@pulumi/aws-native 1.38.0-alpha.1761284362 → 1.38.0-alpha.1761310773

package/types/output.d.ts

@@ -6274,6 +6274,37 @@ export declare namespace appsync {
     }
 }
 export declare namespace aps {
+    interface AnomalyDetectorConfiguration {
+        randomCutForest: outputs.aps.AnomalyDetectorRandomCutForestConfiguration;
+    }
+    interface AnomalyDetectorIgnoreNearExpected {
+        amount?: number;
+        ratio?: number;
+    }
+    /**
+     * A key-value pair to provide meta-data and multi-dimensional data analysis for filtering and aggregation.
+     */
+    interface AnomalyDetectorLabel {
+        /**
+         * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+         */
+        key: string;
+        /**
+         * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+         */
+        value: string;
+    }
+    interface AnomalyDetectorMissingDataAction {
+        markAsAnomaly?: boolean;
+        skip?: boolean;
+    }
+    interface AnomalyDetectorRandomCutForestConfiguration {
+        ignoreNearExpectedFromAbove?: outputs.aps.AnomalyDetectorIgnoreNearExpected;
+        ignoreNearExpectedFromBelow?: outputs.aps.AnomalyDetectorIgnoreNearExpected;
+        query: string;
+        sampleSize?: number;
+        shingleSize?: number;
+    }
     /**
      * Represents a cloudwatch logs destination for scraper logging
      */
@@ -17435,6 +17466,7 @@ export declare namespace cloudfront {
          *  For more information, see [Response timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*.
          */
         originReadTimeout?: number;
+        ownerAccountId?: string;
         /**
          * The VPC origin ID.
          */
@@ -20348,9 +20380,24 @@ export declare namespace connect {
          */
         requiredFields?: outputs.connect.TaskTemplateRequiredFieldInfo[];
     }
+    /**
+     * Configuration for an email address alias
+     */
+    interface EmailAddressAliasConfiguration {
+        /**
+         * The identifier of the email address alias
+         */
+        emailAddressArn: string;
+    }
     interface EvaluationFormAutoEvaluationConfiguration {
         enabled?: boolean;
     }
+    interface EvaluationFormAutomaticFailConfiguration {
+        /**
+         * The target section refId to control failure propagation boundary.
+         */
+        targetSection?: string;
+    }
     /**
      * An item at the root level. All items must be sections.
      */
@@ -20373,10 +20420,72 @@ export declare namespace connect {
          */
         section?: outputs.connect.EvaluationFormSection;
     }
+    interface EvaluationFormItemEnablementCondition {
+        /**
+         * The list of operands that compose the condition. Each operand represents a specific criteria to be evaluated.
+         */
+        operands: outputs.connect.EvaluationFormItemEnablementConditionOperand[];
+        /**
+         * The logical operator used to combine multiple operands, determining how the condition is evaluated as a whole.
+         */
+        operator?: enums.connect.EvaluationFormItemEnablementConditionOperator;
+    }
+    interface EvaluationFormItemEnablementConditionOperand {
+        /**
+         * A direct comparison expression that evaluates a form item's value against specified criteria.
+         */
+        expression?: outputs.connect.EvaluationFormItemEnablementExpression;
+    }
+    interface EvaluationFormItemEnablementConfiguration {
+        /**
+         * Defines the enablement status to be applied when the specified condition is met.
+         */
+        action: enums.connect.EvaluationFormItemEnablementConfigurationAction;
+        /**
+         * Specifies the logical condition that determines when to apply the enablement rules.
+         */
+        condition: outputs.connect.EvaluationFormItemEnablementCondition;
+        /**
+         * Specifies the default enablement status to be applied when the condition is not satisfied.
+         */
+        defaultAction?: enums.connect.EvaluationFormItemEnablementConfigurationDefaultAction;
+    }
+    interface EvaluationFormItemEnablementExpression {
+        /**
+         * Specifies the comparison method to determine if the source value matches any of the specified values.
+         */
+        comparator: enums.connect.EvaluationFormItemEnablementExpressionComparator;
+        /**
+         * Identifies the form item whose value will be evaluated in the expression.
+         */
+        source: outputs.connect.EvaluationFormItemEnablementSource;
+        /**
+         * The list of possible values to compare against the source form item's value.
+         */
+        values: outputs.connect.EvaluationFormItemEnablementSourceValue[];
+    }
+    interface EvaluationFormItemEnablementSource {
+        refId?: string;
+        /**
+         * The type of the source entity.
+         */
+        type: enums.connect.EvaluationFormItemEnablementSourceType;
+    }
+    interface EvaluationFormItemEnablementSourceValue {
+        /**
+         * The reference id of the source entity value.
+         */
+        refId?: string;
+        /**
+         * Type of the source entity value.
+         */
+        type?: enums.connect.EvaluationFormItemEnablementSourceValueType;
+    }
     /**
      * Information about the automation configuration in numeric questions.
      */
     interface EvaluationFormNumericQuestionAutomation {
+        answerSource?: outputs.connect.EvaluationFormQuestionAutomationAnswerSource;
         /**
          * The property value of the automation.
          */
@@ -20390,6 +20499,7 @@ export declare namespace connect {
          * The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.
          */
         automaticFail?: boolean;
+        automaticFailConfiguration?: outputs.connect.EvaluationFormAutomaticFailConfiguration;
         /**
          * The maximum answer value of the range option.
          */
@@ -20439,6 +20549,7 @@ export declare namespace connect {
      * Information about a question from an evaluation form.
      */
     interface EvaluationFormQuestion {
+        enablement?: outputs.connect.EvaluationFormItemEnablementConfiguration;
         /**
          * The instructions of the section.
          *  *Length Constraints*: Minimum length of 0. Maximum length of 1024.
@@ -20474,6 +20585,12 @@ export declare namespace connect {
          */
         weight?: number;
     }
+    interface EvaluationFormQuestionAutomationAnswerSource {
+        /**
+         * The type of the answer sourcr
+         */
+        sourceType: enums.connect.EvaluationFormQuestionAutomationAnswerSourceSourceType;
+    }
     /**
      * Information about properties for a question in an evaluation form. The question type properties must be either for a numeric question or a single select question.
      */
@@ -20486,6 +20603,7 @@ export declare namespace connect {
          * The properties of the numeric question.
          */
         singleSelect?: outputs.connect.EvaluationFormSingleSelectQuestionProperties;
+        text?: outputs.connect.EvaluationFormTextQuestionProperties;
     }
     /**
      * A scoring strategy of the evaluation form.
@@ -20536,6 +20654,7 @@ export declare namespace connect {
      * Information about the automation configuration in single select questions. Automation options are evaluated in order, and the first matched option is applied. If no automation option matches, and there is a default option, then the default option is applied.
      */
     interface EvaluationFormSingleSelectQuestionAutomation {
+        answerSource?: outputs.connect.EvaluationFormQuestionAutomationAnswerSource;
         /**
          * The identifier of the default answer option, when none of the automation options match the criteria.
          *  *Length Constraints*: Minimum length of 1. Maximum length of 40.
@@ -20565,6 +20684,7 @@ export declare namespace connect {
          * The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.
          */
         automaticFail?: boolean;
+        automaticFailConfiguration?: outputs.connect.EvaluationFormAutomaticFailConfiguration;
         /**
          * The identifier of the answer option. An identifier must be unique within the question.
          *  *Length Constraints*: Minimum length of 1. Maximum length of 40.
@@ -20625,6 +20745,18 @@ export declare namespace connect {
          */
         optionRefId: string;
     }
+    interface EvaluationFormTextQuestionAutomation {
+        /**
+         * The source of automation answer of the question.
+         */
+        answerSource?: outputs.connect.EvaluationFormQuestionAutomationAnswerSource;
+    }
+    interface EvaluationFormTextQuestionProperties {
+        /**
+         * Specifies how the question can be automatically answered.
+         */
+        automation?: outputs.connect.EvaluationFormTextQuestionAutomation;
+    }
     /**
      * Contains information about the hours of operation.
      */
@@ -21626,6 +21758,14 @@ export declare namespace connectcampaignsv2 {
          */
         bandwidthAllocation: number;
     }
+    /**
+     * Preview config
+     */
+    interface CampaignPreviewConfig {
+        agentActions?: enums.connectcampaignsv2.CampaignAgentAction[];
+        bandwidthAllocation: number;
+        timeoutConfig: outputs.connectcampaignsv2.CampaignTimeoutConfig;
+    }
     /**
      * Progressive config
      */
@@ -21774,6 +21914,7 @@ export declare namespace connectcampaignsv2 {
          * Contains predictive outbound mode configuration.
          */
         predictiveConfig?: outputs.connectcampaignsv2.CampaignPredictiveConfig;
+        previewConfig?: outputs.connectcampaignsv2.CampaignPreviewConfig;
         /**
          * Contains progressive telephony outbound mode configuration.
          */
@@ -21799,6 +21940,12 @@ export declare namespace connectcampaignsv2 {
          */
         restrictedPeriods?: outputs.connectcampaignsv2.CampaignRestrictedPeriods;
     }
+    /**
+     * Timeout Config for preview contacts
+     */
+    interface CampaignTimeoutConfig {
+        durationInSeconds?: number;
+    }
 }
 export declare namespace controltower {
     interface EnabledBaselineParameter {
@@ -30967,7 +31114,7 @@ export declare namespace ecr {
         scanOnPush?: boolean;
     }
     /**
-     * Overrides the default image tag mutability setting of the repository for image tags that match the specified filters.
+     * A filter that specifies which image tags should be excluded from the repository's image tag mutability setting.
      */
     interface RepositoryImageTagMutabilityExclusionFilter {
         imageTagMutabilityExclusionFilterType: enums.ecr.RepositoryImageTagMutabilityExclusionFilterType;
@@ -34070,7 +34217,8 @@ export declare namespace elasticloadbalancingv2 {
          */
         fixedResponseConfig?: outputs.elasticloadbalancingv2.ListenerFixedResponseConfig;
         /**
-         * Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
+         * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``.
+         *  If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
          */
         forwardConfig?: outputs.elasticloadbalancingv2.ListenerForwardConfig;
         /**
@@ -34082,7 +34230,7 @@ export declare namespace elasticloadbalancingv2 {
          */
         redirectConfig?: outputs.elasticloadbalancingv2.ListenerRedirectConfig;
         /**
-         * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to one or more target groups, use ``ForwardConfig`` instead.
+         * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to multiple target groups, you must use ``ForwardConfig`` instead.
          */
         targetGroupArn?: string;
         /**
@@ -34256,7 +34404,8 @@ export declare namespace elasticloadbalancingv2 {
         statusCode: string;
     }
     /**
-     * Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
+     * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``.
+     *  If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
      */
     interface ListenerForwardConfig {
         /**
@@ -34344,7 +34493,8 @@ export declare namespace elasticloadbalancingv2 {
          */
         fixedResponseConfig?: outputs.elasticloadbalancingv2.ListenerRuleFixedResponseConfig;
         /**
-         * Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
+         * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``.
+         *  If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
          */
         forwardConfig?: outputs.elasticloadbalancingv2.ListenerRuleForwardConfig;
         /**
@@ -34356,7 +34506,7 @@ export declare namespace elasticloadbalancingv2 {
          */
         redirectConfig?: outputs.elasticloadbalancingv2.ListenerRuleRedirectConfig;
         /**
-         * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to one or more target groups, use ``ForwardConfig`` instead.
+         * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to multiple target groups, you must use ``ForwardConfig`` instead.
          */
         targetGroupArn?: string;
         /**
@@ -34485,7 +34635,8 @@ export declare namespace elasticloadbalancingv2 {
         statusCode: string;
     }
     /**
-     * Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
+     * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``.
+     *  If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``.
      */
     interface ListenerRuleForwardConfig {
         /**
@@ -34501,6 +34652,7 @@ export declare namespace elasticloadbalancingv2 {
      * Information about a host header condition.
      */
     interface ListenerRuleHostHeaderConfig {
+        regexValues?: string[];
         /**
          * The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one "." character. You can include only alphabetical characters after the final "." character.
          *  If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.
@@ -34516,6 +34668,7 @@ export declare namespace elasticloadbalancingv2 {
          * The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
          */
         httpHeaderName?: string;
+        regexValues?: string[];
         /**
          * The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).
          *  If the same header appears multiple times in the request, we search them in order until a match is found.
@@ -34538,6 +34691,7 @@ export declare namespace elasticloadbalancingv2 {
      * Information about a path pattern condition.
      */
     interface ListenerRulePathPatternConfig {
+        regexValues?: string[];
         /**
          * The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).
          *  If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.
@@ -34606,6 +34760,13 @@ export declare namespace elasticloadbalancingv2 {
          */
         statusCode: string;
     }
+    interface ListenerRuleRewriteConfig {
+        regex: string;
+        replace: string;
+    }
+    interface ListenerRuleRewriteConfigObject {
+        rewrites: outputs.elasticloadbalancingv2.ListenerRuleRewriteConfig[];
+    }
     /**
      * Specifies a condition for a listener rule.
      */
@@ -34640,6 +34801,10 @@ export declare namespace elasticloadbalancingv2 {
          * Information for a query string condition. Specify only when ``Field`` is ``query-string``.
          */
         queryStringConfig?: outputs.elasticloadbalancingv2.ListenerRuleQueryStringConfig;
+        /**
+         * The regular expressions to match against the condition field. The maximum length of each string is 128 characters. Specify only when `Field` is `http-header` , `host-header` , or `path-pattern` .
+         */
+        regexValues?: string[];
         /**
          * Information for a source IP condition. Specify only when ``Field`` is ``source-ip``.
          */
@@ -34677,7 +34842,7 @@ export declare namespace elasticloadbalancingv2 {
      */
     interface ListenerRuleTargetGroupStickinessConfig {
         /**
-         * The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.
+         * [Application Load Balancers] The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.
          */
         durationSeconds?: number;
         /**
@@ -34698,12 +34863,17 @@ export declare namespace elasticloadbalancingv2 {
          */
         weight?: number;
     }
+    interface ListenerRuleTransform {
+        hostHeaderRewriteConfig?: outputs.elasticloadbalancingv2.ListenerRuleRewriteConfigObject;
+        type: string;
+        urlRewriteConfig?: outputs.elasticloadbalancingv2.ListenerRuleRewriteConfigObject;
+    }
     /**
      * Information about the target group stickiness for a rule.
      */
     interface ListenerTargetGroupStickinessConfig {
         /**
-         * The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.
+         * [Application Load Balancers] The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.
          */
         durationSeconds?: number;
         /**
@@ -35658,6 +35828,23 @@ export declare namespace events {
          */
         route: string;
     }
+    /**
+     * This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization.
+     */
+    interface EventBusPolicyCondition {
+        /**
+         * Specifies the value for the key. Currently, this must be the ID of the organization.
+         */
+        key?: string;
+        /**
+         * Specifies the type of condition. Currently the only supported value is StringEquals.
+         */
+        type?: string;
+        /**
+         * Specifies the key for the condition. Currently the only supported key is aws:PrincipalOrgID.
+         */
+        value?: string;
+    }
     /**
      * The private resource the HTTP request will be sent to.
      */
@@ -40443,6 +40630,19 @@ export declare namespace imagebuilder {
          */
         repositoryName?: string;
     }
+    /**
+     * The settings for starting an image pipeline execution.
+     */
+    interface ImagePipelineExecutionSettings {
+        /**
+         * The deployment ID of the pipeline, used to trigger new image pipeline executions.
+         */
+        deploymentId?: string;
+        /**
+         * Whether to trigger the image pipeline when the pipeline is updated. False by default.
+         */
+        onUpdate?: boolean;
+    }
     /**
      * Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.
      */
@@ -54755,6 +54955,7 @@ export declare namespace mediapackagev2 {
          * The encryption method to use.
          */
         cmafEncryptionMethod?: enums.mediapackagev2.OriginEndpointCmafEncryptionMethod;
+        ismEncryptionMethod?: enums.mediapackagev2.OriginEndpointIsmEncryptionMethod;
         /**
          * The encryption method to use.
          */
@@ -54876,6 +55077,21 @@ export declare namespace mediapackagev2 {
          */
         urlEncodeChildManifest?: boolean;
     }
+    /**
+     * <p>Configuration details for a Microsoft Smooth Streaming (MSS) manifest associated with an origin endpoint. This includes all the settings and properties that define how the MSS content is packaged and delivered.</p>
+     */
+    interface OriginEndpointMssManifestConfiguration {
+        filterConfiguration?: outputs.mediapackagev2.OriginEndpointFilterConfiguration;
+        manifestLayout?: enums.mediapackagev2.OriginEndpointMssManifestLayout;
+        /**
+         * <p>The name of the MSS manifest. This name is appended to the origin endpoint URL to create the unique path for accessing this specific MSS manifest.</p>
+         */
+        manifestName: string;
+        /**
+         * <p>The duration (in seconds) of the manifest window. This represents the total amount of content available in the manifest at any given time.</p>
+         */
+        manifestWindowSeconds?: number;
+    }
     interface OriginEndpointPolicyCdnAuthConfiguration {
         /**
          * The ARN for the secret in Secrets Manager that your CDN uses for authorization to access the endpoint.
@@ -57123,53 +57339,131 @@ export declare namespace oam {
 }
 export declare namespace observabilityadmin {
     interface OrganizationCentralizationRuleCentralizationRule {
+        /**
+         * Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations.
+         */
         destination: outputs.observabilityadmin.OrganizationCentralizationRuleCentralizationRuleDestination;
+        /**
+         * Configuration determining the source of the telemetry data to be centralized.
+         */
         source: outputs.observabilityadmin.OrganizationCentralizationRuleCentralizationRuleSource;
     }
     interface OrganizationCentralizationRuleCentralizationRuleDestination {
+        /**
+         * The destination account (within the organization) to which the telemetry data should be centralized.
+         */
         account?: string;
+        /**
+         * Log specific configuration for centralization destination log groups.
+         */
         destinationLogsConfiguration?: outputs.observabilityadmin.OrganizationCentralizationRuleDestinationLogsConfiguration;
+        /**
+         * The primary destination region to which telemetry data should be centralized.
+         */
         region: string;
     }
     interface OrganizationCentralizationRuleCentralizationRuleSource {
+        /**
+         * The list of source regions from which telemetry data should be centralized.
+         */
         regions: string[];
+        /**
+         * The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids.
+         */
         scope?: string;
+        /**
+         * Log specific configuration for centralization source log groups.
+         */
         sourceLogsConfiguration?: outputs.observabilityadmin.OrganizationCentralizationRuleSourceLogsConfiguration;
     }
     interface OrganizationCentralizationRuleDestinationLogsConfiguration {
+        /**
+         * Configuration defining the backup region and an optional KMS key for the backup destination.
+         */
         backupConfiguration?: outputs.observabilityadmin.OrganizationCentralizationRuleLogsBackupConfiguration;
+        /**
+         * The encryption configuration for centralization destination log groups.
+         */
         logsEncryptionConfiguration?: outputs.observabilityadmin.OrganizationCentralizationRuleLogsEncryptionConfiguration;
     }
     interface OrganizationCentralizationRuleLogsBackupConfiguration {
+        /**
+         * KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination.
+         */
         kmsKeyArn?: string;
+        /**
+         * Logs specific backup destination region within the primary destination account to which log data should be centralized.
+         */
         region: string;
     }
     interface OrganizationCentralizationRuleLogsEncryptionConfiguration {
+        /**
+         * Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.
+         */
         encryptionConflictResolutionStrategy?: enums.observabilityadmin.OrganizationCentralizationRuleLogsEncryptionConfigurationEncryptionConflictResolutionStrategy;
+        /**
+         * Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.
+         */
         encryptionStrategy: enums.observabilityadmin.OrganizationCentralizationRuleLogsEncryptionConfigurationEncryptionStrategy;
+        /**
+         * KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.
+         */
         kmsKeyArn?: string;
     }
     interface OrganizationCentralizationRuleSourceLogsConfiguration {
+        /**
+         * A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.
+         */
         encryptedLogGroupStrategy: enums.observabilityadmin.OrganizationCentralizationRuleSourceLogsConfigurationEncryptedLogGroupStrategy;
+        /**
+         * The selection criteria that specifies which source log groups to centralize. The selection criteria uses the same format as OAM link filters.
+         */
         logGroupSelectionCriteria: string;
     }
     /**
      * The destination configuration for telemetry data
      */
     interface OrganizationTelemetryRuleTelemetryDestinationConfiguration {
+        /**
+         * The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
+         */
         destinationPattern?: string;
+        /**
+         * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
+         */
         destinationType?: enums.observabilityadmin.OrganizationTelemetryRuleDestinationType;
+        /**
+         * The number of days to retain the telemetry data in the destination.
+         */
         retentionInDays?: number;
+        /**
+         * Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
+         */
         vpcFlowLogParameters?: outputs.observabilityadmin.OrganizationTelemetryRuleVpcFlowLogParameters;
     }
     /**
      * The telemetry rule
      */
     interface OrganizationTelemetryRuleTelemetryRule {
+        /**
+         * Configuration specifying where and how the telemetry data should be delivered.
+         */
         destinationConfiguration?: outputs.observabilityadmin.OrganizationTelemetryRuleTelemetryDestinationConfiguration;
+        /**
+         * The type of AWS resource to configure telemetry for (e.g., "AWS::EC2::VPC").
+         */
         resourceType: enums.observabilityadmin.OrganizationTelemetryRuleResourceType;
+        /**
+         * The organizational scope to which the rule applies, specified using accounts or organizational units.
+         */
         scope?: string;
+        /**
+         * Criteria for selecting which resources the rule applies to, such as resource tags.
+         */
         selectionCriteria?: string;
+        /**
+         * The type of telemetry to collect (Logs, Metrics, or Traces).
+         */
         telemetryType: enums.observabilityadmin.OrganizationTelemetryRuleTelemetryType;
     }
     /**
@@ -57193,18 +57487,42 @@ export declare namespace observabilityadmin {
      * The telemetry rule
      */
     interface TelemetryRule {
+        /**
+         * Configuration specifying where and how the telemetry data should be delivered.
+         */
         destinationConfiguration?: outputs.observabilityadmin.TelemetryRuleTelemetryDestinationConfiguration;
+        /**
+         * The type of AWS resource to configure telemetry for (e.g., "AWS::EC2::VPC").
+         */
         resourceType: enums.observabilityadmin.TelemetryRuleResourceType;
+        /**
+         * Criteria for selecting which resources the rule applies to, such as resource tags.
+         */
         selectionCriteria?: string;
+        /**
+         * The type of telemetry to collect (Logs, Metrics, or Traces).
+         */
         telemetryType: enums.observabilityadmin.TelemetryRuleTelemetryType;
     }
     /**
      * The destination configuration for telemetry data
      */
     interface TelemetryRuleTelemetryDestinationConfiguration {
+        /**
+         * The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
+         */
         destinationPattern?: string;
+        /**
+         * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
+         */
         destinationType?: enums.observabilityadmin.TelemetryRuleDestinationType;
+        /**
+         * The number of days to retain the telemetry data in the destination.
+         */
         retentionInDays?: number;
+        /**
+         * Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
+         */
         vpcFlowLogParameters?: outputs.observabilityadmin.TelemetryRuleVpcFlowLogParameters;
     }
     /**
@@ -58411,6 +58729,9 @@ export declare namespace osis {
     interface PipelineLogPublishingOptionsCloudWatchLogDestinationProperties {
         logGroup: string;
     }
+    interface PipelineResourcePolicy {
+        policy: any;
+    }
     /**
      * An OpenSearch Ingestion Service-managed VPC endpoint that will access one or more pipelines.
      */
@@ -80161,7 +80482,7 @@ export declare namespace quicksight {
          * - `FULL_REFRESH` : A complete refresh of a dataset.
          * - `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.
          *
-         * For more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .
+         * For more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick Suite User Guide* .
          */
         refreshType?: enums.quicksight.RefreshScheduleMapRefreshType;
         /**
@@ -90711,7 +91032,9 @@ export declare namespace route53 {
         /**
          * The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .
          *
-         * If you don't specify a value for `FailureThreshold` , the default value is three health checks.
+         * `FailureThreshold` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` .
+         *
+         * Otherwise, if you don't specify a value for `FailureThreshold` , the default value is three health checks.
          */
         failureThreshold?: number;
         /**
@@ -90787,6 +91110,8 @@ export declare namespace route53 {
         /**
          * Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.
          *
+         * `MeasureLatency` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` .
+         *
          * > You can't change the value of `MeasureLatency` after you create a health check.
          */
         measureLatency?: boolean;
@@ -90807,6 +91132,8 @@ export declare namespace route53 {
         /**
          * The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.
          *
+         * `RequestInterval` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` .
+         *
          * > You can't change the value of `RequestInterval` after you create a health check.
          *
          * If you don't specify a value for `RequestInterval` , the default value is `30` seconds.
@@ -91126,6 +91453,13 @@ export declare namespace route53resolver {
         serverNameIndication?: string;
     }
 }
+export declare namespace rtbfabric {
+    interface ResponderGatewayManagedEndpointConfiguration {
+    }
+    interface ResponderGatewayTrustStoreConfiguration {
+        certificateAuthorityCertificates: string[];
+    }
+}
 export declare namespace rum {
     /**
      * AppMonitor configuration
@@ -93619,6 +93953,19 @@ export declare namespace sagemaker {
          */
         scheduleExpression: string;
     }
+    /**
+     * Configuration for tiered storage in the SageMaker HyperPod cluster.
+     */
+    interface ClusterTieredStorageConfig {
+        /**
+         * The percentage of instance memory to allocate for tiered storage.
+         */
+        instanceMemoryAllocationPercentage?: number;
+        /**
+         * The mode of tiered storage.
+         */
+        mode: enums.sagemaker.ClusterTieredStorageConfigMode;
+    }
     /**
      * Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC.
      */
@@ -94272,6 +94619,9 @@ export declare namespace sagemaker {
          * The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key.
          */
         executionRoleIdentityConfig?: enums.sagemaker.DomainSettingsExecutionRoleIdentityConfig;
+        /**
+         * The IP address type for the domain. Specify `ipv4` for IPv4-only connectivity or `dualstack` for both IPv4 and IPv6 connectivity. When you specify `dualstack` , the subnet must support IPv6 CIDR blocks. If not specified, defaults to `ipv4` .
+         */
         ipAddressType?: enums.sagemaker.DomainIpAddressType;
         /**
          * A collection of settings that configure the `RStudioServerPro` Domain-level app.
@@ -101201,6 +101551,8 @@ export declare namespace ssm {
         /**
          * The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.
          *
+         * Patch Manager evaluates patch release dates using Coordinated Universal Time (UTC). If the day represented by `7` is `2025-11-16` , patches released between `2025-11-16T00:00:00Z` and `2025-11-16T23:59:59Z` will be included in the approval.
+         *
          * This parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .
          *
          * Not supported for Debian Server or Ubuntu Server.
@@ -101211,7 +101563,9 @@ export declare namespace ssm {
         /**
          * The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.
          *
-         * Enter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .
+         * Enter dates in the format `YYYY-MM-DD` . For example, `2025-11-16` .
+         *
+         * Patch Manager evaluates patch release dates using Coordinated Universal Time (UTC). If you enter the date `2025-11-16` , patches released between `2025-11-16T00:00:00Z` and `2025-11-16T23:59:59Z` will be included in the approval.
          *
          * This parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .
          *
@@ -102258,14 +102612,22 @@ export declare namespace synthetics {
         browserType: enums.synthetics.CanaryBrowserType;
     }
     interface CanaryCode {
+        /**
+         * `BlueprintTypes` are a list of templates that enable simplified canary creation. You can create canaries for common monitoring scenarios by providing only a JSON configuration file instead of writing custom scripts. `multi-checks` is the only supported value.
+         *
+         * When you specify `BlueprintTypes` , the `Handler` field cannot be specified since the blueprint provides a pre-defined entry point.
+         */
+        blueprintTypes?: string[];
         /**
          * List of Lambda layers to attach to the canary
          */
         dependencies?: outputs.synthetics.CanaryDependency[];
         /**
          * The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .
+         *
+         * This field is required when you don't specify `BlueprintTypes` and is not allowed when you specify `BlueprintTypes` .
          */
-        handler: string;
+        handler?: string;
         /**
          * If your canary script is located in S3, specify the bucket name here. The bucket must already exist.
          */
@@ -102368,6 +102730,9 @@ export declare namespace synthetics {
          * List of screenshots used as base reference for visual testing
          */
         baseScreenshots?: outputs.synthetics.CanaryBaseScreenshot[];
+        /**
+         * The browser type associated with this visual reference configuration. Valid values are `CHROME` and `FIREFOX` .
+         */
         browserType?: enums.synthetics.CanaryBrowserType;
     }
     interface CanaryVpcConfig {
@@ -102814,6 +103179,8 @@ export declare namespace transfer {
          * Replace `0.0.0.0` in the example above with the actual IP address you want to use.
          *
          * > If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) .
+         * >
+         * > Additionally, avoid placing Network Load Balancers (NLBs) or NAT gateways in front of AWS Transfer Family servers. This configuration increases costs and can cause performance issues. When NLBs or NATs are in the communication path, Transfer Family cannot accurately recognize client IP addresses, which impacts connection sharding and limits FTPS servers to only 300 simultaneous connections instead of 10,000. If you must use an NLB, use port 21 for health checks and enable TLS session resumption by setting `TlsSessionResumptionMode = ENFORCED` . For optimal performance, migrate to VPC endpoints with Elastic IP addresses instead of using NLBs. For more details, see [Avoid placing NLBs and NATs in front of AWS Transfer Family](https://docs.aws.amazon.com/transfer/latest/userguide/infrastructure-security.html#nlb-considerations) .
          *
          * *Special values*
          *