@pulumi/aws-native 1.35.0-alpha.1758168011 → 1.35.0

package/types/output.d.ts

@@ -877,7 +877,7 @@ export declare namespace amplify {
     }
     interface DomainCertificate {
         /**
-         * The Amazon resource name (ARN) for a custom certificate that you have already added to AWS Certificate Manager in your AWS account .
+         * The Amazon resource name (ARN) for a custom certificate that you have already added to Certificate Manager in your AWS account .
          *
          * This field is required only when the certificate type is `CUSTOM` .
          */
@@ -887,7 +887,7 @@ export declare namespace amplify {
          *
          * Specify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.
          *
-         * Specify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .
+         * Specify `CUSTOM` to use your own certificate that you have already added to Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .
          */
         certificateType?: enums.amplify.DomainCertificateCertificateType;
         /**
@@ -901,11 +901,11 @@ export declare namespace amplify {
          *
          * Specify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.
          *
-         * Specify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .
+         * Specify `CUSTOM` to use your own certificate that you have already added to Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .
          */
         certificateType?: enums.amplify.DomainCertificateSettingsCertificateType;
         /**
-         * The Amazon resource name (ARN) for the custom certificate that you have already added to AWS Certificate Manager in your AWS account .
+         * The Amazon resource name (ARN) for the custom certificate that you have already added to Certificate Manager in your AWS account .
          *
          * This field is required only when the certificate type is `CUSTOM` .
          */
@@ -6150,6 +6150,33 @@ export declare namespace appsync {
     }
 }
 export declare namespace aps {
+    /**
+     * Represents a cloudwatch logs destination for scraper logging
+     */
+    interface ScraperCloudWatchLogDestination {
+        /**
+         * ARN of the CloudWatch log group
+         */
+        logGroupArn?: string;
+    }
+    interface ScraperComponent {
+        /**
+         * The configuration settings for the scraper component.
+         */
+        config?: outputs.aps.ScraperComponentConfig;
+        /**
+         * The type of the scraper component.
+         */
+        type: enums.aps.ScraperComponentType;
+    }
+    interface ScraperComponentConfig {
+        /**
+         * Configuration options for the scraper component.
+         */
+        options?: {
+            [key: string]: string;
+        };
+    }
     /**
      * Scraper metrics destination
      */
@@ -6168,6 +6195,22 @@ export declare namespace aps {
          */
         workspaceArn: string;
     }
+    /**
+     * Configuration for scraper logging
+     */
+    interface ScraperLoggingConfiguration {
+        loggingDestination: outputs.aps.ScraperLoggingDestination;
+        scraperComponents: outputs.aps.ScraperComponent[];
+    }
+    /**
+     * Destination for scraper logging
+     */
+    interface ScraperLoggingDestination {
+        /**
+         * The CloudWatch Logs configuration for the scraper logging destination.
+         */
+        cloudWatchLogs?: outputs.aps.ScraperCloudWatchLogDestination;
+    }
     /**
      * Role configuration
      */
@@ -8856,6 +8899,8 @@ export declare namespace batch {
          *
          * - **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.
          *
+         * > AWS will end support for Amazon ECS optimized AL2-optimized and AL2-accelerated AMIs. Starting in January 2026, AWS Batch will change the default AMI for new Amazon ECS compute environments from Amazon Linux 2 to Amazon Linux 2023. We recommend migrating AWS Batch Amazon ECS compute environments to Amazon Linux 2023 to maintain optimal performance and security. For more information on upgrading from AL2 to AL2023, see [How to migrate from ECS AL2 to ECS AL2023](https://docs.aws.amazon.com/batch/latest/userguide/ecs-migration-2023.html) in the *AWS Batch User Guide* .
+         *
          * - **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.
          * - **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.
          * - **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.
@@ -8864,7 +8909,6 @@ export declare namespace batch {
          * - **ECS_AL2023_NVIDIA** - [Amazon Linux 2023 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : For all GPU instance families and can be used for all non AWS Graviton-based instance types.
          *
          * > ECS_AL2023_NVIDIA doesn't support `p3` and `g3` instance types.
-         * - **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .
          * - **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.
          *
          * > Starting end of October 2025 Amazon EKS optimized Amazon Linux 2023 AMIs will be the default on AWS Batch for EKS versions prior to 1.33. Starting from Kubernetes version 1.33, EKS optimized Amazon Linux 2023 AMIs will be the default when it becomes supported on AWS Batch .
@@ -12725,6 +12769,19 @@ export declare namespace bedrock {
         bedrockRerankingConfiguration?: outputs.bedrock.FlowVersionVectorSearchBedrockRerankingConfiguration;
         type: enums.bedrock.FlowVersionVectorSearchRerankingConfigurationType;
     }
+    /**
+     * Optional configuration for integrating Automated Reasoning policies with the guardrail.
+     */
+    interface GuardrailAutomatedReasoningPolicyConfig {
+        /**
+         * The confidence threshold for triggering guardrail actions based on Automated Reasoning policy violations.
+         */
+        confidenceThreshold?: number;
+        /**
+         * The list of Automated Reasoning policy ARNs to include in the guardrail configuration
+         */
+        policies: string[];
+    }
     /**
      * Content filter config in content policy.
      */
@@ -14282,6 +14339,63 @@ export declare namespace bedrock {
         name: string;
     }
 }
+export declare namespace bedrockagentcore {
+    /**
+     * Network configuration for browser
+     */
+    interface BrowserCustomBrowserNetworkConfiguration {
+        networkMode: enums.bedrockagentcore.BrowserCustomBrowserNetworkMode;
+    }
+    /**
+     * Recording configuration for browser
+     */
+    interface BrowserCustomRecordingConfig {
+        enabled?: boolean;
+        s3Location?: outputs.bedrockagentcore.BrowserCustomS3Location;
+    }
+    /**
+     * S3 Location Configuration
+     */
+    interface BrowserCustomS3Location {
+        bucket: string;
+        prefix: string;
+    }
+    /**
+     * Network configuration for code interpreter
+     */
+    interface CodeInterpreterCustomCodeInterpreterNetworkConfiguration {
+        networkMode: enums.bedrockagentcore.CodeInterpreterCustomCodeInterpreterNetworkMode;
+    }
+    interface RuntimeAgentRuntimeArtifact {
+        containerConfiguration?: outputs.bedrockagentcore.RuntimeContainerConfiguration;
+    }
+    /**
+     * Configuration for the authorizer
+     */
+    interface RuntimeAuthorizerConfiguration {
+        customJwtAuthorizer?: outputs.bedrockagentcore.RuntimeCustomJwtAuthorizerConfiguration;
+    }
+    interface RuntimeContainerConfiguration {
+        containerUri: string;
+    }
+    /**
+     * Configuration for custom JWT authorizer
+     */
+    interface RuntimeCustomJwtAuthorizerConfiguration {
+        allowedAudience?: string[];
+        allowedClients?: string[];
+        discoveryUrl: string;
+    }
+    interface RuntimeNetworkConfiguration {
+        networkMode: enums.bedrockagentcore.RuntimeNetworkMode;
+    }
+    /**
+     * Configuration for workload identity
+     */
+    interface RuntimeWorkloadIdentityDetails {
+        workloadIdentityArn: string;
+    }
+}
 export declare namespace billing {
     /**
      * See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .
@@ -18792,7 +18906,7 @@ export declare namespace cognito {
     }
     interface UserPoolDomainCustomDomainConfigType {
         /**
-         * The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
+         * The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
          */
         certificateArn?: string;
     }
@@ -20262,6 +20376,12 @@ export declare namespace connect {
          */
         behaviorType: enums.connect.RoutingProfileBehaviorType;
     }
+    /**
+     * Contains information about the manual assignment queue and channel
+     */
+    interface RoutingProfileManualAssignmentQueueConfig {
+        queueReference: outputs.connect.RoutingProfileQueueReference;
+    }
     /**
      * Contains information about which channels are supported, and how many contacts an agent can have on a channel simultaneously.
      */
@@ -25107,7 +25227,7 @@ export declare namespace dynamodb {
         attributeType: string;
     }
     /**
-     * The settings used to enable or disable CloudWatch Contributor Insights.
+     * Configures contributor insights settings for a table or one of its indexes.
      */
     interface TableContributorInsightsSpecification {
         /**
@@ -25115,7 +25235,7 @@ export declare namespace dynamodb {
          */
         enabled: boolean;
         /**
-         * Specifies the CloudWatch Contributor Insights mode for a table. Valid values are `ACCESSED_AND_THROTTLED_KEYS` (tracks all access and throttled events) or `THROTTLED_KEYS` (tracks only throttled events). This setting determines what type of contributor insights data is collected for the table.
+         * Specifies the CloudWatch Contributor Insights mode for a table. Valid values are ``ACCESSED_AND_THROTTLED_KEYS`` (tracks all access and throttled events) or ``THROTTLED_KEYS`` (tracks only throttled events). This setting determines what type of contributor insights data is collected for the table.
          */
         mode?: enums.dynamodb.TableContributorInsightsSpecificationMode;
     }
@@ -25137,7 +25257,7 @@ export declare namespace dynamodb {
      */
     interface TableGlobalSecondaryIndex {
         /**
-         * The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.
+         * The settings used to specify whether to enable CloudWatch Contributor Insights for the global table and define which events to monitor.
          */
         contributorInsightsSpecification?: outputs.dynamodb.TableContributorInsightsSpecification;
         /**
@@ -25378,7 +25498,8 @@ export declare namespace dynamodb {
     interface TableStreamSpecification {
         /**
          * Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.
-         *  In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
+         *   When you remove the ``StreamSpecification`` property from the template, DynamoDB disables the stream but retains any attached resource policy until the stream is deleted after 24 hours. When you modify the ``StreamViewType`` property, DynamoDB creates a new stream and retains the old stream's resource policy. The old stream and its resource policy are deleted after the 24-hour retention period.
+         *   In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
          */
         resourcePolicy?: outputs.dynamodb.TableResourcePolicy;
         /**
@@ -28394,10 +28515,6 @@ export declare namespace ec2 {
          */
         sourcePortRange?: outputs.ec2.NetworkInsightsPathFilterPortRange;
     }
-    /**
-     * ENA Express uses AWS Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances. With ENA Express, you can communicate between two EC2 instances in the same subnet within the same account, or in different accounts. Both sending and receiving instances must have ENA Express enabled.
-     *  To improve the reliability of network packet delivery, ENA Express reorders network packets on the receiving end by default. However, some UDP-based applications are designed to handle network packets that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express is enabled, you can specify whether UDP network traffic uses it.
-     */
     interface NetworkInterfaceAttachmentEnaSrdSpecification {
         /**
          * Indicates whether ENA Express is enabled for the network interface.
@@ -30891,6 +31008,12 @@ export declare namespace ecs {
      *  For more information, see [Lifecycle hooks for Amazon ECS service deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-lifecycle-hooks.html) in the *Amazon Elastic Container Service Developer Guide*.
      */
     interface ServiceDeploymentLifecycleHook {
+        /**
+         * Use this field to specify custom parameters that Amazon ECS passes to your hook target invocations (such as a Lambda function).
+         *
+         * This field must be a JSON object as a string.
+         */
+        hookDetails?: any;
         /**
          * The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.
          *  You must provide this parameter when configuring a deployment lifecycle hook.
@@ -30949,13 +31072,16 @@ export declare namespace ecs {
          */
         tags?: outputs.ecs.ServiceTag[];
     }
+    /**
+     * Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination (``my_image:latest``) or to roll Fargate tasks onto a newer platform version.
+     */
     interface ServiceForceNewDeployment {
         /**
-         * Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination ( `my_image:latest` ) or to roll Fargate tasks onto a newer platform version.
+         * Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination (``my_image:latest``) or to roll Fargate tasks onto a newer platform version.
          */
         enableForceNewDeployment: boolean;
         /**
-         * When you change the `ForceNewDeploymentNonce` value in your template, it signals Amazon ECS to start a new deployment even though no other service parameters have changed. The value must be a unique, time- varying value like a timestamp, random string, or sequence number. Use this property when you want to ensure your tasks pick up the latest version of a Docker image that uses the same tag but has been updated in the registry.
+         * When you change the``ForceNewDeploymentNonce`` value in your template, it signals ECS to start a new deployment even though no other service parameters have changed. The value must be a unique, time- varying value like a timestamp, random string, or sequence number. Use this property when you want to ensure your tasks pick up the latest version of a Docker image that uses the same tag but has been updated in the registry.
          */
         forceNewDeploymentNonce?: string;
     }
@@ -35503,8 +35629,22 @@ export declare namespace evs {
         expansionVlan2: outputs.evs.EnvironmentInitialVlanInfo;
         /**
          * The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.
+         *
+         * If you plan to use a public HCX VLAN subnet, the following requirements must be met:
+         *
+         * - Must have a /28 netmask and be allocated from the IPAM public pool. Required for HCX internet access configuration.
+         * - The HCX public VLAN CIDR block must be added to the VPC as a secondary CIDR block.
+         * - Must have at least two Elastic IP addresses to be allocated from the public IPAM pool for HCX components.
          */
         hcx: outputs.evs.EnvironmentInitialVlanInfo;
+        /**
+         * A unique ID for a network access control list that the HCX VLAN uses. Required when `isHcxPublic` is set to `true` .
+         */
+        hcxNetworkAclId?: string;
+        /**
+         * Determines if the HCX VLAN that Amazon EVS provisions is public or private.
+         */
+        isHcxPublic?: boolean;
         /**
          * The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.
          */
@@ -55444,13 +55584,13 @@ export declare namespace networkfirewall {
     }
     interface TlsInspectionConfigurationServerCertificate {
         /**
-         * The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.
+         * The Amazon Resource Name (ARN) of the Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.
          */
         resourceArn?: string;
     }
     interface TlsInspectionConfigurationServerCertificateConfiguration {
         /**
-         * The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.
+         * The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within Certificate Manager (ACM) to use for outbound SSL/TLS inspection.
          *
          * The following limitations apply:
          *
@@ -55459,7 +55599,7 @@ export declare namespace networkfirewall {
          *
          * For more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .
          *
-         * For information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .
+         * For information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *Certificate Manager User Guide* .
          */
         certificateAuthorityArn?: string;
         /**
@@ -56188,6 +56328,47 @@ export declare namespace odb {
          */
         email?: string;
     }
+    /**
+     * The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.
+     */
+    interface CloudExadataInfrastructureMaintenanceWindow {
+        /**
+         * The timeout duration for custom actions in minutes.
+         */
+        customActionTimeoutInMins?: number;
+        /**
+         * The days of the week when maintenance can be performed.
+         */
+        daysOfWeek?: enums.odb.CloudExadataInfrastructureMaintenanceWindowDaysOfWeekItem[];
+        /**
+         * The hours of the day when maintenance can be performed.
+         */
+        hoursOfDay?: number[];
+        /**
+         * Indicates whether custom action timeout is enabled.
+         */
+        isCustomActionTimeoutEnabled?: boolean;
+        /**
+         * The lead time in weeks before the maintenance window.
+         */
+        leadTimeInWeeks?: number;
+        /**
+         * The months when maintenance can be performed.
+         */
+        months?: enums.odb.CloudExadataInfrastructureMaintenanceWindowMonthsItem[];
+        /**
+         * The patching mode for the maintenance window.
+         */
+        patchingMode?: string;
+        /**
+         * The preference for the maintenance window scheduling.
+         */
+        preference?: string;
+        /**
+         * The weeks of the month when maintenance can be performed.
+         */
+        weeksOfMonth?: number[];
+    }
     /**
      * Information about the data collection options enabled for a VM cluster.
      */
@@ -56205,6 +56386,178 @@ export declare namespace odb {
          */
         isIncidentLogsEnabled?: boolean;
     }
+    /**
+     * A DbNode is a virtual machine that hosts Oracle database instances and provides access to shared storage servers within a VM Cluster
+     */
+    interface CloudVmClusterDbNode {
+        /**
+         * The Oracle Cloud ID (OCID) of the backup IP address that's associated with the DB node.
+         */
+        backupIpId?: string;
+        /**
+         * The OCID of the second backup virtual network interface card (VNIC) for the DB node.
+         */
+        backupVnic2Id?: string;
+        /**
+         * The number of CPU cores enabled on the DB node.
+         */
+        cpuCoreCount?: number;
+        /**
+         * The Amazon Resource Name (ARN) of the DB node.
+         */
+        dbNodeArn?: string;
+        /**
+         * The unique identifier of the DB node.
+         */
+        dbNodeId?: string;
+        /**
+         * The amount of local node storage, in gigabytes (GB), that's allocated on the DB node.
+         */
+        dbNodeStorageSizeInGbs?: number;
+        /**
+         * The unique identifier of the database server that's associated with the DB node.
+         */
+        dbServerId: string;
+        /**
+         * The OCID of the DB system.
+         */
+        dbSystemId?: string;
+        /**
+         * The OCID of the host IP address that's associated with the DB node.
+         */
+        hostIpId?: string;
+        /**
+         * The host name for the DB node.
+         */
+        hostname?: string;
+        /**
+         * The amount of memory, in gigabytes (GB), that allocated on the DB node.
+         */
+        memorySizeInGbs?: number;
+        /**
+         * The OCID of the DB node.
+         */
+        ocid?: string;
+        /**
+         * The current status of the DB node.
+         */
+        status?: string;
+        tags?: outputs.odb.CloudVmClusterTag[];
+        /**
+         * The OCID of the second VNIC.
+         */
+        vnic2Id?: string;
+        /**
+         * The OCID of the VNIC.
+         */
+        vnicId?: string;
+    }
+    /**
+     * A key-value pair to associate with a resource.
+     */
+    interface CloudVmClusterTag {
+        /**
+         * The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., :, /, =, +, @, -, and ".
+         */
+        key: string;
+        /**
+         * The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+         */
+        value?: string;
+    }
+    /**
+     * The managed services configuration for the ODB network.
+     */
+    interface OdbNetworkManagedServices {
+        /**
+         * The managed Amazon S3 backup access configuration.
+         */
+        managedS3BackupAccess?: outputs.odb.OdbNetworkManagedServicesManagedS3BackupAccessProperties;
+        /**
+         * The IPv4 CIDR blocks for the managed services.
+         */
+        managedServicesIpv4Cidrs?: string[];
+        /**
+         * The Amazon Resource Name (ARN) of the resource gateway.
+         */
+        resourceGatewayArn?: string;
+        /**
+         * The Amazon S3 access configuration.
+         */
+        s3Access?: outputs.odb.OdbNetworkManagedServicesS3AccessProperties;
+        /**
+         * The Amazon Resource Name (ARN) of the service network.
+         */
+        serviceNetworkArn?: string;
+        /**
+         * The service network endpoint configuration.
+         */
+        serviceNetworkEndpoint?: outputs.odb.OdbNetworkManagedServicesServiceNetworkEndpointProperties;
+        /**
+         * The Zero-ETL access configuration.
+         */
+        zeroEtlAccess?: outputs.odb.OdbNetworkManagedServicesZeroEtlAccessProperties;
+    }
+    /**
+     * The managed Amazon S3 backup access configuration.
+     */
+    interface OdbNetworkManagedServicesManagedS3BackupAccessProperties {
+        /**
+         * The IPv4 addresses for the managed Amazon S3 backup access.
+         */
+        ipv4Addresses?: string[];
+        /**
+         * The status of the managed Amazon S3 backup access.
+         */
+        status?: enums.odb.OdbNetworkManagedResourceStatus;
+    }
+    /**
+     * The Amazon S3 access configuration.
+     */
+    interface OdbNetworkManagedServicesS3AccessProperties {
+        /**
+         * The domain name for the Amazon S3 access.
+         */
+        domainName?: string;
+        /**
+         * The IPv4 addresses for the Amazon S3 access.
+         */
+        ipv4Addresses?: string[];
+        /**
+         * The endpoint policy for the Amazon S3 access.
+         */
+        s3PolicyDocument?: string;
+        /**
+         * The status of the Amazon S3 access.
+         */
+        status?: enums.odb.OdbNetworkManagedResourceStatus;
+    }
+    /**
+     * The service network endpoint configuration.
+     */
+    interface OdbNetworkManagedServicesServiceNetworkEndpointProperties {
+        /**
+         * The identifier of the VPC endpoint.
+         */
+        vpcEndpointId?: string;
+        /**
+         * The type of the VPC endpoint.
+         */
+        vpcEndpointType?: enums.odb.OdbNetworkManagedServicesServiceNetworkEndpointPropertiesVpcEndpointType;
+    }
+    /**
+     * The Zero-ETL access configuration.
+     */
+    interface OdbNetworkManagedServicesZeroEtlAccessProperties {
+        /**
+         * The CIDR block for the Zero-ETL access.
+         */
+        cidr?: string;
+        /**
+         * The status of the Zero-ETL access.
+         */
+        status?: enums.odb.OdbNetworkManagedResourceStatus;
+    }
 }
 export declare namespace omics {
     interface AnnotationStoreReferenceItem {
@@ -56390,7 +56743,7 @@ export declare namespace opensearchserverless {
         /**
          * The k-NN search engine to use
          */
-        engine: enums.opensearchserverless.IndexPropertyMappingMethodPropertiesEngine;
+        engine?: enums.opensearchserverless.IndexPropertyMappingMethodPropertiesEngine;
         /**
          * The algorithm name for k-NN search
          */
@@ -56451,6 +56804,19 @@ export declare namespace opensearchserverless {
             [key: string]: outputs.opensearchserverless.IndexPropertyMapping;
         };
     }
+    /**
+     * Describe IAM federation options in form of key value map
+     */
+    interface SecurityConfigIamFederationConfigOptions {
+        /**
+         * Group attribute for this IAM federation integration
+         */
+        groupAttribute?: string;
+        /**
+         * User attribute for this IAM federation integration
+         */
+        userAttribute?: string;
+    }
     /**
      * Describes IAM Identity Center options for an OpenSearch Serverless security configuration in the form of a key-value map
      */
@@ -56692,7 +57058,7 @@ export declare namespace opensearchservice {
          */
         customEndpoint?: string;
         /**
-         * The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
+         * The Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
          */
         customEndpointCertificateArn?: string;
         /**
@@ -68393,7 +68759,13 @@ export declare namespace quicksight {
         arcThickness?: enums.quicksight.DashboardArcThickness;
     }
     interface DashboardAssetOptions {
+        /**
+         * A list of dataset ARNS to exclude from Dashboard Q&A.
+         */
         excludedDataSetArns?: string[];
+        /**
+         * Determines whether insight summaries from Amazon Q Business are allowed in Dashboard Q&A.
+         */
         qBusinessInsightsStatus?: enums.quicksight.DashboardQBusinessInsightsStatus;
         /**
          * Determines the timezone for the analysis.
@@ -69885,6 +70257,9 @@ export declare namespace quicksight {
         availabilityStatus?: enums.quicksight.DashboardBehavior;
     }
     interface DashboardDataQaEnabledOption {
+        /**
+         * The status of the Data Q&A option on the dashboard.
+         */
         availabilityStatus?: enums.quicksight.DashboardBehavior;
     }
     interface DashboardDataSetIdentifierDeclaration {
@@ -69910,6 +70285,9 @@ export declare namespace quicksight {
          */
         dataSetPlaceholder: string;
     }
+    interface DashboardDataStoriesSharingOption {
+        availabilityStatus?: enums.quicksight.DashboardBehavior;
+    }
     interface DashboardDateAxisOptions {
         /**
          * Determines whether or not missing dates are displayed.
@@ -70479,6 +70857,9 @@ export declare namespace quicksight {
          */
         status?: enums.quicksight.DashboardWidgetStatus;
     }
+    interface DashboardExecutiveSummaryOption {
+        availabilityStatus?: enums.quicksight.DashboardBehavior;
+    }
     interface DashboardExplicitHierarchy {
         /**
          * The list of columns that define the explicit hierarchy.
@@ -74456,7 +74837,12 @@ export declare namespace quicksight {
          * The data point tool tip options of a dashboard.
          */
         dataPointTooltipOption?: outputs.quicksight.DashboardDataPointTooltipOption;
+        /**
+         * Adds Q&A capabilities to an Amazon QuickSight dashboard. If no topic is linked, Dashboard Q&A uses the data values that are rendered on the dashboard. End users can use Dashboard Q&A to ask for different slices of the data that they see on the dashboard. If a topic is linked, Topic Q&A is used.
+         */
         dataQaEnabledOption?: outputs.quicksight.DashboardDataQaEnabledOption;
+        dataStoriesSharingOption?: outputs.quicksight.DashboardDataStoriesSharingOption;
+        executiveSummaryOption?: outputs.quicksight.DashboardExecutiveSummaryOption;
         /**
          * Export to .csv option.
          */
@@ -99483,29 +99869,56 @@ export declare namespace smsvoice {
      * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. Keywords "HELP" and "STOP" are mandatory keywords
      */
     interface MandatoryKeywordsProperties {
+        /**
+         * Specifies the pool's `HELP` keyword. For more information, see [Opt out list required keywords](https://docs.aws.amazon.com/sms-voice/latest/userguide/opt-out-list-keywords.html) in the End User Messaging  User Guide.
+         */
         help: outputs.smsvoice.PoolMandatoryKeyword;
+        /**
+         * Specifies the pool's opt-out keyword. For more information, see [Required opt-out keywords](https://docs.aws.amazon.com/sms-voice/latest/userguide/keywords-required.html) in the End User Messaging  User Guide.
+         */
         stop: outputs.smsvoice.PoolMandatoryKeyword;
     }
     /**
      * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message.
      */
     interface PhoneNumberOptionalKeyword {
+        /**
+         * The action to perform when the keyword is used.
+         */
         action: enums.smsvoice.PhoneNumberOptionalKeywordAction;
+        /**
+         * The new keyword to add.
+         */
         keyword: string;
+        /**
+         * The message associated with the keyword.
+         */
         message: string;
     }
     /**
      * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. Keywords "HELP" and "STOP" are mandatory keywords
      */
     interface PoolMandatoryKeyword {
+        /**
+         * The message associated with the keyword.
+         */
         message: string;
     }
     /**
      * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message.
      */
     interface PoolOptionalKeyword {
+        /**
+         * The action to perform when the keyword is used.
+         */
         action: enums.smsvoice.PoolOptionalKeywordAction;
+        /**
+         * The new keyword to add.
+         */
         keyword: string;
+        /**
+         * The message associated with the keyword.
+         */
         message: string;
     }
     interface ProtectConfigurationCountryRule {
@@ -99519,8 +99932,17 @@ export declare namespace smsvoice {
         protectStatus: enums.smsvoice.ProtectConfigurationCountryRuleProtectStatus;
     }
     interface ProtectConfigurationCountryRuleSet {
+        /**
+         * The set of `CountryRule` s to control which destination countries End User Messaging  can send your MMS messages to.
+         */
         mms?: outputs.smsvoice.ProtectConfigurationCountryRule[];
+        /**
+         * The set of `CountryRule` s to control which destination countries End User Messaging  can send your SMS messages to.
+         */
         sms?: outputs.smsvoice.ProtectConfigurationCountryRule[];
+        /**
+         * The set of `CountryRule` s to control which destination countries End User Messaging  can send your VOICE messages to.
+         */
         voice?: outputs.smsvoice.ProtectConfigurationCountryRule[];
     }
     /**
@@ -106051,16 +106473,21 @@ export declare namespace workspaces {
 export declare namespace workspacesinstances {
     interface ManagedInstanceProperties {
         blockDeviceMappings?: outputs.workspacesinstances.WorkspaceInstanceBlockDeviceMapping[];
+        capacityReservationSpecification?: outputs.workspacesinstances.WorkspaceInstanceCapacityReservationSpecification;
         cpuOptions?: outputs.workspacesinstances.WorkspaceInstanceCpuOptionsRequest;
         creditSpecification?: outputs.workspacesinstances.WorkspaceInstanceCreditSpecificationRequest;
         disableApiStop?: boolean;
         ebsOptimized?: boolean;
+        enablePrimaryIpv6?: boolean;
         enclaveOptions?: outputs.workspacesinstances.WorkspaceInstanceEnclaveOptionsRequest;
         hibernationOptions?: outputs.workspacesinstances.WorkspaceInstanceHibernationOptionsRequest;
         iamInstanceProfile?: outputs.workspacesinstances.WorkspaceInstanceIamInstanceProfileSpecification;
         imageId: string;
+        instanceMarketOptions?: outputs.workspacesinstances.WorkspaceInstanceInstanceMarketOptionsRequest;
         instanceType: string;
+        ipv6AddressCount?: number;
         keyName?: string;
+        licenseSpecifications?: outputs.workspacesinstances.WorkspaceInstanceLicenseConfigurationRequest[];
         maintenanceOptions?: outputs.workspacesinstances.WorkspaceInstanceInstanceMaintenanceOptionsRequest;
         metadataOptions?: outputs.workspacesinstances.WorkspaceInstanceInstanceMetadataOptionsRequest;
         monitoring?: outputs.workspacesinstances.WorkspaceInstanceRunInstancesMonitoringEnabled;
@@ -106068,6 +106495,7 @@ export declare namespace workspacesinstances {
         networkPerformanceOptions?: outputs.workspacesinstances.WorkspaceInstanceInstanceNetworkPerformanceOptionsRequest;
         placement?: outputs.workspacesinstances.WorkspaceInstancePlacement;
         privateDnsNameOptions?: outputs.workspacesinstances.WorkspaceInstancePrivateDnsNameOptionsRequest;
+        subnetId?: string;
         tagSpecifications?: outputs.workspacesinstances.WorkspaceInstanceTagSpecification[];
         userData?: string;
     }
@@ -106094,6 +106522,14 @@ export declare namespace workspacesinstances {
         noDevice?: string;
         virtualName?: string;
     }
+    interface WorkspaceInstanceCapacityReservationSpecification {
+        capacityReservationPreference?: enums.workspacesinstances.WorkspaceInstanceCapacityReservationSpecificationCapacityReservationPreference;
+        capacityReservationTarget?: outputs.workspacesinstances.WorkspaceInstanceCapacityReservationTarget;
+    }
+    interface WorkspaceInstanceCapacityReservationTarget {
+        capacityReservationId?: string;
+        capacityReservationResourceGroupArn?: string;
+    }
     interface WorkspaceInstanceCpuOptionsRequest {
         coreCount?: number;
         threadsPerCore?: number;
@@ -106119,11 +106555,16 @@ export declare namespace workspacesinstances {
         configured?: boolean;
     }
     interface WorkspaceInstanceIamInstanceProfileSpecification {
+        arn?: string;
         name?: string;
     }
     interface WorkspaceInstanceInstanceMaintenanceOptionsRequest {
         autoRecovery?: enums.workspacesinstances.WorkspaceInstanceInstanceMaintenanceOptionsRequestAutoRecovery;
     }
+    interface WorkspaceInstanceInstanceMarketOptionsRequest {
+        marketType?: enums.workspacesinstances.WorkspaceInstanceInstanceMarketOptionsRequestMarketType;
+        spotOptions?: outputs.workspacesinstances.WorkspaceInstanceSpotMarketOptions;
+    }
     interface WorkspaceInstanceInstanceMetadataOptionsRequest {
         httpEndpoint?: enums.workspacesinstances.WorkspaceInstanceInstanceMetadataOptionsRequestHttpEndpoint;
         httpProtocolIpv6?: enums.workspacesinstances.WorkspaceInstanceInstanceMetadataOptionsRequestHttpProtocolIpv6;
@@ -106140,9 +106581,14 @@ export declare namespace workspacesinstances {
     interface WorkspaceInstanceInstanceNetworkPerformanceOptionsRequest {
         bandwidthWeighting?: enums.workspacesinstances.WorkspaceInstanceInstanceNetworkPerformanceOptionsRequestBandwidthWeighting;
     }
+    interface WorkspaceInstanceLicenseConfigurationRequest {
+        licenseConfigurationArn?: string;
+    }
     interface WorkspaceInstancePlacement {
         availabilityZone?: string;
+        groupId?: string;
         groupName?: string;
+        partitionNumber?: number;
         tenancy?: enums.workspacesinstances.WorkspaceInstancePlacementTenancy;
     }
     interface WorkspaceInstancePrivateDnsNameOptionsRequest {
@@ -106153,6 +106599,12 @@ export declare namespace workspacesinstances {
     interface WorkspaceInstanceRunInstancesMonitoringEnabled {
         enabled?: boolean;
     }
+    interface WorkspaceInstanceSpotMarketOptions {
+        instanceInterruptionBehavior?: enums.workspacesinstances.WorkspaceInstanceSpotMarketOptionsInstanceInterruptionBehavior;
+        maxPrice?: string;
+        spotInstanceType?: enums.workspacesinstances.WorkspaceInstanceSpotMarketOptionsSpotInstanceType;
+        validUntilUtc?: string;
+    }
     interface WorkspaceInstanceTag {
         key: string;
         value?: string;