aws-sdk 2.1557.0 → 2.1559.0

package/clients/detective.d.ts

@@ -36,11 +36,11 @@ declare class Detective extends Service {
    */
   batchGetMembershipDatasources(callback?: (err: AWSError, data: Detective.Types.BatchGetMembershipDatasourcesResponse) => void): Request<Detective.Types.BatchGetMembershipDatasourcesResponse, AWSError>;
   /**
-   * Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective. Before you try to enable Detective, make sure that your account has been enrolled in Amazon GuardDuty for at least 48 hours. If you do not meet this requirement, you cannot enable Detective. If you do meet the GuardDuty prerequisite, then when you make the request to enable Detective, it checks whether your data volume is within the Detective quota. If it exceeds the quota, then you cannot enable Detective.  The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.  CreateGraph triggers a process to create the corresponding data tables for the new behavior graph. An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
+   * Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective. The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.  CreateGraph triggers a process to create the corresponding data tables for the new behavior graph. An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
    */
   createGraph(params: Detective.Types.CreateGraphRequest, callback?: (err: AWSError, data: Detective.Types.CreateGraphResponse) => void): Request<Detective.Types.CreateGraphResponse, AWSError>;
   /**
-   * Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective. Before you try to enable Detective, make sure that your account has been enrolled in Amazon GuardDuty for at least 48 hours. If you do not meet this requirement, you cannot enable Detective. If you do meet the GuardDuty prerequisite, then when you make the request to enable Detective, it checks whether your data volume is within the Detective quota. If it exceeds the quota, then you cannot enable Detective.  The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.  CreateGraph triggers a process to create the corresponding data tables for the new behavior graph. An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
+   * Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective. The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.  CreateGraph triggers a process to create the corresponding data tables for the new behavior graph. An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
    */
   createGraph(callback?: (err: AWSError, data: Detective.Types.CreateGraphResponse) => void): Request<Detective.Types.CreateGraphResponse, AWSError>;
   /**
@@ -96,11 +96,11 @@ declare class Detective extends Service {
    */
   enableOrganizationAdminAccount(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Returns the investigation results of an investigation for a behavior graph. 
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. GetInvestigation returns the investigation results of an investigation for a behavior graph. 
    */
   getInvestigation(params: Detective.Types.GetInvestigationRequest, callback?: (err: AWSError, data: Detective.Types.GetInvestigationResponse) => void): Request<Detective.Types.GetInvestigationResponse, AWSError>;
   /**
-   * Returns the investigation results of an investigation for a behavior graph. 
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. GetInvestigation returns the investigation results of an investigation for a behavior graph. 
    */
   getInvestigation(callback?: (err: AWSError, data: Detective.Types.GetInvestigationResponse) => void): Request<Detective.Types.GetInvestigationResponse, AWSError>;
   /**
@@ -128,19 +128,19 @@ declare class Detective extends Service {
    */
   listGraphs(callback?: (err: AWSError, data: Detective.Types.ListGraphsResponse) => void): Request<Detective.Types.ListGraphsResponse, AWSError>;
   /**
-   * Get the indicators from an investigation
+   * Gets the indicators from an investigation. You can use the information from the indicators to determine if an IAM user and/or IAM role is involved in an unusual activity that could indicate malicious behavior and its impact.
    */
   listIndicators(params: Detective.Types.ListIndicatorsRequest, callback?: (err: AWSError, data: Detective.Types.ListIndicatorsResponse) => void): Request<Detective.Types.ListIndicatorsResponse, AWSError>;
   /**
-   * Get the indicators from an investigation
+   * Gets the indicators from an investigation. You can use the information from the indicators to determine if an IAM user and/or IAM role is involved in an unusual activity that could indicate malicious behavior and its impact.
    */
   listIndicators(callback?: (err: AWSError, data: Detective.Types.ListIndicatorsResponse) => void): Request<Detective.Types.ListIndicatorsResponse, AWSError>;
   /**
-   * List all Investigations.
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. ListInvestigations lists all active Detective investigations.
    */
   listInvestigations(params: Detective.Types.ListInvestigationsRequest, callback?: (err: AWSError, data: Detective.Types.ListInvestigationsResponse) => void): Request<Detective.Types.ListInvestigationsResponse, AWSError>;
   /**
-   * List all Investigations.
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. ListInvestigations lists all active Detective investigations.
    */
   listInvestigations(callback?: (err: AWSError, data: Detective.Types.ListInvestigationsResponse) => void): Request<Detective.Types.ListInvestigationsResponse, AWSError>;
   /**
@@ -184,11 +184,11 @@ declare class Detective extends Service {
    */
   rejectInvitation(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * initiate an investigation on an entity in a graph
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. StartInvestigation initiates an investigation on an entity in a behavior graph. 
    */
   startInvestigation(params: Detective.Types.StartInvestigationRequest, callback?: (err: AWSError, data: Detective.Types.StartInvestigationResponse) => void): Request<Detective.Types.StartInvestigationResponse, AWSError>;
   /**
-   * initiate an investigation on an entity in a graph
+   * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. StartInvestigation initiates an investigation on an entity in a behavior graph. 
    */
   startInvestigation(callback?: (err: AWSError, data: Detective.Types.StartInvestigationResponse) => void): Request<Detective.Types.StartInvestigationResponse, AWSError>;
   /**
@@ -224,11 +224,11 @@ declare class Detective extends Service {
    */
   updateDatasourcePackages(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Update the state of an investigation.
+   * Updates the state of an investigation.
    */
   updateInvestigationState(params: Detective.Types.UpdateInvestigationStateRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Update the state of an investigation.
+   * Updates the state of an investigation.
    */
   updateInvestigationState(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
@@ -391,7 +391,7 @@ declare namespace Detective {
      */
     StartInclusive: Timestamp;
     /**
-     * A timestamp representing the end date of the time period until when data is filtered , including the end date.
+     * A timestamp representing the end date of the time period until when data is filtered, including the end date.
      */
     EndInclusive: Timestamp;
   }
@@ -484,7 +484,7 @@ declare namespace Detective {
   }
   export interface GetInvestigationRequest {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn: GraphArn;
     /**
@@ -494,7 +494,7 @@ declare namespace Detective {
   }
   export interface GetInvestigationResponse {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn?: GraphArn;
     /**
@@ -502,19 +502,19 @@ declare namespace Detective {
      */
     InvestigationId?: InvestigationId;
     /**
-     * The unique Amazon Resource Name (ARN) of the IAM user and IAM role.
+     * The unique Amazon Resource Name (ARN). Detective supports IAM user ARNs and IAM role ARNs.
      */
     EntityArn?: EntityArn;
     /**
-     * Type of entity. For example, Amazon Web Services accounts, such as IAM user and role.
+     * Type of entity. For example, Amazon Web Services accounts, such as an IAM user and/or IAM role.
      */
     EntityType?: EntityType;
     /**
-     * The UTC time stamp of the creation time of the investigation report.
+     * The creation time of the investigation report in UTC time stamp format.
      */
     CreatedTime?: Timestamp;
     /**
-     * The start date and time for the scope time set to generate the investigation report.
+     * The start date and time used to set the scope time within which you want to generate the investigation report. The value is an UTC ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
      */
     ScopeStartTime?: Timestamp;
     /**
@@ -522,15 +522,15 @@ declare namespace Detective {
      */
     ScopeEndTime?: Timestamp;
     /**
-     * Status based on the completion status of the investigation.
+     * The status based on the completion status of the investigation.
      */
     Status?: Status;
     /**
-     * Severity based on the likelihood and impact of the indicators of compromise discovered in the investigation.
+     * The severity assigned is based on the likelihood and impact of the indicators of compromise discovered in the investigation.
      */
     Severity?: Severity;
     /**
-     * The current state of the investigation. An archived investigation indicates you have completed reviewing the investigation.
+     * The current state of the investigation. An archived investigation indicates that you have completed reviewing the investigation.
      */
     State?: State;
   }
@@ -571,7 +571,7 @@ declare namespace Detective {
   export type Id = string;
   export interface ImpossibleTravelDetail {
     /**
-     * IP address where the resource was first used in the impossible travel
+     * IP address where the resource was first used in the impossible travel.
      */
     StartingIpAddress?: IpAddress;
     /**
@@ -579,7 +579,7 @@ declare namespace Detective {
      */
     EndingIpAddress?: IpAddress;
     /**
-     * Location where the resource was first used in the impossible travel
+     * Location where the resource was first used in the impossible travel.
      */
     StartingLocation?: Location;
     /**
@@ -593,11 +593,11 @@ declare namespace Detective {
   }
   export interface Indicator {
     /**
-     * The type of indicator.
+     * The type of indicator. 
      */
     IndicatorType?: IndicatorType;
     /**
-     * Details about the indicator of compromise.
+     * Details about the indicators of compromise that are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident.
      */
     IndicatorDetail?: IndicatorDetail;
   }
@@ -611,7 +611,7 @@ declare namespace Detective {
      */
     ImpossibleTravelDetail?: ImpossibleTravelDetail;
     /**
-     * Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from AWS threat intelligence.
+     * Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.
      */
     FlaggedIpAddressDetail?: FlaggedIpAddressDetail;
     /**
@@ -655,7 +655,7 @@ declare namespace Detective {
      */
     State?: State;
     /**
-     * The UTC time stamp of the creation time of the investigation report.
+     * The time stamp of the creation time of the investigation report. The value is an UTC ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
      */
     CreatedTime?: Timestamp;
     /**
@@ -719,7 +719,7 @@ declare namespace Detective {
   }
   export interface ListIndicatorsRequest {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn: GraphArn;
     /**
@@ -727,21 +727,21 @@ declare namespace Detective {
      */
     InvestigationId: InvestigationId;
     /**
-     * See Detective investigations..
+     * For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.
      */
     IndicatorType?: IndicatorType;
     /**
-     * List if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
+     * Lists if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
      */
     NextToken?: AiPaginationToken;
     /**
-     * List the maximum number of indicators in a page.
+     * Lists the maximum number of indicators in a page.
      */
     MaxResults?: MaxResults;
   }
   export interface ListIndicatorsResponse {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn?: GraphArn;
     /**
@@ -749,29 +749,29 @@ declare namespace Detective {
      */
     InvestigationId?: InvestigationId;
     /**
-     * List if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
+     * Lists if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
      */
     NextToken?: AiPaginationToken;
     /**
-     * Indicators of compromise listed based on severity.
+     * Lists the indicators of compromise.
      */
     Indicators?: Indicators;
   }
   export interface ListInvestigationsRequest {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn: GraphArn;
     /**
-     * List if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
+     * Lists if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return a Validation Exception error.
      */
     NextToken?: AiPaginationToken;
     /**
-     * List the maximum number of investigations in a page.
+     * Lists the maximum number of investigations in a page.
      */
     MaxResults?: MaxResults;
     /**
-     * Filter the investigation results based on a criteria.
+     * Filters the investigation results based on a criteria.
      */
     FilterCriteria?: FilterCriteria;
     /**
@@ -781,11 +781,11 @@ declare namespace Detective {
   }
   export interface ListInvestigationsResponse {
     /**
-     * Investigations details lists the summary of uncommon behavior or malicious activity which indicates a compromise.
+     * Lists the summary of uncommon behavior or malicious activity which indicates a compromise.
      */
     InvestigationDetails?: InvestigationDetails;
     /**
-     * List if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination token will return an HTTP 400 InvalidToken error.
+     * Lists if there are more results available. The value of nextToken is a unique pagination token for each page. Repeat the call using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. 
      */
     NextToken?: AiPaginationToken;
   }
@@ -958,7 +958,7 @@ declare namespace Detective {
      */
     Aso?: Aso;
     /**
-     * Checks if the ASO is for new for the entire account.
+     * Checks if the Autonomous System Organization (ASO) is new for the entire account.
      */
     IsNewForEntireAccount?: IsNewForEntireAccount;
   }
@@ -972,7 +972,7 @@ declare namespace Detective {
      */
     IpAddress?: IpAddress;
     /**
-     * Checks if the gelocation is new for the entire account.
+     * Checks if the geolocation is new for the entire account.
      */
     IsNewForEntireAccount?: IsNewForEntireAccount;
   }
@@ -998,7 +998,7 @@ declare namespace Detective {
   }
   export interface RelatedFindingDetail {
     /**
-     * The ARN of the related finding.
+     * The Amazon Resource Name (ARN) of the related finding.
      */
     Arn?: EntityArn;
     /**
@@ -1030,7 +1030,7 @@ declare namespace Detective {
   export type SortOrder = "ASC"|"DESC"|string;
   export interface StartInvestigationRequest {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn: GraphArn;
     /**
@@ -1042,7 +1042,7 @@ declare namespace Detective {
      */
     ScopeStartTime: Timestamp;
     /**
-     * The data and time when the investigation began. The value is an UTC ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
+     * The data and time when the investigation ended. The value is an UTC ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
      */
     ScopeEndTime: Timestamp;
   }
@@ -1084,11 +1084,11 @@ declare namespace Detective {
      */
     Procedure?: Procedure;
     /**
-     * The IP address where the TTP was observed.
+     * The IP address where the tactics, techniques, and procedure (TTP) was observed.
      */
     IpAddress?: IpAddress;
     /**
-     * The name of the API where the TTP was observed.
+     * The name of the API where the tactics, techniques, and procedure (TTP) was observed.
      */
     APIName?: APIName;
     /**
@@ -1173,7 +1173,7 @@ declare namespace Detective {
   }
   export interface UpdateInvestigationStateRequest {
     /**
-     * The ARN of the behavior graph.
+     * The Amazon Resource Name (ARN) of the behavior graph.
      */
     GraphArn: GraphArn;
     /**

package/clients/guardduty.d.ts

@@ -260,11 +260,11 @@ declare class GuardDuty extends Service {
    */
   getFindings(callback?: (err: AWSError, data: GuardDuty.Types.GetFindingsResponse) => void): Request<GuardDuty.Types.GetFindingsResponse, AWSError>;
   /**
-   * Lists Amazon GuardDuty findings statistics for the specified detector ID.
+   * Lists Amazon GuardDuty findings statistics for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
    */
   getFindingsStatistics(params: GuardDuty.Types.GetFindingsStatisticsRequest, callback?: (err: AWSError, data: GuardDuty.Types.GetFindingsStatisticsResponse) => void): Request<GuardDuty.Types.GetFindingsStatisticsResponse, AWSError>;
   /**
-   * Lists Amazon GuardDuty findings statistics for the specified detector ID.
+   * Lists Amazon GuardDuty findings statistics for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
    */
   getFindingsStatistics(callback?: (err: AWSError, data: GuardDuty.Types.GetFindingsStatisticsResponse) => void): Request<GuardDuty.Types.GetFindingsStatisticsResponse, AWSError>;
   /**
@@ -376,11 +376,11 @@ declare class GuardDuty extends Service {
    */
   listFilters(callback?: (err: AWSError, data: GuardDuty.Types.ListFiltersResponse) => void): Request<GuardDuty.Types.ListFiltersResponse, AWSError>;
   /**
-   * Lists Amazon GuardDuty findings for the specified detector ID.
+   * Lists GuardDuty findings for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
    */
   listFindings(params: GuardDuty.Types.ListFindingsRequest, callback?: (err: AWSError, data: GuardDuty.Types.ListFindingsResponse) => void): Request<GuardDuty.Types.ListFindingsResponse, AWSError>;
   /**
-   * Lists Amazon GuardDuty findings for the specified detector ID.
+   * Lists GuardDuty findings for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
    */
   listFindings(callback?: (err: AWSError, data: GuardDuty.Types.ListFindingsResponse) => void): Request<GuardDuty.Types.ListFindingsResponse, AWSError>;
   /**
@@ -488,11 +488,11 @@ declare class GuardDuty extends Service {
    */
   untagResource(callback?: (err: AWSError, data: GuardDuty.Types.UntagResourceResponse) => void): Request<GuardDuty.Types.UntagResourceResponse, AWSError>;
   /**
-   * Updates the Amazon GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
+   * Updates the GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
    */
   updateDetector(params: GuardDuty.Types.UpdateDetectorRequest, callback?: (err: AWSError, data: GuardDuty.Types.UpdateDetectorResponse) => void): Request<GuardDuty.Types.UpdateDetectorResponse, AWSError>;
   /**
-   * Updates the Amazon GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
+   * Updates the GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
    */
   updateDetector(callback?: (err: AWSError, data: GuardDuty.Types.UpdateDetectorResponse) => void): Request<GuardDuty.Types.UpdateDetectorResponse, AWSError>;
   /**
@@ -3168,7 +3168,7 @@ declare namespace GuardDuty {
     /**
      * The IPv4 local address of the connection.
      */
-    IpAddressV4?: String;
+    IpAddressV4?: SensitiveString;
   }
   export interface LocalPortDetails {
     /**
@@ -3404,7 +3404,7 @@ declare namespace GuardDuty {
     /**
      * The private IP address of the EC2 instance.
      */
-    PrivateIpAddress?: String;
+    PrivateIpAddress?: SensitiveString;
     /**
      * Other private IP address information of the EC2 instance.
      */
@@ -3722,7 +3722,7 @@ declare namespace GuardDuty {
     /**
      * The private IP address of the EC2 instance.
      */
-    PrivateIpAddress?: String;
+    PrivateIpAddress?: SensitiveString;
   }
   export type PrivateIpAddresses = PrivateIpAddressDetails[];
   export interface ProcessDetails {
@@ -3884,7 +3884,7 @@ declare namespace GuardDuty {
     /**
      * The IPv4 remote address of the connection.
      */
-    IpAddressV4?: String;
+    IpAddressV4?: SensitiveString;
     /**
      * The ISP organization information of the remote IP address.
      */
@@ -4297,6 +4297,7 @@ declare namespace GuardDuty {
     GroupName?: String;
   }
   export type SecurityGroups = SecurityGroup[];
+  export type SensitiveString = string;
   export interface Service {
     /**
      * Information about the activity that is described in a finding.

package/clients/healthlake.d.ts

@@ -301,7 +301,7 @@ declare namespace HealthLake {
   }
   export interface DescribeFHIRImportJobResponse {
     /**
-     * The properties of the Import job request, including the ID, ARN, name, and the status of the job.
+     * The properties of the Import job request, including the ID, ARN, name, status of the job, and the progress report of the job.
      */
     ImportJobProperties: ImportJobProperties;
   }
@@ -346,6 +346,8 @@ declare namespace HealthLake {
   }
   export type ExportJobPropertiesList = ExportJobProperties[];
   export type FHIRVersion = "R4"|string;
+  export type GenericDouble = number;
+  export type GenericLong = number;
   export type IamRoleArn = string;
   export interface IdentityProviderConfiguration {
     /**
@@ -395,6 +397,10 @@ declare namespace HealthLake {
      */
     InputDataConfig: InputDataConfig;
     JobOutputDataConfig?: OutputDataConfig;
+    /**
+     * Displays the progress of the import job, including total resources scanned, total resources ingested, and total size of data ingested.
+     */
+    JobProgressReport?: JobProgressReport;
     /**
      * The Amazon Resource Name (ARN) that gives AWS HealthLake access to your input data.
      */
@@ -413,6 +419,40 @@ declare namespace HealthLake {
   }
   export type JobId = string;
   export type JobName = string;
+  export interface JobProgressReport {
+    /**
+     * The number of files scanned from input S3 bucket.
+     */
+    TotalNumberOfScannedFiles?: GenericLong;
+    /**
+     * The size (in MB) of the files scanned from the input S3 bucket.
+     */
+    TotalSizeOfScannedFilesInMB?: GenericDouble;
+    /**
+     * The number of files imported so far.
+     */
+    TotalNumberOfImportedFiles?: GenericLong;
+    /**
+     * The number of resources scanned from the input S3 bucket.
+     */
+    TotalNumberOfResourcesScanned?: GenericLong;
+    /**
+     * The number of resources imported so far.
+     */
+    TotalNumberOfResourcesImported?: GenericLong;
+    /**
+     * The number of resources that failed due to customer error.
+     */
+    TotalNumberOfResourcesWithCustomerError?: GenericLong;
+    /**
+     * The number of files that failed to be read from the input S3 bucket due to customer error.
+     */
+    TotalNumberOfFilesReadWithCustomerError?: GenericLong;
+    /**
+     * The throughput (in MB/sec) of the import job.
+     */
+    Throughput?: GenericDouble;
+  }
   export type JobStatus = "SUBMITTED"|"IN_PROGRESS"|"COMPLETED_WITH_ERRORS"|"COMPLETED"|"FAILED"|"CANCEL_SUBMITTED"|"CANCEL_IN_PROGRESS"|"CANCEL_COMPLETED"|"CANCEL_FAILED"|string;
   export interface KmsEncryptionConfig {
     /**
@@ -521,7 +561,7 @@ declare namespace HealthLake {
   }
   export interface ListFHIRImportJobsResponse {
     /**
-     *  The properties of a listed FHIR import jobs, including the ID, ARN, name, and the status of the job. 
+     *  The properties of a listed FHIR import jobs, including the ID, ARN, name, the status of the job, and the progress report of the job. 
      */
     ImportJobPropertiesList: ImportJobPropertiesList;
     /**

package/clients/lookoutequipment.d.ts

@@ -650,6 +650,10 @@ declare namespace LookoutEquipment {
      * Indicates that the asset associated with this sensor has been shut off. As long as this condition is met, Lookout for Equipment will not use data from this asset for training, evaluation, or inference.
      */
     OffCondition?: OffCondition;
+    /**
+     * The Amazon S3 location where you want Amazon Lookout for Equipment to save the pointwise model diagnostics. You must also specify the RoleArn request parameter.
+     */
+    ModelDiagnosticsOutputConfiguration?: ModelDiagnosticsOutputConfiguration;
   }
   export interface CreateModelResponse {
     /**
@@ -935,7 +939,7 @@ declare namespace LookoutEquipment {
      */
     DataQualitySummary?: DataQualitySummary;
     /**
-     *  IngestedFilesSummary associated with the given dataset for the latest successful associated ingestion job id. 
+     * IngestedFilesSummary associated with the given dataset for the latest successful associated ingestion job id. 
      */
     IngestedFilesSummary?: IngestedFilesSummary;
     /**
@@ -1266,6 +1270,10 @@ declare namespace LookoutEquipment {
      * Indicates the status of the retraining scheduler. 
      */
     RetrainingSchedulerStatus?: RetrainingSchedulerStatus;
+    /**
+     * Configuration information for the model's pointwise model diagnostics.
+     */
+    ModelDiagnosticsOutputConfiguration?: ModelDiagnosticsOutputConfiguration;
   }
   export interface DescribeModelVersionRequest {
     /**
@@ -1400,6 +1408,14 @@ declare namespace LookoutEquipment {
      * Indicates the reason for the AutoPromotionResult. For example, a model might not be promoted if its performance was worse than the active version, if there was an error during training, or if the retraining scheduler was using MANUAL promote mode. The model will be promoted in MANAGED promote mode if the performance is better than the previous model. 
      */
     AutoPromotionResultReason?: AutoPromotionResultReason;
+    /**
+     * The Amazon S3 location where Amazon Lookout for Equipment saves the pointwise model diagnostics for the model version.
+     */
+    ModelDiagnosticsOutputConfiguration?: ModelDiagnosticsOutputConfiguration;
+    /**
+     * The Amazon S3 output prefix for where Lookout for Equipment saves the pointwise model diagnostics for the model version.
+     */
+    ModelDiagnosticsResultsObject?: S3Object;
   }
   export interface DescribeResourcePolicyRequest {
     /**
@@ -1804,7 +1820,7 @@ declare namespace LookoutEquipment {
      */
     MissingCompleteSensorData: MissingCompleteSensorData;
     /**
-     *  Parameter that describes the total number of sensors that have a short date range of less than 90 days of data overall. 
+     *  Parameter that describes the total number of sensors that have a short date range of less than 14 days of data overall. 
      */
     SensorsWithShortDateRange: SensorsWithShortDateRange;
   }
@@ -2034,7 +2050,7 @@ declare namespace LookoutEquipment {
      */
     NextToken?: NextToken;
     /**
-     * Provides an array of information about the individual inference executions returned from the ListInferenceExecutions operation, including model used, inference scheduler, data configuration, and so on. 
+     * Provides an array of information about the individual inference executions returned from the ListInferenceExecutions operation, including model used, inference scheduler, data configuration, and so on.   If you don't supply the InferenceSchedulerName request parameter, or if you supply the name of an inference scheduler that doesn't exist, ListInferenceExecutions returns an empty array in InferenceExecutionSummaries. 
      */
     InferenceExecutionSummaries?: InferenceExecutionSummaries;
   }
@@ -2096,7 +2112,7 @@ declare namespace LookoutEquipment {
   }
   export interface ListLabelsRequest {
     /**
-     *  Retruns the name of the label group. 
+     *  Returns the name of the label group. 
      */
     LabelGroupName: LabelGroupName;
     /**
@@ -2130,7 +2146,7 @@ declare namespace LookoutEquipment {
      */
     NextToken?: NextToken;
     /**
-     *  A summary of the items in the label group. 
+     *  A summary of the items in the label group.   If you don't supply the LabelGroupName request parameter, or if you supply the name of a label group that doesn't exist, ListLabels returns an empty array in LabelSummaries. 
      */
     LabelSummaries?: LabelSummaries;
   }
@@ -2178,7 +2194,7 @@ declare namespace LookoutEquipment {
      */
     NextToken?: NextToken;
     /**
-     * Provides information on the specified model version, including the created time, model and dataset ARNs, and status.
+     * Provides information on the specified model version, including the created time, model and dataset ARNs, and status.  If you don't supply the ModelName request parameter, or if you supply the name of a model that doesn't exist, ListModelVersions returns an empty array in ModelVersionSummaries.  
      */
     ModelVersionSummaries?: ModelVersionSummaries;
   }
@@ -2302,6 +2318,26 @@ declare namespace LookoutEquipment {
     TotalNumberOfMissingValues: Integer;
   }
   export type ModelArn = string;
+  export interface ModelDiagnosticsOutputConfiguration {
+    /**
+     * The Amazon S3 location for the pointwise model diagnostics. 
+     */
+    S3OutputConfiguration: ModelDiagnosticsS3OutputConfiguration;
+    /**
+     * The Amazon Web Services Key Management Service (KMS) key identifier to encrypt the pointwise model diagnostics files.
+     */
+    KmsKeyId?: NameOrArn;
+  }
+  export interface ModelDiagnosticsS3OutputConfiguration {
+    /**
+     * The name of the Amazon S3 bucket where the pointwise model diagnostics are located. You must be the owner of the Amazon S3 bucket. 
+     */
+    Bucket: S3Bucket;
+    /**
+     * The Amazon S3 prefix for the location of the pointwise model diagnostics. The prefix specifies the folder and evaluation result file name. (bucket). When you call CreateModel or UpdateModel, specify the path within the bucket that you want Lookout for Equipment to save the model to. During training, Lookout for Equipment creates the model evaluation model as a compressed JSON file with the name model_diagnostics_results.json.gz. When you call DescribeModel or DescribeModelVersion, prefix contains the file path and filename of the model evaluation file. 
+     */
+    Prefix?: S3Prefix;
+  }
   export type ModelMetrics = string;
   export type ModelName = string;
   export type ModelPromoteMode = "MANAGED"|"MANUAL"|string;
@@ -2360,6 +2396,7 @@ declare namespace LookoutEquipment {
      * Indicates the status of the retraining scheduler. 
      */
     RetrainingSchedulerStatus?: RetrainingSchedulerStatus;
+    ModelDiagnosticsOutputConfiguration?: ModelDiagnosticsOutputConfiguration;
   }
   export type ModelVersion = number;
   export type ModelVersionArn = string;
@@ -2547,7 +2584,7 @@ declare namespace LookoutEquipment {
   }
   export interface SensorsWithShortDateRange {
     /**
-     *  Indicates the number of sensors that have less than 90 days of data. 
+     *  Indicates the number of sensors that have less than 14 days of data. 
      */
     AffectedSensorCount: Integer;
   }
@@ -2805,6 +2842,10 @@ declare namespace LookoutEquipment {
      * The ARN of the model to update.
      */
     RoleArn?: IamRoleArn;
+    /**
+     * The Amazon S3 location where you want Amazon Lookout for Equipment to save the pointwise model diagnostics for the model. You must also specify the RoleArn request parameter.
+     */
+    ModelDiagnosticsOutputConfiguration?: ModelDiagnosticsOutputConfiguration;
   }
   export interface UpdateRetrainingSchedulerRequest {
     /**