationFilter) => any;
+    const filterSensitiveLog: (obj: AwsRdsPendingCloudWatchLogsExports) => any;
 }