aws-sdk 2.1386.0 → 2.1388.0

package/clients/servicecatalog.d.ts

@@ -356,11 +356,11 @@ declare class ServiceCatalog extends Service {
    */
   disassociateBudgetFromResource(callback?: (err: AWSError, data: ServiceCatalog.Types.DisassociateBudgetFromResourceOutput) => void): Request<ServiceCatalog.Types.DisassociateBudgetFromResourceOutput, AWSError>;
   /**
-   * Disassociates a previously associated principal ARN from a specified portfolio. The PrincipalType and PrincipalARN must match the AssociatePrincipalWithPortfolio call request details. For example, to disassociate an association created with a PrincipalARN of PrincipalType IAM you must use the PrincipalType IAM when calling DisassociatePrincipalFromPortfolio.  For portfolios that have been shared with principal name sharing enabled: after disassociating a principal, share recipient accounts will no longer be able to provision products in this portfolio using a role matching the name of the associated principal. 
+   * Disassociates a previously associated principal ARN from a specified portfolio. The PrincipalType and PrincipalARN must match the AssociatePrincipalWithPortfolio call request details. For example, to disassociate an association created with a PrincipalARN of PrincipalType IAM you must use the PrincipalType IAM when calling DisassociatePrincipalFromPortfolio.  For portfolios that have been shared with principal name sharing enabled: after disassociating a principal, share recipient accounts will no longer be able to provision products in this portfolio using a role matching the name of the associated principal.  For more information, review associate-principal-with-portfolio in the Amazon Web Services CLI Command Reference.   If you disassociate a principal from a portfolio, with PrincipalType as IAM, the same principal will still have access to the portfolio if it matches one of the associated principals of type IAM_PATTERN. To fully remove access for a principal, verify all the associated Principals of type IAM_PATTERN, and then ensure you disassociate any IAM_PATTERN principals that match the principal whose access you are removing. 
    */
   disassociatePrincipalFromPortfolio(params: ServiceCatalog.Types.DisassociatePrincipalFromPortfolioInput, callback?: (err: AWSError, data: ServiceCatalog.Types.DisassociatePrincipalFromPortfolioOutput) => void): Request<ServiceCatalog.Types.DisassociatePrincipalFromPortfolioOutput, AWSError>;
   /**
-   * Disassociates a previously associated principal ARN from a specified portfolio. The PrincipalType and PrincipalARN must match the AssociatePrincipalWithPortfolio call request details. For example, to disassociate an association created with a PrincipalARN of PrincipalType IAM you must use the PrincipalType IAM when calling DisassociatePrincipalFromPortfolio.  For portfolios that have been shared with principal name sharing enabled: after disassociating a principal, share recipient accounts will no longer be able to provision products in this portfolio using a role matching the name of the associated principal. 
+   * Disassociates a previously associated principal ARN from a specified portfolio. The PrincipalType and PrincipalARN must match the AssociatePrincipalWithPortfolio call request details. For example, to disassociate an association created with a PrincipalARN of PrincipalType IAM you must use the PrincipalType IAM when calling DisassociatePrincipalFromPortfolio.  For portfolios that have been shared with principal name sharing enabled: after disassociating a principal, share recipient accounts will no longer be able to provision products in this portfolio using a role matching the name of the associated principal.  For more information, review associate-principal-with-portfolio in the Amazon Web Services CLI Command Reference.   If you disassociate a principal from a portfolio, with PrincipalType as IAM, the same principal will still have access to the portfolio if it matches one of the associated principals of type IAM_PATTERN. To fully remove access for a principal, verify all the associated Principals of type IAM_PATTERN, and then ensure you disassociate any IAM_PATTERN principals that match the principal whose access you are removing. 
    */
   disassociatePrincipalFromPortfolio(callback?: (err: AWSError, data: ServiceCatalog.Types.DisassociatePrincipalFromPortfolioOutput) => void): Request<ServiceCatalog.Types.DisassociatePrincipalFromPortfolioOutput, AWSError>;
   /**
@@ -790,11 +790,11 @@ declare namespace ServiceCatalog {
      */
     PortfolioId: Id;
     /**
-     * The ARN of the principal (user, role, or group). This field allows an ARN with no accountID if PrincipalType is IAM_PATTERN.  You can associate multiple IAM patterns even if the account has no principal with that name. This is useful in Principal Name Sharing if you want to share a principal without creating it in the account that owns the portfolio. 
+     * The ARN of the principal (user, role, or group). The supported value is a fully defined  IAM ARN if the PrincipalType is IAM. If the PrincipalType is IAM_PATTERN, the supported value is an IAM ARN without an AccountID in the following format:  arn:partition:iam:::resource-type/resource-id  The resource-id can be either of the following:   Fully formed, for example arn:aws:iam:::role/resource-name or arn:aws:iam:::role/resource-path/resource-name    A wildcard ARN. The wildcard ARN accepts IAM_PATTERN values with a "*" or "?" in the resource-id segment of the ARN, for example arn:partition:service:::resource-type/resource-path/resource-name. The new symbols are exclusive to the resource-path and resource-name and cannot be used to replace the resource-type or other ARN values.    Examples of an acceptable wildcard ARN:   arn:aws:iam:::role/ResourceName_*   arn:aws:iam:::role/*ResourceName_?   Examples of an unacceptable wildcard ARN:   arn:aws:iam:::*ResourceName   You can associate multiple IAM_PATTERNs even if the account has no principal with that name.     The ARN path and principal name allow unlimited wildcard characters.    The "?" wildcard character matches zero or one of any character. This is similar to ".?" in regular regex context.   The "*" wildcard character matches any number of any characters. This is similar ".*" in regular regex context.   In the IAM Principal ARNs format (arn:partition:iam:::resource-type/resource-path/resource-name), valid resource-type values include user/, group/, or role/. The "?" and "*" are allowed only after the resource-type, in the resource-id segment. You can use special characters anywhere within the resource-id.   The "*" also matches the "/" character, allowing paths to be formed within the resource-id. For example, arn:aws:iam:::role/*ResourceName_? matches both arn:aws:iam:::role/pathA/pathB/ResourceName_1 and arn:aws:iam:::role/pathA/ResourceName_1.   
      */
     PrincipalARN: PrincipalARN;
     /**
-     * The principal type. The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you use an ARN with no accountID. 
+     * The principal type. The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you use an ARN with no accountID, with or without wildcard characters. 
      */
     PrincipalType: PrincipalType;
   }
@@ -1935,11 +1935,11 @@ declare namespace ServiceCatalog {
      */
     PortfolioId: Id;
     /**
-     * The ARN of the principal (user, role, or group). This field allows an ARN with no accountID if PrincipalType is IAM_PATTERN.
+     * The ARN of the principal (user, role, or group). This field allows an ARN with no accountID with or without wildcard characters if PrincipalType is IAM_PATTERN.
      */
     PrincipalARN: PrincipalARN;
     /**
-     * The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you use no accountID. 
+     * The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you specify an IAM ARN with no AccountId, with or without wildcard characters. 
      */
     PrincipalType?: PrincipalType;
   }
@@ -2973,11 +2973,11 @@ declare namespace ServiceCatalog {
   export type PortfolioShareType = "IMPORTED"|"AWS_SERVICECATALOG"|"AWS_ORGANIZATIONS"|string;
   export interface Principal {
     /**
-     * The ARN of the principal (user, role, or group). This field allows for an ARN with no accountID if the PrincipalType is an IAM_PATTERN. 
+     * The ARN of the principal (user, role, or group). This field allows for an ARN with no accountID, with or without wildcard characters if the PrincipalType is an IAM_PATTERN.  For more information, review associate-principal-with-portfolio in the Amazon Web Services CLI Command Reference. 
      */
     PrincipalARN?: PrincipalARN;
     /**
-     * The principal type. The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you use an ARN with no accountID. 
+     * The principal type. The supported value is IAM if you use a fully defined ARN, or IAM_PATTERN if you use an ARN with no accountID, with or without wildcard characters. 
      */
     PrincipalType?: PrincipalType;
   }

package/clients/wafv2.d.ts

@@ -514,7 +514,7 @@ declare namespace WAFV2 {
   }
   export interface Body {
     /**
-     * What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. If the body is larger than the limit, the underlying host service only forwards the contents that are below the limit to WAF for inspection.  The default limit is 8 KB (8,192 kilobytes) for regional resources and 16 KB (16,384 kilobytes) for CloudFront distributions. For CloudFront distributions, you can increase the limit in the web ACL AssociationConfig, for additional processing fees.  The options for oversize handling are the following:    CONTINUE - Inspect the body normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.   You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.  Default: CONTINUE 
+     * What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. If the body is larger than the limit, the underlying host service only forwards the contents that are below the limit to WAF for inspection.  The default limit is 8 KB (8,192 kilobytes) for regional resources and 16 KB (16,384 kilobytes) for CloudFront distributions. For CloudFront distributions, you can increase the limit in the web ACL AssociationConfig, for additional processing fees.  The options for oversize handling are the following:    CONTINUE - Inspect the available body contents normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.   You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.  Default: CONTINUE 
      */
     OversizeHandling?: OversizeHandling;
   }
@@ -522,7 +522,7 @@ declare namespace WAFV2 {
   export type Boolean = boolean;
   export interface ByteMatchStatement {
     /**
-     * A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 200 bytes. Valid values depend on the component that you specify for inspection in FieldToMatch:    Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.     UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.    If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.  If you're using the WAF API  Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 200 bytes. For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.  If you're using the CLI or one of the Amazon Web Services SDKs  The value that you want WAF to search for. The SDK automatically base64 encodes the value.
+     * A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 200 bytes. Valid values depend on the component that you specify for inspection in FieldToMatch:    Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.     UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.     HeaderOrder: The comma-separated list of header names to match for. WAF creates a string that contains the ordered list of header names, from the headers in the web request, and then matches against that string.    If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.  If you're using the WAF API  Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 200 bytes. For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.  If you're using the CLI or one of the Amazon Web Services SDKs  The value that you want WAF to search for. The SDK automatically base64 encodes the value.
      */
     SearchString: SearchString;
     /**
@@ -645,7 +645,7 @@ declare namespace WAFV2 {
      */
     MatchScope: MapMatchScope;
     /**
-     * What WAF should do if the cookies of the request are larger than WAF can inspect. WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to WAF.  The options for oversize handling are the following:    CONTINUE - Inspect the cookies normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.  
+     * What WAF should do if the cookies of the request are more numerous or larger than WAF can inspect. WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to WAF.  The options for oversize handling are the following:    CONTINUE - Inspect the available cookies normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.  
      */
     OversizeHandling: OversizeHandling;
   }
@@ -1109,6 +1109,10 @@ declare namespace WAFV2 {
      * Inspect the request cookies. You must configure scope and pattern matching filters in the Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.  Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the Cookies object. WAF applies the pattern matching filters to the cookies that it receives from the underlying host service. 
      */
     Cookies?: Cookies;
+    /**
+     * Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using commas and no added spaces. Matches against the header order string are case insensitive.
+     */
+    HeaderOrder?: HeaderOrder;
   }
   export type FieldToMatchData = string;
   export interface Filter {
@@ -1522,6 +1526,12 @@ declare namespace WAFV2 {
   }
   export type HeaderName = string;
   export type HeaderNames = FieldToMatchData[];
+  export interface HeaderOrder {
+    /**
+     * What WAF should do if the headers of the request are more numerous or larger than WAF can inspect. WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to WAF.  The options for oversize handling are the following:    CONTINUE - Inspect the available headers normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.  
+     */
+    OversizeHandling: OversizeHandling;
+  }
   export type HeaderValue = string;
   export interface Headers {
     /**
@@ -1533,7 +1543,7 @@ declare namespace WAFV2 {
      */
     MatchScope: MapMatchScope;
     /**
-     * What WAF should do if the headers of the request are larger than WAF can inspect. WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to WAF.  The options for oversize handling are the following:    CONTINUE - Inspect the headers normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.  
+     * What WAF should do if the headers of the request are more numerous or larger than WAF can inspect. WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to WAF.  The options for oversize handling are the following:    CONTINUE - Inspect the available headers normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.  
      */
     OversizeHandling: OversizeHandling;
   }
@@ -1635,7 +1645,7 @@ declare namespace WAFV2 {
      */
     InvalidFallbackBehavior?: BodyParsingFallbackBehavior;
     /**
-     * What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. If the body is larger than the limit, the underlying host service only forwards the contents that are below the limit to WAF for inspection.  The default limit is 8 KB (8,192 kilobytes) for regional resources and 16 KB (16,384 kilobytes) for CloudFront distributions. For CloudFront distributions, you can increase the limit in the web ACL AssociationConfig, for additional processing fees.  The options for oversize handling are the following:    CONTINUE - Inspect the body normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.   You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.  Default: CONTINUE 
+     * What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. If the body is larger than the limit, the underlying host service only forwards the contents that are below the limit to WAF for inspection.  The default limit is 8 KB (8,192 kilobytes) for regional resources and 16 KB (16,384 kilobytes) for CloudFront distributions. For CloudFront distributions, you can increase the limit in the web ACL AssociationConfig, for additional processing fees.  The options for oversize handling are the following:    CONTINUE - Inspect the available body contents normally, according to the rule inspection criteria.     MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request.    NO_MATCH - Treat the web request as not matching the rule statement.   You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.  Default: CONTINUE 
      */
     OversizeHandling?: OversizeHandling;
   }
@@ -3263,7 +3273,7 @@ declare namespace WAFV2 {
      */
     SampledRequestsEnabled: Boolean;
     /**
-     * A boolean indicating whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see WAF Metrics in the WAF Developer Guide.
+     * A boolean indicating whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see WAF Metrics in the WAF Developer Guide. For web ACLs, the metrics are for web requests that have the web ACL default action applied. WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information, see The web ACL default action in the WAF Developer Guide.
      */
     CloudWatchMetricsEnabled: Boolean;
     /**

package/clients/workspacesweb.d.ts

@@ -19,6 +19,14 @@ declare class WorkSpacesWeb extends Service {
    * Associates a browser settings resource with a web portal.
    */
   associateBrowserSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.AssociateBrowserSettingsResponse) => void): Request<WorkSpacesWeb.Types.AssociateBrowserSettingsResponse, AWSError>;
+  /**
+   * Associates an IP access settings resource with a web portal.
+   */
+  associateIpAccessSettings(params: WorkSpacesWeb.Types.AssociateIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.AssociateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.AssociateIpAccessSettingsResponse, AWSError>;
+  /**
+   * Associates an IP access settings resource with a web portal.
+   */
+  associateIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.AssociateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.AssociateIpAccessSettingsResponse, AWSError>;
   /**
    * Associates a network settings resource with a web portal.
    */
@@ -67,6 +75,14 @@ declare class WorkSpacesWeb extends Service {
    * Creates an identity provider resource that is then associated with a web portal.
    */
   createIdentityProvider(callback?: (err: AWSError, data: WorkSpacesWeb.Types.CreateIdentityProviderResponse) => void): Request<WorkSpacesWeb.Types.CreateIdentityProviderResponse, AWSError>;
+  /**
+   * Creates an IP access settings resource that can be associated with a web portal.
+   */
+  createIpAccessSettings(params: WorkSpacesWeb.Types.CreateIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.CreateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.CreateIpAccessSettingsResponse, AWSError>;
+  /**
+   * Creates an IP access settings resource that can be associated with a web portal.
+   */
+  createIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.CreateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.CreateIpAccessSettingsResponse, AWSError>;
   /**
    * Creates a network settings resource that can be associated with a web portal. Once associated with a web portal, network settings define how streaming instances will connect with your specified VPC. 
    */
@@ -123,6 +139,14 @@ declare class WorkSpacesWeb extends Service {
    * Deletes the identity provider.
    */
   deleteIdentityProvider(callback?: (err: AWSError, data: WorkSpacesWeb.Types.DeleteIdentityProviderResponse) => void): Request<WorkSpacesWeb.Types.DeleteIdentityProviderResponse, AWSError>;
+  /**
+   * Deletes IP access settings.
+   */
+  deleteIpAccessSettings(params: WorkSpacesWeb.Types.DeleteIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.DeleteIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.DeleteIpAccessSettingsResponse, AWSError>;
+  /**
+   * Deletes IP access settings.
+   */
+  deleteIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.DeleteIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.DeleteIpAccessSettingsResponse, AWSError>;
   /**
    * Deletes network settings.
    */
@@ -171,6 +195,14 @@ declare class WorkSpacesWeb extends Service {
    * Disassociates browser settings from a web portal.
    */
   disassociateBrowserSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.DisassociateBrowserSettingsResponse) => void): Request<WorkSpacesWeb.Types.DisassociateBrowserSettingsResponse, AWSError>;
+  /**
+   * Disassociates IP access settings from a web portal.
+   */
+  disassociateIpAccessSettings(params: WorkSpacesWeb.Types.DisassociateIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.DisassociateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.DisassociateIpAccessSettingsResponse, AWSError>;
+  /**
+   * Disassociates IP access settings from a web portal.
+   */
+  disassociateIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.DisassociateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.DisassociateIpAccessSettingsResponse, AWSError>;
   /**
    * Disassociates network settings from a web portal.
    */
@@ -219,6 +251,14 @@ declare class WorkSpacesWeb extends Service {
    * Gets the identity provider.
    */
   getIdentityProvider(callback?: (err: AWSError, data: WorkSpacesWeb.Types.GetIdentityProviderResponse) => void): Request<WorkSpacesWeb.Types.GetIdentityProviderResponse, AWSError>;
+  /**
+   * Gets the IP access settings.
+   */
+  getIpAccessSettings(params: WorkSpacesWeb.Types.GetIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.GetIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.GetIpAccessSettingsResponse, AWSError>;
+  /**
+   * Gets the IP access settings.
+   */
+  getIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.GetIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.GetIpAccessSettingsResponse, AWSError>;
   /**
    * Gets the network settings.
    */
@@ -291,6 +331,14 @@ declare class WorkSpacesWeb extends Service {
    * Retrieves a list of identity providers for a specific web portal.
    */
   listIdentityProviders(callback?: (err: AWSError, data: WorkSpacesWeb.Types.ListIdentityProvidersResponse) => void): Request<WorkSpacesWeb.Types.ListIdentityProvidersResponse, AWSError>;
+  /**
+   * Retrieves a list of IP access settings.
+   */
+  listIpAccessSettings(params: WorkSpacesWeb.Types.ListIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.ListIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.ListIpAccessSettingsResponse, AWSError>;
+  /**
+   * Retrieves a list of IP access settings.
+   */
+  listIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.ListIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.ListIpAccessSettingsResponse, AWSError>;
   /**
    * Retrieves a list of network settings.
    */
@@ -379,6 +427,14 @@ declare class WorkSpacesWeb extends Service {
    * Updates the identity provider. 
    */
   updateIdentityProvider(callback?: (err: AWSError, data: WorkSpacesWeb.Types.UpdateIdentityProviderResponse) => void): Request<WorkSpacesWeb.Types.UpdateIdentityProviderResponse, AWSError>;
+  /**
+   * Updates IP access settings.
+   */
+  updateIpAccessSettings(params: WorkSpacesWeb.Types.UpdateIpAccessSettingsRequest, callback?: (err: AWSError, data: WorkSpacesWeb.Types.UpdateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.UpdateIpAccessSettingsResponse, AWSError>;
+  /**
+   * Updates IP access settings.
+   */
+  updateIpAccessSettings(callback?: (err: AWSError, data: WorkSpacesWeb.Types.UpdateIpAccessSettingsResponse) => void): Request<WorkSpacesWeb.Types.UpdateIpAccessSettingsResponse, AWSError>;
   /**
    * Updates network settings.
    */
@@ -443,6 +499,26 @@ declare namespace WorkSpacesWeb {
      */
     portalArn: ARN;
   }
+  export interface AssociateIpAccessSettingsRequest {
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn: ARN;
+    /**
+     * The ARN of the web portal.
+     */
+    portalArn: ARN;
+  }
+  export interface AssociateIpAccessSettingsResponse {
+    /**
+     * The ARN of the IP access settings resource.
+     */
+    ipAccessSettingsArn: ARN;
+    /**
+     * The ARN of the web portal.
+     */
+    portalArn: ARN;
+  }
   export interface AssociateNetworkSettingsRequest {
     /**
      * The ARN of the network settings.
@@ -658,6 +734,42 @@ declare namespace WorkSpacesWeb {
      */
     identityProviderArn: ARN;
   }
+  export interface CreateIpAccessSettingsRequest {
+    /**
+     * Additional encryption context of the IP access settings.
+     */
+    additionalEncryptionContext?: EncryptionContextMap;
+    /**
+     * A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request.  If you do not specify a client token, one is automatically generated by the AWS SDK.
+     */
+    clientToken?: ClientToken;
+    /**
+     * The custom managed key of the IP access settings.
+     */
+    customerManagedKey?: keyArn;
+    /**
+     * The description of the IP access settings.
+     */
+    description?: Description;
+    /**
+     * The display name of the IP access settings.
+     */
+    displayName?: DisplayName;
+    /**
+     * The IP rules of the IP access settings.
+     */
+    ipRules: IpRuleList;
+    /**
+     * The tags to add to the browser settings resource. A tag is a key-value pair.
+     */
+    tags?: TagList;
+  }
+  export interface CreateIpAccessSettingsResponse {
+    /**
+     * The ARN of the IP access settings resource.
+     */
+    ipAccessSettingsArn: ARN;
+  }
   export interface CreateNetworkSettingsRequest {
     /**
      * A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request.  If you do not specify a client token, one is automatically generated by the AWS SDK.
@@ -822,6 +934,14 @@ declare namespace WorkSpacesWeb {
   }
   export interface DeleteIdentityProviderResponse {
   }
+  export interface DeleteIpAccessSettingsRequest {
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn: ARN;
+  }
+  export interface DeleteIpAccessSettingsResponse {
+  }
   export interface DeleteNetworkSettingsRequest {
     /**
      * The ARN of the network settings.
@@ -862,6 +982,7 @@ declare namespace WorkSpacesWeb {
   }
   export interface DeleteUserSettingsResponse {
   }
+  export type Description = string;
   export interface DisassociateBrowserSettingsRequest {
     /**
      * The ARN of the web portal.
@@ -870,6 +991,14 @@ declare namespace WorkSpacesWeb {
   }
   export interface DisassociateBrowserSettingsResponse {
   }
+  export interface DisassociateIpAccessSettingsRequest {
+    /**
+     * The ARN of the web portal.
+     */
+    portalArn: ARN;
+  }
+  export interface DisassociateIpAccessSettingsResponse {
+  }
   export interface DisassociateNetworkSettingsRequest {
     /**
      * The ARN of the web portal.
@@ -930,6 +1059,18 @@ declare namespace WorkSpacesWeb {
      */
     identityProvider?: IdentityProvider;
   }
+  export interface GetIpAccessSettingsRequest {
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn: ARN;
+  }
+  export interface GetIpAccessSettingsResponse {
+    /**
+     * The IP access settings.
+     */
+    ipAccessSettings?: IpAccessSettings;
+  }
   export interface GetNetworkSettingsRequest {
     /**
      * The ARN of the network settings.
@@ -1063,6 +1204,63 @@ declare namespace WorkSpacesWeb {
   }
   export type IdentityProviderType = "SAML"|"Facebook"|"Google"|"LoginWithAmazon"|"SignInWithApple"|"OIDC"|string;
   export type IdleDisconnectTimeoutInMinutes = number;
+  export interface IpAccessSettings {
+    /**
+     * A list of web portal ARNs that this IP access settings resource is associated with.
+     */
+    associatedPortalArns?: ArnList;
+    /**
+     * The creation date timestamp of the IP access settings.
+     */
+    creationDate?: Timestamp;
+    /**
+     * The description of the IP access settings.
+     */
+    description?: Description;
+    /**
+     *  The display name of the IP access settings.
+     */
+    displayName?: DisplayName;
+    /**
+     * The ARN of the IP access settings resource.
+     */
+    ipAccessSettingsArn: ARN;
+    /**
+     * The IP rules of the IP access settings.
+     */
+    ipRules?: IpRuleList;
+  }
+  export type IpAccessSettingsList = IpAccessSettingsSummary[];
+  export interface IpAccessSettingsSummary {
+    /**
+     * The creation date timestamp of the IP access settings.
+     */
+    creationDate?: Timestamp;
+    /**
+     * The description of the IP access settings.
+     */
+    description?: Description;
+    /**
+     * The display name of the IP access settings.
+     */
+    displayName?: DisplayName;
+    /**
+     * The ARN of IP access settings.
+     */
+    ipAccessSettingsArn?: ARN;
+  }
+  export type IpRange = string;
+  export interface IpRule {
+    /**
+     * The description of the IP rule.
+     */
+    description?: Description;
+    /**
+     * The IP range of the IP rule.
+     */
+    ipRange: IpRange;
+  }
+  export type IpRuleList = IpRule[];
   export type KinesisStreamArn = string;
   export interface ListBrowserSettingsRequest {
     /**
@@ -1108,6 +1306,26 @@ declare namespace WorkSpacesWeb {
      */
     nextToken?: PaginationToken;
   }
+  export interface ListIpAccessSettingsRequest {
+    /**
+     * The maximum number of results to be included in the next page.
+     */
+    maxResults?: MaxResults;
+    /**
+     * The pagination token used to retrieve the next page of results for this operation.
+     */
+    nextToken?: PaginationToken;
+  }
+  export interface ListIpAccessSettingsResponse {
+    /**
+     * The IP access settings.
+     */
+    ipAccessSettings?: IpAccessSettingsList;
+    /**
+     * The pagination token used to retrieve the next page of results for this operation.
+     */
+    nextToken?: PaginationToken;
+  }
   export interface ListNetworkSettingsRequest {
     /**
      * The maximum number of results to be included in the next page.
@@ -1304,6 +1522,10 @@ declare namespace WorkSpacesWeb {
      * The name of the web portal.
      */
     displayName?: DisplayName;
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn?: ARN;
     /**
      * The ARN of the network settings that is associated with the web portal.
      */
@@ -1365,6 +1587,10 @@ declare namespace WorkSpacesWeb {
      * The name of the web portal.
      */
     displayName?: DisplayName;
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn?: ARN;
     /**
      * The ARN of the network settings that is associated with the web portal.
      */
@@ -1514,6 +1740,34 @@ declare namespace WorkSpacesWeb {
      */
     identityProvider: IdentityProvider;
   }
+  export interface UpdateIpAccessSettingsRequest {
+    /**
+     * A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token return the result from the original successful request.  If you do not specify a client token, one is automatically generated by the AWS SDK.
+     */
+    clientToken?: ClientToken;
+    /**
+     * The description of the IP access settings.
+     */
+    description?: Description;
+    /**
+     * The display name of the IP access settings.
+     */
+    displayName?: DisplayName;
+    /**
+     * The ARN of the IP access settings.
+     */
+    ipAccessSettingsArn: ARN;
+    /**
+     * The updated IP rules of the IP access settings.
+     */
+    ipRules?: IpRuleList;
+  }
+  export interface UpdateIpAccessSettingsResponse {
+    /**
+     * The IP access settings.
+     */
+    ipAccessSettings: IpAccessSettings;
+  }
   export interface UpdateNetworkSettingsRequest {
     /**
      * A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token return the result from the original successful request.  If you do not specify a client token, one is automatically generated by the AWS SDK.

package/dist/aws-sdk-core-react-native.js

@@ -83,7 +83,7 @@ return /******/ (function(modules) { // webpackBootstrap
 	  /**
 	   * @constant
 	   */
-	  VERSION: '2.1386.0',
+	  VERSION: '2.1388.0',
 
 	  /**
 	   * @api private