cdk-lambda-subminute 2.0.250 → 2.0.253

package/node_modules/aws-sdk/clients/bedrock.js

@@ -0,0 +1,18 @@
+require('../lib/node_loader');
+var AWS = require('../lib/core');
+var Service = AWS.Service;
+var apiLoader = AWS.apiLoader;
+
+apiLoader.services['bedrock'] = {};
+AWS.Bedrock = Service.defineService('bedrock', ['2023-04-20']);
+Object.defineProperty(apiLoader.services['bedrock'], '2023-04-20', {
+  get: function get() {
+    var model = require('../apis/bedrock-2023-04-20.min.json');
+    model.paginators = require('../apis/bedrock-2023-04-20.paginators.json').pagination;
+    return model;
+  },
+  enumerable: true,
+  configurable: true
+});
+
+module.exports = AWS.Bedrock;

package/node_modules/aws-sdk/clients/bedrockruntime.d.ts

@@ -0,0 +1,138 @@
+import {Request} from '../lib/request';
+import {Response} from '../lib/response';
+import {AWSError} from '../lib/error';
+import {Service} from '../lib/service';
+import {ServiceConfigurationOptions} from '../lib/service';
+import {ConfigBase as Config} from '../lib/config-base';
+import {EventStream} from '../lib/event-stream/event-stream';
+interface Blob {}
+declare class BedrockRuntime extends Service {
+  /**
+   * Constructs a service object. This object has one method for each API operation.
+   */
+  constructor(options?: BedrockRuntime.Types.ClientConfiguration)
+  config: Config & BedrockRuntime.Types.ClientConfiguration;
+  /**
+   * Invokes the specified Bedrock model to run inference using the input provided in the request body. You use InvokeModel to run inference for text models, image models, and embedding models. For more information about invoking models, see Using the API in the Bedrock User Guide. For example requests, see Examples (after the Errors section).
+   */
+  invokeModel(params: BedrockRuntime.Types.InvokeModelRequest, callback?: (err: AWSError, data: BedrockRuntime.Types.InvokeModelResponse) => void): Request<BedrockRuntime.Types.InvokeModelResponse, AWSError>;
+  /**
+   * Invokes the specified Bedrock model to run inference using the input provided in the request body. You use InvokeModel to run inference for text models, image models, and embedding models. For more information about invoking models, see Using the API in the Bedrock User Guide. For example requests, see Examples (after the Errors section).
+   */
+  invokeModel(callback?: (err: AWSError, data: BedrockRuntime.Types.InvokeModelResponse) => void): Request<BedrockRuntime.Types.InvokeModelResponse, AWSError>;
+  /**
+   * Invoke the specified Bedrock model to run inference using the input provided. Return the response in a stream. For more information about invoking models, see Using the API in the Bedrock User Guide. For an example request and response, see Examples (after the Errors section).
+   */
+  invokeModelWithResponseStream(params: BedrockRuntime.Types.InvokeModelWithResponseStreamRequest, callback?: (err: AWSError, data: BedrockRuntime.Types.InvokeModelWithResponseStreamResponse) => void): Request<BedrockRuntime.Types.InvokeModelWithResponseStreamResponse, AWSError>;
+  /**
+   * Invoke the specified Bedrock model to run inference using the input provided. Return the response in a stream. For more information about invoking models, see Using the API in the Bedrock User Guide. For an example request and response, see Examples (after the Errors section).
+   */
+  invokeModelWithResponseStream(callback?: (err: AWSError, data: BedrockRuntime.Types.InvokeModelWithResponseStreamResponse) => void): Request<BedrockRuntime.Types.InvokeModelWithResponseStreamResponse, AWSError>;
+}
+declare namespace BedrockRuntime {
+  export type Body = Buffer|Uint8Array|Blob|string;
+  export interface InternalServerException {
+    message?: NonBlankString;
+  }
+  export type InvokeModelIdentifier = string;
+  export interface InvokeModelRequest {
+    /**
+     * The desired MIME type of the inference body in the response. The default value is application/json.
+     */
+    accept?: MimeType;
+    /**
+     * Input data in the format specified in the content-type request header. To see the format and content of this field for different models, refer to Inference parameters.
+     */
+    body: Body;
+    /**
+     * The MIME type of the input data in the request. The default value is application/json.
+     */
+    contentType?: MimeType;
+    /**
+     * Identifier of the model. 
+     */
+    modelId: InvokeModelIdentifier;
+  }
+  export interface InvokeModelResponse {
+    /**
+     * Inference response from the model in the format specified in the content-type header field. To see the format and content of this field for different models, refer to Inference parameters.
+     */
+    body: Body;
+    /**
+     * The MIME type of the inference result.
+     */
+    contentType: MimeType;
+  }
+  export interface InvokeModelWithResponseStreamRequest {
+    /**
+     * The desired MIME type of the inference body in the response. The default value is application/json.
+     */
+    accept?: MimeType;
+    /**
+     * Inference input in the format specified by the content-type. To see the format and content of this field for different models, refer to Inference parameters.
+     */
+    body: Body;
+    /**
+     * The MIME type of the input data in the request. The default value is application/json.
+     */
+    contentType?: MimeType;
+    /**
+     * Id of the model to invoke using the streaming request.
+     */
+    modelId: InvokeModelIdentifier;
+  }
+  export interface InvokeModelWithResponseStreamResponse {
+    /**
+     * Inference response from the model in the format specified by Content-Type. To see the format and content of this field for different models, refer to Inference parameters.
+     */
+    body: ResponseStream;
+    /**
+     * The MIME type of the inference result.
+     */
+    contentType: MimeType;
+  }
+  export type MimeType = string;
+  export interface ModelStreamErrorException {
+    message?: NonBlankString;
+    /**
+     * The original message.
+     */
+    originalMessage?: NonBlankString;
+    /**
+     * The original status code.
+     */
+    originalStatusCode?: StatusCode;
+  }
+  export type NonBlankString = string;
+  export type PartBody = Buffer|Uint8Array|Blob|string;
+  export interface PayloadPart {
+    /**
+     * Base64-encoded bytes of payload data.
+     */
+    bytes?: PartBody;
+  }
+  export type ResponseStream = EventStream<{chunk?:PayloadPart,internalServerException?:InternalServerException,modelStreamErrorException?:ModelStreamErrorException,throttlingException?:ThrottlingException,validationException?:ValidationException}>;
+  export type StatusCode = number;
+  export interface ThrottlingException {
+    message?: NonBlankString;
+  }
+  export interface ValidationException {
+    message?: NonBlankString;
+  }
+  /**
+   * A string in YYYY-MM-DD format that represents the latest possible API version that can be used in this service. Specify 'latest' to use the latest possible version.
+   */
+  export type apiVersion = "2023-09-30"|"latest"|string;
+  export interface ClientApiVersions {
+    /**
+     * A string in YYYY-MM-DD format that represents the latest possible API version that can be used in this service. Specify 'latest' to use the latest possible version.
+     */
+    apiVersion?: apiVersion;
+  }
+  export type ClientConfiguration = ServiceConfigurationOptions & ClientApiVersions;
+  /**
+   * Contains interfaces for use with the BedrockRuntime client.
+   */
+  export import Types = BedrockRuntime;
+}
+export = BedrockRuntime;

package/node_modules/aws-sdk/clients/bedrockruntime.js

@@ -0,0 +1,18 @@
+require('../lib/node_loader');
+var AWS = require('../lib/core');
+var Service = AWS.Service;
+var apiLoader = AWS.apiLoader;
+
+apiLoader.services['bedrockruntime'] = {};
+AWS.BedrockRuntime = Service.defineService('bedrockruntime', ['2023-09-30']);
+Object.defineProperty(apiLoader.services['bedrockruntime'], '2023-09-30', {
+  get: function get() {
+    var model = require('../apis/bedrock-runtime-2023-09-30.min.json');
+    model.paginators = require('../apis/bedrock-runtime-2023-09-30.paginators.json').pagination;
+    return model;
+  },
+  enumerable: true,
+  configurable: true
+});
+
+module.exports = AWS.BedrockRuntime;

package/node_modules/aws-sdk/clients/budgets.d.ts

@@ -645,7 +645,7 @@ declare namespace Budgets {
   export interface DescribeBudgetNotificationsForAccountRequest {
     AccountId: AccountId;
     /**
-     *  An integer that shows how many budget name entries a paginated response contains. 
+     *  An integer that represents how many budgets a paginated response contains. The default is 50. 
      */
     MaxResults?: MaxResultsBudgetNotifications;
     NextToken?: GenericString;
@@ -692,13 +692,13 @@ declare namespace Budgets {
   }
   export interface DescribeBudgetsRequest {
     /**
-     * The accountId that is associated with the budgets that you want descriptions of.
+     * The accountId that is associated with the budgets that you want to describe.
      */
     AccountId: AccountId;
     /**
-     * An optional integer that represents how many entries a paginated response contains. The maximum is 100.
+     * An integer that represents how many budgets a paginated response contains. The default is 100.
      */
-    MaxResults?: MaxResults;
+    MaxResults?: MaxResultsDescribeBudgets;
     /**
      * The pagination token that you include in your request to indicate the next set of results that you want to retrieve.
      */
@@ -724,7 +724,7 @@ declare namespace Budgets {
      */
     BudgetName: BudgetName;
     /**
-     * An optional integer that represents how many entries a paginated response contains. The maximum is 100.
+     * An optional integer that represents how many entries a paginated response contains.
      */
     MaxResults?: MaxResults;
     /**
@@ -756,7 +756,7 @@ declare namespace Budgets {
      */
     Notification: Notification;
     /**
-     * An optional integer that represents how many entries a paginated response contains. The maximum is 100.
+     * An optional integer that represents how many entries a paginated response contains.
      */
     MaxResults?: MaxResults;
     /**
@@ -838,6 +838,7 @@ declare namespace Budgets {
   export type InstanceIds = InstanceId[];
   export type MaxResults = number;
   export type MaxResultsBudgetNotifications = number;
+  export type MaxResultsDescribeBudgets = number;
   export interface Notification {
     /**
      * Specifies whether the notification is for how much you have spent (ACTUAL) or for how much that you're forecasted to spend (FORECASTED).
@@ -900,7 +901,7 @@ declare namespace Budgets {
      */
     Amount: NumericValue;
     /**
-     * The unit of measurement that's used for the budget forecast, actual spend, or budget threshold, such as USD or GBP.
+     * The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.
      */
     Unit: UnitValue;
   }

package/node_modules/aws-sdk/clients/cognitoidentityserviceprovider.d.ts

@@ -943,7 +943,7 @@ declare namespace CognitoIdentityServiceProvider {
      */
     UserPoolId: UserPoolIdType;
     /**
-     * The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username can't be changed.
+     * The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.   The username can't be a duplicate of another username in the same user pool.   You can't change the value of a username after you create it.   You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see Customizing sign-in attributes.  
      */
     Username: UsernameType;
     /**

package/node_modules/aws-sdk/clients/ec2.d.ts

@@ -10984,6 +10984,10 @@ declare namespace EC2 {
      * Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
      */
     DryRun?: Boolean;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface CreateVerifiedAccessEndpointResult {
     /**
@@ -11017,6 +11021,10 @@ declare namespace EC2 {
      * Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
      */
     DryRun?: Boolean;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface CreateVerifiedAccessGroupResult {
     /**
@@ -11042,7 +11050,7 @@ declare namespace EC2 {
      */
     DryRun?: Boolean;
     /**
-     *  Choose to enable or disable support for Federal Information Processing Standards (FIPS) on the instance. 
+     * Enable or disable support for Federal Information Processing Standards (FIPS) on the instance.
      */
     FIPSEnabled?: Boolean;
   }
@@ -11129,6 +11137,10 @@ declare namespace EC2 {
      * Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
      */
     DryRun?: Boolean;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface CreateVerifiedAccessTrustProviderResult {
     /**
@@ -25273,6 +25285,7 @@ declare namespace EC2 {
   export type KeyPairList = KeyPairInfo[];
   export type KeyPairName = string;
   export type KeyType = "rsa"|"ed25519"|string;
+  export type KmsKeyArn = string;
   export type KmsKeyId = string;
   export interface LastError {
     /**
@@ -28145,7 +28158,7 @@ declare namespace EC2 {
     /**
      * The status of the Verified Access policy.
      */
-    PolicyEnabled: Boolean;
+    PolicyEnabled?: Boolean;
     /**
      * The Verified Access policy document.
      */
@@ -28158,6 +28171,10 @@ declare namespace EC2 {
      * Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
      */
     DryRun?: Boolean;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface ModifyVerifiedAccessEndpointPolicyResult {
     /**
@@ -28168,6 +28185,10 @@ declare namespace EC2 {
      * The Verified Access policy document.
      */
     PolicyDocument?: String;
+    /**
+     *  Describes the options in use for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationResponse;
   }
   export interface ModifyVerifiedAccessEndpointRequest {
     /**
@@ -28214,7 +28235,7 @@ declare namespace EC2 {
     /**
      * The status of the Verified Access policy.
      */
-    PolicyEnabled: Boolean;
+    PolicyEnabled?: Boolean;
     /**
      * The Verified Access policy document.
      */
@@ -28227,6 +28248,10 @@ declare namespace EC2 {
      * Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
      */
     DryRun?: Boolean;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface ModifyVerifiedAccessGroupPolicyResult {
     /**
@@ -28237,6 +28262,10 @@ declare namespace EC2 {
      * The Verified Access policy document.
      */
     PolicyDocument?: String;
+    /**
+     *  Describes the options in use for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationResponse;
   }
   export interface ModifyVerifiedAccessGroupRequest {
     /**
@@ -28365,6 +28394,10 @@ declare namespace EC2 {
      * A unique, case-sensitive token that you provide to ensure idempotency of your modification request. For more information, see Ensuring Idempotency.
      */
     ClientToken?: String;
+    /**
+     *  Options for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationRequest;
   }
   export interface ModifyVerifiedAccessTrustProviderResult {
     /**
@@ -37231,6 +37264,10 @@ declare namespace EC2 {
      * The tags.
      */
     Tags?: TagList;
+    /**
+     *  Describes the options in use for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationResponse;
   }
   export type VerifiedAccessEndpointAttachmentType = "vpc"|string;
   export interface VerifiedAccessEndpointEniOptions {
@@ -37320,6 +37357,10 @@ declare namespace EC2 {
      * The tags.
      */
     Tags?: TagList;
+    /**
+     *  Describes the options in use for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationResponse;
   }
   export type VerifiedAccessGroupId = string;
   export type VerifiedAccessGroupIdList = VerifiedAccessGroupId[];
@@ -37350,7 +37391,7 @@ declare namespace EC2 {
      */
     Tags?: TagList;
     /**
-     *  Describes if support for Federal Information Processing Standards (FIPS) is enabled on the instance. 
+     * Describes whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.
      */
     FipsEnabled?: Boolean;
   }
@@ -37511,6 +37552,26 @@ declare namespace EC2 {
      */
     IncludeTrustContext?: Boolean;
   }
+  export interface VerifiedAccessSseSpecificationRequest {
+    /**
+     *  Enable or disable the use of customer managed KMS keys for server side encryption.  Valid values: True | False 
+     */
+    CustomerManagedKeyEnabled?: Boolean;
+    /**
+     *  The ARN of the KMS key. 
+     */
+    KmsKeyArn?: KmsKeyArn;
+  }
+  export interface VerifiedAccessSseSpecificationResponse {
+    /**
+     *  Describes the use of customer managed KMS keys for server side encryption.  Valid values: True | False 
+     */
+    CustomerManagedKeyEnabled?: Boolean;
+    /**
+     *  Describes the ARN of the KMS key. 
+     */
+    KmsKeyArn?: KmsKeyArn;
+  }
   export interface VerifiedAccessTrustProvider {
     /**
      * The ID of the Amazon Web Services Verified Access trust provider.
@@ -37556,6 +37617,10 @@ declare namespace EC2 {
      * The tags.
      */
     Tags?: TagList;
+    /**
+     *  Describes the options in use for server side encryption. 
+     */
+    SseSpecification?: VerifiedAccessSseSpecificationResponse;
   }
   export interface VerifiedAccessTrustProviderCondensed {
     /**

package/node_modules/aws-sdk/clients/firehose.d.ts

@@ -52,27 +52,27 @@ declare class Firehose extends Service {
    */
   listTagsForDeliveryStream(callback?: (err: AWSError, data: Firehose.Types.ListTagsForDeliveryStreamOutput) => void): Request<Firehose.Types.ListTagsForDeliveryStreamOutput, AWSError>;
   /**
-   * Writes a single data record into an Amazon Kinesis Data Firehose delivery stream. To write multiple data records into a delivery stream, use PutRecordBatch. Applications using these operations are referred to as producers. By default, each delivery stream can take in up to 2,000 transactions per second, 5,000 records per second, or 5 MB per second. If you use PutRecord and PutRecordBatch, the limits are an aggregate across these two operations for each delivery stream. For more information about limits and how to request an increase, see Amazon Kinesis Data Firehose Limits.  You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KiB in size, and any kind of data. For example, it can be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecord operation returns a RecordId, which is a unique string assigned to each record. Producer applications can use this ID for purposes such as auditability and investigation. If the PutRecord operation throws a ServiceUnavailableException, back off and retry. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream.  Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it tries to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
+   * Writes a single data record into an Amazon Kinesis Data Firehose delivery stream. To write multiple data records into a delivery stream, use PutRecordBatch. Applications using these operations are referred to as producers. By default, each delivery stream can take in up to 2,000 transactions per second, 5,000 records per second, or 5 MB per second. If you use PutRecord and PutRecordBatch, the limits are an aggregate across these two operations for each delivery stream. For more information about limits and how to request an increase, see Amazon Kinesis Data Firehose Limits.  Kinesis Data Firehose accumulates and publishes a particular metric for a customer account in one minute intervals. It is possible that the bursts of incoming bytes/records ingested to a delivery stream last only for a few seconds. Due to this, the actual spikes in the traffic might not be fully visible in the customer's 1 minute CloudWatch metrics. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KiB in size, and any kind of data. For example, it can be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecord operation returns a RecordId, which is a unique string assigned to each record. Producer applications can use this ID for purposes such as auditability and investigation. If the PutRecord operation throws a ServiceUnavailableException, the API is automatically reinvoked (retried) 3 times. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream.  Re-invoking the Put API operations (for example, PutRecord and PutRecordBatch) can result in data duplicates. For larger data assets, allow for a longer time out before retrying Put API operations. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it tries to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
    */
   putRecord(params: Firehose.Types.PutRecordInput, callback?: (err: AWSError, data: Firehose.Types.PutRecordOutput) => void): Request<Firehose.Types.PutRecordOutput, AWSError>;
   /**
-   * Writes a single data record into an Amazon Kinesis Data Firehose delivery stream. To write multiple data records into a delivery stream, use PutRecordBatch. Applications using these operations are referred to as producers. By default, each delivery stream can take in up to 2,000 transactions per second, 5,000 records per second, or 5 MB per second. If you use PutRecord and PutRecordBatch, the limits are an aggregate across these two operations for each delivery stream. For more information about limits and how to request an increase, see Amazon Kinesis Data Firehose Limits.  You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KiB in size, and any kind of data. For example, it can be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecord operation returns a RecordId, which is a unique string assigned to each record. Producer applications can use this ID for purposes such as auditability and investigation. If the PutRecord operation throws a ServiceUnavailableException, back off and retry. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream.  Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it tries to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
+   * Writes a single data record into an Amazon Kinesis Data Firehose delivery stream. To write multiple data records into a delivery stream, use PutRecordBatch. Applications using these operations are referred to as producers. By default, each delivery stream can take in up to 2,000 transactions per second, 5,000 records per second, or 5 MB per second. If you use PutRecord and PutRecordBatch, the limits are an aggregate across these two operations for each delivery stream. For more information about limits and how to request an increase, see Amazon Kinesis Data Firehose Limits.  Kinesis Data Firehose accumulates and publishes a particular metric for a customer account in one minute intervals. It is possible that the bursts of incoming bytes/records ingested to a delivery stream last only for a few seconds. Due to this, the actual spikes in the traffic might not be fully visible in the customer's 1 minute CloudWatch metrics. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KiB in size, and any kind of data. For example, it can be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecord operation returns a RecordId, which is a unique string assigned to each record. Producer applications can use this ID for purposes such as auditability and investigation. If the PutRecord operation throws a ServiceUnavailableException, the API is automatically reinvoked (retried) 3 times. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream.  Re-invoking the Put API operations (for example, PutRecord and PutRecordBatch) can result in data duplicates. For larger data assets, allow for a longer time out before retrying Put API operations. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it tries to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
    */
   putRecord(callback?: (err: AWSError, data: Firehose.Types.PutRecordOutput) => void): Request<Firehose.Types.PutRecordOutput, AWSError>;
   /**
-   * Writes multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records. To write single data records into a delivery stream, use PutRecord. Applications using these operations are referred to as producers. For information about service quota, see Amazon Kinesis Data Firehose Quota. Each PutRecordBatch request supports up to 500 records. Each record in the request can be as large as 1,000 KB (before base64 encoding), up to a limit of 4 MB for the entire request. These limits cannot be changed. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KB in size, and any kind of data. For example, it could be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecordBatch response includes a count of failed records, FailedPutCount, and an array of responses, RequestResponses. Even if the PutRecordBatch call succeeds, the value of FailedPutCount may be greater than 0, indicating that there are records for which the operation didn't succeed. Each entry in the RequestResponses array provides additional information about the processed record. It directly correlates with a record in the request array using the same ordering, from the top to the bottom. The response array always includes the same number of records as the request array. RequestResponses includes both successfully and unsuccessfully processed records. Kinesis Data Firehose tries to process all records in each PutRecordBatch request. A single record failure does not stop the processing of subsequent records.  A successfully processed record includes a RecordId value, which is unique for the record. An unsuccessfully processed record includes ErrorCode and ErrorMessage values. ErrorCode reflects the type of error, and is one of the following values: ServiceUnavailableException or InternalFailure. ErrorMessage provides more detailed information about the error. If there is an internal server error or a timeout, the write might have completed or it might have failed. If FailedPutCount is greater than 0, retry the request, resending only those records that might have failed processing. This minimizes the possible duplicate records and also reduces the total bytes sent (and corresponding charges). We recommend that you handle any duplicates at the destination. If PutRecordBatch throws ServiceUnavailableException, back off and retry. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it attempts to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
+   * Writes multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records. To write single data records into a delivery stream, use PutRecord. Applications using these operations are referred to as producers. Kinesis Data Firehose accumulates and publishes a particular metric for a customer account in one minute intervals. It is possible that the bursts of incoming bytes/records ingested to a delivery stream last only for a few seconds. Due to this, the actual spikes in the traffic might not be fully visible in the customer's 1 minute CloudWatch metrics. For information about service quota, see Amazon Kinesis Data Firehose Quota. Each PutRecordBatch request supports up to 500 records. Each record in the request can be as large as 1,000 KB (before base64 encoding), up to a limit of 4 MB for the entire request. These limits cannot be changed. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KB in size, and any kind of data. For example, it could be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecordBatch response includes a count of failed records, FailedPutCount, and an array of responses, RequestResponses. Even if the PutRecordBatch call succeeds, the value of FailedPutCount may be greater than 0, indicating that there are records for which the operation didn't succeed. Each entry in the RequestResponses array provides additional information about the processed record. It directly correlates with a record in the request array using the same ordering, from the top to the bottom. The response array always includes the same number of records as the request array. RequestResponses includes both successfully and unsuccessfully processed records. Kinesis Data Firehose tries to process all records in each PutRecordBatch request. A single record failure does not stop the processing of subsequent records.  A successfully processed record includes a RecordId value, which is unique for the record. An unsuccessfully processed record includes ErrorCode and ErrorMessage values. ErrorCode reflects the type of error, and is one of the following values: ServiceUnavailableException or InternalFailure. ErrorMessage provides more detailed information about the error. If there is an internal server error or a timeout, the write might have completed or it might have failed. If FailedPutCount is greater than 0, retry the request, resending only those records that might have failed processing. This minimizes the possible duplicate records and also reduces the total bytes sent (and corresponding charges). We recommend that you handle any duplicates at the destination. If PutRecordBatch throws ServiceUnavailableException, the API is automatically reinvoked (retried) 3 times. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream. Re-invoking the Put API operations (for example, PutRecord and PutRecordBatch) can result in data duplicates. For larger data assets, allow for a longer time out before retrying Put API operations. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it attempts to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
    */
   putRecordBatch(params: Firehose.Types.PutRecordBatchInput, callback?: (err: AWSError, data: Firehose.Types.PutRecordBatchOutput) => void): Request<Firehose.Types.PutRecordBatchOutput, AWSError>;
   /**
-   * Writes multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records. To write single data records into a delivery stream, use PutRecord. Applications using these operations are referred to as producers. For information about service quota, see Amazon Kinesis Data Firehose Quota. Each PutRecordBatch request supports up to 500 records. Each record in the request can be as large as 1,000 KB (before base64 encoding), up to a limit of 4 MB for the entire request. These limits cannot be changed. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KB in size, and any kind of data. For example, it could be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecordBatch response includes a count of failed records, FailedPutCount, and an array of responses, RequestResponses. Even if the PutRecordBatch call succeeds, the value of FailedPutCount may be greater than 0, indicating that there are records for which the operation didn't succeed. Each entry in the RequestResponses array provides additional information about the processed record. It directly correlates with a record in the request array using the same ordering, from the top to the bottom. The response array always includes the same number of records as the request array. RequestResponses includes both successfully and unsuccessfully processed records. Kinesis Data Firehose tries to process all records in each PutRecordBatch request. A single record failure does not stop the processing of subsequent records.  A successfully processed record includes a RecordId value, which is unique for the record. An unsuccessfully processed record includes ErrorCode and ErrorMessage values. ErrorCode reflects the type of error, and is one of the following values: ServiceUnavailableException or InternalFailure. ErrorMessage provides more detailed information about the error. If there is an internal server error or a timeout, the write might have completed or it might have failed. If FailedPutCount is greater than 0, retry the request, resending only those records that might have failed processing. This minimizes the possible duplicate records and also reduces the total bytes sent (and corresponding charges). We recommend that you handle any duplicates at the destination. If PutRecordBatch throws ServiceUnavailableException, back off and retry. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it attempts to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
+   * Writes multiple data records into a delivery stream in a single call, which can achieve higher throughput per producer than when writing single records. To write single data records into a delivery stream, use PutRecord. Applications using these operations are referred to as producers. Kinesis Data Firehose accumulates and publishes a particular metric for a customer account in one minute intervals. It is possible that the bursts of incoming bytes/records ingested to a delivery stream last only for a few seconds. Due to this, the actual spikes in the traffic might not be fully visible in the customer's 1 minute CloudWatch metrics. For information about service quota, see Amazon Kinesis Data Firehose Quota. Each PutRecordBatch request supports up to 500 records. Each record in the request can be as large as 1,000 KB (before base64 encoding), up to a limit of 4 MB for the entire request. These limits cannot be changed. You must specify the name of the delivery stream and the data record when using PutRecord. The data record consists of a data blob that can be up to 1,000 KB in size, and any kind of data. For example, it could be a segment from a log file, geographic location data, website clickstream data, and so on. Kinesis Data Firehose buffers records before delivering them to the destination. To disambiguate the data blobs at the destination, a common solution is to use delimiters in the data, such as a newline (\n) or some other character unique within the data. This allows the consumer application to parse individual data items when reading the data from the destination. The PutRecordBatch response includes a count of failed records, FailedPutCount, and an array of responses, RequestResponses. Even if the PutRecordBatch call succeeds, the value of FailedPutCount may be greater than 0, indicating that there are records for which the operation didn't succeed. Each entry in the RequestResponses array provides additional information about the processed record. It directly correlates with a record in the request array using the same ordering, from the top to the bottom. The response array always includes the same number of records as the request array. RequestResponses includes both successfully and unsuccessfully processed records. Kinesis Data Firehose tries to process all records in each PutRecordBatch request. A single record failure does not stop the processing of subsequent records.  A successfully processed record includes a RecordId value, which is unique for the record. An unsuccessfully processed record includes ErrorCode and ErrorMessage values. ErrorCode reflects the type of error, and is one of the following values: ServiceUnavailableException or InternalFailure. ErrorMessage provides more detailed information about the error. If there is an internal server error or a timeout, the write might have completed or it might have failed. If FailedPutCount is greater than 0, retry the request, resending only those records that might have failed processing. This minimizes the possible duplicate records and also reduces the total bytes sent (and corresponding charges). We recommend that you handle any duplicates at the destination. If PutRecordBatch throws ServiceUnavailableException, the API is automatically reinvoked (retried) 3 times. If the exception persists, it is possible that the throughput limits have been exceeded for the delivery stream. Re-invoking the Put API operations (for example, PutRecord and PutRecordBatch) can result in data duplicates. For larger data assets, allow for a longer time out before retrying Put API operations. Data records sent to Kinesis Data Firehose are stored for 24 hours from the time they are added to a delivery stream as it attempts to send the records to the destination. If the destination is unreachable for more than 24 hours, the data is no longer available.  Don't concatenate two or more base64 strings to form the data fields of your records. Instead, concatenate the raw data, then perform base64 encoding. 
    */
   putRecordBatch(callback?: (err: AWSError, data: Firehose.Types.PutRecordBatchOutput) => void): Request<Firehose.Types.PutRecordBatchOutput, AWSError>;
   /**
-   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Kinesis Data Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Kinesis Data Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
+   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Kinesis Data Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, Kinesis Data Firehose APIs StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Kinesis Data Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
    */
   startDeliveryStreamEncryption(params: Firehose.Types.StartDeliveryStreamEncryptionInput, callback?: (err: AWSError, data: Firehose.Types.StartDeliveryStreamEncryptionOutput) => void): Request<Firehose.Types.StartDeliveryStreamEncryptionOutput, AWSError>;
   /**
-   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Kinesis Data Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Kinesis Data Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
+   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Kinesis Data Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Kinesis Data Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, Kinesis Data Firehose APIs StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Kinesis Data Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
    */
   startDeliveryStreamEncryption(callback?: (err: AWSError, data: Firehose.Types.StartDeliveryStreamEncryptionOutput) => void): Request<Firehose.Types.StartDeliveryStreamEncryptionOutput, AWSError>;
   /**
@@ -375,6 +375,16 @@ declare namespace Firehose {
   }
   export type AmazonopensearchserviceS3BackupMode = "FailedDocumentsOnly"|"AllDocuments"|string;
   export type AmazonopensearchserviceTypeName = string;
+  export interface AuthenticationConfiguration {
+    /**
+     * The ARN of the role used to access the Amazon MSK cluster.
+     */
+    RoleARN: RoleARN;
+    /**
+     * The type of connectivity used to access the Amazon MSK cluster.
+     */
+    Connectivity: Connectivity;
+  }
   export type BlockSizeBytes = number;
   export type BooleanObject = boolean;
   export type BucketARN = string;
@@ -405,6 +415,7 @@ declare namespace Firehose {
   export type ClusterJDBCURL = string;
   export type ColumnToJsonKeyMappings = {[key: string]: NonEmptyString};
   export type CompressionFormat = "UNCOMPRESSED"|"GZIP"|"ZIP"|"Snappy"|"HADOOP_SNAPPY"|string;
+  export type Connectivity = "PUBLIC"|"PRIVATE"|string;
   export type ContentEncoding = "NONE"|"GZIP"|string;
   export interface CopyCommand {
     /**
@@ -474,6 +485,7 @@ declare namespace Firehose {
      * The destination in the Serverless offering for Amazon OpenSearch Service. You can specify only one destination.
      */
     AmazonOpenSearchServerlessDestinationConfiguration?: AmazonOpenSearchServerlessDestinationConfiguration;
+    MSKSourceConfiguration?: MSKSourceConfiguration;
   }
   export interface CreateDeliveryStreamOutput {
     /**
@@ -600,7 +612,7 @@ declare namespace Firehose {
   export type DeliveryStreamName = string;
   export type DeliveryStreamNameList = DeliveryStreamName[];
   export type DeliveryStreamStatus = "CREATING"|"CREATING_FAILED"|"DELETING"|"DELETING_FAILED"|"ACTIVE"|string;
-  export type DeliveryStreamType = "DirectPut"|"KinesisStreamAsSource"|string;
+  export type DeliveryStreamType = "DirectPut"|"KinesisStreamAsSource"|"MSKAsSource"|string;
   export type DeliveryStreamVersionId = string;
   export interface DescribeDeliveryStreamInput {
     /**
@@ -1326,6 +1338,39 @@ declare namespace Firehose {
   export type ListTagsForDeliveryStreamOutputTagList = Tag[];
   export type LogGroupName = string;
   export type LogStreamName = string;
+  export type MSKClusterARN = string;
+  export interface MSKSourceConfiguration {
+    /**
+     * The ARN of the Amazon MSK cluster.
+     */
+    MSKClusterARN: MSKClusterARN;
+    /**
+     * The topic name within the Amazon MSK cluster. 
+     */
+    TopicName: TopicName;
+    /**
+     * The authentication configuration of the Amazon MSK cluster.
+     */
+    AuthenticationConfiguration: AuthenticationConfiguration;
+  }
+  export interface MSKSourceDescription {
+    /**
+     * The ARN of the Amazon MSK cluster.
+     */
+    MSKClusterARN?: MSKClusterARN;
+    /**
+     * The topic name within the Amazon MSK cluster.
+     */
+    TopicName?: TopicName;
+    /**
+     * The authentication configuration of the Amazon MSK cluster.
+     */
+    AuthenticationConfiguration?: AuthenticationConfiguration;
+    /**
+     * Kinesis Data Firehose starts retrieving records from the topic within the Amazon MSK cluster starting with this timestamp.
+     */
+    DeliveryStartTimestamp?: DeliveryStartTimestamp;
+  }
   export type NoEncryptionConfig = "NoEncryption"|string;
   export type NonEmptyString = string;
   export type NonEmptyStringWithoutWhitespace = string;
@@ -1459,9 +1504,9 @@ declare namespace Firehose {
     ParameterValue: ProcessorParameterValue;
   }
   export type ProcessorParameterList = ProcessorParameter[];
-  export type ProcessorParameterName = "LambdaArn"|"NumberOfRetries"|"MetadataExtractionQuery"|"JsonParsingEngine"|"RoleArn"|"BufferSizeInMBs"|"BufferIntervalInSeconds"|"SubRecordType"|"Delimiter"|string;
+  export type ProcessorParameterName = "LambdaArn"|"NumberOfRetries"|"MetadataExtractionQuery"|"JsonParsingEngine"|"RoleArn"|"BufferSizeInMBs"|"BufferIntervalInSeconds"|"SubRecordType"|"Delimiter"|"CompressionFormat"|string;
   export type ProcessorParameterValue = string;
-  export type ProcessorType = "RecordDeAggregation"|"Lambda"|"MetadataExtraction"|"AppendDelimiterToRecord"|string;
+  export type ProcessorType = "RecordDeAggregation"|"Decompression"|"Lambda"|"MetadataExtraction"|"AppendDelimiterToRecord"|string;
   export type Proportion = number;
   export interface PutRecordBatchInput {
     /**
@@ -1826,6 +1871,10 @@ declare namespace Firehose {
      * The KinesisStreamSourceDescription value for the source Kinesis data stream.
      */
     KinesisStreamSourceDescription?: KinesisStreamSourceDescription;
+    /**
+     * The configuration description for the Amazon MSK cluster to be used as the source for a delivery stream.
+     */
+    MSKSourceDescription?: MSKSourceDescription;
   }
   export interface SplunkDestinationConfiguration {
     /**
@@ -1997,6 +2046,7 @@ declare namespace Firehose {
   export type TagKeyList = TagKey[];
   export type TagValue = string;
   export type Timestamp = Date;
+  export type TopicName = string;
   export interface UntagDeliveryStreamInput {
     /**
      * The name of the delivery stream.