aws-sdk 2.1417.0 → 2.1419.0

package/clients/sagemakerfeaturestoreruntime.d.ts

@@ -36,11 +36,11 @@ declare class SageMakerFeatureStoreRuntime extends Service {
    */
   getRecord(callback?: (err: AWSError, data: SageMakerFeatureStoreRuntime.Types.GetRecordResponse) => void): Request<SageMakerFeatureStoreRuntime.Types.GetRecordResponse, AWSError>;
   /**
-   * Used for data ingestion into the FeatureStore. The PutRecord API writes to both the OnlineStore and OfflineStore. If the record is the latest record for the recordIdentifier, the record is written to both the OnlineStore and OfflineStore. If the record is a historic record, it is written only to the OfflineStore.
+   * The PutRecord API is used to ingest a list of Records into your feature group.  If a new record’s EventTime is greater, the new record is written to both the OnlineStore and OfflineStore. Otherwise, the record is a historic record and it is written only to the OfflineStore.  You can specify the ingestion to be applied to the OnlineStore, OfflineStore, or both by using the TargetStores request parameter.  You can set the ingested record to expire at a given time to live (TTL) duration after the record’s event time, ExpiresAt = EventTime + TtlDuration, by specifying the TtlDuration parameter. A record level TtlDuration is set when specifying the TtlDuration parameter using the PutRecord API call. If the input TtlDuration is null or unspecified, TtlDuration is set to the default feature group level TtlDuration. A record level TtlDuration supersedes the group level TtlDuration.
    */
   putRecord(params: SageMakerFeatureStoreRuntime.Types.PutRecordRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Used for data ingestion into the FeatureStore. The PutRecord API writes to both the OnlineStore and OfflineStore. If the record is the latest record for the recordIdentifier, the record is written to both the OnlineStore and OfflineStore. If the record is a historic record, it is written only to the OfflineStore.
+   * The PutRecord API is used to ingest a list of Records into your feature group.  If a new record’s EventTime is greater, the new record is written to both the OnlineStore and OfflineStore. Otherwise, the record is a historic record and it is written only to the OfflineStore.  You can specify the ingestion to be applied to the OnlineStore, OfflineStore, or both by using the TargetStores request parameter.  You can set the ingested record to expire at a given time to live (TTL) duration after the record’s event time, ExpiresAt = EventTime + TtlDuration, by specifying the TtlDuration parameter. A record level TtlDuration is set when specifying the TtlDuration parameter using the PutRecord API call. If the input TtlDuration is null or unspecified, TtlDuration is set to the default feature group level TtlDuration. A record level TtlDuration supersedes the group level TtlDuration.
    */
   putRecord(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
 }
@@ -66,9 +66,9 @@ declare namespace SageMakerFeatureStoreRuntime {
   export type BatchGetRecordErrors = BatchGetRecordError[];
   export interface BatchGetRecordIdentifier {
     /**
-     * A FeatureGroupName containing Records you are retrieving in a batch.
+     * The name or Amazon Resource Name (ARN) of the FeatureGroup containing the records you are retrieving in a batch.
      */
-    FeatureGroupName: FeatureGroupName;
+    FeatureGroupName: FeatureGroupNameOrArn;
     /**
      * The value for a list of record identifiers in string format.
      */
@@ -81,7 +81,7 @@ declare namespace SageMakerFeatureStoreRuntime {
   export type BatchGetRecordIdentifiers = BatchGetRecordIdentifier[];
   export interface BatchGetRecordRequest {
     /**
-     * A list of FeatureGroup names, with their corresponding RecordIdentifier value, and Feature name that have been requested to be retrieved in batch.
+     * A list containing the name or Amazon Resource Name (ARN) of the FeatureGroup, the list of names of Features to be retrieved, and the corresponding RecordIdentifier values as strings.
      */
     Identifiers: BatchGetRecordIdentifiers;
     /**
@@ -124,9 +124,9 @@ declare namespace SageMakerFeatureStoreRuntime {
   export type BatchGetRecordResultDetails = BatchGetRecordResultDetail[];
   export interface DeleteRecordRequest {
     /**
-     * The name of the feature group to delete the record from. 
+     * The name or Amazon Resource Name (ARN) of the feature group to delete the record from. 
      */
-    FeatureGroupName: FeatureGroupName;
+    FeatureGroupName: FeatureGroupNameOrArn;
     /**
      * The value for the RecordIdentifier that uniquely identifies the record, in string format. 
      */
@@ -147,7 +147,7 @@ declare namespace SageMakerFeatureStoreRuntime {
   export type DeletionMode = "SoftDelete"|"HardDelete"|string;
   export type ExpirationTimeResponse = "Enabled"|"Disabled"|string;
   export type ExpiresAt = string;
-  export type FeatureGroupName = string;
+  export type FeatureGroupNameOrArn = string;
   export type FeatureName = string;
   export type FeatureNames = FeatureName[];
   export interface FeatureValue {
@@ -162,9 +162,9 @@ declare namespace SageMakerFeatureStoreRuntime {
   }
   export interface GetRecordRequest {
     /**
-     * The name of the feature group from which you want to retrieve a record.
+     * The name or Amazon Resource Name (ARN) of the feature group from which you want to retrieve a record.
      */
-    FeatureGroupName: FeatureGroupName;
+    FeatureGroupName: FeatureGroupNameOrArn;
     /**
      * The value that corresponds to RecordIdentifier type and uniquely identifies the record in the FeatureGroup. 
      */
@@ -174,7 +174,7 @@ declare namespace SageMakerFeatureStoreRuntime {
      */
     FeatureNames?: FeatureNames;
     /**
-     * Parameter to request ExpiresAt in response. If Enabled, BatchGetRecord will return the value of ExpiresAt, if it is not null. If Disabled and null, BatchGetRecord will return null.
+     * Parameter to request ExpiresAt in response. If Enabled, GetRecord will return the value of ExpiresAt, if it is not null. If Disabled and null, GetRecord will return null.
      */
     ExpirationTimeResponse?: ExpirationTimeResponse;
   }
@@ -191,9 +191,9 @@ declare namespace SageMakerFeatureStoreRuntime {
   export type Message = string;
   export interface PutRecordRequest {
     /**
-     * The name of the feature group that you want to insert the record into.
+     * The name or Amazon Resource Name (ARN) of the feature group that you want to insert the record into.
      */
-    FeatureGroupName: FeatureGroupName;
+    FeatureGroupName: FeatureGroupNameOrArn;
     /**
      * List of FeatureValues to be inserted. This will be a full over-write. If you only want to update few of the feature values, do the following:   Use GetRecord to retrieve the latest record.   Update the record returned from GetRecord.    Use PutRecord to update feature values.  
      */

package/clients/savingsplans.d.ts

@@ -158,7 +158,7 @@ declare namespace SavingsPlans {
      */
     searchResults?: SavingsPlanRateList;
     /**
-     * The token to use to retrieve the next page of results. This value is null when there are no more results to return.
+     * The token to use to retrieve the next page of results. This value is null when there are no more results to return. 
      */
     nextToken?: PaginationToken;
   }

package/clients/securitylake.d.ts

@@ -12,11 +12,11 @@ declare class SecurityLake extends Service {
   constructor(options?: SecurityLake.Types.ClientConfiguration)
   config: Config & SecurityLake.Types.ClientConfiguration;
   /**
-   * Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Service as a source, Security Lake starts collecting logs and events from it,  You can use this API only to enable natively supported Amazon Web Services as a source. Use CreateCustomLogSource to enable data collection from a custom source.
+   * Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Service as a source, Security Lake starts collecting logs and events from it. You can use this API only to enable natively supported Amazon Web Services as a source. Use CreateCustomLogSource to enable data collection from a custom source.
    */
   createAwsLogSource(params: SecurityLake.Types.CreateAwsLogSourceRequest, callback?: (err: AWSError, data: SecurityLake.Types.CreateAwsLogSourceResponse) => void): Request<SecurityLake.Types.CreateAwsLogSourceResponse, AWSError>;
   /**
-   * Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Service as a source, Security Lake starts collecting logs and events from it,  You can use this API only to enable natively supported Amazon Web Services as a source. Use CreateCustomLogSource to enable data collection from a custom source.
+   * Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Service as a source, Security Lake starts collecting logs and events from it. You can use this API only to enable natively supported Amazon Web Services as a source. Use CreateCustomLogSource to enable data collection from a custom source.
    */
   createAwsLogSource(callback?: (err: AWSError, data: SecurityLake.Types.CreateAwsLogSourceResponse) => void): Request<SecurityLake.Types.CreateAwsLogSourceResponse, AWSError>;
   /**
@@ -28,11 +28,11 @@ declare class SecurityLake extends Service {
    */
   createCustomLogSource(callback?: (err: AWSError, data: SecurityLake.Types.CreateCustomLogSourceResponse) => void): Request<SecurityLake.Types.CreateCustomLogSourceResponse, AWSError>;
   /**
-   * Initializes an Amazon Security Lake instance with the provided (or default) configuration. You can enable Security Lake in Amazon Web Services Regions with customized settings before enabling log collection in Regions. By default, the CreateDataLake Security Lake in all Regions. To specify particular Regions, configure these Regions using the configurations parameter. If you have already enabled Security Lake in a Region when you call this command, the command will update the Region if you provide new configuration parameters. If you have not already enabled Security Lake in the Region when you call this API, it will set up the data lake in the Region with the specified configurations. When you enable Security Lake, it starts ingesting security data after the CreateAwsLogSource call. This includes ingesting security data from sources, storing data, and making data accessible to subscribers. Security Lake also enables all the existing settings and resources that it stores or maintains for your Amazon Web Services account in the current Region, including security log and event data. For more information, see the Amazon Security Lake User Guide.
+   * Initializes an Amazon Security Lake instance with the provided (or default) configuration. You can enable Security Lake in Amazon Web Services Regions with customized settings before enabling log collection in Regions. To specify particular Regions, configure these Regions using the configurations parameter. If you have already enabled Security Lake in a Region when you call this command, the command will update the Region if you provide new configuration parameters. If you have not already enabled Security Lake in the Region when you call this API, it will set up the data lake in the Region with the specified configurations. When you enable Security Lake, it starts ingesting security data after the CreateAwsLogSource call. This includes ingesting security data from sources, storing data, and making data accessible to subscribers. Security Lake also enables all the existing settings and resources that it stores or maintains for your Amazon Web Services account in the current Region, including security log and event data. For more information, see the Amazon Security Lake User Guide.
    */
   createDataLake(params: SecurityLake.Types.CreateDataLakeRequest, callback?: (err: AWSError, data: SecurityLake.Types.CreateDataLakeResponse) => void): Request<SecurityLake.Types.CreateDataLakeResponse, AWSError>;
   /**
-   * Initializes an Amazon Security Lake instance with the provided (or default) configuration. You can enable Security Lake in Amazon Web Services Regions with customized settings before enabling log collection in Regions. By default, the CreateDataLake Security Lake in all Regions. To specify particular Regions, configure these Regions using the configurations parameter. If you have already enabled Security Lake in a Region when you call this command, the command will update the Region if you provide new configuration parameters. If you have not already enabled Security Lake in the Region when you call this API, it will set up the data lake in the Region with the specified configurations. When you enable Security Lake, it starts ingesting security data after the CreateAwsLogSource call. This includes ingesting security data from sources, storing data, and making data accessible to subscribers. Security Lake also enables all the existing settings and resources that it stores or maintains for your Amazon Web Services account in the current Region, including security log and event data. For more information, see the Amazon Security Lake User Guide.
+   * Initializes an Amazon Security Lake instance with the provided (or default) configuration. You can enable Security Lake in Amazon Web Services Regions with customized settings before enabling log collection in Regions. To specify particular Regions, configure these Regions using the configurations parameter. If you have already enabled Security Lake in a Region when you call this command, the command will update the Region if you provide new configuration parameters. If you have not already enabled Security Lake in the Region when you call this API, it will set up the data lake in the Region with the specified configurations. When you enable Security Lake, it starts ingesting security data after the CreateAwsLogSource call. This includes ingesting security data from sources, storing data, and making data accessible to subscribers. Security Lake also enables all the existing settings and resources that it stores or maintains for your Amazon Web Services account in the current Region, including security log and event data. For more information, see the Amazon Security Lake User Guide.
    */
   createDataLake(callback?: (err: AWSError, data: SecurityLake.Types.CreateDataLakeResponse) => void): Request<SecurityLake.Types.CreateDataLakeResponse, AWSError>;
   /**
@@ -100,11 +100,11 @@ declare class SecurityLake extends Service {
    */
   deleteDataLakeExceptionSubscription(callback?: (err: AWSError, data: SecurityLake.Types.DeleteDataLakeExceptionSubscriptionResponse) => void): Request<SecurityLake.Types.DeleteDataLakeExceptionSubscriptionResponse, AWSError>;
   /**
-   * Removes automatic the enablement of configuration settings for new member accounts (but retains the settings for the delegated administrator) from Amazon Security Lake. You must run this API using the credentials of the delegated administrator. When you run this API, new member accounts that are added after the organization enables Security Lake won't contribute to the data lake.
+   * Turns off automatic enablement of Amazon Security Lake for member accounts that are added to an organization in Organizations. Only the delegated Security Lake administrator for an organization can perform this operation. If the delegated Security Lake administrator performs this operation, new member accounts won't automatically contribute data to the data lake.
    */
   deleteDataLakeOrganizationConfiguration(params: SecurityLake.Types.DeleteDataLakeOrganizationConfigurationRequest, callback?: (err: AWSError, data: SecurityLake.Types.DeleteDataLakeOrganizationConfigurationResponse) => void): Request<SecurityLake.Types.DeleteDataLakeOrganizationConfigurationResponse, AWSError>;
   /**
-   * Removes automatic the enablement of configuration settings for new member accounts (but retains the settings for the delegated administrator) from Amazon Security Lake. You must run this API using the credentials of the delegated administrator. When you run this API, new member accounts that are added after the organization enables Security Lake won't contribute to the data lake.
+   * Turns off automatic enablement of Amazon Security Lake for member accounts that are added to an organization in Organizations. Only the delegated Security Lake administrator for an organization can perform this operation. If the delegated Security Lake administrator performs this operation, new member accounts won't automatically contribute data to the data lake.
    */
   deleteDataLakeOrganizationConfiguration(callback?: (err: AWSError, data: SecurityLake.Types.DeleteDataLakeOrganizationConfigurationResponse) => void): Request<SecurityLake.Types.DeleteDataLakeOrganizationConfigurationResponse, AWSError>;
   /**
@@ -172,11 +172,11 @@ declare class SecurityLake extends Service {
    */
   listDataLakeExceptions(callback?: (err: AWSError, data: SecurityLake.Types.ListDataLakeExceptionsResponse) => void): Request<SecurityLake.Types.ListDataLakeExceptionsResponse, AWSError>;
   /**
-   * Retrieves the Amazon Security Lake configuration object for the specified Amazon Web Services account ID. You can use the ListDataLakes API to know whether Security Lake is enabled for any region.
+   * Retrieves the Amazon Security Lake configuration object for the specified Amazon Web Services Regions. You can use this operation to determine whether Security Lake is enabled for a Region.
    */
   listDataLakes(params: SecurityLake.Types.ListDataLakesRequest, callback?: (err: AWSError, data: SecurityLake.Types.ListDataLakesResponse) => void): Request<SecurityLake.Types.ListDataLakesResponse, AWSError>;
   /**
-   * Retrieves the Amazon Security Lake configuration object for the specified Amazon Web Services account ID. You can use the ListDataLakes API to know whether Security Lake is enabled for any region.
+   * Retrieves the Amazon Security Lake configuration object for the specified Amazon Web Services Regions. You can use this operation to determine whether Security Lake is enabled for a Region.
    */
   listDataLakes(callback?: (err: AWSError, data: SecurityLake.Types.ListDataLakesResponse) => void): Request<SecurityLake.Types.ListDataLakesResponse, AWSError>;
   /**
@@ -195,6 +195,14 @@ declare class SecurityLake extends Service {
    * List all subscribers for the specific Amazon Security Lake account ID. You can retrieve a list of subscriptions associated with a specific organization or Amazon Web Services account.
    */
   listSubscribers(callback?: (err: AWSError, data: SecurityLake.Types.ListSubscribersResponse) => void): Request<SecurityLake.Types.ListSubscribersResponse, AWSError>;
+  /**
+   * Retrieves the tags (keys and values) that are associated with an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region.
+   */
+  listTagsForResource(params: SecurityLake.Types.ListTagsForResourceRequest, callback?: (err: AWSError, data: SecurityLake.Types.ListTagsForResourceResponse) => void): Request<SecurityLake.Types.ListTagsForResourceResponse, AWSError>;
+  /**
+   * Retrieves the tags (keys and values) that are associated with an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region.
+   */
+  listTagsForResource(callback?: (err: AWSError, data: SecurityLake.Types.ListTagsForResourceResponse) => void): Request<SecurityLake.Types.ListTagsForResourceResponse, AWSError>;
   /**
    * Designates the Amazon Security Lake delegated administrator account for the organization. This API can only be called by the organization management account. The organization management account cannot be the delegated administrator account.
    */
@@ -203,6 +211,22 @@ declare class SecurityLake extends Service {
    * Designates the Amazon Security Lake delegated administrator account for the organization. This API can only be called by the organization management account. The organization management account cannot be the delegated administrator account.
    */
   registerDataLakeDelegatedAdministrator(callback?: (err: AWSError, data: SecurityLake.Types.RegisterDataLakeDelegatedAdministratorResponse) => void): Request<SecurityLake.Types.RegisterDataLakeDelegatedAdministratorResponse, AWSError>;
+  /**
+   * Adds or updates one or more tags that are associated with an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region. A tag is a label that you can define and associate with Amazon Web Services resources. Each tag consists of a required tag key and an associated tag value. A tag key is a general label that acts as a category for a more specific tag value. A tag value acts as a descriptor for a tag key. Tags can help you identify, categorize, and manage resources in different ways, such as by owner, environment, or other criteria. For more information, see Tagging Amazon Security Lake resources in the Amazon Security Lake User Guide.
+   */
+  tagResource(params: SecurityLake.Types.TagResourceRequest, callback?: (err: AWSError, data: SecurityLake.Types.TagResourceResponse) => void): Request<SecurityLake.Types.TagResourceResponse, AWSError>;
+  /**
+   * Adds or updates one or more tags that are associated with an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region. A tag is a label that you can define and associate with Amazon Web Services resources. Each tag consists of a required tag key and an associated tag value. A tag key is a general label that acts as a category for a more specific tag value. A tag value acts as a descriptor for a tag key. Tags can help you identify, categorize, and manage resources in different ways, such as by owner, environment, or other criteria. For more information, see Tagging Amazon Security Lake resources in the Amazon Security Lake User Guide.
+   */
+  tagResource(callback?: (err: AWSError, data: SecurityLake.Types.TagResourceResponse) => void): Request<SecurityLake.Types.TagResourceResponse, AWSError>;
+  /**
+   * Removes one or more tags (keys and values) from an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region.
+   */
+  untagResource(params: SecurityLake.Types.UntagResourceRequest, callback?: (err: AWSError, data: SecurityLake.Types.UntagResourceResponse) => void): Request<SecurityLake.Types.UntagResourceResponse, AWSError>;
+  /**
+   * Removes one or more tags (keys and values) from an Amazon Security Lake resource: a subscriber, or the data lake configuration for your Amazon Web Services account in a particular Amazon Web Services Region.
+   */
+  untagResource(callback?: (err: AWSError, data: SecurityLake.Types.UntagResourceResponse) => void): Request<SecurityLake.Types.UntagResourceResponse, AWSError>;
   /**
    * Specifies where to store your security data and for how long. You can add a rollup Region to consolidate data from multiple Amazon Web Services Regions.
    */
@@ -355,6 +379,10 @@ declare namespace SecurityLake {
      * The Amazon Resource Name (ARN) used to create and update the Glue table. This table contains partitions generated by the ingestion and normalization of Amazon Web Services log sources and custom sources.
      */
     metaStoreManagerRoleArn: RoleArn;
+    /**
+     * An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
+     */
+    tags?: TagList;
   }
   export interface CreateDataLakeResponse {
     /**
@@ -399,6 +427,10 @@ declare namespace SecurityLake {
      * The name of your Security Lake subscriber account.
      */
     subscriberName: CreateSubscriberRequestSubscriberNameString;
+    /**
+     * An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
+     */
+    tags?: TagList;
   }
   export type CreateSubscriberRequestSubscriberNameString = string;
   export interface CreateSubscriberResponse {
@@ -682,7 +714,7 @@ declare namespace SecurityLake {
   }
   export interface DeleteDataLakeOrganizationConfigurationRequest {
     /**
-     * Removes the automatic enablement of configuration settings for new member accounts in Security Lake.
+     * Turns off automatic enablement of Security Lake for member accounts that are added to an organization.
      */
     autoEnableNewAccount: DataLakeAutoEnableNewAccountConfigurationList;
   }
@@ -894,6 +926,18 @@ declare namespace SecurityLake {
      */
     subscribers?: SubscriberResourceList;
   }
+  export interface ListTagsForResourceRequest {
+    /**
+     * The Amazon Resource Name (ARN) of the Amazon Security Lake resource to retrieve the tags for.
+     */
+    resourceArn: AmazonResourceName;
+  }
+  export interface ListTagsForResourceResponse {
+    /**
+     * An array of objects, one for each tag (key and value) that’s associated with the Amazon Security Lake resource.
+     */
+    tags?: TagList;
+  }
   export interface LogSource {
     /**
      * Specify the account from which you want to collect logs.
@@ -911,11 +955,11 @@ declare namespace SecurityLake {
   export type LogSourceList = LogSource[];
   export interface LogSourceResource {
     /**
-     * Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.
+     * Amazon Security Lake supports log and event collection for natively supported Amazon Web Services. For more information, see the Amazon Security Lake User Guide.
      */
     awsLogSource?: AwsLogSourceResource;
     /**
-     * Amazon Security Lake supports custom source types. For a detailed list, see the Amazon Security Lake User Guide.
+     * Amazon Security Lake supports custom source types. For more information, see the Amazon Security Lake User Guide.
      */
     customLogSource?: CustomLogSourceResource;
   }
@@ -1021,7 +1065,45 @@ declare namespace SecurityLake {
   export type SubscriberStatus = "ACTIVE"|"DEACTIVATED"|"PENDING"|"READY"|string;
   export type SubscriptionProtocol = string;
   export type SyntheticTimestamp_date_time = Date;
+  export interface Tag {
+    /**
+     * The name of the tag. This is a general label that acts as a category for a more specific tag value (value).
+     */
+    key: TagKey;
+    /**
+     * The value that’s associated with the specified tag key (key). This value acts as a descriptor for the tag key. A tag value cannot be null, but it can be an empty string.
+     */
+    value: TagValue;
+  }
+  export type TagKey = string;
+  export type TagKeyList = TagKey[];
+  export type TagList = Tag[];
+  export interface TagResourceRequest {
+    /**
+     * The Amazon Resource Name (ARN) of the Amazon Security Lake resource to add or update the tags for.
+     */
+    resourceArn: AmazonResourceName;
+    /**
+     * An array of objects, one for each tag (key and value) to associate with the Amazon Security Lake resource. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
+     */
+    tags: TagList;
+  }
+  export interface TagResourceResponse {
+  }
+  export type TagValue = string;
   export type UUID = string;
+  export interface UntagResourceRequest {
+    /**
+     * The Amazon Resource Name (ARN) of the Amazon Security Lake resource to remove one or more tags from.
+     */
+    resourceArn: AmazonResourceName;
+    /**
+     * A list of one or more tag keys. For each value in the list, specify the tag key for a tag to remove from the Amazon Security Lake resource.
+     */
+    tagKeys: TagKeyList;
+  }
+  export interface UntagResourceResponse {
+  }
   export interface UpdateDataLakeExceptionSubscriptionRequest {
     /**
      * The time-to-live (TTL) for the exception message to remain.

package/clients/ssmsap.d.ts

@@ -123,6 +123,14 @@ declare class SsmSap extends Service {
    * Register an SAP application with AWS Systems Manager for SAP. You must meet the following requirements before registering.  The SAP application you want to register with AWS Systems Manager for SAP is running on Amazon EC2. AWS Systems Manager Agent must be setup on an Amazon EC2 instance along with the required IAM permissions. Amazon EC2 instance(s) must have access to the secrets created in AWS Secrets Manager to manage SAP applications and components.
    */
   registerApplication(callback?: (err: AWSError, data: SsmSap.Types.RegisterApplicationOutput) => void): Request<SsmSap.Types.RegisterApplicationOutput, AWSError>;
+  /**
+   * Refreshes a registered application.
+   */
+  startApplicationRefresh(params: SsmSap.Types.StartApplicationRefreshInput, callback?: (err: AWSError, data: SsmSap.Types.StartApplicationRefreshOutput) => void): Request<SsmSap.Types.StartApplicationRefreshOutput, AWSError>;
+  /**
+   * Refreshes a registered application.
+   */
+  startApplicationRefresh(callback?: (err: AWSError, data: SsmSap.Types.StartApplicationRefreshOutput) => void): Request<SsmSap.Types.StartApplicationRefreshOutput, AWSError>;
   /**
    * Creates tag for a resource by specifying the ARN.
    */
@@ -171,6 +179,10 @@ declare namespace SsmSap {
      * The status of the application.
      */
     Status?: ApplicationStatus;
+    /**
+     * The latest discovery result for the application.
+     */
+    DiscoveryStatus?: ApplicationDiscoveryStatus;
     /**
      * The components of the application.
      */
@@ -199,6 +211,7 @@ declare namespace SsmSap {
     SecretId: SecretId;
   }
   export type ApplicationCredentialList = ApplicationCredential[];
+  export type ApplicationDiscoveryStatus = "SUCCESS"|"REGISTRATION_FAILED"|"REFRESH_FAILED"|"REGISTERING"|"DELETING"|string;
   export type ApplicationId = string;
   export type ApplicationStatus = "ACTIVATED"|"STARTING"|"STOPPED"|"STOPPING"|"FAILED"|"REGISTERING"|"DELETING"|"UNKNOWN"|string;
   export interface ApplicationSummary {
@@ -222,11 +235,46 @@ declare namespace SsmSap {
   export type ApplicationSummaryList = ApplicationSummary[];
   export type ApplicationType = "HANA"|string;
   export type Arn = string;
+  export interface AssociatedHost {
+    /**
+     * The name of the host.
+     */
+    Hostname?: String;
+    /**
+     * The ID of the Amazon EC2 instance.
+     */
+    Ec2InstanceId?: String;
+    /**
+     * The version of the operating system.
+     */
+    OsVersion?: String;
+  }
+  export interface BackintConfig {
+    /**
+     * AWS service for your database backup.
+     */
+    BackintMode: BackintMode;
+    /**
+     * 
+     */
+    EnsureNoBackupInProcess: Boolean;
+  }
+  export type BackintMode = "AWSBackup"|string;
+  export type Boolean = boolean;
+  export type ClusterStatus = "ONLINE"|"STANDBY"|"MAINTENANCE"|"OFFLINE"|"NONE"|string;
   export interface Component {
     /**
      * The ID of the component.
      */
     ComponentId?: ComponentId;
+    /**
+     * The parent component of a highly available environment. For example, in a highly available SAP on AWS workload, the parent component consists of the entire setup, including the child components.
+     */
+    ParentComponent?: ComponentId;
+    /**
+     * The child components of a highly available environment. For example, in a highly available SAP on AWS workload, the child component consists of the primary and secondar instances.
+     */
+    ChildComponents?: ComponentIdList;
     /**
      * The ID of the application.
      */
@@ -239,6 +287,26 @@ declare namespace SsmSap {
      * The status of the component.
      */
     Status?: ComponentStatus;
+    /**
+     * The hostname of the component.
+     */
+    SapHostname?: String;
+    /**
+     * The kernel version of the component.
+     */
+    SapKernelVersion?: String;
+    /**
+     * The SAP HANA version of the component.
+     */
+    HdbVersion?: String;
+    /**
+     * Details of the SAP HANA system replication for the component.
+     */
+    Resilience?: Resilience;
+    /**
+     * The associated host of the component.
+     */
+    AssociatedHost?: AssociatedHost;
     /**
      * The SAP HANA databases of the component.
      */
@@ -255,10 +323,14 @@ declare namespace SsmSap {
      * The time at which the component was last updated.
      */
     LastUpdated?: Timestamp;
+    /**
+     * The Amazon Resource Name (ARN) of the component.
+     */
+    Arn?: SsmSapArn;
   }
   export type ComponentId = string;
   export type ComponentIdList = ComponentId[];
-  export type ComponentStatus = "ACTIVATED"|string;
+  export type ComponentStatus = "ACTIVATED"|"STARTING"|"STOPPED"|"STOPPING"|"RUNNING"|"RUNNING_WITH_ERROR"|"UNDEFINED"|string;
   export interface ComponentSummary {
     /**
      * The ID of the application.
@@ -276,9 +348,13 @@ declare namespace SsmSap {
      * The tags of the component.
      */
     Tags?: TagMap;
+    /**
+     * The Amazon Resource Name (ARN) of the component summary.
+     */
+    Arn?: SsmSapArn;
   }
   export type ComponentSummaryList = ComponentSummary[];
-  export type ComponentType = "HANA"|string;
+  export type ComponentType = "HANA"|"HANA_NODE"|string;
   export type CredentialType = "ADMIN"|string;
   export interface Database {
     /**
@@ -329,7 +405,7 @@ declare namespace SsmSap {
   export type DatabaseId = string;
   export type DatabaseIdList = DatabaseId[];
   export type DatabaseName = string;
-  export type DatabaseStatus = "RUNNING"|"STARTING"|"STOPPED"|"WARNING"|"UNKNOWN"|string;
+  export type DatabaseStatus = "RUNNING"|"STARTING"|"STOPPED"|"WARNING"|"UNKNOWN"|"ERROR"|string;
   export interface DatabaseSummary {
     /**
      * The ID of the application.
@@ -443,6 +519,10 @@ declare namespace SsmSap {
      * The component of an application registered with AWS Systems Manager for SAP.
      */
     Component?: Component;
+    /**
+     * The tags of a component.
+     */
+    Tags?: TagMap;
   }
   export interface GetDatabaseInput {
     /**
@@ -505,18 +585,26 @@ declare namespace SsmSap {
      * The name of the Dedicated Host.
      */
     HostName?: String;
-    /**
-     * The role of the Dedicated Host.
-     */
-    HostRole?: HostRole;
     /**
      * The IP address of the Dedicated Host. 
      */
     HostIp?: String;
+    /**
+     * The ID of Amazon EC2 instance.
+     */
+    EC2InstanceId?: String;
     /**
      * The instance ID of the instance on the Dedicated Host.
      */
     InstanceId?: String;
+    /**
+     * The role of the Dedicated Host.
+     */
+    HostRole?: HostRole;
+    /**
+     * The version of the operating system.
+     */
+    OsVersion?: String;
   }
   export type HostList = Host[];
   export type HostRole = "LEADER"|"WORKER"|"STANDBY"|"UNKNOWN"|string;
@@ -686,6 +774,7 @@ declare namespace SsmSap {
   export type OperationId = string;
   export type OperationIdList = OperationId[];
   export type OperationList = Operation[];
+  export type OperationMode = "PRIMARY"|"LOGREPLAY"|"DELTA_DATASHIPPING"|"LOGREPLAY_READACCESS"|"NONE"|string;
   export type OperationProperties = {[key: string]: String};
   export type OperationStatus = "INPROGRESS"|"SUCCESS"|"ERROR"|string;
   export type OperationType = string;
@@ -750,12 +839,43 @@ declare namespace SsmSap {
      */
     OperationId?: OperationId;
   }
+  export type ReplicationMode = "PRIMARY"|"NONE"|"SYNC"|"SYNCMEM"|"ASYNC"|string;
+  export interface Resilience {
+    /**
+     * The tier of the component.
+     */
+    HsrTier?: String;
+    /**
+     * The replication mode of the component.
+     */
+    HsrReplicationMode?: ReplicationMode;
+    /**
+     * The operation mode of the component.
+     */
+    HsrOperationMode?: OperationMode;
+    /**
+     * The cluster status of the component.
+     */
+    ClusterStatus?: ClusterStatus;
+  }
   export type ResourceId = string;
   export type ResourceType = string;
   export type SAPInstanceNumber = string;
   export type SID = string;
   export type SecretId = string;
   export type SsmSapArn = string;
+  export interface StartApplicationRefreshInput {
+    /**
+     * The ID of the application.
+     */
+    ApplicationId: ApplicationId;
+  }
+  export interface StartApplicationRefreshOutput {
+    /**
+     * The ID of the operation.
+     */
+    OperationId?: OperationId;
+  }
   export type String = string;
   export type TagKey = string;
   export type TagKeyList = TagKey[];
@@ -799,6 +919,10 @@ declare namespace SsmSap {
      * The credentials to be removed.
      */
     CredentialsToRemove?: ApplicationCredentialList;
+    /**
+     * Installation of AWS Backint Agent for SAP HANA.
+     */
+    Backint?: BackintConfig;
   }
   export interface UpdateApplicationSettingsOutput {
     /**

package/clients/transcribeservice.d.ts

@@ -1744,6 +1744,10 @@ declare namespace TranscribeService {
      * If using automatic language identification in your request and you want to apply a custom language model, a custom vocabulary, or a custom vocabulary filter, include LanguageIdSettings with the relevant sub-parameters (VocabularyName, LanguageModelName, and VocabularyFilterName). Note that multi-language identification (IdentifyMultipleLanguages) doesn't support custom language models.  LanguageIdSettings supports two to five language codes. Each language code you include can have an associated custom language model, custom vocabulary, and custom vocabulary filter. The language codes that you specify must match the languages of the associated custom language models, custom vocabularies, and custom vocabulary filters. It's recommended that you include LanguageOptions when using LanguageIdSettings to ensure that the correct language dialect is identified. For example, if you specify a custom vocabulary that is in en-US but Amazon Transcribe determines that the language spoken in your media is en-AU, your custom vocabulary is not applied to your transcription. If you include LanguageOptions and include en-US as the only English language dialect, your custom vocabulary is applied to your transcription. If you want to include a custom language model with your request but do not want to use automatic language identification, use instead the  parameter with the LanguageModelName sub-parameter. If you want to include a custom vocabulary or a custom vocabulary filter (or both) with your request but do not want to use automatic language identification, use instead the  parameter with the VocabularyName or VocabularyFilterName (or both) sub-parameter.
      */
     LanguageIdSettings?: LanguageIdSettingsMap;
+    /**
+     * Enables toxic speech detection in your transcript. If you include ToxicityDetection in your request, you must also include ToxicityCategories. For information on the types of toxic speech Amazon Transcribe can detect, see Detecting toxic speech.
+     */
+    ToxicityDetection?: ToxicityDetection;
   }
   export interface StartTranscriptionJobResponse {
     /**
@@ -1807,6 +1811,15 @@ declare namespace TranscribeService {
   }
   export type TagValue = string;
   export type TimestampMilliseconds = number;
+  export type ToxicityCategories = ToxicityCategory[];
+  export type ToxicityCategory = "ALL"|string;
+  export type ToxicityDetection = ToxicityDetectionSettings[];
+  export interface ToxicityDetectionSettings {
+    /**
+     *  If you include ToxicityDetection in your transcription request, you must also include ToxicityCategories. The only accepted value for this parameter is ALL.
+     */
+    ToxicityCategories: ToxicityCategories;
+  }
   export type TranscribeArn = string;
   export interface Transcript {
     /**
@@ -1938,6 +1951,10 @@ declare namespace TranscribeService {
      * Provides the name and language of all custom language models, custom vocabularies, and custom vocabulary filters that you included in your request.
      */
     LanguageIdSettings?: LanguageIdSettingsMap;
+    /**
+     * Provides information about the toxicity detection settings applied to your transcription.
+     */
+    ToxicityDetection?: ToxicityDetection;
   }
   export type TranscriptionJobName = string;
   export type TranscriptionJobStatus = "QUEUED"|"IN_PROGRESS"|"FAILED"|"COMPLETED"|string;
@@ -1996,6 +2013,10 @@ declare namespace TranscribeService {
      * The language codes used to create your transcription job. This parameter is used with multi-language identification. For single-language identification, the singular version of this parameter, LanguageCode, is present.
      */
     LanguageCodes?: LanguageCodeList;
+    /**
+     * Indicates whether toxicity detection was enabled for the specified transcription job.
+     */
+    ToxicityDetection?: ToxicityDetection;
   }
   export type Type = "CONVERSATION"|"DICTATION"|string;
   export interface UntagResourceRequest {