@pulumi/aws-native 1.41.0-alpha.1765604205 → 1.41.0-alpha.1765978445

package/types/output.d.ts

@@ -11072,6 +11072,9 @@ export declare namespace bedrock {
          * Sets modality processing for audio files. All modalities are enabled by default.
          */
         modalityProcessing?: outputs.bedrock.DataAutomationProjectModalityProcessingConfiguration;
+        /**
+         * Configuration for sensitive data detection and redaction for audio files.
+         */
         sensitiveDataConfiguration?: outputs.bedrock.DataAutomationProjectSensitiveDataConfiguration;
     }
     interface DataAutomationProjectAudioStandardExtraction {
@@ -11168,6 +11171,9 @@ export declare namespace bedrock {
          * Sets modality processing for document files. All modalities are enabled by default.
          */
         modalityProcessing?: outputs.bedrock.DataAutomationProjectModalityProcessingConfiguration;
+        /**
+         * Configuration for sensitive data detection and redaction for document files.
+         */
         sensitiveDataConfiguration?: outputs.bedrock.DataAutomationProjectSensitiveDataConfiguration;
         /**
          * Whether document splitter is enabled for a project.
@@ -11225,6 +11231,9 @@ export declare namespace bedrock {
          * Sets modality processing for image files. All modalities are enabled by default.
          */
         modalityProcessing?: outputs.bedrock.DataAutomationProjectModalityProcessingConfiguration;
+        /**
+         * Configuration for sensitive data detection and redaction for image files.
+         */
         sensitiveDataConfiguration?: outputs.bedrock.DataAutomationProjectSensitiveDataConfiguration;
     }
     interface DataAutomationProjectImageStandardExtraction {
@@ -11310,12 +11319,27 @@ export declare namespace bedrock {
         video?: outputs.bedrock.DataAutomationProjectVideoOverrideConfiguration;
     }
     interface DataAutomationProjectPiiEntitiesConfiguration {
+        /**
+         * List of PII entity types to detect/redact in the output. Choose from specific entity types (such as ADDRESS, NAME, EMAIL, PHONE, US_SOCIAL_SECURITY_NUMBER) or specify ALL to detect all supported PII types. If not specified, defaults to ALL.
+         */
         piiEntityTypes?: enums.bedrock.DataAutomationProjectPiiEntityTypes[];
+        /**
+         * Defines how detected PII entities are masked in redacted output files. Set to PII to replace all detected entities with a generic [PII] marker regardless of entity type. Set to ENTITY_TYPE to replace each detected entity with its specific type marker (for example, [NAME], [EMAIL], [ADDRESS]). This setting only applies when detectionMode is set to DETECTION_AND_REDACTION. If not specified, defaults to ENTITY_TYPE.
+         */
         redactionMaskMode?: enums.bedrock.DataAutomationProjectPiiRedactionMaskMode;
     }
     interface DataAutomationProjectSensitiveDataConfiguration {
+        /**
+         * Specifies the mode for handling sensitive data detection. Set to DETECTION to only identify sensitive data without modifying content - this produces one output file per detection scope containing detection information with original unredacted content. Set to DETECTION_AND_REDACTION to both identify and mask sensitive data - this produces two output files per detection scope: one unredacted file with detection information and one redacted file with masking applied to sensitive content. For example, if detectionScope includes both STANDARD and CUSTOM with DETECTION_AND_REDACTION mode, four output files will be generated (two for standard output and two for custom output).
+         */
         detectionMode?: enums.bedrock.DataAutomationProjectSensitiveDataDetectionMode;
+        /**
+         * Defines which BDA output types to apply sensitive data detection to. Specify STANDARD to detect sensitive data in standard output, CUSTOM to detect in custom output (blueprint-based extraction), or both to apply detection to both output types. If not specified, defaults to both STANDARD and CUSTOM. The number of output files generated depends on both the detection mode and the scopes selected - each scope specified will produce its own set of output files according to the detection mode configured.
+         */
         detectionScope?: enums.bedrock.DataAutomationProjectSensitiveDataDetectionScope[];
+        /**
+         * Configuration for detecting and redacting Personally Identifiable Information (PII) entities.
+         */
         piiEntitiesConfiguration?: outputs.bedrock.DataAutomationProjectPiiEntitiesConfiguration;
     }
     interface DataAutomationProjectSpeakerLabelingConfiguration {
@@ -11382,6 +11406,9 @@ export declare namespace bedrock {
          * Sets modality processing for video files. All modalities are enabled by default.
          */
         modalityProcessing?: outputs.bedrock.DataAutomationProjectModalityProcessingConfiguration;
+        /**
+         * Configuration for sensitive data detection and redaction for video files.
+         */
         sensitiveDataConfiguration?: outputs.bedrock.DataAutomationProjectSensitiveDataConfiguration;
     }
     interface DataAutomationProjectVideoStandardExtraction {
@@ -13647,6 +13674,9 @@ export declare namespace bedrock {
      * The vector configuration details for the Bedrock embeddings model.
      */
     interface KnowledgeBaseBedrockEmbeddingModelConfiguration {
+        /**
+         * Configuration settings for processing audio content in multimodal knowledge bases.
+         */
         audio?: outputs.bedrock.KnowledgeBaseAudioConfiguration[];
         /**
          * The dimensions details for the vector configuration used on the Bedrock embeddings model.
@@ -13656,6 +13686,9 @@ export declare namespace bedrock {
          * The data type for the vectors when using a model to convert text into vector embeddings.
          */
         embeddingDataType?: enums.bedrock.KnowledgeBaseBedrockEmbeddingModelConfigurationEmbeddingDataType;
+        /**
+         * Configuration settings for processing video content in multimodal knowledge bases.
+         */
         video?: outputs.bedrock.KnowledgeBaseVideoConfiguration[];
     }
     /**
@@ -14837,6 +14870,17 @@ export declare namespace bedrockagentcore {
         allowedClients?: string[];
         discoveryUrl: string;
     }
+    interface GatewayInterceptorConfiguration {
+        inputConfiguration?: outputs.bedrockagentcore.GatewayInterceptorInputConfiguration;
+        interceptionPoints: enums.bedrockagentcore.GatewayInterceptionPoint[];
+        interceptor: outputs.bedrockagentcore.InterceptorConfigurationProperties;
+    }
+    interface GatewayInterceptorInputConfiguration {
+        passRequestHeaders: boolean;
+    }
+    interface GatewayLambdaInterceptorConfiguration {
+        arn: string;
+    }
     interface GatewayMcpGatewayConfiguration {
         instructions?: string;
         searchType?: enums.bedrockagentcore.GatewaySearchType;
@@ -14930,6 +14974,9 @@ export declare namespace bedrockagentcore {
     interface GatewayWorkloadIdentityDetails {
         workloadIdentityArn: string;
     }
+    interface InterceptorConfigurationProperties {
+        lambda: outputs.bedrockagentcore.GatewayLambdaInterceptorConfiguration;
+    }
     interface MemoryCustomConfigurationInput {
         selfManagedConfiguration?: outputs.bedrockagentcore.MemorySelfManagedConfiguration;
         semanticOverride?: outputs.bedrockagentcore.MemorySemanticOverride;
@@ -15762,6 +15809,9 @@ export declare namespace cleanrooms {
          * The payment responsibilities accepted by the member for model training.
          */
         modelTraining?: outputs.cleanrooms.CollaborationModelTrainingPaymentConfig;
+        /**
+         * The payment configuration for machine learning synthetic data generation.
+         */
         syntheticDataGeneration?: outputs.cleanrooms.CollaborationSyntheticDataGenerationPaymentConfig;
     }
     interface CollaborationModelInferencePaymentConfig {
@@ -15809,6 +15859,9 @@ export declare namespace cleanrooms {
         isResponsible: boolean;
     }
     interface CollaborationSyntheticDataGenerationPaymentConfig {
+        /**
+         * Indicates who is responsible for paying for synthetic data generation.
+         */
         isResponsible: boolean;
     }
     interface ConfiguredTableAggregateColumn {
@@ -16029,6 +16082,9 @@ export declare namespace cleanrooms {
          * The payment responsibilities accepted by the member for model training.
          */
         modelTraining?: outputs.cleanrooms.MembershipModelTrainingPaymentConfig;
+        /**
+         * The payment configuration for synthetic data generation for this machine learning membership.
+         */
         syntheticDataGeneration?: outputs.cleanrooms.MembershipSyntheticDataGenerationPaymentConfig;
     }
     interface MembershipModelInferencePaymentConfig {
@@ -16145,6 +16201,9 @@ export declare namespace cleanrooms {
         isResponsible: boolean;
     }
     interface MembershipSyntheticDataGenerationPaymentConfig {
+        /**
+         * Indicates if this membership is responsible for paying for synthetic data generation.
+         */
         isResponsible: boolean;
     }
     /**
@@ -21160,6 +21219,9 @@ export declare namespace connect {
      * Information about properties for a question in an evaluation form. The question type properties must be either for a numeric question or a single select question.
      */
     interface EvaluationFormQuestionTypeProperties {
+        /**
+         * Properties for multi-select question types.
+         */
         multiSelect?: outputs.connect.EvaluationFormMultiSelectQuestionProperties;
         /**
          * The properties of the numeric question.
@@ -21345,6 +21407,9 @@ export declare namespace connect {
         automation?: outputs.connect.EvaluationFormTextQuestionAutomation;
     }
     interface FontFamily {
+        /**
+         * The default font family to use in the workspace theme.
+         */
         default?: enums.connect.WorkspaceFontFamily;
     }
     /**
@@ -22121,18 +22186,54 @@ export declare namespace connect {
          */
         level: number;
     }
+    /**
+     * The validation rules applied to values of this attribute. Based on JSON Schema Draft 2020-12 with additional Connect-specific validations for data integrity.
+     */
     interface ValidationProperties {
+        /**
+         * Defines enumeration constraints for attribute values. Can specify a list of allowed values and whether custom values are permitted beyond the enumerated list.
+         */
         enum?: outputs.connect.ValidationPropertiesEnumProperties;
+        /**
+         * The largest exclusive numeric value for NUMBER value type. Can be provided alongside Maximum where both operate independently. Must be greater than ExclusiveMinimum and Minimum. Applies to NUMBER and values within NUMBER_LIST.
+         */
         exclusiveMaximum?: number;
+        /**
+         * The smallest exclusive numeric value for NUMBER value type. Can be provided alongside Minimum where both operate independently. Must be less than ExclusiveMaximum and Maximum. Applies to NUMBER and values within NUMBER_LIST.
+         */
         exclusiveMinimum?: number;
+        /**
+         * The maximum number of characters a text value can contain. Applies to TEXT value type and values within a TEXT_LIST. Must be greater than or equal to MinLength.
+         */
         maxLength?: number;
+        /**
+         * The maximum number of values in a list. Must be an integer greater than or equal to 0 and greater than or equal to MinValues. Applies to all list types.
+         */
         maxValues?: number;
+        /**
+         * The largest inclusive numeric value for NUMBER value type. Can be provided alongside ExclusiveMaximum where both operate independently. Must be greater than or equal to Minimum and greater than ExclusiveMinimum. Applies to NUMBER and values within NUMBER_LIST.
+         */
         maximum?: number;
+        /**
+         * The minimum number of characters a text value can contain. Applies to TEXT value type and values within a TEXT_LIST. Must be less than or equal to MaxLength.
+         */
         minLength?: number;
+        /**
+         * The minimum number of values in a list. Must be an integer greater than or equal to 0 and less than or equal to MaxValues. Applies to all list types.
+         */
         minValues?: number;
+        /**
+         * The smallest inclusive numeric value for NUMBER value type. Cannot be provided when ExclusiveMinimum is also provided. Must be less than or equal to Maximum and less than ExclusiveMaximum. Applies to NUMBER and values within NUMBER_LIST.
+         */
         minimum?: number;
+        /**
+         * Specifies that numeric values must be multiples of this number. Must be greater than 0. The result of dividing a value by this multiple must result in an integer. Applies to NUMBER and values within NUMBER_LIST.
+         */
         multipleOf?: number;
     }
+    /**
+     * Defines enumeration constraints for attribute values. Can specify a list of allowed values and whether custom values are permitted beyond the enumerated list.
+     */
     interface ValidationPropertiesEnumProperties {
         strict?: boolean;
         values?: string[];
@@ -22147,7 +22248,13 @@ export declare namespace connect {
         stringList?: string[];
     }
     interface WorkspaceMediaItem {
+        /**
+         * The source URL or data for the media asset.
+         */
         source?: string;
+        /**
+         * The type of media. Valid values are: `IMAGE_LOGO_FAVICON` and `IMAGE_LOGO_HORIZONTAL` .
+         */
         type: enums.connect.WorkspaceMediaType;
     }
     interface WorkspacePage {
@@ -22169,48 +22276,126 @@ export declare namespace connect {
         slug?: string;
     }
     interface WorkspacePaletteCanvas {
+        /**
+         * The background color for active elements.
+         */
         activeBackground?: string;
+        /**
+         * The background color for container elements.
+         */
         containerBackground?: string;
+        /**
+         * The background color for page elements.
+         */
         pageBackground?: string;
     }
     interface WorkspacePaletteHeader {
+        /**
+         * The background color of the header.
+         */
         background?: string;
+        /**
+         * Whether to invert the colors of action buttons in the header.
+         */
         invertActionsColors?: boolean;
+        /**
+         * The text color in the header.
+         */
         text?: string;
+        /**
+         * The text color when hovering over header elements.
+         */
         textHover?: string;
     }
     interface WorkspacePaletteNavigation {
+        /**
+         * The background color of the navigation area.
+         */
         background?: string;
+        /**
+         * Whether to invert the colors of action buttons in the navigation area.
+         */
         invertActionsColors?: boolean;
+        /**
+         * The text color in the navigation area.
+         */
         text?: string;
+        /**
+         * The text color for active navigation items.
+         */
         textActive?: string;
+        /**
+         * The background color for active navigation items.
+         */
         textBackgroundActive?: string;
+        /**
+         * The background color when hovering over navigation text.
+         */
         textBackgroundHover?: string;
+        /**
+         * The text color when hovering over navigation items.
+         */
         textHover?: string;
     }
     interface WorkspacePalettePrimary {
+        /**
+         * The primary color used for active states.
+         */
         active?: string;
+        /**
+         * The text color that contrasts with the primary color for readability.
+         */
         contrastText?: string;
+        /**
+         * The default primary color used throughout the workspace.
+         */
         default?: string;
     }
     /**
      * The theme configuration for the Connect workspace
      */
     interface WorkspaceTheme {
+        /**
+         * The theme configuration for dark mode.
+         */
         dark?: outputs.connect.WorkspaceThemeConfig;
+        /**
+         * The theme configuration for light mode.
+         */
         light?: outputs.connect.WorkspaceThemeConfig;
     }
     interface WorkspaceThemeConfig {
+        /**
+         * The color palette configuration for the workspace theme.
+         */
         palette?: outputs.connect.WorkspaceThemePalette;
+        /**
+         * The typography configuration for the workspace theme.
+         */
         typography?: outputs.connect.WorkspaceThemeTypography;
     }
     interface WorkspaceThemePalette {
+        /**
+         * The color configuration for the canvas area.
+         */
         canvas?: outputs.connect.WorkspacePaletteCanvas;
+        /**
+         * The color configuration for the header area.
+         */
         header?: outputs.connect.WorkspacePaletteHeader;
+        /**
+         * The color configuration for the navigation area.
+         */
         navigation?: outputs.connect.WorkspacePaletteNavigation;
+        /**
+         * The primary color configuration used throughout the workspace.
+         */
         primary?: outputs.connect.WorkspacePalettePrimary;
     }
     interface WorkspaceThemeTypography {
+        /**
+         * The font family configuration for text in the workspace.
+         */
         fontFamily?: outputs.connect.FontFamily;
     }
 }
@@ -22337,6 +22522,9 @@ export declare namespace connectcampaignsv2 {
          * The configuration of the telephony channel subtype.
          */
         telephony?: outputs.connectcampaignsv2.CampaignTelephonyChannelSubtypeConfig;
+        /**
+         * The configuration of the WhatsApp channel subtype.
+         */
         whatsApp?: outputs.connectcampaignsv2.CampaignWhatsAppChannelSubtypeConfig;
     }
     /**
@@ -22389,6 +22577,9 @@ export declare namespace connectcampaignsv2 {
          * The communication time configuration for the telephony channel subtype.
          */
         telephony?: outputs.connectcampaignsv2.CampaignTimeWindow;
+        /**
+         * The communication time configuration for the WhatsApp channel subtype.
+         */
         whatsApp?: outputs.connectcampaignsv2.CampaignTimeWindow;
     }
     /**
@@ -22633,6 +22824,9 @@ export declare namespace connectcampaignsv2 {
          * The Amazon Connect source phone number.
          */
         connectSourcePhoneNumber?: string;
+        /**
+         * The ring timeout configuration for outbound calls. Specifies how long to wait for the call to be answered before timing out.
+         */
         ringTimeout?: number;
     }
     /**
@@ -22689,15 +22883,30 @@ export declare namespace connectcampaignsv2 {
      * WhatsApp Channel Subtype config
      */
     interface CampaignWhatsAppChannelSubtypeConfig {
+        /**
+         * The allocation of WhatsApp capacity between multiple running outbound campaigns.
+         */
         capacity?: number;
+        /**
+         * The default WhatsApp outbound configuration of an outbound campaign.
+         */
         defaultOutboundConfig: outputs.connectcampaignsv2.CampaignWhatsAppOutboundConfig;
+        /**
+         * The outbound mode for WhatsApp of an outbound campaign.
+         */
         outboundMode: outputs.connectcampaignsv2.CampaignWhatsAppOutboundMode;
     }
     /**
      * Default WhatsApp outbound config
      */
     interface CampaignWhatsAppOutboundConfig {
+        /**
+         * The Amazon Resource Name (ARN) of the Amazon Connect source WhatsApp phone number.
+         */
         connectSourcePhoneNumberArn: string;
+        /**
+         * The Amazon Resource Name (ARN) of the Amazon Q in Connect template.
+         */
         wisdomTemplateArn: string;
     }
     /**
@@ -25917,6 +26126,10 @@ export declare namespace devicefarm {
          */
         value?: string;
     }
+    interface ProjectEnvironmentVariable {
+        name: string;
+        value: string;
+    }
     /**
      * The VPC security groups and subnets that are attached to a project
      */
@@ -27641,6 +27854,12 @@ export declare namespace ec2 {
          * Default: `20`
          */
         onDemandMaxPricePercentageOverLowestPrice?: number;
+        /**
+         * Specifies whether instance types must support encrypting in-transit traffic between instances. For more information, including the supported instance types, see [Encryption in transit](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit) in the *Amazon EC2 User Guide* .
+         *
+         * Default: `false`
+         */
+        requireEncryptionInTransit?: boolean;
         /**
          * Indicates whether instance types must support hibernation for On-Demand Instances.
          *
@@ -30122,9 +30341,21 @@ export declare namespace ec2 {
      * Describes the public hostname type options, including public hostname type, IPv4-enabled public hostname, IPv6-enabled public hostname, and dual-stack public hostname.
      */
     interface NetworkInterfacePublicIpDnsNameOptions {
+        /**
+         * The public hostname type. For more information, see [EC2 instance hostnames, DNS names, and domains](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon EC2 User Guide* .
+         */
         dnsHostnameType?: string;
+        /**
+         * A dual-stack public hostname for a network interface. Requests from within the VPC resolve to both the private IPv4 address and the IPv6 Global Unicast Address of the network interface. Requests from the internet resolve to both the public IPv4 and the IPv6 GUA address of the network interface.
+         */
         publicDualStackDnsName?: string;
+        /**
+         * An IPv4-enabled public hostname for a network interface. Requests from within the VPC resolve to the private primary IPv4 address of the network interface. Requests from the internet resolve to the public IPv4 address of the network interface.
+         */
         publicIpv4DnsName?: string;
+        /**
+         * An IPv6-enabled public hostname for a network interface. Requests from within the VPC or from the internet resolve to the IPv6 GUA of the network interface.
+         */
         publicIpv6DnsName?: string;
     }
     /**
@@ -30727,6 +30958,12 @@ export declare namespace ec2 {
          * Default: `20`
          */
         onDemandMaxPricePercentageOverLowestPrice?: number;
+        /**
+         * Specifies whether instance types must support encrypting in-transit traffic between instances. For more information, including the supported instance types, see [Encryption in transit](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit) in the *Amazon EC2 User Guide* .
+         *
+         * Default: `false`
+         */
+        requireEncryptionInTransit?: boolean;
         /**
          * Indicates whether instance types must support hibernation for On-Demand Instances.
          *
@@ -33107,6 +33344,8 @@ export declare namespace ecs {
          * The deployment strategy for the service. Choose from these valid values:
          *   +  ``ROLLING`` - When you create a service which uses the rolling update (``ROLLING``) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.
          *   +  ``BLUE_GREEN`` - A blue/green deployment strategy (``BLUE_GREEN``) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.
+         *   +  ``LINEAR`` - A *linear* deployment strategy (``LINEAR``) gradually shifts traffic from the current production environment to a new environment in equal percentages over time. With Amazon ECS linear deployments, you can control the pace of traffic shifting and validate new service revisions with increasing amounts of production traffic.
+         *   +  ``CANARY`` - A *canary* deployment strategy (``CANARY``) shifts a small percentage of traffic to the new service revision first, then shifts the remaining traffic all at once after a specified time period. This allows you to test the new version with a subset of users before full deployment.
          */
         strategy?: enums.ecs.ServiceDeploymentConfigurationStrategy;
     }
@@ -35580,7 +35819,7 @@ export declare namespace elasticloadbalancingv2 {
          */
         forwardConfig?: outputs.elasticloadbalancingv2.ListenerForwardConfig;
         /**
-         * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when `Type` is `jwt-validation` .
+         * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when ``Type`` is ``jwt-validation``.
          */
         jwtValidationConfig?: outputs.elasticloadbalancingv2.ListenerJwtValidationConfig;
         /**
@@ -35779,17 +36018,20 @@ export declare namespace elasticloadbalancingv2 {
          */
         targetGroups?: outputs.elasticloadbalancingv2.ListenerTargetGroupTuple[];
     }
+    /**
+     * Information about an additional claim to validate.
+     */
     interface ListenerJwtValidationActionAdditionalClaim {
         /**
          * The format of the claim value.
          */
         format: string;
         /**
-         * The name of the claim. You can't specify `exp` , `iss` , `nbf` , or `iat` because we validate them by default.
+         * The name of the claim. You can't specify ``exp``, ``iss``, ``nbf``, or ``iat`` because we validate them by default.
          */
         name: string;
         /**
-         * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is `space-separated-values` , the values can't include spaces.
+         * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is ``space-separated-values``, the values can't include spaces.
          */
         values: string[];
     }
@@ -35879,7 +36121,7 @@ export declare namespace elasticloadbalancingv2 {
          */
         forwardConfig?: outputs.elasticloadbalancingv2.ListenerRuleForwardConfig;
         /**
-         * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when `Type` is `jwt-validation` .
+         * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when ``Type`` is ``jwt-validation``.
          */
         jwtValidationConfig?: outputs.elasticloadbalancingv2.ListenerRuleJwtValidationConfig;
         /**
@@ -36072,17 +36314,20 @@ export declare namespace elasticloadbalancingv2 {
          */
         values?: string[];
     }
+    /**
+     * Information about an additional claim to validate.
+     */
     interface ListenerRuleJwtValidationActionAdditionalClaim {
         /**
          * The format of the claim value.
          */
         format: string;
         /**
-         * The name of the claim. You can't specify `exp` , `iss` , `nbf` , or `iat` because we validate them by default.
+         * The name of the claim. You can't specify ``exp``, ``iss``, ``nbf``, or ``iat`` because we validate them by default.
          */
         name: string;
         /**
-         * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is `space-separated-values` , the values can't include spaces.
+         * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is ``space-separated-values``, the values can't include spaces.
          */
         values: string[];
     }
@@ -36330,6 +36575,9 @@ export declare namespace elasticloadbalancingv2 {
          *   +  ``connection_logs.s3.enabled`` - Indicates whether connection logs are enabled. The value is ``true`` or ``false``. The default is ``false``.
          *   +  ``connection_logs.s3.bucket`` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
          *   +  ``connection_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the connection logs.
+         *   +  ``health_check_logs.s3.enabled`` - Indicates whether health check logs are enabled. The value is ``true`` or ``false``. The default is ``false``.
+         *   +  ``health_check_logs.s3.bucket`` - The name of the S3 bucket for the health check logs. This attribute is required if health check logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
+         *   +  ``health_check_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the health check logs.
          *   +  ``routing.http.desync_mitigation_mode`` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are ``monitor``, ``defensive``, and ``strictest``. The default is ``defensive``.
          *   +  ``routing.http.drop_invalid_header_fields.enabled`` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (``true``) or routed to targets (``false``). The default is ``false``.
          *   +  ``routing.http.preserve_host_header.enabled`` - Indicates whether the Application Load Balancer should preserve the ``Host`` header in the HTTP request and send it to the target without any change. The possible values are ``true`` and ``false``. The default is ``false``.
@@ -36916,6 +37164,10 @@ export declare namespace entityresolution {
          */
         ruleName: string;
     }
+    interface MatchingWorkflowCustomerProfilesIntegrationConfig {
+        domainArn: string;
+        objectTypeArn: string;
+    }
     interface MatchingWorkflowIncrementalRunConfig {
         /**
          * The type of incremental run. The only valid value is `IMMEDIATE` . This appears as "Automatic" in the console.
@@ -36959,6 +37211,7 @@ export declare namespace entityresolution {
          * Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.
          */
         applyNormalization?: boolean;
+        customerProfilesIntegrationConfig?: outputs.entityresolution.MatchingWorkflowCustomerProfilesIntegrationConfig;
         /**
          * Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.
          */
@@ -36970,7 +37223,7 @@ export declare namespace entityresolution {
         /**
          * The S3 path to which Entity Resolution will write the output table
          */
-        outputS3Path: string;
+        outputS3Path?: string;
     }
     interface MatchingWorkflowProviderProperties {
         /**
@@ -39911,10 +40164,12 @@ export declare namespace gameliftstreams {
          * A location's name. For example, `us-east-1` . For a complete list of locations that Amazon GameLift Streams supports, refer to [Regions, quotas, and limitations](https://docs.aws.amazon.com/gameliftstreams/latest/developerguide/regions-quotas.html) in the *Amazon GameLift Streams Developer Guide* .
          */
         locationName: string;
+        maximumCapacity?: number;
         /**
-         * The streaming capacity that Amazon GameLift Streams can allocate in response to stream requests, and then de-allocate when the session has terminated. This offers a cost control measure at the expense of a greater startup time (typically under 5 minutes). Default is 0 when creating a stream group or adding a location.
+         * This shape is deprecated.
          */
         onDemandCapacity?: number;
+        targetIdleCapacity?: number;
     }
 }
 export declare namespace globalaccelerator {
@@ -41309,6 +41564,128 @@ export declare namespace groundstation {
          */
         port?: number;
     }
+    /**
+     * Socket address of an uplink or downlink agent endpoint with an optional mtu.
+     */
+    interface DataflowEndpointGroupV2ConnectionDetails {
+        /**
+         * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.
+         */
+        mtu?: number;
+        socketAddress: outputs.groundstation.DataflowEndpointGroupV2SocketAddress;
+    }
+    interface DataflowEndpointGroupV2CreateEndpointDetails {
+        downlinkAwsGroundStationAgentEndpoint?: outputs.groundstation.DataflowEndpointGroupV2DownlinkAwsGroundStationAgentEndpoint;
+        uplinkAwsGroundStationAgentEndpoint?: outputs.groundstation.DataflowEndpointGroupV2UplinkAwsGroundStationAgentEndpoint;
+    }
+    /**
+     * Information about DownlinkAwsGroundStationAgentEndpoint used for create
+     */
+    interface DataflowEndpointGroupV2DownlinkAwsGroundStationAgentEndpoint {
+        dataflowDetails: outputs.groundstation.DataflowEndpointGroupV2DownlinkDataflowDetails;
+        name: string;
+    }
+    /**
+     * Information about DownlinkAwsGroundStationAgentEndpoint
+     */
+    interface DataflowEndpointGroupV2DownlinkAwsGroundStationAgentEndpointDetails {
+        agentStatus?: enums.groundstation.DataflowEndpointGroupV2AgentStatus;
+        auditResults?: enums.groundstation.DataflowEndpointGroupV2AuditResults;
+        dataflowDetails: outputs.groundstation.DataflowEndpointGroupV2DownlinkDataflowDetails;
+        name: string;
+    }
+    /**
+     * Connection details for downlink, from ground station to agent, and customer to agent
+     */
+    interface DataflowEndpointGroupV2DownlinkConnectionDetails {
+        agentIpAndPortAddress: outputs.groundstation.DataflowEndpointGroupV2RangedConnectionDetails;
+        egressAddressAndPort: outputs.groundstation.DataflowEndpointGroupV2ConnectionDetails;
+    }
+    /**
+     * Dataflow details for downlink
+     */
+    interface DataflowEndpointGroupV2DownlinkDataflowDetails {
+        agentConnectionDetails?: outputs.groundstation.DataflowEndpointGroupV2DownlinkConnectionDetails;
+    }
+    interface DataflowEndpointGroupV2EndpointDetails {
+        downlinkAwsGroundStationAgentEndpoint?: outputs.groundstation.DataflowEndpointGroupV2DownlinkAwsGroundStationAgentEndpointDetails;
+        uplinkAwsGroundStationAgentEndpoint?: outputs.groundstation.DataflowEndpointGroupV2UplinkAwsGroundStationAgentEndpointDetails;
+    }
+    /**
+     * An integer range that has a minimum and maximum value.
+     */
+    interface DataflowEndpointGroupV2IntegerRange {
+        /**
+         * A maximum value.
+         */
+        maximum: number;
+        /**
+         * A minimum value.
+         */
+        minimum: number;
+    }
+    /**
+     * Socket address of an uplink or downlink agent endpoint with a port range and an optional mtu.
+     */
+    interface DataflowEndpointGroupV2RangedConnectionDetails {
+        /**
+         * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.
+         */
+        mtu?: number;
+        socketAddress: outputs.groundstation.DataflowEndpointGroupV2RangedSocketAddress;
+    }
+    /**
+     * A socket address with a port range.
+     */
+    interface DataflowEndpointGroupV2RangedSocketAddress {
+        /**
+         * IPv4 socket address.
+         */
+        name: string;
+        /**
+         * Port range of a socket address.
+         */
+        portRange: outputs.groundstation.DataflowEndpointGroupV2IntegerRange;
+    }
+    interface DataflowEndpointGroupV2SocketAddress {
+        /**
+         * IPv4 socket address.
+         */
+        name: string;
+        /**
+         * Port of a socket address.
+         */
+        port: number;
+    }
+    /**
+     * Information about UplinkAwsGroundStationAgentEndpoint used for create
+     */
+    interface DataflowEndpointGroupV2UplinkAwsGroundStationAgentEndpoint {
+        dataflowDetails: outputs.groundstation.DataflowEndpointGroupV2UplinkDataflowDetails;
+        name: string;
+    }
+    /**
+     * Information about UplinkAwsGroundStationAgentEndpoint
+     */
+    interface DataflowEndpointGroupV2UplinkAwsGroundStationAgentEndpointDetails {
+        agentStatus?: enums.groundstation.DataflowEndpointGroupV2AgentStatus;
+        auditResults?: enums.groundstation.DataflowEndpointGroupV2AuditResults;
+        dataflowDetails: outputs.groundstation.DataflowEndpointGroupV2UplinkDataflowDetails;
+        name: string;
+    }
+    /**
+     * Connection details for uplink, from ground station to agent, and customer to agent
+     */
+    interface DataflowEndpointGroupV2UplinkConnectionDetails {
+        agentIpAndPortAddress: outputs.groundstation.DataflowEndpointGroupV2RangedConnectionDetails;
+        ingressAddressAndPort: outputs.groundstation.DataflowEndpointGroupV2ConnectionDetails;
+    }
+    /**
+     * Dataflow details for uplink
+     */
+    interface DataflowEndpointGroupV2UplinkDataflowDetails {
+        agentConnectionDetails?: outputs.groundstation.DataflowEndpointGroupV2UplinkConnectionDetails;
+    }
     interface MissionProfileDataflowEdge {
         /**
          * The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.
@@ -51245,6 +51622,9 @@ export declare namespace lambda {
          * The maximum number of EC2 instances that the capacity provider can scale up to.
          */
         maxVCpuCount?: number;
+        /**
+         * The scaling mode that determines how the capacity provider responds to changes in demand.
+         */
         scalingMode?: enums.lambda.CapacityProviderScalingMode;
         /**
          * A list of target tracking scaling policies for the capacity provider.
@@ -51255,6 +51635,9 @@ export declare namespace lambda {
      * A target tracking scaling policy for the capacity provider.
      */
     interface CapacityProviderTargetTrackingScalingPolicy {
+        /**
+         * The predefined metric type to track for scaling decisions.
+         */
         predefinedMetricType: enums.lambda.CapacityProviderPredefinedMetricType;
         /**
          * The target value for the metric as a percentage (for example, 70.0 for 70%).
@@ -51543,6 +51926,9 @@ export declare namespace lambda {
         uri?: string;
     }
     interface FunctionCapacityProviderConfig {
+        /**
+         * Configuration for Lambda-managed instances used by the capacity provider.
+         */
         lambdaManagedInstancesCapacityProviderConfig: outputs.lambda.FunctionLambdaManagedInstancesCapacityProviderConfig;
     }
     /**
@@ -53930,6 +54316,10 @@ export declare namespace logs {
          * Specify the service or process that produces the log events that will be converted with this processor.
          */
         eventSource: enums.logs.TransformerEventSource;
+        /**
+         * The version of the OCSF mapping to use for parsing log data.
+         */
+        mappingVersion?: string;
         /**
          * Specify which version of the OCSF schema to use for the transformed log events.
          */
@@ -57742,6 +58132,7 @@ export declare namespace msk {
         revision: number;
     }
     interface ClusterConnectivityInfo {
+        networkType?: enums.msk.ClusterNetworkType;
         /**
          * Access control settings for the cluster's brokers.
          */
@@ -59586,6 +59977,9 @@ export declare namespace observabilityadmin {
          * A delimiter to delineate log fields
          */
         fieldDelimiter?: string;
+        /**
+         * The format for ELB access log entries (plain text or JSON format).
+         */
         outputFormat?: enums.observabilityadmin.OrganizationTelemetryRuleElbLoadBalancerLoggingParametersOutputFormat;
     }
     /**
@@ -59627,7 +60021,13 @@ export declare namespace observabilityadmin {
      * Default handling for logs that don't match any of the specified filtering conditions.
      */
     interface OrganizationTelemetryRuleLoggingFilter {
+        /**
+         * The default action (KEEP or DROP) for log records that don't match any filter conditions.
+         */
         defaultBehavior?: enums.observabilityadmin.OrganizationTelemetryRuleFilterBehavior;
+        /**
+         * A list of filter conditions that determine log record handling behavior.
+         */
         filters?: outputs.observabilityadmin.OrganizationTelemetryRuleFilter[];
     }
     /**
@@ -59643,6 +60043,9 @@ export declare namespace observabilityadmin {
      * The destination configuration for telemetry data
      */
     interface OrganizationTelemetryRuleTelemetryDestinationConfiguration {
+        /**
+         * Configuration parameters specific to AWS CloudTrail when CloudTrail is the source type.
+         */
         cloudtrailParameters?: outputs.observabilityadmin.OrganizationTelemetryRuleCloudtrailParameters;
         /**
          * The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
@@ -59652,6 +60055,9 @@ export declare namespace observabilityadmin {
          * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
          */
         destinationType?: enums.observabilityadmin.OrganizationTelemetryRuleDestinationType;
+        /**
+         * Configuration parameters specific to ELB load balancer logging when ELB is the resource type.
+         */
         elbLoadBalancerLoggingParameters?: outputs.observabilityadmin.OrganizationTelemetryRuleElbLoadBalancerLoggingParameters;
         /**
          * The number of days to retain the telemetry data in the destination.
@@ -59661,6 +60067,9 @@ export declare namespace observabilityadmin {
          * Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
          */
         vpcFlowLogParameters?: outputs.observabilityadmin.OrganizationTelemetryRuleVpcFlowLogParameters;
+        /**
+         * Configuration parameters specific to WAF logging when WAF is the resource type.
+         */
         wafLoggingParameters?: outputs.observabilityadmin.OrganizationTelemetryRuleWafLoggingParameters;
     }
     /**
@@ -59683,6 +60092,9 @@ export declare namespace observabilityadmin {
          * Criteria for selecting which resources the rule applies to, such as resource tags.
          */
         selectionCriteria?: string;
+        /**
+         * The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type.
+         */
         telemetrySourceTypes?: enums.observabilityadmin.OrganizationTelemetryRuleTelemetrySourceType[];
         /**
          * The type of telemetry to collect (Logs, Metrics, or Traces).
@@ -59710,7 +60122,13 @@ export declare namespace observabilityadmin {
      * Telemetry parameters for WAF v2 Web ACL
      */
     interface OrganizationTelemetryRuleWafLoggingParameters {
+        /**
+         * The type of WAF logs to collect (currently supports WAF_LOGS).
+         */
         logType?: enums.observabilityadmin.OrganizationTelemetryRuleWafLogType;
+        /**
+         * A filter configuration that determines which WAF log records to include or exclude.
+         */
         loggingFilter?: outputs.observabilityadmin.OrganizationTelemetryRuleLoggingFilter;
         /**
          * Fields not to be included in the logs.
@@ -59731,12 +60149,33 @@ export declare namespace observabilityadmin {
         value: string;
     }
     interface TelemetryPipelinesTelemetryPipeline {
+        /**
+         * The Amazon Resource Name (ARN) of the telemetry pipeline.
+         */
         arn?: string;
+        /**
+         * The configuration that defines how the telemetry pipeline processes data.
+         */
         configuration?: outputs.observabilityadmin.TelemetryPipelinesTelemetryPipelineConfiguration;
+        /**
+         * The timestamp when the telemetry pipeline was created.
+         */
         createdTimeStamp?: number;
+        /**
+         * The timestamp when the telemetry pipeline was last updated.
+         */
         lastUpdateTimeStamp?: number;
+        /**
+         * The name of the telemetry pipeline.
+         */
         name?: string;
+        /**
+         * The current status of the telemetry pipeline.
+         */
         status?: enums.observabilityadmin.TelemetryPipelinesTelemetryPipelineStatus;
+        /**
+         * Additional information about the pipeline status, including reasons for failure states.
+         */
         statusReason?: outputs.observabilityadmin.TelemetryPipelinesTelemetryPipelineStatusReason;
         /**
          * An array of key-value pairs to apply to this resource
@@ -59744,9 +60183,15 @@ export declare namespace observabilityadmin {
         tags?: outputs.observabilityadmin.TelemetryPipelinesTag[];
     }
     interface TelemetryPipelinesTelemetryPipelineConfiguration {
+        /**
+         * The pipeline configuration body that defines the data processing rules and transformations.
+         */
         body: string;
     }
     interface TelemetryPipelinesTelemetryPipelineStatusReason {
+        /**
+         * A description of the pipeline status reason, providing additional context about the current state.
+         */
         description?: string;
     }
     /**
@@ -59765,6 +60210,9 @@ export declare namespace observabilityadmin {
          * Criteria for selecting which resources the rule applies to, such as resource tags.
          */
         selectionCriteria?: string;
+        /**
+         * The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type.
+         */
         telemetrySourceTypes?: enums.observabilityadmin.TelemetryRuleTelemetrySourceType[];
         /**
          * The type of telemetry to collect (Logs, Metrics, or Traces).
@@ -59847,6 +60295,9 @@ export declare namespace observabilityadmin {
          * A delimiter to delineate log fields
          */
         fieldDelimiter?: string;
+        /**
+         * The format for ELB access log entries (plain text or JSON format).
+         */
         outputFormat?: enums.observabilityadmin.TelemetryRuleElbLoadBalancerLoggingParametersOutputFormat;
     }
     /**
@@ -59888,7 +60339,13 @@ export declare namespace observabilityadmin {
      * Default handling for logs that don't match any of the specified filtering conditions.
      */
     interface TelemetryRuleLoggingFilter {
+        /**
+         * The default action (KEEP or DROP) for log records that don't match any filter conditions.
+         */
         defaultBehavior?: enums.observabilityadmin.TelemetryRuleFilterBehavior;
+        /**
+         * A list of filter conditions that determine log record handling behavior.
+         */
         filters?: outputs.observabilityadmin.TelemetryRuleFilter[];
     }
     /**
@@ -59904,6 +60361,9 @@ export declare namespace observabilityadmin {
      * The destination configuration for telemetry data
      */
     interface TelemetryRuleTelemetryDestinationConfiguration {
+        /**
+         * Configuration parameters specific to AWS CloudTrail when CloudTrail is the source type.
+         */
         cloudtrailParameters?: outputs.observabilityadmin.TelemetryRuleCloudtrailParameters;
         /**
          * The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
@@ -59913,6 +60373,9 @@ export declare namespace observabilityadmin {
          * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
          */
         destinationType?: enums.observabilityadmin.TelemetryRuleDestinationType;
+        /**
+         * Configuration parameters specific to ELB load balancer logging when ELB is the resource type.
+         */
         elbLoadBalancerLoggingParameters?: outputs.observabilityadmin.TelemetryRuleElbLoadBalancerLoggingParameters;
         /**
          * Parameters for BedrockAgentCore log delivery
@@ -59926,6 +60389,9 @@ export declare namespace observabilityadmin {
          * Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
          */
         vpcFlowLogParameters?: outputs.observabilityadmin.TelemetryRuleVpcFlowLogParameters;
+        /**
+         * Configuration parameters specific to WAF logging when WAF is the resource type.
+         */
         wafLoggingParameters?: outputs.observabilityadmin.TelemetryRuleWafLoggingParameters;
     }
     /**
@@ -59958,7 +60424,13 @@ export declare namespace observabilityadmin {
      * Telemetry parameters for WAF v2 Web ACL
      */
     interface TelemetryRuleWafLoggingParameters {
+        /**
+         * The type of WAF logs to collect (currently supports WAF_LOGS).
+         */
         logType?: enums.observabilityadmin.TelemetryRuleWafLogType;
+        /**
+         * A filter configuration that determines which WAF log records to include or exclude.
+         */
         loggingFilter?: outputs.observabilityadmin.TelemetryRuleLoggingFilter;
         /**
          * Fields not to be included in the logs.
@@ -60461,6 +60933,19 @@ export declare namespace omics {
     }
 }
 export declare namespace opensearchserverless {
+    /**
+     * The configuration to encrypt the collection
+     */
+    interface CollectionEncryptionConfig {
+        /**
+         * The configuration to encrypt the collection with AWS owned key
+         */
+        awsOwnedKey?: boolean;
+        /**
+         * The ARN of the KMS key to encrypt the collection with
+         */
+        kmsKeyArn?: string;
+    }
     interface IndexPropertyMapping {
         /**
          * Dimension size for vector fields, defines the number of dimensions in the vector
@@ -61318,7 +61803,17 @@ export declare namespace paymentcryptography {
         wrap?: boolean;
     }
     interface KeyReplicationStatusType {
+        /**
+         * The current status of key replication in this AWS Region .
+         *
+         * This field indicates whether the key replication is in progress, completed successfully, or has encountered an error. Possible values include states such as `SYNCRHONIZED` , `IN_PROGRESS` , `DELETE_IN_PROGRESS` , or `FAILED` . This provides visibility into the replication process for monitoring and troubleshooting purposes.
+         */
         status: enums.paymentcryptography.KeyReplicationState;
+        /**
+         * A message that provides additional information about the current replication status of the key.
+         *
+         * This field contains details about any issues or progress updates related to key replication operations. It may include information about replication failures, synchronization status, or other operational details.
+         */
         statusMessage?: string;
     }
 }
@@ -94895,11 +95390,19 @@ export declare namespace s3 {
          */
         tagFilters?: outputs.s3.BucketTagFilter[];
     }
+    /**
+     * A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block ``PutObject``, ``CopyObject``, ``PostObject``, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html).
+     *  This data type is used with the following actions:
+     *   +   [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html)
+     *   +   [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html)
+     *   +   [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html)
+     *
+     *   + Permissions You must have the s3:PutEncryptionConfiguration permission to block or unblock an encryption type for a bucket. You must have the s3:GetEncryptionConfiguration permission to view a bucket's encryption type.
+     */
     interface BucketBlockedEncryptionTypes {
         /**
          * The object encryption type that you want to block or unblock for an Amazon S3 general purpose bucket.
-         *
-         * > Currently, this parameter only supports blocking or unblocking server side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) .
+         *   Currently, this parameter only supports blocking or unblocking server side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html).
          */
         encryptionType?: enums.s3.BucketBlockedEncryptionTypeListItem[];
     }
@@ -95404,7 +95907,7 @@ export declare namespace s3 {
         objectOwnership?: enums.s3.BucketOwnershipControlsRuleObjectOwnership;
     }
     /**
-     * The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.
+     * The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Bucket-level settings work alongside account-level settings (which may inherit from organization-level policies). For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.
      */
     interface BucketPublicAccessBlockConfiguration {
         /**
@@ -95830,9 +96333,8 @@ export declare namespace s3 {
      */
     interface BucketServerSideEncryptionRule {
         /**
-         * A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block `PutObject` , `CopyObject` , `PostObject` , multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html) .
-         *
-         * > Currently, this parameter only supports blocking or unblocking server-side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) .
+         * A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block ``PutObject``, ``CopyObject``, ``PostObject``, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html).
+         *   Currently, this parameter only supports blocking or unblocking server-side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html).
          */
         blockedEncryptionTypes?: outputs.s3.BucketBlockedEncryptionTypes;
         /**
@@ -96195,6 +96697,7 @@ export declare namespace s3 {
          * This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.
          */
         s3BucketDestination?: outputs.s3.StorageLensS3BucketDestination;
+        storageLensTableDestination?: outputs.s3.StorageLensTableDestination;
     }
     /**
      * Enables detailed status codes metrics.
@@ -96215,6 +96718,7 @@ export declare namespace s3 {
      */
     interface StorageLensExpandedPrefixesDataExport {
         s3BucketDestination?: outputs.s3.StorageLensS3BucketDestination;
+        storageLensTableDestination?: outputs.s3.StorageLensTableDestination;
     }
     /**
      * The Storage Lens group will include objects that match all of the specified filter values.
@@ -96416,6 +96920,16 @@ export declare namespace s3 {
          */
         minStorageBytesPercentage?: number;
     }
+    /**
+     * S3 Tables destination settings for the Amazon S3 Storage Lens metrics export.
+     */
+    interface StorageLensTableDestination {
+        encryption?: outputs.s3.StorageLensEncryption;
+        /**
+         * Specifies whether the export to S3 Tables is enabled or disabled.
+         */
+        isEnabled: boolean;
+    }
 }
 export declare namespace s3express {
     interface AccessPointPublicAccessBlockConfiguration {
@@ -96876,6 +97390,19 @@ export declare namespace s3tables {
     }
 }
 export declare namespace s3vectors {
+    /**
+     * The encryption configuration for the index.
+     */
+    interface IndexEncryptionConfiguration {
+        /**
+         * AWS Key Management Service (KMS) customer managed key ID to use for the encryption configuration. This parameter is allowed if and only if sseType is set to aws:kms
+         */
+        kmsKeyArn?: string;
+        /**
+         * Defines the server-side encryption type for index encryption configuration. Defaults to the parent vector bucket's encryption settings when unspecified.
+         */
+        sseType?: enums.s3vectors.IndexEncryptionConfigurationSseType;
+    }
     /**
      * The metadata configuration for the vector index.
      */
@@ -97100,6 +97627,10 @@ export declare namespace sagemaker {
         instanceType: string;
         kubernetesConfig?: outputs.sagemaker.ClusterKubernetesConfig;
         lifeCycleConfig: outputs.sagemaker.ClusterLifeCycleConfig;
+        /**
+         * The minimum number of instances required for the instance group to be InService. MinInstanceCount must be less than or equal to InstanceCount.
+         */
+        minInstanceCount?: number;
         onStartDeepHealthChecks?: enums.sagemaker.ClusterDeepHealthCheckType[];
         overrideVpcConfig?: outputs.sagemaker.ClusterVpcConfig;
         scheduledUpdateConfig?: outputs.sagemaker.ClusterScheduledUpdateConfig;
@@ -102491,13 +103022,13 @@ export declare namespace securityhub {
         /**
          * A timestamp that provides the end date for the date filter.
          *
-         * For more information about the validation and formatting of timestamp fields in Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+         * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
          */
         end?: string;
         /**
          * A timestamp that provides the start date for the date filter.
          *
-         * For more information about the validation and formatting of timestamp fields in Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+         * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
          */
         start?: string;
     }
@@ -103460,13 +103991,13 @@ export declare namespace securityhub {
         /**
          * A timestamp that provides the end date for the date filter.
          *
-         * For more information about the validation and formatting of timestamp fields in Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+         * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
          */
         end?: string;
         /**
          * A timestamp that provides the start date for the date filter.
          *
-         * For more information about the validation and formatting of timestamp fields in Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+         * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
          */
         start?: string;
     }
@@ -103540,7 +104071,7 @@ export declare namespace securityhub {
      */
     interface InsightStringFilter {
         /**
-         * The condition to apply to a string value when filtering Security Hub findings.
+         * The condition to apply to a string value when filtering Security Hub CSPM findings.
          *
          * To search for values that have the filter value, use one of the following comparison operators:
          *
@@ -103560,20 +104091,20 @@ export declare namespace securityhub {
          *
          * You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.
          *
-         * You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
+         * You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub CSPM first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
          *
-         * For example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
+         * For example, for the following filters, Security Hub CSPM first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
          *
          * - `ResourceType PREFIX AwsIam`
          * - `ResourceType PREFIX AwsEc2`
          * - `ResourceType NOT_EQUALS AwsIamPolicy`
          * - `ResourceType NOT_EQUALS AwsEc2NetworkInterface`
          *
-         * `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *Security Hub User Guide* .
+         * `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub CSPM User Guide* .
          */
         comparison: enums.securityhub.InsightStringFilterComparison;
         /**
-         * The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.
+         * The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub CSPM` . If you provide `security hub` as the filter value, there's no match.
          */
         value: string;
     }
@@ -103583,9 +104114,9 @@ export declare namespace securityhub {
          */
         value?: outputs.securityhub.SecurityControlParameterValue;
         /**
-         * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior.
+         * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub CSPM behavior.
          *
-         * When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.
+         * When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub CSPM default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub CSPM ignores user-provided input for the `Value` field.
          *
          * When `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.
          */
@@ -104509,6 +105040,15 @@ export declare namespace ses {
          */
         textPart?: string;
     }
+    /**
+     * The resource to associate with the tenant
+     */
+    interface TenantResourceAssociation {
+        /**
+         * The ARN of the resource to associate with the tenant
+         */
+        resourceArn: string;
+    }
     /**
      * Preferences regarding the Dashboard feature.
      */
@@ -104855,6 +105395,179 @@ export declare namespace ssm {
          */
         version?: string;
     }
+    interface MaintenanceWindowTargetTargets {
+        /**
+         * User-defined criteria for sending commands that target managed nodes that meet the criteria.
+         */
+        key: string;
+        /**
+         * User-defined criteria that maps to Key.
+         */
+        values: string[];
+    }
+    interface MaintenanceWindowTaskCloudWatchOutputConfig {
+        /**
+         * The name of the CloudWatch log group where you want to send command output.
+         */
+        cloudWatchLogGroupName?: string;
+        /**
+         * Enables Systems Manager to send command output to CloudWatch Logs.
+         */
+        cloudWatchOutputEnabled?: boolean;
+    }
+    interface MaintenanceWindowTaskLoggingInfo {
+        /**
+         * The AWS Region where the S3 bucket is located.
+         */
+        region: string;
+        /**
+         * The name of an S3 bucket where execution logs are stored.
+         */
+        s3Bucket: string;
+        /**
+         * The Amazon S3 bucket subfolder.
+         */
+        s3Prefix?: string;
+    }
+    interface MaintenanceWindowTaskMaintenanceWindowAutomationParameters {
+        /**
+         * The version of an Automation runbook to use during task execution.
+         */
+        documentVersion?: string;
+        /**
+         * The parameters for the `AUTOMATION` type task.
+         */
+        parameters?: any;
+    }
+    interface MaintenanceWindowTaskMaintenanceWindowLambdaParameters {
+        /**
+         * Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.
+         */
+        clientContext?: string;
+        /**
+         * JSON to provide to your AWS Lambda function as input.
+         *
+         * > Although `Type` is listed as "String" for this property, the payload content must be formatted as a Base64-encoded binary data object.
+         *
+         * *Length Constraint:* 4096
+         */
+        payload?: string;
+        /**
+         * An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.
+         */
+        qualifier?: string;
+    }
+    interface MaintenanceWindowTaskMaintenanceWindowRunCommandParameters {
+        /**
+         * Configuration options for sending command output to Amazon CloudWatch Logs.
+         */
+        cloudWatchOutputConfig?: outputs.ssm.MaintenanceWindowTaskCloudWatchOutputConfig;
+        /**
+         * Information about the command or commands to run.
+         */
+        comment?: string;
+        /**
+         * The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.
+         */
+        documentHash?: string;
+        /**
+         * The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.
+         */
+        documentHashType?: string;
+        /**
+         * The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:
+         *
+         * `--document-version "\$DEFAULT"`
+         *
+         * `--document-version "\$LATEST"`
+         *
+         * `--document-version "3"`
+         */
+        documentVersion?: string;
+        /**
+         * Configurations for sending notifications about command status changes on a per-managed node basis.
+         */
+        notificationConfig?: outputs.ssm.MaintenanceWindowTaskNotificationConfig;
+        /**
+         * The name of the Amazon Simple Storage Service (Amazon S3) bucket.
+         */
+        outputS3BucketName?: string;
+        /**
+         * The S3 bucket subfolder.
+         */
+        outputS3KeyPrefix?: string;
+        /**
+         * The parameters for the `RUN_COMMAND` task execution.
+         *
+         * The supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .
+         */
+        parameters?: any;
+        /**
+         * The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .
+         *
+         * However, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .
+         */
+        serviceRoleArn?: string;
+        /**
+         * If this time is reached and the command hasn't already started running, it doesn't run.
+         */
+        timeoutSeconds?: number;
+    }
+    interface MaintenanceWindowTaskMaintenanceWindowStepFunctionsParameters {
+        /**
+         * The inputs for the `STEP_FUNCTIONS` task.
+         */
+        input?: string;
+        /**
+         * The name of the `STEP_FUNCTIONS` task.
+         */
+        name?: string;
+    }
+    interface MaintenanceWindowTaskNotificationConfig {
+        /**
+         * An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.
+         */
+        notificationArn: string;
+        /**
+         * The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .
+         */
+        notificationEvents?: string[];
+        /**
+         * The notification type.
+         *
+         * - `Command` : Receive notification when the status of a command changes.
+         * - `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
+         */
+        notificationType?: string;
+    }
+    interface MaintenanceWindowTaskTarget {
+        /**
+         * User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .
+         */
+        key: string;
+        /**
+         * User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .
+         */
+        values: string[];
+    }
+    interface MaintenanceWindowTaskTaskInvocationParameters {
+        /**
+         * The parameters for an `AUTOMATION` task type.
+         */
+        maintenanceWindowAutomationParameters?: outputs.ssm.MaintenanceWindowTaskMaintenanceWindowAutomationParameters;
+        /**
+         * The parameters for a `LAMBDA` task type.
+         */
+        maintenanceWindowLambdaParameters?: outputs.ssm.MaintenanceWindowTaskMaintenanceWindowLambdaParameters;
+        /**
+         * The parameters for a `RUN_COMMAND` task type.
+         */
+        maintenanceWindowRunCommandParameters?: outputs.ssm.MaintenanceWindowTaskMaintenanceWindowRunCommandParameters;
+        /**
+         * The parameters for a `STEP_FUNCTIONS` task type.
+         */
+        maintenanceWindowStepFunctionsParameters?: outputs.ssm.MaintenanceWindowTaskMaintenanceWindowStepFunctionsParameters;
+    }
     /**
      * Defines which patches should be included in a patch baseline.
      */
@@ -111801,6 +112514,46 @@ export declare namespace workspacesweb {
     }
     interface SessionLoggerUnit {
     }
+    interface UserSettingsBrandingConfiguration {
+        /**
+         * The color theme for components on the web portal. Choose `Light` if you upload a dark wallpaper, or `Dark` for a light wallpaper.
+         */
+        colorTheme?: enums.workspacesweb.UserSettingsColorTheme;
+        /**
+         * The favicon image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 100 KB in JPEG, PNG, or ICO format.
+         */
+        favicon?: string;
+        /**
+         * Read-only. Metadata for the favicon image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function.
+         */
+        faviconMetadata?: outputs.workspacesweb.UserSettingsImageMetadata;
+        /**
+         * A map of localized text strings for different languages, allowing the portal to display content in the user's preferred language.
+         */
+        localizedStrings?: {
+            [key: string]: outputs.workspacesweb.UserSettingsLocalizedBrandingStrings;
+        };
+        /**
+         * The logo image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 100 KB in JPEG, PNG, or ICO format.
+         */
+        logo?: string;
+        /**
+         * Read-only. Metadata for the logo image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function.
+         */
+        logoMetadata?: outputs.workspacesweb.UserSettingsImageMetadata;
+        /**
+         * The terms of service text in Markdown format that users must accept before accessing the portal.
+         */
+        termsOfService?: string;
+        /**
+         * The wallpaper image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 5 MB in JPEG or PNG format.
+         */
+        wallpaper?: string;
+        /**
+         * Read-only. Metadata for the wallpaper image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function.
+         */
+        wallpaperMetadata?: outputs.workspacesweb.UserSettingsImageMetadata;
+    }
     interface UserSettingsCookieSpecification {
         /**
          * The domain of the cookie.
@@ -111825,6 +112578,54 @@ export declare namespace workspacesweb {
          */
         blocklist?: outputs.workspacesweb.UserSettingsCookieSpecification[];
     }
+    interface UserSettingsImageMetadata {
+        /**
+         * The file extension of the image.
+         */
+        fileExtension: string;
+        /**
+         * The timestamp when the image was last uploaded.
+         */
+        lastUploadTimestamp: string;
+        /**
+         * The MIME type of the image.
+         */
+        mimeType: enums.workspacesweb.UserSettingsMimeType;
+    }
+    interface UserSettingsLocalizedBrandingStrings {
+        /**
+         * The text displayed in the browser tab title.
+         */
+        browserTabTitle: string;
+        /**
+         * The text displayed on the contact button. This field is optional and defaults to "Contact us".
+         */
+        contactButtonText?: string;
+        /**
+         * A contact link URL. The URL must start with `https://` or `mailto:` . If not provided, the contact button will be hidden from the web portal screen.
+         */
+        contactLink?: string;
+        /**
+         * The text displayed during session loading. This field is optional and defaults to "Loading your session".
+         */
+        loadingText?: string;
+        /**
+         * The text displayed on the login button. This field is optional and defaults to "Sign In".
+         */
+        loginButtonText?: string;
+        /**
+         * The description text for the login section. This field is optional and defaults to "Sign in to your session".
+         */
+        loginDescription?: string;
+        /**
+         * The title text for the login section. This field is optional and defaults to "Sign In".
+         */
+        loginTitle?: string;
+        /**
+         * The welcome text displayed on the sign-in page.
+         */
+        welcomeText: string;
+    }
     interface UserSettingsToolbarConfiguration {
         /**
          * The list of toolbar items to be hidden.