npm - cdk-lambda-subminute - Versions diffs - 2.0.292 → 2.0.293 - Mend

cdk-lambda-subminute 2.0.292 → 2.0.293

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/node_modules/aws-sdk/clients/guardduty.d.ts CHANGED Viewed

@@ -680,6 +680,18 @@ declare namespace GuardDuty {
      * Information about RDS_LOGIN_ATTEMPT action described in this finding.
      */
     RdsLoginAttemptAction?: RdsLoginAttemptAction;
+    /**
+     * Information whether the user has the permission to use a specific Kubernetes API.
+     */
+    KubernetesPermissionCheckedDetails?: KubernetesPermissionCheckedDetails;
+    /**
+     * Information about the role binding that grants the permission defined in a Kubernetes role.
+     */
+    KubernetesRoleBindingDetails?: KubernetesRoleBindingDetails;
+    /**
+     * Information about the Kubernetes role name and role type.
+     */
+    KubernetesRoleDetails?: KubernetesRoleDetails;
   }
   export interface AddonDetails {
     /**
@@ -722,6 +734,40 @@ declare namespace GuardDuty {
     InvitedAt?: String;
   }
   export type AffectedResources = {[key: string]: String};
+  export interface Anomaly {
+    /**
+     * Information about the types of profiles.
+     */
+    Profiles?: AnomalyProfiles;
+    /**
+     * Information about the behavior of the anomalies.
+     */
+    Unusual?: AnomalyUnusual;
+  }
+  export interface AnomalyObject {
+    /**
+     * The type of behavior of the profile.
+     */
+    ProfileType?: ProfileType;
+    /**
+     * The frequency of the anomaly.
+     */
+    ProfileSubtype?: ProfileSubtype;
+    /**
+     * The recorded value.
+     */
+    Observations?: Observations;
+  }
+  export type AnomalyProfileFeatureObjects = AnomalyObject[];
+  export type AnomalyProfileFeatures = {[key: string]: AnomalyProfileFeatureObjects};
+  export type AnomalyProfiles = {[key: string]: AnomalyProfileFeatures};
+  export interface AnomalyUnusual {
+    /**
+     * The behavior of the anomalous activity that caused GuardDuty to generate the finding.
+     */
+    Behavior?: Behavior;
+  }
+  export type AnomalyUnusualBehaviorFeature = {[key: string]: AnomalyObject};
   export interface ArchiveFindingsRequest {
     /**
      * The ID of the detector that specifies the GuardDuty service whose findings you want to archive.
@@ -773,6 +819,7 @@ declare namespace GuardDuty {
      */
     AffectedResources?: AffectedResources;
   }
+  export type Behavior = {[key: string]: AnomalyUnusualBehaviorFeature};
   export interface BlockPublicAccess {
     /**
      * Indicates if S3 Block Public Access is set to IgnorePublicAcls.
@@ -1096,7 +1143,7 @@ declare namespace GuardDuty {
      */
     Rank?: FilterRank;
     /**
-     * Represents the criteria to be used in the filter for querying findings. You can only use the following attributes to query findings:   accountId   id   region   severity To filter on the basis of severity, the API and CLI use the following input list for the FindingCriteria condition:    Low: ["1", "2", "3"]     Medium: ["4", "5", "6"]     High: ["7", "8", "9"]    For more information, see Severity levels for GuardDuty findings.   type   updatedAt Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.   resource.accessKeyDetails.accessKeyId   resource.accessKeyDetails.principalId   resource.accessKeyDetails.userName   resource.accessKeyDetails.userType   resource.instanceDetails.iamInstanceProfile.id   resource.instanceDetails.imageId   resource.instanceDetails.instanceId   resource.instanceDetails.tags.key   resource.instanceDetails.tags.value   resource.instanceDetails.networkInterfaces.ipv6Addresses   resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress   resource.instanceDetails.networkInterfaces.publicDnsName   resource.instanceDetails.networkInterfaces.publicIp   resource.instanceDetails.networkInterfaces.securityGroups.groupId   resource.instanceDetails.networkInterfaces.securityGroups.groupName   resource.instanceDetails.networkInterfaces.subnetId   resource.instanceDetails.networkInterfaces.vpcId   resource.instanceDetails.outpostArn   resource.resourceType   resource.s3BucketDetails.publicAccess.effectivePermissions   resource.s3BucketDetails.name   resource.s3BucketDetails.tags.key   resource.s3BucketDetails.tags.value   resource.s3BucketDetails.type   service.action.actionType   service.action.awsApiCallAction.api   service.action.awsApiCallAction.callerType   service.action.awsApiCallAction.errorCode   service.action.awsApiCallAction.remoteIpDetails.city.cityName   service.action.awsApiCallAction.remoteIpDetails.country.countryName   service.action.awsApiCallAction.remoteIpDetails.ipAddressV4   service.action.awsApiCallAction.remoteIpDetails.organization.asn   service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg   service.action.awsApiCallAction.serviceName   service.action.dnsRequestAction.domain   service.action.networkConnectionAction.blocked   service.action.networkConnectionAction.connectionDirection   service.action.networkConnectionAction.localPortDetails.port   service.action.networkConnectionAction.protocol   service.action.networkConnectionAction.remoteIpDetails.city.cityName   service.action.networkConnectionAction.remoteIpDetails.country.countryName   service.action.networkConnectionAction.remoteIpDetails.ipAddressV4   service.action.networkConnectionAction.remoteIpDetails.organization.asn   service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg   service.action.networkConnectionAction.remotePortDetails.port   service.action.awsApiCallAction.remoteAccountDetails.affiliated   service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4   service.action.kubernetesApiCallAction.requestUri   service.action.networkConnectionAction.localIpDetails.ipAddressV4   service.action.networkConnectionAction.protocol   service.action.awsApiCallAction.serviceName   service.action.awsApiCallAction.remoteAccountDetails.accountId   service.additionalInfo.threatListName   service.resourceRole   resource.eksClusterDetails.name   resource.kubernetesDetails.kubernetesWorkloadDetails.name   resource.kubernetesDetails.kubernetesWorkloadDetails.namespace   resource.kubernetesDetails.kubernetesUserDetails.username   resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image   resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix   service.ebsVolumeScanDetails.scanId   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash   resource.ecsClusterDetails.name   resource.ecsClusterDetails.taskDetails.containers.image   resource.ecsClusterDetails.taskDetails.definitionArn   resource.containerDetails.image   resource.rdsDbInstanceDetails.dbInstanceIdentifier   resource.rdsDbInstanceDetails.dbClusterIdentifier   resource.rdsDbInstanceDetails.engine   resource.rdsDbUserDetails.user   resource.rdsDbInstanceDetails.tags.key   resource.rdsDbInstanceDetails.tags.value   service.runtimeDetails.process.executableSha256   service.runtimeDetails.process.name   service.runtimeDetails.process.name   resource.lambdaDetails.functionName   resource.lambdaDetails.functionArn   resource.lambdaDetails.tags.key   resource.lambdaDetails.tags.value
+     * Represents the criteria to be used in the filter for querying findings. You can only use the following attributes to query findings:   accountId   id   region   severity To filter on the basis of severity, the API and CLI use the following input list for the FindingCriteria condition:    Low: ["1", "2", "3"]     Medium: ["4", "5", "6"]     High: ["7", "8", "9"]    For more information, see Severity levels for GuardDuty findings.   type   updatedAt Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.   resource.accessKeyDetails.accessKeyId   resource.accessKeyDetails.principalId   resource.accessKeyDetails.userName   resource.accessKeyDetails.userType   resource.instanceDetails.iamInstanceProfile.id   resource.instanceDetails.imageId   resource.instanceDetails.instanceId   resource.instanceDetails.tags.key   resource.instanceDetails.tags.value   resource.instanceDetails.networkInterfaces.ipv6Addresses   resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress   resource.instanceDetails.networkInterfaces.publicDnsName   resource.instanceDetails.networkInterfaces.publicIp   resource.instanceDetails.networkInterfaces.securityGroups.groupId   resource.instanceDetails.networkInterfaces.securityGroups.groupName   resource.instanceDetails.networkInterfaces.subnetId   resource.instanceDetails.networkInterfaces.vpcId   resource.instanceDetails.outpostArn   resource.resourceType   resource.s3BucketDetails.publicAccess.effectivePermissions   resource.s3BucketDetails.name   resource.s3BucketDetails.tags.key   resource.s3BucketDetails.tags.value   resource.s3BucketDetails.type   service.action.actionType   service.action.awsApiCallAction.api   service.action.awsApiCallAction.callerType   service.action.awsApiCallAction.errorCode   service.action.awsApiCallAction.remoteIpDetails.city.cityName   service.action.awsApiCallAction.remoteIpDetails.country.countryName   service.action.awsApiCallAction.remoteIpDetails.ipAddressV4   service.action.awsApiCallAction.remoteIpDetails.organization.asn   service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg   service.action.awsApiCallAction.serviceName   service.action.dnsRequestAction.domain   service.action.dnsRequestAction.domainWithSuffix   service.action.networkConnectionAction.blocked   service.action.networkConnectionAction.connectionDirection   service.action.networkConnectionAction.localPortDetails.port   service.action.networkConnectionAction.protocol   service.action.networkConnectionAction.remoteIpDetails.city.cityName   service.action.networkConnectionAction.remoteIpDetails.country.countryName   service.action.networkConnectionAction.remoteIpDetails.ipAddressV4   service.action.networkConnectionAction.remoteIpDetails.organization.asn   service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg   service.action.networkConnectionAction.remotePortDetails.port   service.action.awsApiCallAction.remoteAccountDetails.affiliated   service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4   service.action.kubernetesApiCallAction.namespace   service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn   service.action.kubernetesApiCallAction.requestUri   service.action.kubernetesApiCallAction.statusCode   service.action.networkConnectionAction.localIpDetails.ipAddressV4   service.action.networkConnectionAction.protocol   service.action.awsApiCallAction.serviceName   service.action.awsApiCallAction.remoteAccountDetails.accountId   service.additionalInfo.threatListName   service.resourceRole   resource.eksClusterDetails.name   resource.kubernetesDetails.kubernetesWorkloadDetails.name   resource.kubernetesDetails.kubernetesWorkloadDetails.namespace   resource.kubernetesDetails.kubernetesUserDetails.username   resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image   resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix   service.ebsVolumeScanDetails.scanId   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash   resource.ecsClusterDetails.name   resource.ecsClusterDetails.taskDetails.containers.image   resource.ecsClusterDetails.taskDetails.definitionArn   resource.containerDetails.image   resource.rdsDbInstanceDetails.dbInstanceIdentifier   resource.rdsDbInstanceDetails.dbClusterIdentifier   resource.rdsDbInstanceDetails.engine   resource.rdsDbUserDetails.user   resource.rdsDbInstanceDetails.tags.key   resource.rdsDbInstanceDetails.tags.value   service.runtimeDetails.process.executableSha256   service.runtimeDetails.process.name   service.runtimeDetails.process.name   resource.lambdaDetails.functionName   resource.lambdaDetails.functionArn   resource.lambdaDetails.tags.key   resource.lambdaDetails.tags.value
      */
     FindingCriteria: FindingCriteria;
     /**
@@ -1557,6 +1604,12 @@ declare namespace GuardDuty {
   }
   export type DestinationType = "S3"|string;
   export type Destinations = Destination[];
+  export interface Detection {
+    /**
+     * The details about the anomalous activity that caused GuardDuty to generate the finding.
+     */
+    Anomaly?: Anomaly;
+  }
   export interface DetectorAdditionalConfiguration {
     /**
      * Name of the additional configuration.
@@ -2378,6 +2431,16 @@ declare namespace GuardDuty {
      */
     Id?: String;
   }
+  export interface ImpersonatedUser {
+    /**
+     * Information about the username that was being impersonated.
+     */
+    Username?: String;
+    /**
+     * The group to which the user name belongs.
+     */
+    Groups?: Groups;
+  }
   export type InstanceArn = string;
   export interface InstanceDetails {
     /**
@@ -2508,6 +2571,22 @@ declare namespace GuardDuty {
      * Parameters related to the Kubernetes API call action.
      */
     Parameters?: String;
+    /**
+     * The resource component in the Kubernetes API call action.
+     */
+    Resource?: String;
+    /**
+     * The name of the sub-resource in the Kubernetes API call action.
+     */
+    Subresource?: String;
+    /**
+     * The name of the namespace where the Kubernetes API call action takes place.
+     */
+    Namespace?: String;
+    /**
+     * The name of the resource in the Kubernetes API call action.
+     */
+    ResourceName?: String;
   }
   export interface KubernetesAuditLogsConfiguration {
     /**
@@ -2549,6 +2628,60 @@ declare namespace GuardDuty {
      */
     KubernetesWorkloadDetails?: KubernetesWorkloadDetails;
   }
+  export interface KubernetesPermissionCheckedDetails {
+    /**
+     * The verb component of the Kubernetes API call. For example, when you check whether or not you have the permission to call the CreatePod API, the verb component will be Create.
+     */
+    Verb?: String;
+    /**
+     * The Kubernetes resource with which your Kubernetes API call will interact.
+     */
+    Resource?: String;
+    /**
+     * The namespace where the Kubernetes API action will take place.
+     */
+    Namespace?: String;
+    /**
+     * Information whether the user has the permission to call the Kubernetes API.
+     */
+    Allowed?: Boolean;
+  }
+  export interface KubernetesRoleBindingDetails {
+    /**
+     * The kind of the role. For role binding, this value will be RoleBinding.
+     */
+    Kind?: String;
+    /**
+     * The name of the RoleBinding.
+     */
+    Name?: String;
+    /**
+     * The unique identifier of the role binding.
+     */
+    Uid?: String;
+    /**
+     * The name of the role being referenced. This must match the name of the Role or ClusterRole that you want to bind to.
+     */
+    RoleRefName?: String;
+    /**
+     * The type of the role being referenced. This could be either Role or ClusterRole.
+     */
+    RoleRefKind?: String;
+  }
+  export interface KubernetesRoleDetails {
+    /**
+     * The kind of role. For this API, the value of kind will be Role.
+     */
+    Kind?: String;
+    /**
+     * The name of the Kubernetes role.
+     */
+    Name?: String;
+    /**
+     * The unique identifier of the Kubernetes role name.
+     */
+    Uid?: String;
+  }
   export interface KubernetesUserDetails {
     /**
      * The username of the user who called the Kubernetes API.
@@ -2566,6 +2699,10 @@ declare namespace GuardDuty {
      * Entity that assumes the IAM role when Kubernetes RBAC permissions are assigned to that role.
      */
     SessionName?: SessionNameList;
+    /**
+     * Information about the impersonated user.
+     */
+    ImpersonatedUser?: ImpersonatedUser;
   }
   export interface KubernetesWorkloadDetails {
     /**
@@ -2596,6 +2733,18 @@ declare namespace GuardDuty {
      * Volumes used by the Kubernetes workload.
      */
     Volumes?: Volumes;
+    /**
+     * The service account name that is associated with a Kubernetes workload.
+     */
+    ServiceAccountName?: String;
+    /**
+     * Whether the host IPC flag is enabled for the pods in the workload.
+     */
+    HostIPC?: Boolean;
+    /**
+     * Whether the host PID flag is enabled for the pods in the workload.
+     */
+    HostPID?: Boolean;
   }
   export interface LambdaDetails {
     /**
@@ -2846,7 +2995,7 @@ declare namespace GuardDuty {
   }
   export interface ListMembersResponse {
     /**
-     * A list of members.
+     * A list of members.  The values for email and invitedAt are available only if the member accounts are added by invitation.
      */
     Members?: Members;
     /**
@@ -3203,6 +3352,13 @@ declare namespace GuardDuty {
   export type NetworkInterfaces = NetworkInterface[];
   export type NonEmptyString = string;
   export type NotEquals = String[];
+  export type ObservationTexts = String[];
+  export interface Observations {
+    /**
+     * The text that was unusual.
+     */
+    Text?: ObservationTexts;
+  }
   export type OrderBy = "ASC"|"DESC"|string;
   export type OrgFeature = "S3_DATA_EVENTS"|"EKS_AUDIT_LOGS"|"EBS_MALWARE_PROTECTION"|"RDS_LOGIN_EVENTS"|"EKS_RUNTIME_MONITORING"|"LAMBDA_NETWORK_LOGS"|string;
   export type OrgFeatureAdditionalConfiguration = "EKS_ADDON_MANAGEMENT"|string;
@@ -3495,6 +3651,8 @@ declare namespace GuardDuty {
     ProductType?: String;
   }
   export type ProductCodes = ProductCode[];
+  export type ProfileSubtype = "FREQUENT"|"INFREQUENT"|"UNSEEN"|"RARE"|string;
+  export type ProfileType = "FREQUENCY"|string;
   export interface PublicAccess {
     /**
      * Contains information about how permissions are configured for the S3 bucket.
@@ -3984,6 +4142,10 @@ declare namespace GuardDuty {
      * Whether the container is privileged.
      */
     Privileged?: Boolean;
+    /**
+     * Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process.
+     */
+    AllowPrivilegeEscalation?: Boolean;
   }
   export interface SecurityGroup {
     /**
@@ -4053,6 +4215,10 @@ declare namespace GuardDuty {
      * Information about the process and any required context values for a specific finding
      */
     RuntimeDetails?: RuntimeDetails;
+    /**
+     * Contains information about the detected unusual behavior.
+     */
+    Detection?: Detection;
   }
   export interface ServiceAdditionalInfo {
     /**

package/node_modules/aws-sdk/clients/lambda.d.ts CHANGED Viewed

@@ -279,19 +279,19 @@ declare class Lambda extends Service {
    */
   getRuntimeManagementConfig(callback?: (err: AWSError, data: Lambda.Types.GetRuntimeManagementConfigResponse) => void): Request<Lambda.Types.GetRuntimeManagementConfigResponse, AWSError>;
   /**
-   * Invokes a Lambda function. You can invoke a function synchronously (and wait for the response), or asynchronously. To invoke a function asynchronously, set InvocationType to Event. For synchronous invocation, details about the function response, including errors, are included in the response body and headers. For either invocation type, you can find more information in the execution log and trace. When an error occurs, your function may be invoked multiple times. Retry behavior varies by error type, client, event source, and invocation type. For example, if you invoke a function asynchronously and it returns an error, Lambda executes the function up to two more times. For more information, see Error handling and automatic retries in Lambda. For asynchronous invocation, Lambda adds events to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. The status code in the API response doesn't reflect function errors. Error codes are reserved for errors that prevent your function from executing, such as permissions errors, quota errors, or issues with your function's code and configuration. For example, Lambda returns TooManyRequestsException if running the function would cause you to exceed a concurrency limit at either the account level (ConcurrentInvocationLimitExceeded) or function level (ReservedFunctionConcurrentInvocationLimitExceeded). For functions with a long timeout, your client might disconnect during synchronous invocation while it waits for a response. Configure your HTTP client, SDK, firewall, proxy, or operating system to allow for long connections with timeout or keep-alive settings. This operation requires permission for the lambda:InvokeFunction action. For details on how to set up permissions for cross-account invocations, see Granting function access to other accounts.
+   * Invokes a Lambda function. You can invoke a function synchronously (and wait for the response), or asynchronously. By default, Lambda invokes your function synchronously (i.e. theInvocationType is RequestResponse). To invoke a function asynchronously, set InvocationType to Event. Lambda passes the ClientContext object to your function for synchronous invocations only. For synchronous invocation, details about the function response, including errors, are included in the response body and headers. For either invocation type, you can find more information in the execution log and trace. When an error occurs, your function may be invoked multiple times. Retry behavior varies by error type, client, event source, and invocation type. For example, if you invoke a function asynchronously and it returns an error, Lambda executes the function up to two more times. For more information, see Error handling and automatic retries in Lambda. For asynchronous invocation, Lambda adds events to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. The status code in the API response doesn't reflect function errors. Error codes are reserved for errors that prevent your function from executing, such as permissions errors, quota errors, or issues with your function's code and configuration. For example, Lambda returns TooManyRequestsException if running the function would cause you to exceed a concurrency limit at either the account level (ConcurrentInvocationLimitExceeded) or function level (ReservedFunctionConcurrentInvocationLimitExceeded). For functions with a long timeout, your client might disconnect during synchronous invocation while it waits for a response. Configure your HTTP client, SDK, firewall, proxy, or operating system to allow for long connections with timeout or keep-alive settings. This operation requires permission for the lambda:InvokeFunction action. For details on how to set up permissions for cross-account invocations, see Granting function access to other accounts.
    */
   invoke(params: Lambda.Types.InvocationRequest, callback?: (err: AWSError, data: Lambda.Types.InvocationResponse) => void): Request<Lambda.Types.InvocationResponse, AWSError>;
   /**
-   * Invokes a Lambda function. You can invoke a function synchronously (and wait for the response), or asynchronously. To invoke a function asynchronously, set InvocationType to Event. For synchronous invocation, details about the function response, including errors, are included in the response body and headers. For either invocation type, you can find more information in the execution log and trace. When an error occurs, your function may be invoked multiple times. Retry behavior varies by error type, client, event source, and invocation type. For example, if you invoke a function asynchronously and it returns an error, Lambda executes the function up to two more times. For more information, see Error handling and automatic retries in Lambda. For asynchronous invocation, Lambda adds events to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. The status code in the API response doesn't reflect function errors. Error codes are reserved for errors that prevent your function from executing, such as permissions errors, quota errors, or issues with your function's code and configuration. For example, Lambda returns TooManyRequestsException if running the function would cause you to exceed a concurrency limit at either the account level (ConcurrentInvocationLimitExceeded) or function level (ReservedFunctionConcurrentInvocationLimitExceeded). For functions with a long timeout, your client might disconnect during synchronous invocation while it waits for a response. Configure your HTTP client, SDK, firewall, proxy, or operating system to allow for long connections with timeout or keep-alive settings. This operation requires permission for the lambda:InvokeFunction action. For details on how to set up permissions for cross-account invocations, see Granting function access to other accounts.
+   * Invokes a Lambda function. You can invoke a function synchronously (and wait for the response), or asynchronously. By default, Lambda invokes your function synchronously (i.e. theInvocationType is RequestResponse). To invoke a function asynchronously, set InvocationType to Event. Lambda passes the ClientContext object to your function for synchronous invocations only. For synchronous invocation, details about the function response, including errors, are included in the response body and headers. For either invocation type, you can find more information in the execution log and trace. When an error occurs, your function may be invoked multiple times. Retry behavior varies by error type, client, event source, and invocation type. For example, if you invoke a function asynchronously and it returns an error, Lambda executes the function up to two more times. For more information, see Error handling and automatic retries in Lambda. For asynchronous invocation, Lambda adds events to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. The status code in the API response doesn't reflect function errors. Error codes are reserved for errors that prevent your function from executing, such as permissions errors, quota errors, or issues with your function's code and configuration. For example, Lambda returns TooManyRequestsException if running the function would cause you to exceed a concurrency limit at either the account level (ConcurrentInvocationLimitExceeded) or function level (ReservedFunctionConcurrentInvocationLimitExceeded). For functions with a long timeout, your client might disconnect during synchronous invocation while it waits for a response. Configure your HTTP client, SDK, firewall, proxy, or operating system to allow for long connections with timeout or keep-alive settings. This operation requires permission for the lambda:InvokeFunction action. For details on how to set up permissions for cross-account invocations, see Granting function access to other accounts.
    */
   invoke(callback?: (err: AWSError, data: Lambda.Types.InvocationResponse) => void): Request<Lambda.Types.InvocationResponse, AWSError>;
   /**
-   *  For asynchronous function invocation, use Invoke.  Invokes a function asynchronously.
+   *  For asynchronous function invocation, use Invoke.  Invokes a function asynchronously.  If you do use the InvokeAsync action, note that it doesn't support the use of X-Ray active tracing. Trace ID is not propagated to the function, even if X-Ray active tracing is turned on.
    */
   invokeAsync(params: Lambda.Types.InvokeAsyncRequest, callback?: (err: AWSError, data: Lambda.Types.InvokeAsyncResponse) => void): Request<Lambda.Types.InvokeAsyncResponse, AWSError>;
   /**
-   *  For asynchronous function invocation, use Invoke.  Invokes a function asynchronously.
+   *  For asynchronous function invocation, use Invoke.  Invokes a function asynchronously.  If you do use the InvokeAsync action, note that it doesn't support the use of X-Ray active tracing. Trace ID is not propagated to the function, even if X-Ray active tracing is turned on.
    */
   invokeAsync(callback?: (err: AWSError, data: Lambda.Types.InvokeAsyncResponse) => void): Request<Lambda.Types.InvokeAsyncResponse, AWSError>;
   /**
@@ -1069,7 +1069,7 @@ declare namespace Lambda {
      */
     Architectures?: ArchitecturesList;
     /**
-     * The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB.
+     * The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB. For more information, see Configuring ephemeral storage (console).
      */
     EphemeralStorage?: EphemeralStorage;
     /**
@@ -1597,7 +1597,7 @@ declare namespace Lambda {
      */
     Architectures?: ArchitecturesList;
     /**
-     * The size of the function’s /tmp directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.
+     * The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB. For more information, see Configuring ephemeral storage (console).
      */
     EphemeralStorage?: EphemeralStorage;
     /**
@@ -2888,7 +2888,7 @@ declare namespace Lambda {
   export type ResourceArn = string;
   export type ResponseStreamingInvocationType = "RequestResponse"|"DryRun"|string;
   export type RoleArn = string;
-  export type Runtime = "nodejs"|"nodejs4.3"|"nodejs6.10"|"nodejs8.10"|"nodejs10.x"|"nodejs12.x"|"nodejs14.x"|"nodejs16.x"|"java8"|"java8.al2"|"java11"|"python2.7"|"python3.6"|"python3.7"|"python3.8"|"python3.9"|"dotnetcore1.0"|"dotnetcore2.0"|"dotnetcore2.1"|"dotnetcore3.1"|"dotnet6"|"nodejs4.3-edge"|"go1.x"|"ruby2.5"|"ruby2.7"|"provided"|"provided.al2"|"nodejs18.x"|"python3.10"|"java17"|"ruby3.2"|"python3.11"|string;
+  export type Runtime = "nodejs"|"nodejs4.3"|"nodejs6.10"|"nodejs8.10"|"nodejs10.x"|"nodejs12.x"|"nodejs14.x"|"nodejs16.x"|"java8"|"java8.al2"|"java11"|"python2.7"|"python3.6"|"python3.7"|"python3.8"|"python3.9"|"dotnetcore1.0"|"dotnetcore2.0"|"dotnetcore2.1"|"dotnetcore3.1"|"dotnet6"|"nodejs4.3-edge"|"go1.x"|"ruby2.5"|"ruby2.7"|"provided"|"provided.al2"|"nodejs18.x"|"python3.10"|"java17"|"ruby3.2"|"python3.11"|"nodejs20.x"|string;
   export type RuntimeVersionArn = string;
   export interface RuntimeVersionConfig {
     /**
@@ -3242,7 +3242,7 @@ declare namespace Lambda {
      */
     ImageConfig?: ImageConfig;
     /**
-     * The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB.
+     * The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB. For more information, see Configuring ephemeral storage (console).
      */
     EphemeralStorage?: EphemeralStorage;
     /**

package/node_modules/aws-sdk/clients/lexmodelsv2.d.ts CHANGED Viewed

@@ -1331,6 +1331,10 @@ declare namespace LexModelsV2 {
      */
     enabled: Boolean;
     destination: AudioLogDestination;
+    /**
+     * The option to enable selective conversation log capture for audio.
+     */
+    selectiveLoggingEnabled?: BoxedBoolean;
   }
   export type AudioLogSettingsList = AudioLogSetting[];
   export type AudioRecognitionStrategy = "UseSlotValuesAsCustomVocabulary"|string;
@@ -7396,6 +7400,10 @@ declare namespace LexModelsV2 {
      */
     enabled: Boolean;
     destination: TextLogDestination;
+    /**
+     * The option to enable selective conversation log capture for text.
+     */
+    selectiveLoggingEnabled?: BoxedBoolean;
   }
   export type TextLogSettingsList = TextLogSetting[];
   export type TimeDimension = "Hours"|"Days"|"Weeks"|string;

package/node_modules/aws-sdk/clients/omics.d.ts CHANGED Viewed

@@ -2606,6 +2606,14 @@ declare namespace Omics {
      *  The location of the run log.
      */
     logLocation?: RunLogLocation;
+    /**
+     *  The universally unique identifier for a run.
+     */
+    uuid?: RunUuid;
+    /**
+     *  The destination for workflow outputs.
+     */
+    runOutputUri?: RunOutputUri;
   }
   export type GetRunResponsePriorityInteger = number;
   export type GetRunResponseStorageCapacityInteger = number;
@@ -4243,6 +4251,7 @@ declare namespace Omics {
   export type RunStatus = "PENDING"|"STARTING"|"RUNNING"|"STOPPING"|"COMPLETED"|"DELETED"|"CANCELLED"|"FAILED"|string;
   export type RunStatusMessage = string;
   export type RunTimestamp = Date;
+  export type RunUuid = string;
   export type S3Destination = string;
   export type S3Uri = string;
   export type SampleId = string;
@@ -4714,6 +4723,14 @@ declare namespace Omics {
      * The run's tags.
      */
     tags?: TagMap;
+    /**
+     *  The universally unique identifier for a run.
+     */
+    uuid?: RunUuid;
+    /**
+     *  The destination for workflow outputs.
+     */
+    runOutputUri?: RunOutputUri;
   }
   export interface StartVariantImportRequest {
     /**

package/node_modules/aws-sdk/clients/rds.d.ts CHANGED Viewed

@@ -1912,11 +1912,11 @@ declare namespace RDS {
     Manifest?: CustomDBEngineVersionManifest;
     Tags?: TagList;
     /**
-     * Reserved for future use.
+     * The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either Source or UseAwsProvidedLatestImage. You can't specify a different JSON manifest when you specify SourceCustomDbEngineVersionIdentifier.
      */
     SourceCustomDbEngineVersionIdentifier?: String255;
     /**
-     * Reserved for future use.
+     * Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify UseAwsProvidedLatestImage, you can't also specify ImageId.
      */
     UseAwsProvidedLatestImage?: BooleanOptional;
   }

package/node_modules/aws-sdk/clients/redshiftserverless.d.ts CHANGED Viewed

@@ -603,6 +603,10 @@ declare namespace RedshiftServerless {
      * The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC instead of over the internet.
      */
     enhancedVpcRouting?: Boolean;
+    /**
+     * The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.
+     */
+    maxCapacity?: Integer;
     /**
      * The name of the namespace to associate with the workgroup.
      */
@@ -1798,6 +1802,10 @@ declare namespace RedshiftServerless {
      * The value that specifies whether to turn on enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.
      */
     enhancedVpcRouting?: Boolean;
+    /**
+     * The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.
+     */
+    maxCapacity?: Integer;
     /**
      * The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.
      */
@@ -1920,6 +1928,10 @@ declare namespace RedshiftServerless {
      * The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.
      */
     enhancedVpcRouting?: Boolean;
+    /**
+     * The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.
+     */
+    maxCapacity?: Integer;
     /**
      * The namespace the workgroup is associated with.
      */

package/node_modules/aws-sdk/clients/resiliencehub.d.ts CHANGED Viewed

@@ -500,6 +500,10 @@ declare namespace Resiliencehub {
      * Identifier of the alarm recommendation.
      */
     recommendationId: Uuid;
+    /**
+     * Status of the recommended Amazon CloudWatch alarm.
+     */
+    recommendationStatus?: RecommendationStatus;
     /**
      * Reference identifier of the alarm recommendation.
      */
@@ -2371,6 +2375,7 @@ declare namespace Resiliencehub {
      */
     terraformSourceName?: String255;
   }
+  export type Long = number;
   export type LongOptional = number;
   export type MaxResults = number;
   export type NextToken = string;
@@ -2380,7 +2385,7 @@ declare namespace Resiliencehub {
      */
     crossAccountRoleArns?: IamRoleArnList;
     /**
-     * Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.  You must have iam:passRole permission for this role while creating or updating the application.
+     * Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.    You must have iam:passRole permission for this role while creating or updating the application.   Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.
      */
     invokerRoleName?: IamRoleName;
     /**
@@ -2420,7 +2425,7 @@ declare namespace Resiliencehub {
      */
     resourceName?: EntityName;
     /**
-     * Type of resource.
+     * The type of resource.
      */
     resourceType: String255;
     /**
@@ -2547,6 +2552,7 @@ declare namespace Resiliencehub {
     targetRegion?: AwsRegion;
   }
   export type RecommendationItemList = RecommendationItem[];
+  export type RecommendationStatus = "Implemented"|"Inactive"|"NotImplemented"|"Excluded"|string;
   export interface RecommendationTemplate {
     /**
      * Amazon Resource Name (ARN) of the Resilience Hub application. The format for this ARN is: arn:partition:resiliencehub:region:account:app/app-id. For more information about ARNs, see  Amazon Resource Names (ARNs) in the Amazon Web Services General Reference guide.
@@ -2691,6 +2697,10 @@ declare namespace Resiliencehub {
   }
   export type ResiliencyPolicyTier = "MissionCritical"|"Critical"|"Important"|"CoreServices"|"NonCritical"|"NotApplicable"|string;
   export interface ResiliencyScore {
+    /**
+     * The score generated by Resilience Hub for the scoring component after running an assessment. For example, if the score is 25 points, it indicates the overall score of your application generated by Resilience Hub after running an assessment.
+     */
+    componentScore?: ScoringComponentResiliencyScores;
     /**
      * The disruption score for a valid key.
      */
@@ -2700,6 +2710,7 @@ declare namespace Resiliencehub {
      */
     score: Double;
   }
+  export type ResiliencyScoreType = "Compliance"|"Test"|"Alarm"|"Sop"|string;
   export interface ResolveAppVersionResourcesRequest {
     /**
      * Amazon Resource Name (ARN) of the Resilience Hub application. The format for this ARN is: arn:partition:resiliencehub:region:account:app/app-id. For more information about ARNs, see  Amazon Resource Names (ARNs) in the Amazon Web Services General Reference guide.
@@ -2804,6 +2815,25 @@ declare namespace Resiliencehub {
     prefix?: String500;
   }
   export type S3Url = string;
+  export interface ScoringComponentResiliencyScore {
+    /**
+     * Number of recommendations that were excluded from the assessment. For example, if the Excluded count for Resilience Hub recommended Amazon CloudWatch alarms is 7, it indicates that 7 Amazon CloudWatch alarms are excluded from the assessment.
+     */
+    excludedCount?: Long;
+    /**
+     * Number of issues that must be resolved to obtain the maximum possible score for the scoring component. For SOPs, alarms, and FIS experiments, these are the number of recommendations that must be implemented. For compliance, it is the number of Application Components that has breached the resiliency policy. For example, if the Outstanding count for Resilience Hub recommended Amazon CloudWatch alarms is 5, it indicates that 5 Amazon CloudWatch alarms must be fixed to achieve the maximum possible score.
+     */
+    outstandingCount?: Long;
+    /**
+     * Maximum possible score that can be obtained for the scoring component. If the Possible score is 20 points, it indicates the maximum possible score you can achieve for your application when you run a new assessment after implementing all the Resilience Hub recommendations.
+     */
+    possibleScore?: Double;
+    /**
+     * Resiliency score of your application.
+     */
+    score?: Double;
+  }
+  export type ScoringComponentResiliencyScores = {[key: string]: ScoringComponentResiliencyScore};
   export type Seconds = number;
   export interface SopRecommendation {
     /**
@@ -2830,6 +2860,10 @@ declare namespace Resiliencehub {
      * Identifier for the SOP recommendation.
      */
     recommendationId: Uuid;
+    /**
+     * Status of the recommended standard operating procedure.
+     */
+    recommendationStatus?: RecommendationStatus;
     /**
      * Reference identifier for the SOP recommendation.
      */
@@ -2934,6 +2968,10 @@ declare namespace Resiliencehub {
      * Identifier for the test recommendation.
      */
     recommendationId?: Uuid;
+    /**
+     * Status of the recommended test.
+     */
+    recommendationStatus?: RecommendationStatus;
     /**
      * Reference identifier for the test recommendation.
      */