cdk-docker-image-deployment 0.0.150 → 0.0.152

package/node_modules/aws-sdk/clients/groundstation.d.ts

@@ -100,6 +100,14 @@ declare class GroundStation extends Service {
    * Describes an existing ephemeris.
    */
   describeEphemeris(callback?: (err: AWSError, data: GroundStation.Types.DescribeEphemerisResponse) => void): Request<GroundStation.Types.DescribeEphemerisResponse, AWSError>;
+  /**
+   * Gets the latest configuration information for a registered agent.
+   */
+  getAgentConfiguration(params: GroundStation.Types.GetAgentConfigurationRequest, callback?: (err: AWSError, data: GroundStation.Types.GetAgentConfigurationResponse) => void): Request<GroundStation.Types.GetAgentConfigurationResponse, AWSError>;
+  /**
+   * Gets the latest configuration information for a registered agent.
+   */
+  getAgentConfiguration(callback?: (err: AWSError, data: GroundStation.Types.GetAgentConfigurationResponse) => void): Request<GroundStation.Types.GetAgentConfigurationResponse, AWSError>;
   /**
    * Returns Config information. Only one Config response can be returned.
    */
@@ -204,6 +212,14 @@ declare class GroundStation extends Service {
    * Returns a list of tags for a specified resource.
    */
   listTagsForResource(callback?: (err: AWSError, data: GroundStation.Types.ListTagsForResourceResponse) => void): Request<GroundStation.Types.ListTagsForResourceResponse, AWSError>;
+  /**
+   * Registers a new agent with AWS Groundstation.
+   */
+  registerAgent(params: GroundStation.Types.RegisterAgentRequest, callback?: (err: AWSError, data: GroundStation.Types.RegisterAgentResponse) => void): Request<GroundStation.Types.RegisterAgentResponse, AWSError>;
+  /**
+   * Registers a new agent with AWS Groundstation.
+   */
+  registerAgent(callback?: (err: AWSError, data: GroundStation.Types.RegisterAgentResponse) => void): Request<GroundStation.Types.RegisterAgentResponse, AWSError>;
   /**
    * Reserves a contact using specified parameters.
    */
@@ -228,6 +244,14 @@ declare class GroundStation extends Service {
    * Deassigns a resource tag.
    */
   untagResource(callback?: (err: AWSError, data: GroundStation.Types.UntagResourceResponse) => void): Request<GroundStation.Types.UntagResourceResponse, AWSError>;
+  /**
+   * Update the status of the agent.
+   */
+  updateAgentStatus(params: GroundStation.Types.UpdateAgentStatusRequest, callback?: (err: AWSError, data: GroundStation.Types.UpdateAgentStatusResponse) => void): Request<GroundStation.Types.UpdateAgentStatusResponse, AWSError>;
+  /**
+   * Update the status of the agent.
+   */
+  updateAgentStatus(callback?: (err: AWSError, data: GroundStation.Types.UpdateAgentStatusResponse) => void): Request<GroundStation.Types.UpdateAgentStatusResponse, AWSError>;
   /**
    * Updates the Config used when scheduling contacts. Updating a Config will not update the execution parameters for existing future contacts scheduled with this Config.
    */
@@ -263,6 +287,39 @@ declare class GroundStation extends Service {
 }
 declare namespace GroundStation {
   export type AWSRegion = string;
+  export interface AgentDetails {
+    /**
+     * Current agent version.
+     */
+    agentVersion: VersionString;
+    /**
+     * List of versions being used by agent components.
+     */
+    componentVersions: ComponentVersionList;
+    /**
+     * ID of EC2 instance agent is running on.
+     */
+    instanceId: InstanceId;
+    /**
+     * Type of EC2 instance agent is running on.
+     */
+    instanceType: InstanceType;
+    /**
+     * Number of Cpu cores reserved for agent.
+     */
+    reservedCpuCores: ReservedCpuCoresList;
+  }
+  export type AgentStatus = "SUCCESS"|"FAILED"|"ACTIVE"|"INACTIVE"|string;
+  export interface AggregateStatus {
+    /**
+     * Sparse map of failure signatures.
+     */
+    signatureMap?: SignatureMap;
+    /**
+     * Aggregate status.
+     */
+    status: AgentStatus;
+  }
   export type AngleUnits = "DEGREE_ANGLE"|"RADIAN"|string;
   export interface AntennaDemodDecodeDetails {
     /**
@@ -305,6 +362,29 @@ declare namespace GroundStation {
     transmitDisabled?: Boolean;
   }
   export type AnyArn = string;
+  export type AuditResults = "HEALTHY"|"UNHEALTHY"|string;
+  export interface AwsGroundStationAgentEndpoint {
+    /**
+     * The status of AgentEndpoint.
+     */
+    agentStatus?: AgentStatus;
+    /**
+     * The results of the audit.
+     */
+    auditResults?: AuditResults;
+    /**
+     * The egress address of AgentEndpoint.
+     */
+    egressAddress: ConnectionDetails;
+    /**
+     * The ingress address of AgentEndpoint.
+     */
+    ingressAddress: RangedConnectionDetails;
+    /**
+     * Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.
+     */
+    name: SafeName;
+  }
   export type BandwidthUnits = "GHz"|"MHz"|"kHz"|string;
   export type Boolean = boolean;
   export type BucketArn = string;
@@ -314,6 +394,51 @@ declare namespace GroundStation {
      */
     contactId: Uuid;
   }
+  export type CapabilityArn = string;
+  export type CapabilityArnList = CapabilityArn[];
+  export interface ComponentStatusData {
+    /**
+     * Bytes received by the component.
+     */
+    bytesReceived?: Long;
+    /**
+     * Bytes sent by the component.
+     */
+    bytesSent?: Long;
+    /**
+     * Capability ARN of the component.
+     */
+    capabilityArn: CapabilityArn;
+    /**
+     * The Component type.
+     */
+    componentType: ComponentType;
+    /**
+     * Dataflow UUID associated with the component.
+     */
+    dataflowId: Uuid;
+    /**
+     * Packets dropped by component.
+     */
+    packetsDropped?: Long;
+    /**
+     * Component status.
+     */
+    status: AgentStatus;
+  }
+  export type ComponentStatusList = ComponentStatusData[];
+  export type ComponentType = "LAMINAR_FLOW"|"PRISM"|"DIGITIZER"|string;
+  export interface ComponentVersion {
+    /**
+     * Component type.
+     */
+    componentType: ComponentType;
+    /**
+     * List of versions.
+     */
+    versions: VersionStringList;
+  }
+  export type ComponentVersionList = ComponentVersion[];
   export type ConfigArn = string;
   export type ConfigCapabilityType = "antenna-downlink"|"antenna-downlink-demod-decode"|"antenna-uplink"|"dataflow-endpoint"|"tracking"|"uplink-echo"|"s3-recording"|string;
   export interface ConfigDetails {
@@ -390,6 +515,16 @@ declare namespace GroundStation {
      */
     uplinkEchoConfig?: UplinkEchoConfig;
   }
+  export interface ConnectionDetails {
+    /**
+     * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.
+     */
+    mtu?: Integer;
+    /**
+     * A socket address.
+     */
+    socketAddress: SocketAddress;
+  }
   export interface ContactData {
     /**
      * UUID of a contact.
@@ -539,6 +674,14 @@ declare namespace GroundStation {
      * Name of a mission profile.
      */
     name: SafeName;
+    /**
+     * KMS key to use for encrypting streams.
+     */
+    streamsKmsKey?: KmsKey;
+    /**
+     * Role to use for encrypting streams with KMS key.
+     */
+    streamsKmsRole?: RoleArn;
     /**
      * Tags assigned to a mission profile.
      */
@@ -779,6 +922,20 @@ declare namespace GroundStation {
      */
     dataflowDestinationRegion?: String;
   }
+  export interface DiscoveryData {
+    /**
+     * List of capabilities to associate with agent.
+     */
+    capabilityArns: CapabilityArnList;
+    /**
+     * List of private IP addresses to associate with agent.
+     */
+    privateIpAddresses: IpAddressList;
+    /**
+     * List of public IP addresses to associate with agent.
+     */
+    publicIpAddresses: IpAddressList;
+  }
   export type Double = number;
   export type DurationInSeconds = number;
   export interface Eirp {
@@ -803,6 +960,10 @@ declare namespace GroundStation {
     value: Double;
   }
   export interface EndpointDetails {
+    /**
+     * An agent endpoint.
+     */
+    awsGroundStationAgentEndpoint?: AwsGroundStationAgentEndpoint;
     /**
      * A dataflow endpoint.
      */
@@ -913,6 +1074,22 @@ declare namespace GroundStation {
     value: Double;
   }
   export type FrequencyUnits = "GHz"|"MHz"|"kHz"|string;
+  export interface GetAgentConfigurationRequest {
+    /**
+     * UUID of agent to get configuration information for.
+     */
+    agentId: Uuid;
+  }
+  export interface GetAgentConfigurationResponse {
+    /**
+     * UUID of agent.
+     */
+    agentId?: Uuid;
+    /**
+     * Tasking document for agent.
+     */
+    taskingDocument?: String;
+  }
   export interface GetConfigRequest {
     /**
      * UUID of a Config.
@@ -1052,6 +1229,14 @@ declare namespace GroundStation {
      * Region of a mission profile.
      */
     region?: AWSRegion;
+    /**
+     * KMS key to use for encrypting streams.
+     */
+    streamsKmsKey?: KmsKey;
+    /**
+     * Role to use for encrypting streams with KMS key.
+     */
+    streamsKmsRole?: RoleArn;
     /**
      * Tags assigned to a mission profile.
      */
@@ -1106,9 +1291,34 @@ declare namespace GroundStation {
   export type GroundStationIdList = GroundStationName[];
   export type GroundStationList = GroundStationData[];
   export type GroundStationName = string;
+  export type InstanceId = string;
+  export type InstanceType = string;
   export type Integer = number;
+  export interface IntegerRange {
+    /**
+     * A maximum value.
+     */
+    maximum: Integer;
+    /**
+     * A minimum value.
+     */
+    minimum: Integer;
+  }
+  export type IpAddressList = IpV4Address[];
+  export type IpV4Address = string;
   export type JsonString = string;
+  export type KeyAliasArn = string;
   export type KeyArn = string;
+  export interface KmsKey {
+    /**
+     * KMS Alias Arn.
+     */
+    kmsAliasArn?: KeyAliasArn;
+    /**
+     * KMS Key Arn.
+     */
+    kmsKeyArn?: KeyArn;
+  }
   export interface ListConfigsRequest {
     /**
      * Maximum number of Configs returned.
@@ -1305,6 +1515,7 @@ declare namespace GroundStation {
      */
     tags?: TagsMap;
   }
+  export type Long = number;
   export type MissionProfileArn = string;
   export interface MissionProfileIdResponse {
     /**
@@ -1346,6 +1557,43 @@ declare namespace GroundStation {
   export type PaginationToken = string;
   export type Polarization = "LEFT_HAND"|"NONE"|"RIGHT_HAND"|string;
   export type PositiveDurationInSeconds = number;
+  export interface RangedConnectionDetails {
+    /**
+     * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.
+     */
+    mtu?: RangedConnectionDetailsMtuInteger;
+    /**
+     * A ranged socket address.
+     */
+    socketAddress: RangedSocketAddress;
+  }
+  export type RangedConnectionDetailsMtuInteger = number;
+  export interface RangedSocketAddress {
+    /**
+     * IPv4 socket address.
+     */
+    name: IpV4Address;
+    /**
+     * Port range of a socket address.
+     */
+    portRange: IntegerRange;
+  }
+  export interface RegisterAgentRequest {
+    /**
+     * Detailed information about the agent being registered.
+     */
+    agentDetails: AgentDetails;
+    /**
+     * Data for associating and agent with the capabilities it is managing.
+     */
+    discoveryData: DiscoveryData;
+  }
+  export interface RegisterAgentResponse {
+    /**
+     * UUID of registered agent.
+     */
+    agentId?: Uuid;
+  }
   export interface ReserveContactRequest {
     /**
      * End time of a contact in UTC.
@@ -1372,6 +1620,7 @@ declare namespace GroundStation {
      */
     tags?: TagsMap;
   }
+  export type ReservedCpuCoresList = Integer[];
   export type RoleArn = string;
   export type S3BucketName = string;
   export type S3KeyPrefix = string;
@@ -1454,6 +1703,7 @@ declare namespace GroundStation {
     subnetIds: SubnetList;
   }
   export type SecurityGroupIdList = String[];
+  export type SignatureMap = {[key: string]: Boolean};
   export interface SocketAddress {
     /**
      * Name of a socket address.
@@ -1570,6 +1820,30 @@ declare namespace GroundStation {
   }
   export interface UntagResourceResponse {
   }
+  export interface UpdateAgentStatusRequest {
+    /**
+     * UUID of agent to update.
+     */
+    agentId: Uuid;
+    /**
+     * Aggregate status for agent.
+     */
+    aggregateStatus: AggregateStatus;
+    /**
+     * List of component statuses for agent.
+     */
+    componentStatuses: ComponentStatusList;
+    /**
+     * GUID of agent task.
+     */
+    taskId: Uuid;
+  }
+  export interface UpdateAgentStatusResponse {
+    /**
+     * UUID of updated agent.
+     */
+    agentId: Uuid;
+  }
   export interface UpdateConfigRequest {
     /**
      * Parameters of a Config.
@@ -1631,6 +1905,14 @@ declare namespace GroundStation {
      * Name of a mission profile.
      */
     name?: SafeName;
+    /**
+     * KMS key to use for encrypting streams.
+     */
+    streamsKmsKey?: KmsKey;
+    /**
+     * Role to use for encrypting streams with KMS key.
+     */
+    streamsKmsRole?: RoleArn;
     /**
      * ARN of a tracking Config.
      */
@@ -1657,6 +1939,8 @@ declare namespace GroundStation {
     polarization?: Polarization;
   }
   export type Uuid = string;
+  export type VersionString = string;
+  export type VersionStringList = VersionString[];
   export type Year = number;
   export type noradSatelliteID = number;
   export type satelliteArn = string;

package/node_modules/aws-sdk/clients/iam.d.ts

@@ -109,11 +109,11 @@ declare class IAM extends Service {
    */
   createLoginProfile(callback?: (err: AWSError, data: IAM.Types.CreateLoginProfileResponse) => void): Request<IAM.Types.CreateLoginProfileResponse, AWSError>;
   /**
-   * Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following:   The URL of the OIDC identity provider (IdP) to trust   A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider   A list of thumbprints of one or more server certificates that the IdP uses   You get all of this information from the OIDC IdP you want to use to access Amazon Web Services.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users. 
+   * Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following:   The URL of the OIDC identity provider (IdP) to trust   A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider   A list of thumbprints of one or more server certificates that the IdP uses   You get all of this information from the OIDC IdP you want to use to access Amazon Web Services.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users. 
    */
   createOpenIDConnectProvider(params: IAM.Types.CreateOpenIDConnectProviderRequest, callback?: (err: AWSError, data: IAM.Types.CreateOpenIDConnectProviderResponse) => void): Request<IAM.Types.CreateOpenIDConnectProviderResponse, AWSError>;
   /**
-   * Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following:   The URL of the OIDC identity provider (IdP) to trust   A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider   A list of thumbprints of one or more server certificates that the IdP uses   You get all of this information from the OIDC IdP you want to use to access Amazon Web Services.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users. 
+   * Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following:   The URL of the OIDC identity provider (IdP) to trust   A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider   A list of thumbprints of one or more server certificates that the IdP uses   You get all of this information from the OIDC IdP you want to use to access Amazon Web Services.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users. 
    */
   createOpenIDConnectProvider(callback?: (err: AWSError, data: IAM.Types.CreateOpenIDConnectProviderResponse) => void): Request<IAM.Types.CreateOpenIDConnectProviderResponse, AWSError>;
   /**
@@ -265,11 +265,11 @@ declare class IAM extends Service {
    */
   deletePolicyVersion(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Deletes the specified role. The role must not have any policies attached. For more information about roles, see Working with roles.  Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. 
+   * Deletes the specified role. Unlike the Amazon Web Services Management Console, when you delete a role programmatically, you must delete the items attached to the role manually, or the deletion fails. For more information, see Deleting an IAM role. Before attempting to delete a role, remove the following attached items:    Inline policies (DeleteRolePolicy)   Attached managed policies (DetachRolePolicy)   Instance profile (RemoveRoleFromInstanceProfile)   Optional – Delete instance profile after detaching from role for resource clean up (DeleteInstanceProfile)    Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. 
    */
   deleteRole(params: IAM.Types.DeleteRoleRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Deletes the specified role. The role must not have any policies attached. For more information about roles, see Working with roles.  Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. 
+   * Deletes the specified role. Unlike the Amazon Web Services Management Console, when you delete a role programmatically, you must delete the items attached to the role manually, or the deletion fails. For more information, see Deleting an IAM role. Before attempting to delete a role, remove the following attached items:    Inline policies (DeleteRolePolicy)   Attached managed policies (DetachRolePolicy)   Instance profile (RemoveRoleFromInstanceProfile)   Optional – Delete instance profile after detaching from role for resource clean up (DeleteInstanceProfile)    Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. 
    */
   deleteRole(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
@@ -977,19 +977,19 @@ declare class IAM extends Service {
    */
   setSecurityTokenServicePreferences(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The policies are provided as strings. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations. You can simulate resources that don't exist in your account. If you want to simulate existing policies that are attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead. Context keys are variables that are maintained by Amazon Web Services and its services and which provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy. If the output is long, you can use MaxItems and Marker parameters to paginate the results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide.
+   * Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The policies are provided as strings. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations. You can simulate resources that don't exist in your account. If you want to simulate existing policies that are attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead. Context keys are variables that are maintained by Amazon Web Services and its services and which provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy. If the output is long, you can use MaxItems and Marker parameters to paginate the results.  The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide. 
    */
   simulateCustomPolicy(params: IAM.Types.SimulateCustomPolicyRequest, callback?: (err: AWSError, data: IAM.Types.SimulatePolicyResponse) => void): Request<IAM.Types.SimulatePolicyResponse, AWSError>;
   /**
-   * Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The policies are provided as strings. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations. You can simulate resources that don't exist in your account. If you want to simulate existing policies that are attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead. Context keys are variables that are maintained by Amazon Web Services and its services and which provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy. If the output is long, you can use MaxItems and Marker parameters to paginate the results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide.
+   * Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The policies are provided as strings. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations. You can simulate resources that don't exist in your account. If you want to simulate existing policies that are attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead. Context keys are variables that are maintained by Amazon Web Services and its services and which provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy. If the output is long, you can use MaxItems and Marker parameters to paginate the results.  The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide. 
    */
   simulateCustomPolicy(callback?: (err: AWSError, data: IAM.Types.SimulatePolicyResponse) => void): Request<IAM.Types.SimulatePolicyResponse, AWSError>;
   /**
-   * Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to. You can simulate resources that don't exist in your account. You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.  Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy. If the output is long, you can use the MaxItems and Marker parameters to paginate the results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide.
+   * Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to. You can simulate resources that don't exist in your account. You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation for IAM users only. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.  Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy. If the output is long, you can use the MaxItems and Marker parameters to paginate the results.  The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide. 
    */
   simulatePrincipalPolicy(params: IAM.Types.SimulatePrincipalPolicyRequest, callback?: (err: AWSError, data: IAM.Types.SimulatePolicyResponse) => void): Request<IAM.Types.SimulatePolicyResponse, AWSError>;
   /**
-   * Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to. You can simulate resources that don't exist in your account. You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.  Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy. If the output is long, you can use the MaxItems and Marker parameters to paginate the results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide.
+   * Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to. You can simulate resources that don't exist in your account. You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation for IAM users only. The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.  Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy. If the output is long, you can use the MaxItems and Marker parameters to paginate the results.  The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator in the IAM User Guide. 
    */
   simulatePrincipalPolicy(callback?: (err: AWSError, data: IAM.Types.SimulatePolicyResponse) => void): Request<IAM.Types.SimulatePolicyResponse, AWSError>;
   /**
@@ -1161,11 +1161,11 @@ declare class IAM extends Service {
    */
   updateLoginProfile(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints. The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.) Typically, you need to update a thumbprint only when the identity provider certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   Trust for the OIDC provider is derived from the provider certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users. 
+   * Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints. The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.) Typically, you need to update a thumbprint only when the identity provider certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   Trust for the OIDC provider is derived from the provider certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users. 
    */
   updateOpenIDConnectProviderThumbprint(params: IAM.Types.UpdateOpenIDConnectProviderThumbprintRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints. The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.) Typically, you need to update a thumbprint only when the identity provider certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   Trust for the OIDC provider is derived from the provider certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users. 
+   * Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints. The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.) Typically, you need to update a thumbprint only when the identity provider certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.  Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.   Trust for the OIDC provider is derived from the provider certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users. 
    */
   updateOpenIDConnectProviderThumbprint(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
@@ -1656,7 +1656,7 @@ declare namespace IAM {
      */
     MaxSessionDuration?: roleMaxSessionDurationType;
     /**
-     * The ARN of the policy that is used to set the permissions boundary for the role.
+     * The ARN of the managed policy that is used to set the permissions boundary for the role. A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see Permissions boundaries for IAM entities in the IAM User Guide. For more information about policy types, see Policy types  in the IAM User Guide.
      */
     PermissionsBoundary?: arnType;
     /**
@@ -1740,7 +1740,7 @@ declare namespace IAM {
      */
     UserName: userNameType;
     /**
-     * The ARN of the policy that is used to set the permissions boundary for the user.
+     * The ARN of the managed policy that is used to set the permissions boundary for the user. A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see Permissions boundaries for IAM entities in the IAM User Guide. For more information about policy types, see Policy types  in the IAM User Guide.
      */
     PermissionsBoundary?: arnType;
     /**
@@ -3997,7 +3997,7 @@ declare namespace IAM {
      */
     RoleName: roleNameType;
     /**
-     * The ARN of the policy that is used to set the permissions boundary for the role.
+     * The ARN of the managed policy that is used to set the permissions boundary for the role. A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see Permissions boundaries for IAM entities in the IAM User Guide. For more information about policy types, see Policy types  in the IAM User Guide.
      */
     PermissionsBoundary: arnType;
   }
@@ -4021,7 +4021,7 @@ declare namespace IAM {
      */
     UserName: userNameType;
     /**
-     * The ARN of the policy that is used to set the permissions boundary for the user.
+     * The ARN of the managed policy that is used to set the permissions boundary for the user. A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see Permissions boundaries for IAM entities in the IAM User Guide. For more information about policy types, see Policy types  in the IAM User Guide.
      */
     PermissionsBoundary: arnType;
   }
@@ -4499,11 +4499,11 @@ declare namespace IAM {
      */
     ActionNames: ActionNameListType;
     /**
-     * A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account. The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter. If you include a ResourcePolicy, then it must be applicable to all of the resources included in the simulation or you receive an invalid input error. For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
+     * A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account. The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter. If you include a ResourcePolicy, then it must be applicable to all of the resources included in the simulation or you receive an invalid input error. For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.  Simulation of resource-based policies isn't supported for IAM roles. 
      */
     ResourceArns?: ResourceNameListType;
     /**
-     * A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation. The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas. The regex pattern used to validate this parameter is a string of characters consisting of the following:   Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range   The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)   The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)  
+     * A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation. The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas. The regex pattern used to validate this parameter is a string of characters consisting of the following:   Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range   The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)   The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)    Simulation of resource-based policies isn't supported for IAM roles. 
      */
     ResourcePolicy?: policyDocumentType;
     /**
@@ -4563,11 +4563,11 @@ declare namespace IAM {
      */
     ActionNames: ActionNameListType;
     /**
-     * A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account. The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter. For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
+     * A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account. The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter. For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.  Simulation of resource-based policies isn't supported for IAM roles. 
      */
     ResourceArns?: ResourceNameListType;
     /**
-     * A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation. The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas. The regex pattern used to validate this parameter is a string of characters consisting of the following:   Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range   The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)   The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)  
+     * A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation. The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas. The regex pattern used to validate this parameter is a string of characters consisting of the following:   Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range   The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)   The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)    Simulation of resource-based policies isn't supported for IAM roles. 
      */
     ResourcePolicy?: policyDocumentType;
     /**

package/node_modules/aws-sdk/clients/iot.d.ts

@@ -3155,6 +3155,10 @@ declare namespace Iot {
      * The CloudWatch log group to which the action sends data.
      */
     logGroupName: LogGroupName;
+    /**
+     * Indicates whether batches of log records will be extracted and uploaded into CloudWatch. Values include true or false (default).
+     */
+    batchMode?: BatchMode;
   }
   export interface CloudwatchMetricAction {
     /**