@pulumi/aws-native 1.27.0-alpha.1743044353 → 1.27.0-alpha.1744032467

package/types/output.d.ts

@@ -1718,6 +1718,10 @@ export declare namespace apigateway {
         type?: enums.apigateway.DocumentationPartLocationType;
     }
     interface DomainNameEndpointConfiguration {
+        /**
+         * The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.
+         */
+        ipAddressType?: string;
         /**
          * A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `"EDGE"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .
          */
@@ -1864,6 +1868,10 @@ export declare namespace apigateway {
      *  ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource.
      */
     interface RestApiEndpointConfiguration {
+        /**
+         * The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported.
+         */
+        ipAddressType?: string;
         /**
          * A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `"EDGE"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .
          */
@@ -4726,6 +4734,21 @@ export declare namespace applicationsignals {
          */
         value: string;
     }
+    /**
+     * This object defines a time exclusion window for this SLO. The time exclusion window is used to exclude breaching data points from affecting attainment rate, error budget, and burn rate metrics.
+     */
+    interface ServiceLevelObjectiveExclusionWindow {
+        /**
+         * An optional reason for scheduling this time exclusion window. Default is 'No reason'.
+         */
+        reason?: string;
+        recurrenceRule?: outputs.applicationsignals.ServiceLevelObjectiveRecurrenceRule;
+        /**
+         * The time you want the exclusion window to start at. Note that time exclusion windows can only be scheduled in the future, not the past.
+         */
+        startTime?: string;
+        window: outputs.applicationsignals.ServiceLevelObjectiveWindow;
+    }
     /**
      * A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold.
      */
@@ -4834,6 +4857,15 @@ export declare namespace applicationsignals {
          */
         goodCountMetric?: outputs.applicationsignals.ServiceLevelObjectiveMetricDataQuery[];
     }
+    /**
+     * This object defines how often to repeat a time exclusion window.
+     */
+    interface ServiceLevelObjectiveRecurrenceRule {
+        /**
+         * A cron or rate expression denoting how often to repeat this exclusion window.
+         */
+        expression: string;
+    }
     /**
      * This structure contains information about the performance metric that a request-based SLO monitors.
      */
@@ -4863,6 +4895,7 @@ export declare namespace applicationsignals {
          * - `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .
          * - `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .
          * - `Environment` specifies the location where this object is hosted, or what it belongs to.
+         * - `AwsAccountId` allows you to create an SLO for an object that exists in another account.
          */
         keyAttributes?: {
             [key: string]: string;
@@ -4953,6 +4986,13 @@ export declare namespace applicationsignals {
          */
         statistic?: string;
     }
+    /**
+     * This object defines the length of time an exclusion window should span.
+     */
+    interface ServiceLevelObjectiveWindow {
+        duration: number;
+        durationUnit: enums.applicationsignals.ServiceLevelObjectiveDurationUnit;
+    }
 }
 export declare namespace apprunner {
     /**
@@ -9974,7 +10014,7 @@ export declare namespace bedrock {
      */
     interface DataSourceBedrockFoundationModelConfiguration {
         /**
-         * The model's ARN.
+         * The ARN of the foundation model to use for parsing.
          */
         modelArn: string;
         /**
@@ -9986,6 +10026,19 @@ export declare namespace bedrock {
          */
         parsingPrompt?: outputs.bedrock.DataSourceParsingPrompt;
     }
+    /**
+     * Bedrock Foundation Model configuration to be used for Context Enrichment.
+     */
+    interface DataSourceBedrockFoundationModelContextEnrichmentConfiguration {
+        /**
+         * The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction.
+         */
+        enrichmentStrategyConfiguration: outputs.bedrock.DataSourceEnrichmentStrategyConfiguration;
+        /**
+         * The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.
+         */
+        modelArn: string;
+    }
     /**
      * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.
      */
@@ -10092,6 +10145,19 @@ export declare namespace bedrock {
          */
         hostUrl: string;
     }
+    /**
+     * Additional Enrichment Configuration for example when using GraphRag.
+     */
+    interface DataSourceContextEnrichmentConfiguration {
+        /**
+         * The configuration of the Amazon Bedrock foundation model used for context enrichment.
+         */
+        bedrockFoundationModelConfiguration?: outputs.bedrock.DataSourceBedrockFoundationModelContextEnrichmentConfiguration;
+        /**
+         * The method used for context enrichment. It must be Amazon Bedrock foundation models.
+         */
+        type: enums.bedrock.DataSourceContextEnrichmentType;
+    }
     /**
      * The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.
      */
@@ -10118,6 +10184,15 @@ export declare namespace bedrock {
          */
         transformations: outputs.bedrock.DataSourceTransformation[];
     }
+    /**
+     * Strategy to be used when using Bedrock Foundation Model for Context Enrichment.
+     */
+    interface DataSourceEnrichmentStrategyConfiguration {
+        /**
+         * The method used for the context enrichment strategy.
+         */
+        method: enums.bedrock.DataSourceEnrichmentStrategyMethod;
+    }
     /**
      * Configurations for when you choose fixed-size chunking. If you set the chunkingStrategy as NONE, exclude this field.
      */
@@ -10407,6 +10482,10 @@ export declare namespace bedrock {
          * Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.
          */
         chunkingConfiguration?: outputs.bedrock.DataSourceChunkingConfiguration;
+        /**
+         * The context enrichment configuration used for ingestion of the data into the vector store.
+         */
+        contextEnrichmentConfiguration?: outputs.bedrock.DataSourceContextEnrichmentConfiguration;
         /**
          * A custom document transformer for parsed data source documents.
          */
@@ -10438,11 +10517,23 @@ export declare namespace bedrock {
          * You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL "https://docs.aws.amazon.com/bedrock/latest/userguide/" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain "aws.amazon.com" can also include sub domain "docs.aws.amazon.com".
          */
         scope?: enums.bedrock.DataSourceWebScopeType;
+        /**
+         * The suffix that will be included in the user agent header.
+         */
+        userAgent?: string;
+        /**
+         * The full user agent header, including UUID and suffix.
+         */
+        userAgentHeader?: string;
     }
     /**
      * Limit settings for the web crawler.
      */
     interface DataSourceWebCrawlerLimits {
+        /**
+         * Maximum number of pages the crawler can crawl.
+         */
+        maxPages?: number;
         /**
          * Rate of web URLs retrieved per minute.
          */
@@ -11381,10 +11472,18 @@ export declare namespace bedrock {
      * Content filter config in content policy.
      */
     interface GuardrailContentFilterConfig {
+        /**
+         * List of modalities
+         */
+        inputModalities?: enums.bedrock.GuardrailModality[];
         /**
          * The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.
          */
         inputStrength: enums.bedrock.GuardrailFilterStrength;
+        /**
+         * List of modalities
+         */
+        outputModalities?: enums.bedrock.GuardrailModality[];
         /**
          * The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.
          */
@@ -11759,6 +11858,32 @@ export declare namespace bedrock {
          */
         vectorField: string;
     }
+    /**
+     * Contains the configurations to use Neptune Analytics as Vector Store.
+     */
+    interface KnowledgeBaseNeptuneAnalyticsConfiguration {
+        /**
+         * Contains the names of the fields to which to map information about the vector store.
+         */
+        fieldMapping: outputs.bedrock.KnowledgeBaseNeptuneAnalyticsFieldMapping;
+        /**
+         * ARN for Neptune Analytics graph database.
+         */
+        graphArn: string;
+    }
+    /**
+     * A mapping of Bedrock Knowledge Base fields to Neptune Analytics fields.
+     */
+    interface KnowledgeBaseNeptuneAnalyticsFieldMapping {
+        /**
+         * The name of the field in which Amazon Bedrock stores metadata about the vector store.
+         */
+        metadataField: string;
+        /**
+         * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.
+         */
+        textField: string;
+    }
     /**
      * Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.
      */
@@ -12056,6 +12181,10 @@ export declare namespace bedrock {
          * Contains the storage configuration of the knowledge base in MongoDB Atlas.
          */
         mongoDbAtlasConfiguration?: outputs.bedrock.KnowledgeBaseMongoDbAtlasConfiguration;
+        /**
+         * Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) .
+         */
+        neptuneAnalyticsConfiguration?: outputs.bedrock.KnowledgeBaseNeptuneAnalyticsConfiguration;
         /**
          * Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.
          */
@@ -12737,7 +12866,9 @@ export declare namespace budgets {
 export declare namespace cassandra {
     interface KeyspaceReplicationSpecification {
         /**
-         * Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two and up to six Regions, including the Region that the keyspace is being created in.
+         * Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.
+         *
+         * To specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .
          */
         regionList?: enums.cassandra.KeyspaceRegionListItem[];
         /**
@@ -13704,8 +13835,6 @@ export declare namespace cloudformation {
         regionConcurrencyType?: enums.cloudformation.StackSetRegionConcurrencyType;
         /**
          * The order of the Regions where you want to perform the stack operation.
-         *
-         * > `RegionOrder` isn't followed if `AutoDeployment` is enabled.
          */
         regionOrder?: string[];
     }
@@ -14631,6 +14760,7 @@ export declare namespace cloudfront {
      * An origin.
      *  An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin:
      *   +  Use ``S3OriginConfig`` to specify an Amazon S3 bucket that is not configured with static website hosting.
+     *   +  Use ``VpcOriginConfig`` to specify a VPC origin.
      *   +  Use ``CustomOriginConfig`` to specify all other kinds of origins, including:
      *   +  An Amazon S3 bucket that is configured with static website hosting
      *   +  An Elastic Load Balancing load balancer
@@ -14890,17 +15020,18 @@ export declare namespace cloudfront {
          */
         sslSupportMethod?: string;
     }
+    /**
+     * An Amazon CloudFront VPC origin configuration.
+     */
     interface DistributionVpcOriginConfig {
         /**
          * Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.
-         *
-         * For more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .
+         *  For more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide*.
          */
         originKeepaliveTimeout?: number;
         /**
-         * Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.
-         *
-         * For more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .
+         * Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.
+         *  For more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*.
          */
         originReadTimeout?: number;
         /**
@@ -15475,17 +15606,20 @@ export declare namespace cloudfront {
          */
         reportUri?: string;
     }
+    /**
+     * An Amazon CloudFront VPC origin endpoint configuration.
+     */
     interface VpcOriginEndpointConfig {
         /**
          * The ARN of the CloudFront VPC origin endpoint configuration.
          */
         arn: string;
         /**
-         * The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is `80` .
+         * The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is ``80``.
          */
         httpPort?: number;
         /**
-         * The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .
+         * The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is ``443``.
          */
         httpsPort?: number;
         /**
@@ -15855,13 +15989,7 @@ export declare namespace codeartifact {
         restrictions: outputs.codeartifact.PackageGroupRestrictions;
     }
     interface PackageGroupRestrictionType {
-        /**
-         * The repositories to add to the allowed repositories list. The allowed repositories list is used when the `RestrictionMode` is set to `ALLOW_SPECIFIC_REPOSITORIES` .
-         */
         repositories?: string[];
-        /**
-         * The package group origin restriction setting. When the value is `INHERIT` , the value is set to the value of the first parent package group which does not have a value of `INHERIT` .
-         */
         restrictionMode: enums.codeartifact.PackageGroupRestrictionTypeRestrictionMode;
     }
     interface PackageGroupRestrictions {
@@ -16579,15 +16707,15 @@ export declare namespace codestarconnections {
 export declare namespace codestarnotifications {
     interface NotificationRuleTarget {
         /**
-         * The Amazon Resource Name (ARN) of the AWS Chatbot topic or AWS Chatbot client.
+         * The Amazon Resource Name (ARN) of the  topic or  client.
          */
         targetAddress: string;
         /**
-         * The target type. Can be an Amazon Simple Notification Service topic or AWS Chatbot client.
+         * The target type. Can be an Amazon Simple Notification Service topic or  client.
          *
          * - Amazon Simple Notification Service topics are specified as `SNS` .
-         * - AWS Chatbot clients are specified as `AWSChatbotSlack` .
-         * - AWS Chatbot clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .
+         * - clients are specified as `AWSChatbotSlack` .
+         * - clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .
          */
         targetType: string;
     }
@@ -19156,13 +19284,7 @@ export declare namespace connectcampaignsv2 {
 }
 export declare namespace controltower {
     interface EnabledBaselineParameter {
-        /**
-         * A string denoting the parameter key.
-         */
         key?: string;
-        /**
-         * A low-level `Document` object of any type (for example, a Java Object).
-         */
         value?: string | any | number | (boolean | number | any | string)[] | boolean;
     }
     interface EnabledControlParameter {
@@ -21204,6 +21326,236 @@ export declare namespace datasync {
     }
 }
 export declare namespace datazone {
+    /**
+     * Athena Properties Input
+     */
+    interface ConnectionAthenaPropertiesInput {
+        workgroupName: string;
+    }
+    /**
+     * Authentication Configuration Input
+     */
+    interface ConnectionAuthenticationConfigurationInput {
+        authenticationType?: enums.datazone.ConnectionAuthenticationType;
+        basicAuthenticationCredentials?: outputs.datazone.ConnectionBasicAuthenticationCredentials;
+        customAuthenticationCredentials?: {
+            [key: string]: string;
+        };
+        kmsKeyArn?: string;
+        oAuth2Properties?: outputs.datazone.ConnectionOAuth2Properties;
+        secretArn?: string;
+    }
+    /**
+     * Authorization Code Properties
+     */
+    interface ConnectionAuthorizationCodeProperties {
+        authorizationCode?: string;
+        redirectUri?: string;
+    }
+    /**
+     * AWS Location of project
+     */
+    interface ConnectionAwsLocation {
+        /**
+         * The access role of a connection.
+         */
+        accessRole?: string;
+        /**
+         * The account ID of a connection.
+         */
+        awsAccountId?: string;
+        /**
+         * The Region of a connection.
+         */
+        awsRegion?: string;
+        /**
+         * The IAM connection ID of a connection.
+         */
+        iamConnectionId?: string;
+    }
+    /**
+     * Basic Authentication Credentials
+     */
+    interface ConnectionBasicAuthenticationCredentials {
+        password?: string;
+        userName?: string;
+    }
+    /**
+     * Glue Connection Input
+     */
+    interface ConnectionGlueConnectionInput {
+        athenaProperties?: {
+            [key: string]: string;
+        };
+        authenticationConfiguration?: outputs.datazone.ConnectionAuthenticationConfigurationInput;
+        connectionProperties?: {
+            [key: string]: string;
+        };
+        connectionType?: string;
+        description?: string;
+        matchCriteria?: string;
+        name?: string;
+        physicalConnectionRequirements?: outputs.datazone.ConnectionPhysicalConnectionRequirements;
+        pythonProperties?: {
+            [key: string]: string;
+        };
+        sparkProperties?: {
+            [key: string]: string;
+        };
+        validateCredentials?: boolean;
+        validateForComputeEnvironments?: string[];
+    }
+    /**
+     * Glue OAuth2 Credentials
+     */
+    interface ConnectionGlueOAuth2Credentials {
+        accessToken?: string;
+        jwtToken?: string;
+        refreshToken?: string;
+        userManagedClientApplicationClientSecret?: string;
+    }
+    /**
+     * Glue Properties Input
+     */
+    interface ConnectionGluePropertiesInput {
+        glueConnectionInput?: outputs.datazone.ConnectionGlueConnectionInput;
+    }
+    /**
+     * HyperPod Properties Input
+     */
+    interface ConnectionHyperPodPropertiesInput {
+        clusterName: string;
+    }
+    /**
+     * IAM Properties Input
+     */
+    interface ConnectionIamPropertiesInput {
+        glueLineageSyncEnabled?: boolean;
+    }
+    /**
+     * Lineage Sync Schedule
+     */
+    interface ConnectionLineageSyncSchedule {
+        schedule?: string;
+    }
+    /**
+     * OAuth2 Client Application
+     */
+    interface ConnectionOAuth2ClientApplication {
+        awsManagedClientApplicationReference?: string;
+        userManagedClientApplicationClientId?: string;
+    }
+    /**
+     * OAuth2 Properties
+     */
+    interface ConnectionOAuth2Properties {
+        authorizationCodeProperties?: outputs.datazone.ConnectionAuthorizationCodeProperties;
+        oAuth2ClientApplication?: outputs.datazone.ConnectionOAuth2ClientApplication;
+        oAuth2Credentials?: outputs.datazone.ConnectionGlueOAuth2Credentials;
+        oAuth2GrantType?: enums.datazone.ConnectionOAuth2GrantType;
+        tokenUrl?: string;
+        tokenUrlParametersMap?: {
+            [key: string]: string;
+        };
+    }
+    /**
+     * Physical Connection Requirements
+     */
+    interface ConnectionPhysicalConnectionRequirements {
+        availabilityZone?: string;
+        securityGroupIdList?: string[];
+        subnetId?: string;
+        subnetIdList?: string[];
+    }
+    interface ConnectionPropertiesInput0Properties {
+        athenaProperties: outputs.datazone.ConnectionAthenaPropertiesInput;
+    }
+    interface ConnectionPropertiesInput1Properties {
+        glueProperties: outputs.datazone.ConnectionGluePropertiesInput;
+    }
+    interface ConnectionPropertiesInput2Properties {
+        hyperPodProperties: outputs.datazone.ConnectionHyperPodPropertiesInput;
+    }
+    interface ConnectionPropertiesInput3Properties {
+        iamProperties: outputs.datazone.ConnectionIamPropertiesInput;
+    }
+    interface ConnectionPropertiesInput4Properties {
+        redshiftProperties: outputs.datazone.ConnectionRedshiftPropertiesInput;
+    }
+    interface ConnectionPropertiesInput5Properties {
+        sparkEmrProperties: outputs.datazone.ConnectionSparkEmrPropertiesInput;
+    }
+    interface ConnectionPropertiesInput6Properties {
+        sparkGlueProperties: outputs.datazone.ConnectionSparkGluePropertiesInput;
+    }
+    interface ConnectionRedshiftCredentials0Properties {
+        secretArn: string;
+    }
+    interface ConnectionRedshiftCredentials1Properties {
+        usernamePassword: outputs.datazone.ConnectionUsernamePassword;
+    }
+    /**
+     * Redshift Lineage Sync Configuration Input
+     */
+    interface ConnectionRedshiftLineageSyncConfigurationInput {
+        enabled?: boolean;
+        schedule?: outputs.datazone.ConnectionLineageSyncSchedule;
+    }
+    /**
+     * Redshift Properties Input
+     */
+    interface ConnectionRedshiftPropertiesInput {
+        credentials?: outputs.datazone.ConnectionRedshiftCredentials0Properties | outputs.datazone.ConnectionRedshiftCredentials1Properties;
+        databaseName?: string;
+        host?: string;
+        lineageSync?: outputs.datazone.ConnectionRedshiftLineageSyncConfigurationInput;
+        port?: number;
+        storage?: outputs.datazone.ConnectionRedshiftStorageProperties0Properties | outputs.datazone.ConnectionRedshiftStorageProperties1Properties;
+    }
+    interface ConnectionRedshiftStorageProperties0Properties {
+        clusterName: string;
+    }
+    interface ConnectionRedshiftStorageProperties1Properties {
+        workgroupName: string;
+    }
+    /**
+     * Spark EMR Properties Input.
+     */
+    interface ConnectionSparkEmrPropertiesInput {
+        computeArn?: string;
+        instanceProfileArn?: string;
+        javaVirtualEnv?: string;
+        logUri?: string;
+        pythonVirtualEnv?: string;
+        runtimeRole?: string;
+        trustedCertificatesS3Uri?: string;
+    }
+    /**
+     * Spark Glue Args.
+     */
+    interface ConnectionSparkGlueArgs {
+        connection?: string;
+    }
+    /**
+     * Spark Glue Properties Input.
+     */
+    interface ConnectionSparkGluePropertiesInput {
+        additionalArgs?: outputs.datazone.ConnectionSparkGlueArgs;
+        glueConnectionName?: string;
+        glueVersion?: string;
+        idleTimeout?: number;
+        javaVirtualEnv?: string;
+        numberOfWorkers?: number;
+        pythonVirtualEnv?: string;
+        workerType?: string;
+    }
+    /**
+     * The username and password to be used for authentication.
+     */
+    interface ConnectionUsernamePassword {
+        password: string;
+        username: string;
+    }
     /**
      * Specifies the configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration or sageMakerRunConfiguration.
      */
@@ -22208,7 +22560,7 @@ export declare namespace dynamodb {
         /**
          * Represents the non-key attribute names which will be projected into the index.
          *
-         * For local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.
+         * For global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.
          */
         nonKeyAttributes?: string[];
         /**
@@ -22747,6 +23099,16 @@ export declare namespace dynamodb {
     }
 }
 export declare namespace ec2 {
+    interface CapacityReservationCapacityAllocation {
+        /**
+         * The usage type. `used` indicates that the instance capacity is in use by instances that are running in the Capacity Reservation.
+         */
+        allocationType?: string;
+        /**
+         * The amount of instance capacity associated with the usage. For example a value of `4` indicates that instance capacity for 4 instances is currently in use.
+         */
+        count?: number;
+    }
     interface CapacityReservationFleetInstanceTypeSpecification {
         /**
          * The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.
@@ -22821,6 +23183,16 @@ export declare namespace ec2 {
          */
         tags?: outputs.ec2.CapacityReservationTag[];
     }
+    interface CommitmentInfoProperties {
+        /**
+         * The date and time at which the commitment duration expires, in the ISO8601 format in the UTC time zone ( `YYYY-MM-DDThh:mm:ss.sssZ` ). You can't decrease the instance count or cancel the Capacity Reservation before this date and time.
+         */
+        commitmentEndDate?: string;
+        /**
+         * The instance capacity that you committed to when you requested the future-dated Capacity Reservation.
+         */
+        committedInstanceCount?: number;
+    }
     /**
      * The CPU options for the instance.
      */
@@ -23077,7 +23449,6 @@ export declare namespace ec2 {
          *
          * - For instance types with FPGA accelerators, specify `fpga` .
          * - For instance types with GPU accelerators, specify `gpu` .
-         * - For instance types with Inference accelerators, specify `inference` .
          *
          * Default: Any accelerator type
          */
@@ -23640,6 +24011,28 @@ export declare namespace ec2 {
          */
         type: string;
     }
+    /**
+     * Specifies the ENA Express settings for the network interface that's attached to the instance.
+     */
+    interface InstanceEnaSrdSpecification {
+        /**
+         * Specifies whether ENA Express is enabled for the network interface when you launch an instance.
+         */
+        enaSrdEnabled?: boolean;
+        /**
+         * Configures ENA Express for UDP network traffic.
+         */
+        enaSrdUdpSpecification?: outputs.ec2.InstanceEnaSrdUdpSpecification;
+    }
+    /**
+     * Contains ENA Express settings for UDP network traffic for the network interface that's attached to the instance.
+     */
+    interface InstanceEnaSrdUdpSpecification {
+        /**
+         * Indicates whether UDP traffic uses ENA Express for your instance.
+         */
+        enaSrdUdpEnabled?: boolean;
+    }
     interface InstanceIpv6Address {
         /**
          * The IPv6 address.
@@ -23687,6 +24080,10 @@ export declare namespace ec2 {
          * The position of the network interface in the attachment order. A primary network interface has a device index of 0.
          */
         deviceIndex: string;
+        /**
+         * Configures ENA Express for UDP network traffic.
+         */
+        enaSrdSpecification?: outputs.ec2.InstanceEnaSrdSpecification;
         /**
          * The IDs of the security groups for the network interface.
          */
@@ -25691,6 +26088,19 @@ export declare namespace ec2 {
          */
         hostnameType?: string;
     }
+    /**
+     * BGP Options
+     */
+    interface RouteServerPeerBgpOptions {
+        /**
+         * BGP ASN of the Route Server Peer
+         */
+        peerAsn?: number;
+        /**
+         * BGP Liveness Detection
+         */
+        peerLivenessDetection?: enums.ec2.RouteServerPeerBgpOptionsPeerLivenessDetection;
+    }
     interface SecurityGroupEgress {
         /**
          * The IPv4 address range, in CIDR format.
@@ -26068,7 +26478,6 @@ export declare namespace ec2 {
          *
          * - For instance types with FPGA accelerators, specify `fpga` .
          * - For instance types with GPU accelerators, specify `gpu` .
-         * - For instance types with Inference accelerators, specify `inference` .
          *
          * Default: Any accelerator type
          */
@@ -27597,7 +28006,6 @@ export declare namespace ecs {
          *  Consider the following when you set this value:
          *   +  When you use ``create-service`` or ``update-service``, the default is ``DISABLED``.
          *   +  When the service ``deploymentController`` is ``ECS``, the value must be ``DISABLED``.
-         *   +  When you use ``create-service`` or ``update-service``, the default is ``ENABLED``.
          */
         assignPublicIp?: enums.ecs.ServiceAwsVpcConfigurationAssignPublicIp;
         /**
@@ -30211,7 +30619,7 @@ export declare namespace elasticloadbalancingv2 {
      */
     interface ListenerMutualAuthentication {
         /**
-         * Indicates whether trust store CA certificate names are advertised. The default value is ``off``.
+         * Indicates whether trust store CA certificate names are advertised.
          */
         advertiseTrustStoreCaNames?: string;
         /**
@@ -30219,7 +30627,7 @@ export declare namespace elasticloadbalancingv2 {
          */
         ignoreClientCertificateExpiry?: boolean;
         /**
-         * The client certificate handling method. The possible values are ``off``, ``passthrough``, and ``verify``. The default value is ``off``.
+         * The client certificate handling method. Options are ``off``, ``passthrough`` or ``verify``. The default value is ``off``.
          */
         mode?: string;
         /**
@@ -33790,7 +34198,7 @@ export declare namespace gamelift {
          * A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.
          *
          * - `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.
-         * - `COST` -- Amazon GameLift Servers prioritizes destinations with the lowest current hosting costs. Cost is evaluated based on the location, instance type, and fleet type (Spot or On-Demand) of each destination in the queue.
+         * - `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).
          * - `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.
          * - `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .
          */
@@ -35812,10 +36220,6 @@ export declare namespace imagebuilder {
          * region
          */
         region: string;
-        /**
-         * The SSM parameter configurations to use for AMI distribution.
-         */
-        ssmParameterConfigurations?: any[];
     }
     /**
      * The Windows faster-launching configuration to use for AMI distribution.
@@ -40220,6 +40624,36 @@ export declare namespace iotsitewise {
          */
         unit?: string;
     }
+    interface DatasetKendraSourceDetail {
+        /**
+         * The knowledgeBaseArn details for the Kendra dataset source.
+         */
+        knowledgeBaseArn: string;
+        /**
+         * The roleARN details for the Kendra dataset source.
+         */
+        roleArn: string;
+    }
+    interface DatasetSource {
+        /**
+         * The details of the dataset source associated with the dataset.
+         */
+        sourceDetail?: outputs.iotsitewise.DatasetSourceDetail;
+        /**
+         * The format of the dataset source associated with the dataset.
+         */
+        sourceFormat: enums.iotsitewise.DatasetSourceSourceFormat;
+        /**
+         * The type of data source for the dataset.
+         */
+        sourceType: enums.iotsitewise.DatasetSourceSourceType;
+    }
+    interface DatasetSourceDetail {
+        /**
+         * Contains details about the Kendra dataset source.
+         */
+        kendra?: outputs.iotsitewise.DatasetKendraSourceDetail;
+    }
     /**
      * Contains a summary of a gateway capability configuration.
      */
@@ -44139,9 +44573,6 @@ export declare namespace kinesisfirehose {
          * The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .
          */
         privateKey?: string;
-        /**
-         * Specifies configuration for Snowflake.
-         */
         processingConfiguration?: outputs.kinesisfirehose.DeliveryStreamProcessingConfiguration;
         /**
          * The time period where Firehose will retry sending data to the chosen HTTP endpoint.
@@ -44658,10 +45089,14 @@ export declare namespace lambda {
     interface EventInvokeConfigDestinationConfig {
         /**
          * The destination configuration for failed invocations.
+         *
+         * > When using an Amazon SQS queue as a destination, FIFO queues cannot be used.
          */
         onFailure?: outputs.lambda.EventInvokeConfigOnFailure;
         /**
          * The destination configuration for successful invocations.
+         *
+         * > When using an Amazon SQS queue as a destination, FIFO queues cannot be used.
          */
         onSuccess?: outputs.lambda.EventInvokeConfigOnSuccess;
     }
@@ -45254,6 +45689,40 @@ export declare namespace lex {
          */
         maxLengthMs: number;
     }
+    /**
+     * Contains information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.
+     */
+    interface BotBedrockModelSpecification {
+        /**
+         * The guardrail configuration in the Bedrock model specification details.
+         */
+        bedrockGuardrailConfiguration?: outputs.lex.BotBedrockModelSpecificationBedrockGuardrailConfigurationProperties;
+        /**
+         * The custom prompt used in the Bedrock model specification details.
+         */
+        bedrockModelCustomPrompt?: string;
+        /**
+         * The Bedrock trace status in the Bedrock model specification details.
+         */
+        bedrockTraceStatus?: enums.lex.BotBedrockModelSpecificationBedrockTraceStatus;
+        /**
+         * The ARN of the foundation model used in descriptive bot building.
+         */
+        modelArn: string;
+    }
+    /**
+     * The guardrail configuration in the Bedrock model specification details.
+     */
+    interface BotBedrockModelSpecificationBedrockGuardrailConfigurationProperties {
+        /**
+         * The unique guardrail id for the Bedrock guardrail configuration.
+         */
+        bedrockGuardrailIdentifier?: string;
+        /**
+         * The guardrail version for the Bedrock guardrail configuration.
+         */
+        bedrockGuardrailVersion?: string;
+    }
     /**
      * A button to use on a response card used to gather slot values from a user.
      */
@@ -45693,6 +46162,7 @@ export declare namespace lex {
          * A unique identifier for the built-in intent to base this intent on.
          */
         parentIntentSignature?: string;
+        qnAIntentConfiguration?: outputs.lex.BotQnAIntentConfiguration;
         /**
          * A sample utterance that invokes an intent or respond to a slot elicitation prompt.
          */
@@ -46033,6 +46503,115 @@ export declare namespace lex {
             [key: string]: outputs.lex.BotPromptAttemptSpecification;
         };
     }
+    /**
+     * Details about the the configuration of the built-in Amazon.QnAIntent.
+     */
+    interface BotQnAIntentConfiguration {
+        bedrockModelConfiguration: outputs.lex.BotBedrockModelSpecification;
+        /**
+         * Contains details about the configuration of the data source used for the AMAZON.QnAIntent.
+         */
+        dataSourceConfiguration: outputs.lex.BotQnAIntentConfigurationDataSourceConfigurationProperties;
+    }
+    /**
+     * Contains details about the configuration of the data source used for the AMAZON.QnAIntent.
+     */
+    interface BotQnAIntentConfigurationDataSourceConfigurationProperties {
+        /**
+         * Contains details about the configuration of a Amazon Bedrock knowledge base.
+         */
+        bedrockKnowledgeStoreConfiguration?: outputs.lex.BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationProperties;
+        kendraConfiguration?: outputs.lex.BotQnAKendraConfiguration;
+        /**
+         * Contains details about the configuration of the Amazon OpenSearch Service database used for the AMAZON.QnAIntent.
+         */
+        opensearchConfiguration?: outputs.lex.BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationProperties;
+    }
+    /**
+     * Contains details about the configuration of a Amazon Bedrock knowledge base.
+     */
+    interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationProperties {
+        /**
+         * The base ARN of the knowledge base used.
+         */
+        bedrockKnowledgeBaseArn?: string;
+        /**
+         * Contains the names of the fields used for an exact response to the user.
+         */
+        bkbExactResponseFields?: outputs.lex.BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationPropertiesBkbExactResponseFieldsProperties;
+        /**
+         * Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.
+         */
+        exactResponse?: boolean;
+    }
+    /**
+     * Contains the names of the fields used for an exact response to the user.
+     */
+    interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationPropertiesBkbExactResponseFieldsProperties {
+        /**
+         * The answer field used for an exact response from Bedrock Knowledge Store.
+         */
+        answerField?: string;
+    }
+    /**
+     * Contains details about the configuration of the Amazon OpenSearch Service database used for the AMAZON.QnAIntent.
+     */
+    interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationProperties {
+        /**
+         * The endpoint of the Amazon OpenSearch Service domain.
+         */
+        domainEndpoint?: string;
+        /**
+         * Specifies whether to return an exact response or to return an answer generated by the model using the fields you specify from the database.
+         */
+        exactResponse?: boolean;
+        /**
+         * Contains the names of the fields used for an exact response to the user.
+         */
+        exactResponseFields?: outputs.lex.BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationPropertiesExactResponseFieldsProperties;
+        /**
+         * List of fields to include
+         */
+        includeFields?: string[];
+        /**
+         * The name of the Amazon OpenSearch Service index.
+         */
+        indexName?: string;
+    }
+    /**
+     * Contains the names of the fields used for an exact response to the user.
+     */
+    interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationPropertiesExactResponseFieldsProperties {
+        /**
+         * The name of the field that contains the answer to the query made to the OpenSearch Service database.
+         */
+        answerField?: string;
+        /**
+         * The name of the field that contains the query made to the OpenSearch Service database.
+         */
+        questionField?: string;
+    }
+    /**
+     * Contains details about the configuration of the Amazon Kendra index used for the AMAZON.QnAIntent.
+     */
+    interface BotQnAKendraConfiguration {
+        /**
+         * Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results.
+         */
+        exactResponse: boolean;
+        /**
+         * The ARN of the Amazon Kendra index to use.
+         */
+        kendraIndex: string;
+        /**
+         * Contains the Amazon Kendra filter string to use if enabled.
+         */
+        queryFilterString?: string;
+        /**
+         * Specifies whether to enable an Amazon Kendra filter string or not.
+         */
+        queryFilterStringEnabled: boolean;
+    }
     /**
      * Parameter used to create a replication of the source bot in the secondary region.
      */
@@ -47031,18 +47610,38 @@ export declare namespace location {
          * - *Map actions*
          *
          * - `geo:GetMap*` - Allows all actions needed for map rendering.
+         * - *Enhanced Maps actions*
+         *
+         * - `geo-maps:GetTile` - Allows getting map tiles for rendering.
+         * - `geo-maps:GetStaticMap` - Allows getting static map images.
          * - *Place actions*
          *
-         * - `geo:SearchPlaceIndexForText` - Allows geocoding.
-         * - `geo:SearchPlaceIndexForPosition` - Allows reverse geocoding.
-         * - `geo:SearchPlaceIndexForSuggestions` - Allows generating suggestions from text.
-         * - `geo:GetPlace` - Allows finding a place by place ID.
+         * - `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.
+         * - `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.
+         * - `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.
+         * - `geo:GetPlace` - Allows getting details of a place.
+         * - *Enhanced Places actions*
+         *
+         * - `geo-places:Autcomplete` - Allows auto-completion of search text.
+         * - `geo-places:Geocode` - Allows finding geo coordinates of a known place.
+         * - `geo-places:GetPlace` - Allows getting details of a place.
+         * - `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.
+         * - `geo-places:SearchNearby` - Allows category based places search around geo coordinates.
+         * - `geo-places:SearchText` - Allows place or address search based on free-form text.
+         * - `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.
          * - *Route actions*
          *
          * - `geo:CalculateRoute` - Allows point to point routing.
-         * - `geo:CalculateRouteMatrix` - Allows calculating a matrix of routes.
+         * - `geo:CalculateRouteMatrix` - Allows matrix routing.
+         * - *Enhanced Routes actions*
+         *
+         * - `geo-routes:CalculateIsolines` - Allows isoline calculation.
+         * - `geo-routes:CalculateRoutes` - Allows point to point routing.
+         * - `geo-routes:CalculateRouteMatrix` - Allows matrix routing.
+         * - `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.
+         * - `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.
          *
-         * > You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `["geo:GetMap*"]` is valid but `["geo:GetMapTile"]` is not. Similarly, you cannot use `["geo:SearchPlaceIndexFor*"]` - you must list each of the Place actions separately.
+         * > You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `["geo:GetMap*"]` is valid but `["geo:GetTile"]` is not. Similarly, you cannot use `["geo:SearchPlaceIndexFor*"]` - you must list each of the Place actions separately.
          */
         allowActions: string[];
         /**
@@ -48415,6 +49014,40 @@ export declare namespace mediaconnect {
          */
         mediaStreamName: string;
     }
+    /**
+     * Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.
+     */
+    interface FlowNdiConfig {
+        /**
+         * A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.
+         */
+        machineName?: string;
+        /**
+         * A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.
+         */
+        ndiDiscoveryServers?: outputs.mediaconnect.FlowNdiDiscoveryServerConfig[];
+        /**
+         * A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.
+         */
+        ndiState?: enums.mediaconnect.FlowNdiConfigNdiState;
+    }
+    /**
+     * Specifies the configuration settings for individual NDI discovery servers. A maximum of 3 servers is allowed.
+     */
+    interface FlowNdiDiscoveryServerConfig {
+        /**
+         * The unique network address of the NDI discovery server.
+         */
+        discoveryServerAddress: string;
+        /**
+         * The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.
+         */
+        discoveryServerPort?: number;
+        /**
+         * The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.
+         */
+        vpcInterfaceAdapter: string;
+    }
     /**
      * The definition of a media stream that is associated with the output.
      */
@@ -51082,9 +51715,9 @@ export declare namespace networkfirewall {
     }
     interface RuleGroupMatchAttributes {
         /**
-         * The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
+         * The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .
          *
-         * You can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` .
+         * This setting is only used for protocols 6 (TCP) and 17 (UDP).
          */
         destinationPorts?: outputs.networkfirewall.RuleGroupPortRange[];
         /**
@@ -51092,13 +51725,15 @@ export declare namespace networkfirewall {
          */
         destinations?: outputs.networkfirewall.RuleGroupAddress[];
         /**
-         * The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.
+         * The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.
          */
         protocols?: number[];
         /**
-         * The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).
+         * The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .
+         *
+         * If not specified, this matches with any source port.
          *
-         * You can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` .
+         * This setting is only used for protocols 6 (TCP) and 17 (UDP).
          */
         sourcePorts?: outputs.networkfirewall.RuleGroupPortRange[];
         /**
@@ -51368,8 +52003,9 @@ export declare namespace networkfirewall {
          */
         destinations?: outputs.networkfirewall.TlsInspectionConfigurationAddress[];
         /**
-         * The protocols to decrypt for inspection, specified using each protocol's assigned internet protocol number
-         * (IANA). Network Firewall currently supports only TCP.
+         * The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.
+         *
+         * Network Firewall currently supports only TCP.
          */
         protocols?: number[];
         /**
@@ -52045,7 +52681,7 @@ export declare namespace nimblestudio {
 export declare namespace oam {
     interface LinkConfiguration {
         /**
-         * Use this structure to filter which log groups are to share log events from this source account to the monitoring account.
+         * Use this structure to filter which log groups are to send log events from the source account to the monitoring account.
          */
         logGroupConfiguration?: outputs.oam.LinkFilter;
         /**
@@ -52054,32 +52690,6 @@ export declare namespace oam {
         metricConfiguration?: outputs.oam.LinkFilter;
     }
     interface LinkFilter {
-        /**
-         * When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account
-         *
-         * When used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.
-         *
-         * Use single quotation marks (') around log group names and metric namespaces.
-         *
-         * The matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .
-         *
-         * - `=` and `!=`
-         * - `AND`
-         * - `OR`
-         * - `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.
-         * - `IN` and `NOT IN` , using parentheses `( )`
-         *
-         * Examples:
-         *
-         * - `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.
-         * - `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.
-         * - `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.
-         * - `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .
-         * - `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .
-         * - `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .
-         *
-         * > If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.
-         */
         filter: string;
     }
 }
@@ -52229,8 +52839,14 @@ export declare namespace opensearchserverless {
         m?: number;
     }
     interface IndexSettings {
+        /**
+         * Index settings.
+         */
         index?: outputs.opensearchserverless.IndexSettingsIndexProperties;
     }
+    /**
+     * Index settings.
+     */
     interface IndexSettingsIndexProperties {
         /**
          * Enable/disable k-nearest neighbor search capability
@@ -52585,25 +53201,25 @@ export declare namespace opensearchservice {
     }
     interface DomainNodeConfig {
         /**
-         * The number of nodes of a particular node type in the cluster.
+         * The number of nodes of a specific type within the cluster.
          */
         count?: number;
         /**
-         * A boolean that indicates whether a particular node type is enabled or not.
+         * A boolean value indicating whether a specific node type is active or inactive.
          */
         enabled?: boolean;
         /**
-         * The instance type of a particular node type in the cluster.
+         * The instance type of a particular node within the cluster.
          */
         type?: string;
     }
     interface DomainNodeOption {
         /**
-         * Container for specifying configuration of any node type.
+         * Configuration options for defining the setup of any node type.
          */
         nodeConfig?: outputs.opensearchservice.DomainNodeConfig;
         /**
-         * Container for node type like coordinating.
+         * Defines the type of node, such as coordinating nodes.
          */
         nodeType?: enums.opensearchservice.DomainNodeOptionNodeType;
     }
@@ -52985,6 +53601,9 @@ export declare namespace paymentcryptography {
 }
 export declare namespace pcaconnectorad {
     interface ConnectorVpcInformation {
+        /**
+         * The VPC IP address type.
+         */
         ipAddressType?: enums.pcaconnectorad.ConnectorVpcInformationIpAddressType;
         /**
          * The security groups used with the connector. You can use a maximum of 4 security groups with a connector.
@@ -73021,7 +73640,7 @@ export declare namespace quicksight {
         /**
          * <p>Calculated columns to create.</p>
          */
-        columns: outputs.quicksight.DataSetCalculatedColumn[];
+        columns?: outputs.quicksight.DataSetCalculatedColumn[];
     }
     /**
      * <p>A physical table type built from the results of the custom SQL query.</p>
@@ -73434,10 +74053,26 @@ export declare namespace quicksight {
          */
         incrementalRefresh: outputs.quicksight.DataSetIncrementalRefresh;
     }
+    interface DataSetRefreshFailureConfiguration {
+        /**
+         * The email alert configuration for a dataset refresh failure.
+         */
+        emailAlert?: outputs.quicksight.DataSetRefreshFailureEmailAlert;
+    }
+    interface DataSetRefreshFailureEmailAlert {
+        /**
+         * The status value that determines if email alerts are sent.
+         */
+        alertStatus?: enums.quicksight.DataSetRefreshFailureAlertStatus;
+    }
     /**
      * <p>The refresh properties of a dataset.</p>
      */
     interface DataSetRefreshProperties {
+        /**
+         * The failure configuration for a dataset.
+         */
+        failureConfiguration?: outputs.quicksight.DataSetRefreshFailureConfiguration;
         /**
          * The refresh configuration for a dataset.
          */
@@ -73479,7 +74114,7 @@ export declare namespace quicksight {
         /**
          * <p>The new name for the column.</p>
          */
-        newColumnName: string;
+        newColumnName?: string;
     }
     /**
      * <p>Permission for the resource.</p>
@@ -73592,11 +74227,11 @@ export declare namespace quicksight {
          *             <p>For files that aren't JSON, only <code>STRING</code> data types are supported in input columns.</p>
          *          </note>
          */
-        inputColumns: outputs.quicksight.DataSetInputColumn[];
+        inputColumns?: outputs.quicksight.DataSetInputColumn[];
         /**
          * Information about the format for the S3 source file or files.
          */
-        uploadSettings?: any;
+        uploadSettings?: outputs.quicksight.DataSetUploadSettings;
     }
     /**
      * <p>A string parameter for a dataset.</p>
@@ -73695,6 +74330,31 @@ export declare namespace quicksight {
          */
         tagNames: enums.quicksight.DataSetColumnTagName[];
     }
+    /**
+     * <p>Information about the format for a source file or files.</p>
+     */
+    interface DataSetUploadSettings {
+        /**
+         * <p>Whether the file has a header row, or the files each have a header row.</p>
+         */
+        containsHeader?: boolean;
+        /**
+         * <p>The delimiter between values in the file.</p>
+         */
+        delimiter?: string;
+        /**
+         * File format.
+         */
+        format?: enums.quicksight.DataSetFileFormat;
+        /**
+         * <p>A row number to start reading data from.</p>
+         */
+        startFromRow?: number;
+        /**
+         * Text qualifier.
+         */
+        textQualifier?: enums.quicksight.DataSetTextQualifier;
+    }
     /**
      * <p>The usage configuration to apply to child datasets that reference this dataset as a source.</p>
      */
@@ -84153,6 +84813,10 @@ export declare namespace redshiftserverless {
          * An array of subnet IDs the workgroup is associated with.
          */
         subnetIds?: string[];
+        /**
+         * The name of the track for the workgroup.
+         */
+        trackName?: string;
         /**
          * The Amazon Resource Name (ARN) that links to the workgroup.
          */
@@ -85278,6 +85942,28 @@ export declare namespace rum {
          */
         status?: enums.rum.AppMonitorCustomEventsStatus;
     }
+    /**
+     * A structure that contains the configuration for how an app monitor can deobfuscate stack traces.
+     */
+    interface AppMonitorDeobfuscationConfiguration {
+        /**
+         * A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.
+         */
+        javaScriptSourceMaps?: outputs.rum.AppMonitorDeobfuscationConfigurationJavaScriptSourceMapsProperties;
+    }
+    /**
+     * A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.
+     */
+    interface AppMonitorDeobfuscationConfigurationJavaScriptSourceMapsProperties {
+        /**
+         * The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.
+         */
+        s3Uri?: string;
+        /**
+         * Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be DISABLED
+         */
+        status: enums.rum.AppMonitorDeobfuscationConfigurationJavaScriptSourceMapsPropertiesStatus;
+    }
     /**
      * A single metric definition
      */
@@ -85760,9 +86446,12 @@ export declare namespace s3 {
          */
         targetObjectKeyFormat?: outputs.s3.BucketTargetObjectKeyFormat;
     }
+    /**
+     * The metadata table configuration of an S3 general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) and [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html).
+     */
     interface BucketMetadataTableConfiguration {
         /**
-         * The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.
+         * The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.
          */
         s3TablesDestination: outputs.s3.BucketS3TablesDestination;
     }
@@ -86261,21 +86950,24 @@ export declare namespace s3 {
          */
         rules: outputs.s3.BucketFilterRule[];
     }
+    /**
+     * The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.
+     */
     interface BucketS3TablesDestination {
         /**
-         * The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the <code>aws_s3_metadata</code> namespace in the destination table bucket.
+         * The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.
          */
         tableArn?: string;
         /**
-         * The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.
+         * The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket.
          */
         tableBucketArn: string;
         /**
-         * The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the <code>aws_s3_metadata</code> namespace in the destination table bucket.
+         * The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.
          */
         tableName: string;
         /**
-         * The table bucket namespace for the metadata table in your metadata table configuration. This value is always <code>aws_s3_metadata</code>.
+         * The table bucket namespace for the metadata table in your metadata table configuration. This value is always ``aws_s3_metadata``.
          */
         tableNamespace?: string;
     }
@@ -94257,7 +94949,7 @@ export declare namespace ssmincidents {
      */
     interface ResponsePlanChatChannel {
         /**
-         * The Amazon SNS targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics
+         * The Amazon SNS targets that  uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics
          */
         chatbotSns?: string[];
     }
@@ -94512,7 +95204,7 @@ export declare namespace ssmquicksetup {
          * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.
          * - `TargetRegions`
          *
-         * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.
+         * - Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .
          * - **DevOps Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`
          *
          * - Description: (Optional) A boolean value that determines whether DevOps Guru analyzes all AWS CloudFormation stacks in the account. The default value is " `false` ".
@@ -94632,7 +95324,10 @@ export declare namespace ssmquicksetup {
          * - Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy.
          * - `PatchBaselineUseDefault`
          *
-         * - Description: (Optional) A boolean value that determines whether the selected patch baselines are all AWS provided.
+         * - Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` .
+         * - `PatchBaselineRegion`
+         *
+         * - Description: (Required) The AWS Region where the patch baseline exist.
          * - `ConfigurationOptionsPatchOperation`
          *
          * - Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` .
@@ -95059,6 +95754,26 @@ export declare namespace synthetics {
     }
 }
 export declare namespace systemsmanagersap {
+    interface ApplicationComponentInfo {
+        /**
+         * This string is the type of the component.
+         *
+         * Accepted value is `WD` .
+         */
+        componentType?: enums.systemsmanagersap.ApplicationComponentInfoComponentType;
+        /**
+         * This is the Amazon EC2 instance on which your SAP component is running.
+         *
+         * Accepted values are alphanumeric.
+         */
+        ec2InstanceId?: string;
+        /**
+         * This string is the SAP System ID of the component.
+         *
+         * Accepted values are alphanumeric.
+         */
+        sid?: string;
+    }
     interface ApplicationCredential {
         /**
          * The type of the application credentials.
@@ -96281,6 +96996,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * The options for oversize handling are the following:
          *
@@ -96516,6 +97232,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * For information about how to handle oversized request bodies, see the `Body` object configuration.
          */
@@ -96559,6 +97276,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * For information about how to handle oversized request bodies, see the `JsonBody` object configuration.
          */
@@ -96583,6 +97301,12 @@ export declare namespace wafv2 {
          * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
          */
         singleQueryArgument?: outputs.wafv2.RuleGroupFieldToMatchSingleQueryArgumentProperties;
+        /**
+         * Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.
+         *
+         * Only the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.
+         */
+        uriFragment?: outputs.wafv2.RuleGroupUriFragment;
         /**
          * The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
          */
@@ -96793,6 +97517,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * The options for oversize handling are the following:
          *
@@ -97373,6 +98098,25 @@ export declare namespace wafv2 {
          */
         type: enums.wafv2.RuleGroupTextTransformationType;
     }
+    /**
+     * The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction
+     */
+    interface RuleGroupUriFragment {
+        /**
+         * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:
+         *
+         * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.
+         * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.
+         * - `NO_MATCH` - Treat the web request as not matching the rule statement.
+         *
+         * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.
+         *
+         * Example JSON: `{ "UriFragment": { "FallbackBehavior": "MATCH"} }`
+         *
+         * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .
+         */
+        fallbackBehavior?: enums.wafv2.RuleGroupUriFragmentFallbackBehavior;
+    }
     /**
      * Visibility Metric of the RuleGroup.
      */
@@ -97548,6 +98292,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * The options for oversize handling are the following:
          *
@@ -97768,6 +98513,18 @@ export declare namespace wafv2 {
          */
         contentType: enums.wafv2.WebAclResponseContentType;
     }
+    interface WebAclDataProtect {
+        action: enums.wafv2.WebAclDataProtectionAction;
+        excludeRateBasedDetails?: boolean;
+        excludeRuleMatchDetails?: boolean;
+        field: outputs.wafv2.WebAclFieldToProtect;
+    }
+    interface WebAclDataProtectionConfig {
+        /**
+         * An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects.
+         */
+        dataProtections: outputs.wafv2.WebAclDataProtect[];
+    }
     /**
      * Default Action WebACL will take against ingress traffic when there is no matching Rule.
      */
@@ -97817,6 +98574,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * For information about how to handle oversized request bodies, see the `Body` object configuration.
          */
@@ -97860,6 +98618,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * For information about how to handle oversized request bodies, see the `JsonBody` object configuration.
          */
@@ -97884,6 +98643,12 @@ export declare namespace wafv2 {
          * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
          */
         singleQueryArgument?: outputs.wafv2.WebAclFieldToMatchSingleQueryArgumentProperties;
+        /**
+         * Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.
+         *
+         * Only the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.
+         */
+        uriFragment?: outputs.wafv2.WebAclUriFragment;
         /**
          * The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
          */
@@ -97905,6 +98670,19 @@ export declare namespace wafv2 {
     interface WebAclFieldToMatchSingleQueryArgumentProperties {
         name: string;
     }
+    /**
+     * Field in log to protect.
+     */
+    interface WebAclFieldToProtect {
+        /**
+         * List of field keys to protect
+         */
+        fieldKeys?: string[];
+        /**
+         * Field type to protect
+         */
+        fieldType: enums.wafv2.WebAclFieldToProtectFieldType;
+    }
     interface WebAclForwardedIpConfiguration {
         /**
          * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.
@@ -98094,6 +98872,7 @@ export declare namespace wafv2 {
          *
          * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
          * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
+         * - For AWS Amplify , use the CloudFront limit.
          *
          * The options for oversize handling are the following:
          *
@@ -99038,6 +99817,25 @@ export declare namespace wafv2 {
          */
         type: enums.wafv2.WebAclTextTransformationType;
     }
+    /**
+     * The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction
+     */
+    interface WebAclUriFragment {
+        /**
+         * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:
+         *
+         * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.
+         * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.
+         * - `NO_MATCH` - Treat the web request as not matching the rule statement.
+         *
+         * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.
+         *
+         * Example JSON: `{ "UriFragment": { "FallbackBehavior": "MATCH"} }`
+         *
+         * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .
+         */
+        fallbackBehavior?: enums.wafv2.WebAclUriFragmentFallbackBehavior;
+    }
     /**
      * Visibility Metric of the WebACL.
      */