aws-sdk 2.1642.0 → 2.1643.0

package/apis/waf-2015-08-24.min.json

@@ -5,12 +5,18 @@
     "endpointPrefix": "waf",
     "jsonVersion": "1.1",
     "protocol": "json",
+    "protocols": [
+      "json"
+    ],
     "serviceAbbreviation": "WAF",
     "serviceFullName": "AWS WAF",
     "serviceId": "WAF",
     "signatureVersion": "v4",
     "targetPrefix": "AWSWAF_20150824",
-    "uid": "waf-2015-08-24"
+    "uid": "waf-2015-08-24",
+    "auth": [
+      "aws.auth#sigv4"
+    ]
   },
   "operations": {
     "CreateByteMatchSet": {

package/clients/acmpca.d.ts

@@ -109,11 +109,11 @@ declare class ACMPCA extends Service {
    */
   getPolicy(callback?: (err: AWSError, data: ACMPCA.Types.GetPolicyResponse) => void): Request<ACMPCA.Types.GetPolicyResponse, AWSError>;
   /**
-   * Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you are using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call this action, the following preparations must in place:   In Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you plan to back with the imported certificate.   Call the GetCertificateAuthorityCsr action to generate a certificate signing request (CSR).   Sign the CSR using a root or intermediate CA hosted by either an on-premises PKI hierarchy or by a commercial CA.   Create a certificate chain and copy the signed certificate and the certificate chain to your working directory.   Amazon Web Services Private CA supports three scenarios for installing a CA certificate:   Installing a certificate for a root CA hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is externally hosted.   The following additional requirements apply when you import a CA certificate.   Only a self-signed certificate can be imported as a root CA.   A self-signed certificate cannot be imported as a subordinate CA.   Your certificate chain must not include the private CA certificate that you are importing.   Your root CA must be the last certificate in your chain. The subordinate certificate, if any, that your root CA signed must be next to last. The subordinate certificate signed by the preceding subordinate CA must come next, and so on until your chain is built.    The chain must be PEM-encoded.   The maximum allowed size of a certificate is 32 KB.   The maximum allowed size of a certificate chain is 2 MB.    Enforcement of Critical Constraints  Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA certificate or chain.   Basic constraints (must be marked critical)   Subject alternative names   Key usage   Extended key usage   Authority key identifier   Subject key identifier   Issuer alternative name   Subject directory attributes   Subject information access   Certificate policies   Policy mappings   Inhibit anyPolicy   Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.   Name constraints   Policy constraints   CRL distribution points   Authority information access   Freshest CRL   Any other extension  
+   * Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you are using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call this action, the following preparations must in place:   In Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you plan to back with the imported certificate.   Call the GetCertificateAuthorityCsr action to generate a certificate signing request (CSR).   Sign the CSR using a root or intermediate CA hosted by either an on-premises PKI hierarchy or by a commercial CA.   Create a certificate chain and copy the signed certificate and the certificate chain to your working directory.   Amazon Web Services Private CA supports three scenarios for installing a CA certificate:   Installing a certificate for a root CA hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is externally hosted.   The following additional requirements apply when you import a CA certificate.   Only a self-signed certificate can be imported as a root CA.   A self-signed certificate cannot be imported as a subordinate CA.   Your certificate chain must not include the private CA certificate that you are importing.   Your root CA must be the last certificate in your chain. The subordinate certificate, if any, that your root CA signed must be next to last. The subordinate certificate signed by the preceding subordinate CA must come next, and so on until your chain is built.    The chain must be PEM-encoded.   The maximum allowed size of a certificate is 32 KB.   The maximum allowed size of a certificate chain is 2 MB.    Enforcement of Critical Constraints  Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA certificate or chain.   Authority key identifier   Basic constraints (must be marked critical)   Certificate policies   Extended key usage   Inhibit anyPolicy   Issuer alternative name   Key usage   Name constraints   Policy mappings   Subject alternative name   Subject directory attributes   Subject key identifier   Subject information access   Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.   Authority information access   CRL distribution points   Freshest CRL   Policy constraints   Amazon Web Services Private Certificate Authority will also reject any other extension marked as critical not contained on the preceding list of allowed extensions.
    */
   importCertificateAuthorityCertificate(params: ACMPCA.Types.ImportCertificateAuthorityCertificateRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you are using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call this action, the following preparations must in place:   In Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you plan to back with the imported certificate.   Call the GetCertificateAuthorityCsr action to generate a certificate signing request (CSR).   Sign the CSR using a root or intermediate CA hosted by either an on-premises PKI hierarchy or by a commercial CA.   Create a certificate chain and copy the signed certificate and the certificate chain to your working directory.   Amazon Web Services Private CA supports three scenarios for installing a CA certificate:   Installing a certificate for a root CA hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is externally hosted.   The following additional requirements apply when you import a CA certificate.   Only a self-signed certificate can be imported as a root CA.   A self-signed certificate cannot be imported as a subordinate CA.   Your certificate chain must not include the private CA certificate that you are importing.   Your root CA must be the last certificate in your chain. The subordinate certificate, if any, that your root CA signed must be next to last. The subordinate certificate signed by the preceding subordinate CA must come next, and so on until your chain is built.    The chain must be PEM-encoded.   The maximum allowed size of a certificate is 32 KB.   The maximum allowed size of a certificate chain is 2 MB.    Enforcement of Critical Constraints  Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA certificate or chain.   Basic constraints (must be marked critical)   Subject alternative names   Key usage   Extended key usage   Authority key identifier   Subject key identifier   Issuer alternative name   Subject directory attributes   Subject information access   Certificate policies   Policy mappings   Inhibit anyPolicy   Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.   Name constraints   Policy constraints   CRL distribution points   Authority information access   Freshest CRL   Any other extension  
+   * Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you are using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call this action, the following preparations must in place:   In Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you plan to back with the imported certificate.   Call the GetCertificateAuthorityCsr action to generate a certificate signing request (CSR).   Sign the CSR using a root or intermediate CA hosted by either an on-premises PKI hierarchy or by a commercial CA.   Create a certificate chain and copy the signed certificate and the certificate chain to your working directory.   Amazon Web Services Private CA supports three scenarios for installing a CA certificate:   Installing a certificate for a root CA hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is hosted by Amazon Web Services Private CA.   Installing a subordinate CA certificate whose parent authority is externally hosted.   The following additional requirements apply when you import a CA certificate.   Only a self-signed certificate can be imported as a root CA.   A self-signed certificate cannot be imported as a subordinate CA.   Your certificate chain must not include the private CA certificate that you are importing.   Your root CA must be the last certificate in your chain. The subordinate certificate, if any, that your root CA signed must be next to last. The subordinate certificate signed by the preceding subordinate CA must come next, and so on until your chain is built.    The chain must be PEM-encoded.   The maximum allowed size of a certificate is 32 KB.   The maximum allowed size of a certificate chain is 2 MB.    Enforcement of Critical Constraints  Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA certificate or chain.   Authority key identifier   Basic constraints (must be marked critical)   Certificate policies   Extended key usage   Inhibit anyPolicy   Issuer alternative name   Key usage   Name constraints   Policy mappings   Subject alternative name   Subject directory attributes   Subject key identifier   Subject information access   Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.   Authority information access   CRL distribution points   Freshest CRL   Policy constraints   Amazon Web Services Private Certificate Authority will also reject any other extension marked as critical not contained on the preceding list of allowed extensions.
    */
   importCertificateAuthorityCertificate(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**

package/clients/codebuild.d.ts

@@ -1204,6 +1204,10 @@ declare namespace CodeBuild {
      * If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns payloadUrl and secret values for the webhook. The payloadUrl and secret values in the output can be used to manually create a webhook within GitHub.   manualCreation is only available for GitHub webhooks. 
      */
     manualCreation?: WrapperBoolean;
+    /**
+     * The scope configuration for global or organization webhooks.  Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. 
+     */
+    scopeConfiguration?: ScopeConfiguration;
   }
   export interface CreateWebhookOutput {
     /**
@@ -2603,6 +2607,20 @@ declare namespace CodeBuild {
      */
     desiredCapacity?: FleetCapacity;
   }
+  export interface ScopeConfiguration {
+    /**
+     * The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
+     */
+    name: String;
+    /**
+     * The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
+     */
+    domain?: String;
+    /**
+     * The type of scope for a GitHub webhook.
+     */
+    scope: WebhookScopeType;
+  }
   export type SecurityGroupIds = NonEmptyString[];
   export type SensitiveNonEmptyString = string;
   export type SensitiveString = string;
@@ -3263,11 +3281,15 @@ declare namespace CodeBuild {
      * A timestamp that indicates the last time a repository's secret token was modified. 
      */
     lastModifiedSecret?: Timestamp;
+    /**
+     * The scope configuration for global or organization webhooks.  Global or organization webhooks are only available for GitHub and Github Enterprise webhooks. 
+     */
+    scopeConfiguration?: ScopeConfiguration;
   }
   export type WebhookBuildType = "BUILD"|"BUILD_BATCH"|string;
   export interface WebhookFilter {
     /**
-     *  The type of webhook filter. There are nine webhook filter types: EVENT, ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF, FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, and WORKFLOW_NAME.     EVENT     A webhook event triggers a build when the provided pattern matches one of nine event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, PULL_REQUEST_MERGED, RELEASED, PRERELEASED, and WORKFLOW_JOB_QUEUED. The EVENT patterns are specified as a comma-separated string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request created, and pull request updated events.    Types PULL_REQUEST_REOPENED and WORKFLOW_JOB_QUEUED work with GitHub and GitHub Enterprise only. Types RELEASED and PRERELEASED work with GitHub only.      ACTOR_ACCOUNT_ID    A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression pattern.      HEAD_REF    A webhook event triggers a build when the head reference matches the regular expression pattern. For example, refs/heads/branch-name and refs/tags/tag-name.    Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.      BASE_REF    A webhook event triggers a build when the base reference matches the regular expression pattern. For example, refs/heads/branch-name.    Works with pull request events only.       FILE_PATH    A webhook triggers a build when the path of a changed file matches the regular expression pattern.    Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.       COMMIT_MESSAGE   A webhook triggers a build when the head commit message matches the regular expression pattern.   Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.       TAG_NAME   A webhook triggers a build when the tag name of the release matches the regular expression pattern.   Works with RELEASED and PRERELEASED events only.       RELEASE_NAME   A webhook triggers a build when the release name matches the regular expression pattern.   Works with RELEASED and PRERELEASED events only.       WORKFLOW_NAME   A webhook triggers a build when the workflow name matches the regular expression pattern.   Works with WORKFLOW_JOB_QUEUED events only.      
+     *  The type of webhook filter. There are nine webhook filter types: EVENT, ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF, FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, and WORKFLOW_NAME.     EVENT     A webhook event triggers a build when the provided pattern matches one of nine event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, PULL_REQUEST_MERGED, RELEASED, PRERELEASED, and WORKFLOW_JOB_QUEUED. The EVENT patterns are specified as a comma-separated string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request created, and pull request updated events.    Types PULL_REQUEST_REOPENED and WORKFLOW_JOB_QUEUED work with GitHub and GitHub Enterprise only. Types RELEASED and PRERELEASED work with GitHub only.      ACTOR_ACCOUNT_ID    A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression pattern.      HEAD_REF    A webhook event triggers a build when the head reference matches the regular expression pattern. For example, refs/heads/branch-name and refs/tags/tag-name.    Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.      BASE_REF    A webhook event triggers a build when the base reference matches the regular expression pattern. For example, refs/heads/branch-name.    Works with pull request events only.       FILE_PATH    A webhook triggers a build when the path of a changed file matches the regular expression pattern.    Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.       COMMIT_MESSAGE   A webhook triggers a build when the head commit message matches the regular expression pattern.   Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.       TAG_NAME   A webhook triggers a build when the tag name of the release matches the regular expression pattern.   Works with RELEASED and PRERELEASED events only.       RELEASE_NAME   A webhook triggers a build when the release name matches the regular expression pattern.   Works with RELEASED and PRERELEASED events only.       REPOSITORY_NAME   A webhook triggers a build when the repository name matches the regular expression pattern.   Works with GitHub global or organization webhooks only.       WORKFLOW_NAME   A webhook triggers a build when the workflow name matches the regular expression pattern.   Works with WORKFLOW_JOB_QUEUED events only.      
      */
     type: WebhookFilterType;
     /**
@@ -3280,6 +3302,7 @@ declare namespace CodeBuild {
     excludeMatchedPattern?: WrapperBoolean;
   }
   export type WebhookFilterType = "EVENT"|"BASE_REF"|"HEAD_REF"|"ACTOR_ACCOUNT_ID"|"FILE_PATH"|"COMMIT_MESSAGE"|"WORKFLOW_NAME"|"TAG_NAME"|"RELEASE_NAME"|string;
+  export type WebhookScopeType = "GITHUB_ORGANIZATION"|"GITHUB_GLOBAL"|string;
   export type WrapperBoolean = boolean;
   export type WrapperDouble = number;
   export type WrapperInt = number;

package/clients/glue.d.ts

@@ -347,6 +347,14 @@ declare class Glue extends Service {
    * Creates a new trigger.
    */
   createTrigger(callback?: (err: AWSError, data: Glue.Types.CreateTriggerResponse) => void): Request<Glue.Types.CreateTriggerResponse, AWSError>;
+  /**
+   * Creates an Glue usage profile.
+   */
+  createUsageProfile(params: Glue.Types.CreateUsageProfileRequest, callback?: (err: AWSError, data: Glue.Types.CreateUsageProfileResponse) => void): Request<Glue.Types.CreateUsageProfileResponse, AWSError>;
+  /**
+   * Creates an Glue usage profile.
+   */
+  createUsageProfile(callback?: (err: AWSError, data: Glue.Types.CreateUsageProfileResponse) => void): Request<Glue.Types.CreateUsageProfileResponse, AWSError>;
   /**
    * Creates a new function definition in the Data Catalog.
    */
@@ -555,6 +563,14 @@ declare class Glue extends Service {
    * Deletes a specified trigger. If the trigger is not found, no exception is thrown.
    */
   deleteTrigger(callback?: (err: AWSError, data: Glue.Types.DeleteTriggerResponse) => void): Request<Glue.Types.DeleteTriggerResponse, AWSError>;
+  /**
+   * Deletes the Glue specified usage profile.
+   */
+  deleteUsageProfile(params: Glue.Types.DeleteUsageProfileRequest, callback?: (err: AWSError, data: Glue.Types.DeleteUsageProfileResponse) => void): Request<Glue.Types.DeleteUsageProfileResponse, AWSError>;
+  /**
+   * Deletes the Glue specified usage profile.
+   */
+  deleteUsageProfile(callback?: (err: AWSError, data: Glue.Types.DeleteUsageProfileResponse) => void): Request<Glue.Types.DeleteUsageProfileResponse, AWSError>;
   /**
    * Deletes an existing function definition from the Data Catalog.
    */
@@ -796,11 +812,11 @@ declare class Glue extends Service {
    */
   getJobBookmark(callback?: (err: AWSError, data: Glue.Types.GetJobBookmarkResponse) => void): Request<Glue.Types.GetJobBookmarkResponse, AWSError>;
   /**
-   * Retrieves the metadata for a given job run.
+   * Retrieves the metadata for a given job run. Job run history is accessible for 90 days for your workflow and job run.
    */
   getJobRun(params: Glue.Types.GetJobRunRequest, callback?: (err: AWSError, data: Glue.Types.GetJobRunResponse) => void): Request<Glue.Types.GetJobRunResponse, AWSError>;
   /**
-   * Retrieves the metadata for a given job run.
+   * Retrieves the metadata for a given job run. Job run history is accessible for 90 days for your workflow and job run.
    */
   getJobRun(callback?: (err: AWSError, data: Glue.Types.GetJobRunResponse) => void): Request<Glue.Types.GetJobRunResponse, AWSError>;
   /**
@@ -1067,6 +1083,14 @@ declare class Glue extends Service {
    * Allows a third-party analytical engine to retrieve unfiltered table metadata from the Data Catalog. For IAM authorization, the public IAM action associated with this API is glue:GetTable.
    */
   getUnfilteredTableMetadata(callback?: (err: AWSError, data: Glue.Types.GetUnfilteredTableMetadataResponse) => void): Request<Glue.Types.GetUnfilteredTableMetadataResponse, AWSError>;
+  /**
+   * Retrieves information about the specified Glue usage profile.
+   */
+  getUsageProfile(params: Glue.Types.GetUsageProfileRequest, callback?: (err: AWSError, data: Glue.Types.GetUsageProfileResponse) => void): Request<Glue.Types.GetUsageProfileResponse, AWSError>;
+  /**
+   * Retrieves information about the specified Glue usage profile.
+   */
+  getUsageProfile(callback?: (err: AWSError, data: Glue.Types.GetUsageProfileResponse) => void): Request<Glue.Types.GetUsageProfileResponse, AWSError>;
   /**
    * Retrieves a specified function definition from the Data Catalog.
    */
@@ -1092,11 +1116,11 @@ declare class Glue extends Service {
    */
   getWorkflow(callback?: (err: AWSError, data: Glue.Types.GetWorkflowResponse) => void): Request<Glue.Types.GetWorkflowResponse, AWSError>;
   /**
-   * Retrieves the metadata for a given workflow run. 
+   * Retrieves the metadata for a given workflow run. Job run history is accessible for 90 days for your workflow and job run.
    */
   getWorkflowRun(params: Glue.Types.GetWorkflowRunRequest, callback?: (err: AWSError, data: Glue.Types.GetWorkflowRunResponse) => void): Request<Glue.Types.GetWorkflowRunResponse, AWSError>;
   /**
-   * Retrieves the metadata for a given workflow run. 
+   * Retrieves the metadata for a given workflow run. Job run history is accessible for 90 days for your workflow and job run.
    */
   getWorkflowRun(callback?: (err: AWSError, data: Glue.Types.GetWorkflowRunResponse) => void): Request<Glue.Types.GetWorkflowRunResponse, AWSError>;
   /**
@@ -1275,6 +1299,14 @@ declare class Glue extends Service {
    * Retrieves the names of all trigger resources in this Amazon Web Services account, or the resources with the specified tag. This operation allows you to see which resources are available in your account, and their names. This operation takes the optional Tags field, which you can use as a filter on the response so that tagged resources can be retrieved as a group. If you choose to use tags filtering, only resources with the tag are retrieved.
    */
   listTriggers(callback?: (err: AWSError, data: Glue.Types.ListTriggersResponse) => void): Request<Glue.Types.ListTriggersResponse, AWSError>;
+  /**
+   * List all the Glue usage profiles.
+   */
+  listUsageProfiles(params: Glue.Types.ListUsageProfilesRequest, callback?: (err: AWSError, data: Glue.Types.ListUsageProfilesResponse) => void): Request<Glue.Types.ListUsageProfilesResponse, AWSError>;
+  /**
+   * List all the Glue usage profiles.
+   */
+  listUsageProfiles(callback?: (err: AWSError, data: Glue.Types.ListUsageProfilesResponse) => void): Request<Glue.Types.ListUsageProfilesResponse, AWSError>;
   /**
    * Lists names of workflows created in the account.
    */
@@ -1699,6 +1731,14 @@ declare class Glue extends Service {
    * Updates a trigger definition.
    */
   updateTrigger(callback?: (err: AWSError, data: Glue.Types.UpdateTriggerResponse) => void): Request<Glue.Types.UpdateTriggerResponse, AWSError>;
+  /**
+   * Update an Glue usage profile.
+   */
+  updateUsageProfile(params: Glue.Types.UpdateUsageProfileRequest, callback?: (err: AWSError, data: Glue.Types.UpdateUsageProfileResponse) => void): Request<Glue.Types.UpdateUsageProfileResponse, AWSError>;
+  /**
+   * Update an Glue usage profile.
+   */
+  updateUsageProfile(callback?: (err: AWSError, data: Glue.Types.UpdateUsageProfileResponse) => void): Request<Glue.Types.UpdateUsageProfileResponse, AWSError>;
   /**
    * Updates an existing function definition in the Data Catalog.
    */
@@ -1780,6 +1820,7 @@ declare namespace Glue {
     AggFunc: AggFunction;
   }
   export type AggregateOperations = AggregateOperation[];
+  export type AllowedValuesStringList = ConfigValueString[];
   export interface AmazonRedshiftAdvancedOption {
     /**
      * The key for the additional connection option.
@@ -3506,6 +3547,26 @@ declare namespace Glue {
     CrawlState?: CrawlState;
   }
   export type ConditionList = Condition[];
+  export type ConfigValueString = string;
+  export type ConfigurationMap = {[key: string]: ConfigurationObject};
+  export interface ConfigurationObject {
+    /**
+     * A default value for the parameter.
+     */
+    DefaultValue?: ConfigValueString;
+    /**
+     * A list of allowed values for the parameter.
+     */
+    AllowedValues?: AllowedValuesStringList;
+    /**
+     * A minimum allowed value for the parameter.
+     */
+    MinValue?: ConfigValueString;
+    /**
+     * A maximum allowed value for the parameter.
+     */
+    MaxValue?: ConfigValueString;
+  }
   export interface ConfusionMatrix {
     /**
      * The number of matches in the data that the transform correctly found, in the confusion matrix for your transform.
@@ -4871,6 +4932,30 @@ declare namespace Glue {
      */
     Name?: NameString;
   }
+  export interface CreateUsageProfileRequest {
+    /**
+     * The name of the usage profile.
+     */
+    Name: NameString;
+    /**
+     * A description of the usage profile.
+     */
+    Description?: DescriptionString;
+    /**
+     * A ProfileConfiguration object specifying the job and session values for the profile.
+     */
+    Configuration: ProfileConfiguration;
+    /**
+     * A list of tags applied to the usage profile.
+     */
+    Tags?: TagsMap;
+  }
+  export interface CreateUsageProfileResponse {
+    /**
+     * The name of the usage profile that was created.
+     */
+    Name?: NameString;
+  }
   export interface CreateUserDefinedFunctionRequest {
     /**
      * The ID of the Data Catalog in which to create the function. If none is provided, the Amazon Web Services account ID is used by default.
@@ -5913,6 +5998,14 @@ declare namespace Glue {
      */
     Name?: NameString;
   }
+  export interface DeleteUsageProfileRequest {
+    /**
+     * The name of the usage profile to delete.
+     */
+    Name: NameString;
+  }
+  export interface DeleteUsageProfileResponse {
+  }
   export interface DeleteUserDefinedFunctionRequest {
     /**
      * The ID of the Data Catalog where the function to be deleted is located. If none is supplied, the Amazon Web Services account ID is used by default.
@@ -8441,6 +8534,34 @@ declare namespace Glue {
      */
     RowFilter?: PredicateString;
   }
+  export interface GetUsageProfileRequest {
+    /**
+     * The name of the usage profile to retrieve.
+     */
+    Name: NameString;
+  }
+  export interface GetUsageProfileResponse {
+    /**
+     * The name of the usage profile.
+     */
+    Name?: NameString;
+    /**
+     * A description of the usage profile.
+     */
+    Description?: DescriptionString;
+    /**
+     * A ProfileConfiguration object specifying the job and session values for the profile.
+     */
+    Configuration?: ProfileConfiguration;
+    /**
+     * The date and time when the usage profile was created.
+     */
+    CreatedOn?: TimestampValue;
+    /**
+     * The date and time when the usage profile was last modified.
+     */
+    LastModifiedOn?: TimestampValue;
+  }
   export interface GetUserDefinedFunctionRequest {
     /**
      * The ID of the Data Catalog where the function to be retrieved is located. If none is provided, the Amazon Web Services account ID is used by default.
@@ -9019,6 +9140,10 @@ declare namespace Glue {
      * This field specifies a day of the week and hour for a maintenance window for streaming jobs. Glue periodically performs maintenance activities. During these maintenance windows, Glue will need to restart your streaming jobs. Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.
      */
     MaintenanceWindow?: MaintenanceWindow;
+    /**
+     * The name of an Glue usage profile associated with the job.
+     */
+    ProfileName?: NameString;
   }
   export interface JobBookmarkEntry {
     /**
@@ -9194,6 +9319,10 @@ declare namespace Glue {
      * This field specifies a day of the week and hour for a maintenance window for streaming jobs. Glue periodically performs maintenance activities. During these maintenance windows, Glue will need to restart your streaming jobs. Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.
      */
     MaintenanceWindow?: MaintenanceWindow;
+    /**
+     * The name of an Glue usage profile associated with the job run.
+     */
+    ProfileName?: NameString;
   }
   export type JobRunList = JobRun[];
   export type JobRunState = "STARTING"|"RUNNING"|"STOPPING"|"STOPPED"|"SUCCEEDED"|"FAILED"|"TIMEOUT"|"ERROR"|"WAITING"|"EXPIRED"|string;
@@ -10096,6 +10225,26 @@ declare namespace Glue {
      */
     NextToken?: GenericString;
   }
+  export interface ListUsageProfilesRequest {
+    /**
+     * A continuation token, included if this is a continuation call.
+     */
+    NextToken?: OrchestrationToken;
+    /**
+     * The maximum number of usage profiles to return in a single response.
+     */
+    MaxResults?: OrchestrationPageSize200;
+  }
+  export interface ListUsageProfilesResponse {
+    /**
+     * A list of usage profile (UsageProfileDefinition) objects.
+     */
+    Profiles?: UsageProfileDefinitionList;
+    /**
+     * A continuation token, present if the current list segment is not the last.
+     */
+    NextToken?: OrchestrationToken;
+  }
   export interface ListWorkflowsRequest {
     /**
      * A continuation token, if this is a continuation request.
@@ -10907,6 +11056,16 @@ declare namespace Glue {
   export type PrincipalPermissionsList = PrincipalPermissions[];
   export type PrincipalType = "USER"|"ROLE"|"GROUP"|string;
   export type Prob = number;
+  export interface ProfileConfiguration {
+    /**
+     * A key-value map of configuration parameters for Glue sessions. 
+     */
+    SessionConfiguration?: ConfigurationMap;
+    /**
+     * A key-value map of configuration parameters for Glue jobs. 
+     */
+    JobConfiguration?: ConfigurationMap;
+  }
   export interface PropertyPredicate {
     /**
      * The key of the property.
@@ -12328,6 +12487,10 @@ declare namespace Glue {
      * The number of minutes when idle before the session times out.
      */
     IdleTimeout?: IdleTimeout;
+    /**
+     * The name of an Glue usage profile associated with the session.
+     */
+    ProfileName?: NameString;
   }
   export interface SessionCommand {
     /**
@@ -14426,6 +14589,26 @@ declare namespace Glue {
      */
     Trigger?: Trigger;
   }
+  export interface UpdateUsageProfileRequest {
+    /**
+     * The name of the usage profile.
+     */
+    Name: NameString;
+    /**
+     * A description of the usage profile.
+     */
+    Description?: DescriptionString;
+    /**
+     * A ProfileConfiguration object specifying the job and session values for the profile.
+     */
+    Configuration: ProfileConfiguration;
+  }
+  export interface UpdateUsageProfileResponse {
+    /**
+     * The name of the usage profile that was updated.
+     */
+    Name?: NameString;
+  }
   export interface UpdateUserDefinedFunctionRequest {
     /**
      * The ID of the Data Catalog where the function to be updated is located. If none is provided, the Amazon Web Services account ID is used by default.
@@ -14500,6 +14683,25 @@ declare namespace Glue {
     UpsertKeys?: EnclosedInStringPropertiesMinOne;
   }
   export type UriString = string;
+  export interface UsageProfileDefinition {
+    /**
+     * The name of the usage profile.
+     */
+    Name?: NameString;
+    /**
+     * A description of the usage profile.
+     */
+    Description?: DescriptionString;
+    /**
+     * The date and time when the usage profile was created.
+     */
+    CreatedOn?: TimestampValue;
+    /**
+     * The date and time when the usage profile was last modified.
+     */
+    LastModifiedOn?: TimestampValue;
+  }
+  export type UsageProfileDefinitionList = UsageProfileDefinition[];
   export interface UserDefinedFunction {
     /**
      * The name of the function.

package/clients/mediaconvert.d.ts

@@ -1158,6 +1158,10 @@ When you do, you must also separately specify a regular, a bold, and an italic f
      * Specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.
      */
     CodecSpecification?: CmafCodecSpecification;
+    /**
+     * Specify whether MediaConvert generates I-frame only video segments for DASH trick play, also known as trick mode. When specified, the I-frame only video segments are included within an additional AdaptationSet in your DASH output manifest. To generate I-frame only video segments: Enter a name as a text string, up to 256 character long. This name is appended to the end of this output group's base filename, that you specify as part of your destination URI, and used for the I-frame only video segment files. You may also include format identifiers. For more information, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/using-variables-in-your-job-settings.html#using-settings-variables-with-streaming-outputs To not generate I-frame only video segments: Leave blank.
+     */
+    DashIFrameTrickPlayNameModifier?: __stringMin1Max256;
     /**
      * Specify how MediaConvert writes SegmentTimeline in your output DASH manifest. To write a SegmentTimeline in each video Representation: Keep the default value, Basic. To write a common SegmentTimeline in the video AdaptationSet: Choose Compact. Note that MediaConvert will still write a SegmentTimeline in any Representation that does not share a common timeline. To write a video AdaptationSet for each different output framerate, and a common SegmentTimeline in each AdaptationSet: Choose Distinct.
      */
@@ -1685,6 +1689,10 @@ When you specify Version 1, you must also set ID3 metadata to Passthrough.
      * A partial URI prefix that will be put in the manifest (.mpd) file at the top level BaseURL element. Can be used if streams are delivered from a different URL than the manifest file.
      */
     BaseUrl?: __string;
+    /**
+     * Specify whether MediaConvert generates I-frame only video segments for DASH trick play, also known as trick mode. When specified, the I-frame only video segments are included within an additional AdaptationSet in your DASH output manifest. To generate I-frame only video segments: Enter a name as a text string, up to 256 character long. This name is appended to the end of this output group's base filename, that you specify as part of your destination URI, and used for the I-frame only video segment files. You may also include format identifiers. For more information, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/using-variables-in-your-job-settings.html#using-settings-variables-with-streaming-outputs To not generate I-frame only video segments: Leave blank.
+     */
+    DashIFrameTrickPlayNameModifier?: __stringMin1Max256;
     /**
      * Specify how MediaConvert writes SegmentTimeline in your output DASH manifest. To write a SegmentTimeline in each video Representation: Keep the default value, Basic. To write a common SegmentTimeline in the video AdaptationSet: Choose Compact. Note that MediaConvert will still write a SegmentTimeline in any Representation that does not share a common timeline. To write a video AdaptationSet for each different output framerate, and a common SegmentTimeline in each AdaptationSet: Choose Distinct.
      */
@@ -3425,11 +3433,11 @@ Within your job settings, all of your DVB-Sub settings must be identical.
     /**
      * Set End timecode to the end of the portion of the input you are clipping. The frame corresponding to the End timecode value is included in the clip. Start timecode or End timecode may be left blank, but not both. Use the format HH:MM:SS:FF or HH:MM:SS;FF, where HH is the hour, MM is the minute, SS is the second, and FF is the frame number. When choosing this value, take into account your setting for timecode source under input settings. For example, if you have embedded timecodes that start at 01:00:00:00 and you want your clip to end six minutes into the video, use 01:06:00:00.
      */
-    EndTimecode?: __stringPattern010920405090509092;
+    EndTimecode?: __stringPattern010920405090509092090909;
     /**
      * Set Start timecode to the beginning of the portion of the input you are clipping. The frame corresponding to the Start timecode value is included in the clip. Start timecode or End timecode may be left blank, but not both. Use the format HH:MM:SS:FF or HH:MM:SS;FF, where HH is the hour, MM is the minute, SS is the second, and FF is the frame number. When choosing this value, take into account your setting for Input timecode source. For example, if you have embedded timecodes that start at 01:00:00:00 and you want your clip to begin five minutes into the video, use 01:05:00:00.
      */
-    StartTimecode?: __stringPattern010920405090509092;
+    StartTimecode?: __stringPattern010920405090509092090909;
   }
   export type InputDeblockFilter = "ENABLED"|"DISABLED"|string;
   export interface InputDecryptionSettings {
@@ -3548,9 +3556,27 @@ Within your job settings, all of your DVB-Sub settings must be identical.
   export type InputTimecodeSource = "EMBEDDED"|"ZEROBASED"|"SPECIFIEDSTART"|string;
   export interface InputVideoGenerator {
     /**
-     * Specify an integer value for Black video duration from 50 to 86400000 to generate a black video input for that many milliseconds. Required when you include Video generator.
+     * Specify the number of audio channels to include in your video generator input. MediaConvert creates these audio channels as silent audio within a single audio track. Enter an integer from 1 to 32.
+     */
+    Channels?: __integerMin1Max32;
+    /**
+     * Specify the duration, in milliseconds, for your video generator input.
+Enter an integer from 50 to 86400000.
      */
     Duration?: __integerMin50Max86400000;
+    /**
+     * Specify the denominator of the fraction that represents the frame rate for your video generator input. When you do, you must also specify a value for Frame rate numerator. MediaConvert uses a default frame rate of 29.97 when you leave Frame rate numerator and Frame rate denominator blank.
+     */
+    FramerateDenominator?: __integerMin1Max1001;
+    /**
+     * Specify the numerator of the fraction that represents the frame rate for your video generator input. When you do, you must also specify a value for Frame rate denominator. MediaConvert uses a default frame rate of 29.97 when you leave Frame rate numerator and Frame rate denominator blank.
+     */
+    FramerateNumerator?: __integerMin1Max60000;
+    /**
+     * Specify the audio sample rate, in Hz, for the silent audio in your video generator input.
+Enter an integer from 32000 to 48000.
+     */
+    SampleRate?: __integerMin32000Max48000;
   }
   export interface InsertableImage {
     /**
@@ -4992,7 +5018,7 @@ When you specify Version 1, you must also set ID3 metadata to Passthrough.
     /**
      * Use Name modifier to have the service add a string to the end of each output filename. You specify the base filename as part of your destination URI. When you create multiple outputs in the same output group, Name modifier is required. Name modifier also accepts format identifiers. For DASH ISO outputs, if you use the format identifiers $Number$ or $Time$ in one output, you must use them in the same way in all outputs of the output group.
      */
-    NameModifier?: __stringMin1;
+    NameModifier?: __stringMin1Max256;
     /**
      * Specific settings for this type of output.
      */
@@ -6643,6 +6669,7 @@ When you specify Version 1, you must also set ID3 metadata to Passthrough.
   export type __stringMin9Max19PatternAZ26EastWestCentralNorthSouthEastWest1912 = string;
   export type __stringPattern = string;
   export type __stringPattern010920405090509092 = string;
+  export type __stringPattern010920405090509092090909 = string;
   export type __stringPattern01D20305D205D = string;
   export type __stringPattern0940191020191209301 = string;
   export type __stringPattern09aFAF809aFAF409aFAF409aFAF409aFAF12 = string;

package/clients/secretsmanager.d.ts

@@ -28,11 +28,11 @@ declare class SecretsManager extends Service {
    */
   cancelRotateSecret(callback?: (err: AWSError, data: SecretsManager.Types.CancelRotateSecretResponse) => void): Request<SecretsManager.Types.CancelRotateSecretResponse, AWSError>;
   /**
-   * Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret. For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.  For information about creating a secret in the console, see Create a secret. To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it. For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret. If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result. If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.  Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.  Required permissions:  secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. For more information, see  IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.  To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key. 
+   * Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret. For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.  For information about creating a secret in the console, see Create a secret. To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it. For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret. If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result. If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.  Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.  Required permissions:  secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. To add replica Regions, you must also have secretsmanager:ReplicateSecretToRegions. For more information, see  IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.  To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key. 
    */
   createSecret(params: SecretsManager.Types.CreateSecretRequest, callback?: (err: AWSError, data: SecretsManager.Types.CreateSecretResponse) => void): Request<SecretsManager.Types.CreateSecretResponse, AWSError>;
   /**
-   * Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret. For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.  For information about creating a secret in the console, see Create a secret. To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it. For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret. If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result. If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.  Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.  Required permissions:  secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. For more information, see  IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.  To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key. 
+   * Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret. For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.  For information about creating a secret in the console, see Create a secret. To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it. For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret. If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result. If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.  Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.  Required permissions:  secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. To add replica Regions, you must also have secretsmanager:ReplicateSecretToRegions. For more information, see  IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.  To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key. 
    */
   createSecret(callback?: (err: AWSError, data: SecretsManager.Types.CreateSecretResponse) => void): Request<SecretsManager.Types.CreateSecretResponse, AWSError>;
   /**

package/dist/aws-sdk-core-react-native.js

@@ -83,7 +83,7 @@ return /******/ (function(modules) { // webpackBootstrap
 	  /**
 	   * @constant
 	   */
-	  VERSION: '2.1642.0',
+	  VERSION: '2.1643.0',
 
 	  /**
 	   * @api private