aws-sdk 2.1663.0 → 2.1665.0

package/clients/elbv2.d.ts

@@ -100,6 +100,14 @@ declare class ELBv2 extends Service {
    * Deletes the specified rule. You can't delete the default rule.
    */
   deleteRule(callback?: (err: AWSError, data: ELBv2.Types.DeleteRuleOutput) => void): Request<ELBv2.Types.DeleteRuleOutput, AWSError>;
+  /**
+   * Deletes a shared trust store association.
+   */
+  deleteSharedTrustStoreAssociation(params: ELBv2.Types.DeleteSharedTrustStoreAssociationInput, callback?: (err: AWSError, data: ELBv2.Types.DeleteSharedTrustStoreAssociationOutput) => void): Request<ELBv2.Types.DeleteSharedTrustStoreAssociationOutput, AWSError>;
+  /**
+   * Deletes a shared trust store association.
+   */
+  deleteSharedTrustStoreAssociation(callback?: (err: AWSError, data: ELBv2.Types.DeleteSharedTrustStoreAssociationOutput) => void): Request<ELBv2.Types.DeleteSharedTrustStoreAssociationOutput, AWSError>;
   /**
    * Deletes the specified target group. You can delete a target group if it is not referenced by any actions. Deleting a target group also deletes any associated health checks. Deleting a target group does not affect its registered targets. For example, any EC2 instances continue to run until you stop or terminate them.
    */
@@ -221,21 +229,29 @@ declare class ELBv2 extends Service {
    */
   describeTrustStoreAssociations(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreAssociationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreAssociationsOutput, AWSError>;
   /**
-   * Describes the revocation files in use by the specified trust store arn, or revocation ID.
+   * Describes the revocation files in use by the specified trust store or revocation files.
    */
   describeTrustStoreRevocations(params: ELBv2.Types.DescribeTrustStoreRevocationsInput, callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreRevocationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreRevocationsOutput, AWSError>;
   /**
-   * Describes the revocation files in use by the specified trust store arn, or revocation ID.
+   * Describes the revocation files in use by the specified trust store or revocation files.
    */
   describeTrustStoreRevocations(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreRevocationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreRevocationsOutput, AWSError>;
   /**
-   * Describes all trust stores for a given account by trust store arn’s or name.
+   * Describes all trust stores for the specified account.
    */
   describeTrustStores(params: ELBv2.Types.DescribeTrustStoresInput, callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoresOutput) => void): Request<ELBv2.Types.DescribeTrustStoresOutput, AWSError>;
   /**
-   * Describes all trust stores for a given account by trust store arn’s or name.
+   * Describes all trust stores for the specified account.
    */
   describeTrustStores(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoresOutput) => void): Request<ELBv2.Types.DescribeTrustStoresOutput, AWSError>;
+  /**
+   * Retrieves the resource policy for a specified resource.
+   */
+  getResourcePolicy(params: ELBv2.Types.GetResourcePolicyInput, callback?: (err: AWSError, data: ELBv2.Types.GetResourcePolicyOutput) => void): Request<ELBv2.Types.GetResourcePolicyOutput, AWSError>;
+  /**
+   * Retrieves the resource policy for a specified resource.
+   */
+  getResourcePolicy(callback?: (err: AWSError, data: ELBv2.Types.GetResourcePolicyOutput) => void): Request<ELBv2.Types.GetResourcePolicyOutput, AWSError>;
   /**
    * Retrieves the ca certificate bundle. This action returns a pre-signed S3 URI which is active for ten minutes.
    */
@@ -293,11 +309,11 @@ declare class ELBv2 extends Service {
    */
   modifyTargetGroupAttributes(callback?: (err: AWSError, data: ELBv2.Types.ModifyTargetGroupAttributesOutput) => void): Request<ELBv2.Types.ModifyTargetGroupAttributesOutput, AWSError>;
   /**
-   * Update the ca certificate bundle for a given trust store.
+   * Update the ca certificate bundle for the specified trust store.
    */
   modifyTrustStore(params: ELBv2.Types.ModifyTrustStoreInput, callback?: (err: AWSError, data: ELBv2.Types.ModifyTrustStoreOutput) => void): Request<ELBv2.Types.ModifyTrustStoreOutput, AWSError>;
   /**
-   * Update the ca certificate bundle for a given trust store.
+   * Update the ca certificate bundle for the specified trust store.
    */
   modifyTrustStore(callback?: (err: AWSError, data: ELBv2.Types.ModifyTrustStoreOutput) => void): Request<ELBv2.Types.ModifyTrustStoreOutput, AWSError>;
   /**
@@ -903,6 +919,18 @@ declare namespace ELBv2 {
   }
   export interface DeleteRuleOutput {
   }
+  export interface DeleteSharedTrustStoreAssociationInput {
+    /**
+     * The Amazon Resource Name (ARN) of the trust store.
+     */
+    TrustStoreArn: TrustStoreArn;
+    /**
+     * The Amazon Resource Name (ARN) of the resource.
+     */
+    ResourceArn: ResourceArn;
+  }
+  export interface DeleteSharedTrustStoreAssociationOutput {
+  }
   export interface DeleteTargetGroupInput {
     /**
      * The Amazon Resource Name (ARN) of the target group.
@@ -1165,7 +1193,7 @@ declare namespace ELBv2 {
      */
     Targets?: TargetDescriptions;
     /**
-     * Used to inclue anomaly detection information.
+     * Used to include anomaly detection information.
      */
     Include?: ListOfDescribeTargetHealthIncludeOptions;
   }
@@ -1305,6 +1333,18 @@ declare namespace ELBv2 {
      */
     TargetGroupStickinessConfig?: TargetGroupStickinessConfig;
   }
+  export interface GetResourcePolicyInput {
+    /**
+     * The Amazon Resource Name (ARN) of the resource.
+     */
+    ResourceArn: ResourceArn;
+  }
+  export interface GetResourcePolicyOutput {
+    /**
+     * The content of the resource policy.
+     */
+    Policy?: Policy;
+  }
   export interface GetTrustStoreCaCertificatesBundleInput {
     /**
      * The Amazon Resource Name (ARN) of the trust store.
@@ -1722,6 +1762,10 @@ declare namespace ELBv2 {
      * Indicates whether expired client certificates are ignored.
      */
     IgnoreClientCertificateExpiry?: IgnoreClientCertificateExpiry;
+    /**
+     * Indicates a shared trust stores association status.
+     */
+    TrustStoreAssociationStatus?: TrustStoreAssociationStatusEnum;
   }
   export type Name = string;
   export type NumberOfCaCertificates = number;
@@ -1735,6 +1779,7 @@ declare namespace ELBv2 {
      */
     Values?: ListOfString;
   }
+  export type Policy = string;
   export type Port = number;
   export type PrivateIPv4Address = string;
   export type ProtocolEnum = "HTTP"|"HTTPS"|"TCP"|"TLS"|"UDP"|"TCP_UDP"|"GENEVE"|string;
@@ -1943,7 +1988,7 @@ declare namespace ELBv2 {
      */
     LoadBalancerArn: LoadBalancerArn;
     /**
-     * Note: Internal load balancers must use the ipv4 IP address type. [Application Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses), dualstack (for IPv4 and IPv6 addresses), and dualstack-without-public-ipv4 (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). [Network Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
+     * Note: Internal load balancers must use the ipv4 IP address type. [Application Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses), dualstack (for IPv4 and IPv6 addresses), and dualstack-without-public-ipv4 (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
      */
     IpAddressType: IpAddressType;
   }
@@ -2296,6 +2341,7 @@ declare namespace ELBv2 {
     ResourceArn?: TrustStoreAssociationResourceArn;
   }
   export type TrustStoreAssociationResourceArn = string;
+  export type TrustStoreAssociationStatusEnum = "active"|"removed"|string;
   export type TrustStoreAssociations = TrustStoreAssociation[];
   export type TrustStoreName = string;
   export type TrustStoreNames = TrustStoreName[];

package/clients/lexmodelsv2.d.ts

@@ -108,11 +108,11 @@ declare class LexModelsV2 extends Service {
    */
   createResourcePolicy(callback?: (err: AWSError, data: LexModelsV2.Types.CreateResourcePolicyResponse) => void): Request<LexModelsV2.Types.CreateResourcePolicyResponse, AWSError>;
   /**
-   * Adds a new resource policy statement to a bot or bot alias. If a resource policy exists, the statement is added to the current resource policy. If a policy doesn't exist, a new policy is created. You can't create a resource policy statement that allows cross-account access.
+   * Adds a new resource policy statement to a bot or bot alias. If a resource policy exists, the statement is added to the current resource policy. If a policy doesn't exist, a new policy is created. You can't create a resource policy statement that allows cross-account access. You need to add the CreateResourcePolicy or UpdateResourcePolicy action to the bot role in order to call the API.
    */
   createResourcePolicyStatement(params: LexModelsV2.Types.CreateResourcePolicyStatementRequest, callback?: (err: AWSError, data: LexModelsV2.Types.CreateResourcePolicyStatementResponse) => void): Request<LexModelsV2.Types.CreateResourcePolicyStatementResponse, AWSError>;
   /**
-   * Adds a new resource policy statement to a bot or bot alias. If a resource policy exists, the statement is added to the current resource policy. If a policy doesn't exist, a new policy is created. You can't create a resource policy statement that allows cross-account access.
+   * Adds a new resource policy statement to a bot or bot alias. If a resource policy exists, the statement is added to the current resource policy. If a policy doesn't exist, a new policy is created. You can't create a resource policy statement that allows cross-account access. You need to add the CreateResourcePolicy or UpdateResourcePolicy action to the bot role in order to call the API.
    */
   createResourcePolicyStatement(callback?: (err: AWSError, data: LexModelsV2.Types.CreateResourcePolicyStatementResponse) => void): Request<LexModelsV2.Types.CreateResourcePolicyStatementResponse, AWSError>;
   /**
@@ -228,11 +228,11 @@ declare class LexModelsV2 extends Service {
    */
   deleteResourcePolicy(callback?: (err: AWSError, data: LexModelsV2.Types.DeleteResourcePolicyResponse) => void): Request<LexModelsV2.Types.DeleteResourcePolicyResponse, AWSError>;
   /**
-   * Deletes a policy statement from a resource policy. If you delete the last statement from a policy, the policy is deleted. If you specify a statement ID that doesn't exist in the policy, or if the bot or bot alias doesn't have a policy attached, Amazon Lex returns an exception.
+   * Deletes a policy statement from a resource policy. If you delete the last statement from a policy, the policy is deleted. If you specify a statement ID that doesn't exist in the policy, or if the bot or bot alias doesn't have a policy attached, Amazon Lex returns an exception. You need to add the DeleteResourcePolicy or UpdateResourcePolicy action to the bot role in order to call the API.
    */
   deleteResourcePolicyStatement(params: LexModelsV2.Types.DeleteResourcePolicyStatementRequest, callback?: (err: AWSError, data: LexModelsV2.Types.DeleteResourcePolicyStatementResponse) => void): Request<LexModelsV2.Types.DeleteResourcePolicyStatementResponse, AWSError>;
   /**
-   * Deletes a policy statement from a resource policy. If you delete the last statement from a policy, the policy is deleted. If you specify a statement ID that doesn't exist in the policy, or if the bot or bot alias doesn't have a policy attached, Amazon Lex returns an exception.
+   * Deletes a policy statement from a resource policy. If you delete the last statement from a policy, the policy is deleted. If you specify a statement ID that doesn't exist in the policy, or if the bot or bot alias doesn't have a policy attached, Amazon Lex returns an exception. You need to add the DeleteResourcePolicy or UpdateResourcePolicy action to the bot role in order to call the API.
    */
   deleteResourcePolicyStatement(callback?: (err: AWSError, data: LexModelsV2.Types.DeleteResourcePolicyStatementResponse) => void): Request<LexModelsV2.Types.DeleteResourcePolicyStatementResponse, AWSError>;
   /**
@@ -1549,20 +1549,60 @@ declare namespace LexModelsV2 {
      */
     resources?: CustomVocabularyItems;
   }
+  export interface BedrockGuardrailConfiguration {
+    /**
+     * The unique guardrail id for the Bedrock guardrail configuration.
+     */
+    identifier: BedrockGuardrailIdentifier;
+    /**
+     * The guardrail version for the Bedrock guardrail configuration.
+     */
+    version: BedrockGuardrailVersion;
+  }
+  export type BedrockGuardrailIdentifier = string;
+  export type BedrockGuardrailVersion = string;
   export type BedrockKnowledgeBaseArn = string;
   export interface BedrockKnowledgeStoreConfiguration {
     /**
-     * The ARN of the knowledge base used.
+     * The base ARN of the knowledge base used.
      */
     bedrockKnowledgeBaseArn: BedrockKnowledgeBaseArn;
+    /**
+     * Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.
+     */
+    exactResponse?: Boolean;
+    /**
+     * Contains the names of the fields used for an exact response to the user.
+     */
+    exactResponseFields?: BedrockKnowledgeStoreExactResponseFields;
+  }
+  export interface BedrockKnowledgeStoreExactResponseFields {
+    /**
+     * The answer field used for an exact response from Bedrock Knowledge Store.
+     */
+    answerField?: AnswerField;
   }
   export type BedrockModelArn = string;
+  export type BedrockModelCustomPrompt = string;
   export interface BedrockModelSpecification {
     /**
      * The ARN of the foundation model used in descriptive bot building.
      */
     modelArn: BedrockModelArn;
+    /**
+     * The guardrail configuration in the Bedrock model specification details.
+     */
+    guardrail?: BedrockGuardrailConfiguration;
+    /**
+     * The Bedrock trace status in the Bedrock model specification details.
+     */
+    traceStatus?: BedrockTraceStatus;
+    /**
+     * The custom prompt used in the Bedrock model specification details.
+     */
+    customPrompt?: BedrockModelCustomPrompt;
   }
+  export type BedrockTraceStatus = "ENABLED"|"DISABLED"|string;
   export type Boolean = boolean;
   export interface BotAliasHistoryEvent {
     /**

package/clients/memorydb.d.ts

@@ -140,11 +140,11 @@ declare class MemoryDB extends Service {
    */
   describeClusters(callback?: (err: AWSError, data: MemoryDB.Types.DescribeClustersResponse) => void): Request<MemoryDB.Types.DescribeClustersResponse, AWSError>;
   /**
-   * Returns a list of the available Redis engine versions.
+   * Returns a list of the available Redis OSS engine versions.
    */
   describeEngineVersions(params: MemoryDB.Types.DescribeEngineVersionsRequest, callback?: (err: AWSError, data: MemoryDB.Types.DescribeEngineVersionsResponse) => void): Request<MemoryDB.Types.DescribeEngineVersionsResponse, AWSError>;
   /**
-   * Returns a list of the available Redis engine versions.
+   * Returns a list of the available Redis OSS engine versions.
    */
   describeEngineVersions(callback?: (err: AWSError, data: MemoryDB.Types.DescribeEngineVersionsResponse) => void): Request<MemoryDB.Types.DescribeEngineVersionsResponse, AWSError>;
   /**
@@ -456,11 +456,11 @@ declare namespace MemoryDB {
      */
     NodeType?: String;
     /**
-     * The Redis engine version used by the cluster
+     * The Redis OSS engine version used by the cluster
      */
     EngineVersion?: String;
     /**
-     * The Redis engine patch version used by the cluster
+     * The Redis OSS engine patch version used by the cluster
      */
     EnginePatchVersion?: String;
     /**
@@ -538,7 +538,7 @@ declare namespace MemoryDB {
      */
     NodeType?: String;
     /**
-     * The Redis engine version used by the cluster
+     * The Redis OSS engine version used by the cluster
      */
     EngineVersion?: String;
     /**
@@ -724,7 +724,7 @@ declare namespace MemoryDB {
      */
     ACLName: ACLName;
     /**
-     * The version number of the Redis engine to be used for the cluster.
+     * The version number of the Redis OSS engine to be used for the cluster.
      */
     EngineVersion?: String;
     /**
@@ -969,7 +969,7 @@ declare namespace MemoryDB {
   }
   export interface DescribeEngineVersionsRequest {
     /**
-     * The Redis engine version
+     * The Redis OSS engine version
      */
     EngineVersion?: String;
     /**

package/clients/networkfirewall.d.ts

@@ -52,11 +52,11 @@ declare class NetworkFirewall extends Service {
    */
   createRuleGroup(callback?: (err: AWSError, data: NetworkFirewall.Types.CreateRuleGroupResponse) => void): Request<NetworkFirewall.Types.CreateRuleGroupResponse, AWSError>;
   /**
-   * Creates an Network Firewall TLS inspection configuration. A TLS inspection configuration contains Certificate Manager certificate associations between and the scope configurations that Network Firewall uses to decrypt and re-encrypt traffic traveling through your firewall. After you create a TLS inspection configuration, you can associate it with a new firewall policy. To update the settings for a TLS inspection configuration, use UpdateTLSInspectionConfiguration. To manage a TLS inspection configuration's tags, use the standard Amazon Web Services resource tagging operations, ListTagsForResource, TagResource, and UntagResource. To retrieve information about TLS inspection configurations, use ListTLSInspectionConfigurations and DescribeTLSInspectionConfiguration.  For more information about TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide. 
+   * Creates an Network Firewall TLS inspection configuration. Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using ACM, create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. To update the settings for a TLS inspection configuration, use UpdateTLSInspectionConfiguration. To manage a TLS inspection configuration's tags, use the standard Amazon Web Services resource tagging operations, ListTagsForResource, TagResource, and UntagResource. To retrieve information about TLS inspection configurations, use ListTLSInspectionConfigurations and DescribeTLSInspectionConfiguration.  For more information about TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide. 
    */
   createTLSInspectionConfiguration(params: NetworkFirewall.Types.CreateTLSInspectionConfigurationRequest, callback?: (err: AWSError, data: NetworkFirewall.Types.CreateTLSInspectionConfigurationResponse) => void): Request<NetworkFirewall.Types.CreateTLSInspectionConfigurationResponse, AWSError>;
   /**
-   * Creates an Network Firewall TLS inspection configuration. A TLS inspection configuration contains Certificate Manager certificate associations between and the scope configurations that Network Firewall uses to decrypt and re-encrypt traffic traveling through your firewall. After you create a TLS inspection configuration, you can associate it with a new firewall policy. To update the settings for a TLS inspection configuration, use UpdateTLSInspectionConfiguration. To manage a TLS inspection configuration's tags, use the standard Amazon Web Services resource tagging operations, ListTagsForResource, TagResource, and UntagResource. To retrieve information about TLS inspection configurations, use ListTLSInspectionConfigurations and DescribeTLSInspectionConfiguration.  For more information about TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide. 
+   * Creates an Network Firewall TLS inspection configuration. Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using ACM, create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. To update the settings for a TLS inspection configuration, use UpdateTLSInspectionConfiguration. To manage a TLS inspection configuration's tags, use the standard Amazon Web Services resource tagging operations, ListTagsForResource, TagResource, and UntagResource. To retrieve information about TLS inspection configurations, use ListTLSInspectionConfigurations and DescribeTLSInspectionConfiguration.  For more information about TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide. 
    */
   createTLSInspectionConfiguration(callback?: (err: AWSError, data: NetworkFirewall.Types.CreateTLSInspectionConfigurationResponse) => void): Request<NetworkFirewall.Types.CreateTLSInspectionConfigurationResponse, AWSError>;
   /**
@@ -1305,22 +1305,22 @@ declare namespace NetworkFirewall {
   }
   export interface LogDestinationConfig {
     /**
-     * The type of log to send. Alert logs report traffic that matches a StatefulRule with an action setting that sends an alert log message. Flow logs are standard network traffic flow logs. 
+     * The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.    ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see StatefulRule.    FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.    TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide.  
      */
     LogType: LogType;
     /**
-     * The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data Firehose delivery stream.
+     * The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.
      */
     LogDestinationType: LogDestinationType;
     /**
-     * The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.    For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide a prefix, with key prefix. The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix alerts:   "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }    For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The following example specifies a log group named alert-log-group:   "LogDestination": { "logGroup": "alert-log-group" }    For a Kinesis Data Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream. The following example specifies a delivery stream named alert-delivery-stream:   "LogDestination": { "deliveryStream": "alert-delivery-stream" }   
+     * The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.    For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide a prefix, with key prefix.  The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix alerts:   "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }    For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The following example specifies a log group named alert-log-group:   "LogDestination": { "logGroup": "alert-log-group" }    For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream. The following example specifies a delivery stream named alert-delivery-stream:   "LogDestination": { "deliveryStream": "alert-delivery-stream" }   
      */
     LogDestination: LogDestinationMap;
   }
   export type LogDestinationConfigs = LogDestinationConfig[];
   export type LogDestinationMap = {[key: string]: HashMapValue};
   export type LogDestinationType = "S3"|"CloudWatchLogs"|"KinesisDataFirehose"|string;
-  export type LogType = "ALERT"|"FLOW"|string;
+  export type LogType = "ALERT"|"FLOW"|"TLS"|string;
   export interface LoggingConfiguration {
     /**
      * Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups. 
@@ -1666,7 +1666,7 @@ declare namespace NetworkFirewall {
   }
   export interface StatefulRule {
     /**
-     * Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.  The actions for a stateful rule are defined as follows:     PASS - Permits the packets to go to the intended destination.    DROP - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the Firewall LoggingConfiguration.     ALERT - Sends an alert log message, if alert logging is configured in the Firewall LoggingConfiguration.  You can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with ALERT action, verify in the logs that the rule is filtering as you want, then change the action to DROP.  
+     * Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.  The actions for a stateful rule are defined as follows:     PASS - Permits the packets to go to the intended destination.    DROP - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the Firewall LoggingConfiguration.     ALERT - Sends an alert log message, if alert logging is configured in the Firewall LoggingConfiguration.  You can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with ALERT action, verify in the logs that the rule is filtering as you want, then change the action to DROP.    REJECT - Drops traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and an RST bit contained in the TCP header flags. REJECT is available only for TCP traffic. This option doesn't support FTP or IMAP protocols.  
      */
     Action: StatefulAction;
     /**

package/clients/outposts.d.ts

@@ -790,6 +790,10 @@ declare namespace Outposts {
   export type InstanceTypeCount = number;
   export interface InstanceTypeItem {
     InstanceType?: InstanceType;
+    /**
+     * The number of default VCPUs in an instance type.
+     */
+    VCPUs?: VCPUCount;
   }
   export type InstanceTypeListDefinition = InstanceTypeItem[];
   export type InstanceTypeName = string;
@@ -1424,6 +1428,7 @@ declare namespace Outposts {
   }
   export type UplinkCount = "UPLINK_COUNT_1"|"UPLINK_COUNT_2"|"UPLINK_COUNT_3"|"UPLINK_COUNT_4"|"UPLINK_COUNT_5"|"UPLINK_COUNT_6"|"UPLINK_COUNT_7"|"UPLINK_COUNT_8"|"UPLINK_COUNT_12"|"UPLINK_COUNT_16"|string;
   export type UplinkGbps = "UPLINK_1G"|"UPLINK_10G"|"UPLINK_40G"|"UPLINK_100G"|string;
+  export type VCPUCount = number;
   export type WireGuardPublicKey = string;
   export type outpostListDefinition = Outpost[];
   export type siteListDefinition = Site[];

package/clients/rolesanywhere.d.ts

@@ -269,6 +269,10 @@ declare namespace RolesAnywhere {
   export type Boolean = boolean;
   export type CertificateField = "x509Subject"|"x509Issuer"|"x509SAN"|string;
   export interface CreateProfileRequest {
+    /**
+     * Used to determine if a custom role session name will be accepted in a temporary credential request.
+     */
+    acceptRoleSessionName?: Boolean;
     /**
      *  Used to determine how long sessions vended using this profile are valid for. See the Expiration section of the CreateSession API documentation page for more details. In requests, if this value is not provided, the default value will be 3600. 
      */
@@ -588,6 +592,10 @@ declare namespace RolesAnywhere {
   export type NotificationSettings = NotificationSetting[];
   export type ProfileArn = string;
   export interface ProfileDetail {
+    /**
+     * Used to determine if a custom role session name will be accepted in a temporary credential request.
+     */
+    acceptRoleSessionName?: Boolean;
     /**
      * A mapping applied to the authenticating end-entity certificate.
      */
@@ -917,6 +925,10 @@ declare namespace RolesAnywhere {
   }
   export type UpdateCrlRequestCrlDataBlob = Buffer|Uint8Array|Blob|string;
   export interface UpdateProfileRequest {
+    /**
+     * Used to determine if a custom role session name will be accepted in a temporary credential request.
+     */
+    acceptRoleSessionName?: Boolean;
     /**
      *  Used to determine how long sessions vended using this profile are valid for. See the Expiration section of the CreateSession API documentation page for more details. In requests, if this value is not provided, the default value will be 3600. 
      */