cdk-lambda-subminute 2.0.442 → 2.0.443

package/node_modules/aws-sdk/clients/guardduty.d.ts

@@ -59,6 +59,14 @@ declare class GuardDuty extends Service {
    * Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this operation.
    */
   createIPSet(callback?: (err: AWSError, data: GuardDuty.Types.CreateIPSetResponse) => void): Request<GuardDuty.Types.CreateIPSetResponse, AWSError>;
+  /**
+   * Creates a new Malware Protection plan for the protected resource. When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware Protection apply. For more information, see Amazon Web Services service terms for GuardDuty Malware Protection.
+   */
+  createMalwareProtectionPlan(params: GuardDuty.Types.CreateMalwareProtectionPlanRequest, callback?: (err: AWSError, data: GuardDuty.Types.CreateMalwareProtectionPlanResponse) => void): Request<GuardDuty.Types.CreateMalwareProtectionPlanResponse, AWSError>;
+  /**
+   * Creates a new Malware Protection plan for the protected resource. When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware Protection apply. For more information, see Amazon Web Services service terms for GuardDuty Malware Protection.
+   */
+  createMalwareProtectionPlan(callback?: (err: AWSError, data: GuardDuty.Types.CreateMalwareProtectionPlanResponse) => void): Request<GuardDuty.Types.CreateMalwareProtectionPlanResponse, AWSError>;
   /**
    * Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization. As a delegated administrator, using CreateMembers will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account. A delegated administrator must enable GuardDuty prior to being added as a member. When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration. If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.  When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
    */
@@ -131,6 +139,14 @@ declare class GuardDuty extends Service {
    * Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.
    */
   deleteInvitations(callback?: (err: AWSError, data: GuardDuty.Types.DeleteInvitationsResponse) => void): Request<GuardDuty.Types.DeleteInvitationsResponse, AWSError>;
+  /**
+   * Deletes the Malware Protection plan ID associated with the Malware Protection plan resource. Use this API only when you no longer want to protect the resource associated with this Malware Protection plan ID.
+   */
+  deleteMalwareProtectionPlan(params: GuardDuty.Types.DeleteMalwareProtectionPlanRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
+  /**
+   * Deletes the Malware Protection plan ID associated with the Malware Protection plan resource. Use this API only when you no longer want to protect the resource associated with this Malware Protection plan ID.
+   */
+  deleteMalwareProtectionPlan(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
    * Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs. With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disable GuardDuty for a member account in your organization.
    */
@@ -283,6 +299,14 @@ declare class GuardDuty extends Service {
    * Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.
    */
   getInvitationsCount(callback?: (err: AWSError, data: GuardDuty.Types.GetInvitationsCountResponse) => void): Request<GuardDuty.Types.GetInvitationsCountResponse, AWSError>;
+  /**
+   * Retrieves the Malware Protection plan details associated with a Malware Protection plan ID.
+   */
+  getMalwareProtectionPlan(params: GuardDuty.Types.GetMalwareProtectionPlanRequest, callback?: (err: AWSError, data: GuardDuty.Types.GetMalwareProtectionPlanResponse) => void): Request<GuardDuty.Types.GetMalwareProtectionPlanResponse, AWSError>;
+  /**
+   * Retrieves the Malware Protection plan details associated with a Malware Protection plan ID.
+   */
+  getMalwareProtectionPlan(callback?: (err: AWSError, data: GuardDuty.Types.GetMalwareProtectionPlanResponse) => void): Request<GuardDuty.Types.GetMalwareProtectionPlanResponse, AWSError>;
   /**
    * Returns the details of the malware scan settings. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
    */
@@ -399,6 +423,14 @@ declare class GuardDuty extends Service {
    * Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.
    */
   listInvitations(callback?: (err: AWSError, data: GuardDuty.Types.ListInvitationsResponse) => void): Request<GuardDuty.Types.ListInvitationsResponse, AWSError>;
+  /**
+   * Lists the Malware Protection plan IDs associated with the protected resources in your Amazon Web Services account.
+   */
+  listMalwareProtectionPlans(params: GuardDuty.Types.ListMalwareProtectionPlansRequest, callback?: (err: AWSError, data: GuardDuty.Types.ListMalwareProtectionPlansResponse) => void): Request<GuardDuty.Types.ListMalwareProtectionPlansResponse, AWSError>;
+  /**
+   * Lists the Malware Protection plan IDs associated with the protected resources in your Amazon Web Services account.
+   */
+  listMalwareProtectionPlans(callback?: (err: AWSError, data: GuardDuty.Types.ListMalwareProtectionPlansResponse) => void): Request<GuardDuty.Types.ListMalwareProtectionPlansResponse, AWSError>;
   /**
    * Lists details about all member accounts for the current GuardDuty administrator account.
    */
@@ -519,6 +551,14 @@ declare class GuardDuty extends Service {
    * Updates the IPSet specified by the IPSet ID.
    */
   updateIPSet(callback?: (err: AWSError, data: GuardDuty.Types.UpdateIPSetResponse) => void): Request<GuardDuty.Types.UpdateIPSetResponse, AWSError>;
+  /**
+   * Updates an existing Malware Protection plan resource.
+   */
+  updateMalwareProtectionPlan(params: GuardDuty.Types.UpdateMalwareProtectionPlanRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
+  /**
+   * Updates an existing Malware Protection plan resource.
+   */
+  updateMalwareProtectionPlan(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
    * Updates the malware scan settings. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
    */
@@ -1261,6 +1301,34 @@ declare namespace GuardDuty {
      */
     IpSetId: String;
   }
+  export interface CreateMalwareProtectionPlanRequest {
+    /**
+     * The idempotency token for the create request.
+     */
+    ClientToken?: ClientToken;
+    /**
+     * IAM role with permissions required to scan and add tags to the associated protected resource.
+     */
+    Role: String;
+    /**
+     * Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource.
+     */
+    ProtectedResource: CreateProtectedResource;
+    /**
+     * Information about whether the tags will be added to the S3 object after scanning.
+     */
+    Actions?: MalwareProtectionPlanActions;
+    /**
+     * Tags added to the Malware Protection plan resource. 
+     */
+    Tags?: TagMap;
+  }
+  export interface CreateMalwareProtectionPlanResponse {
+    /**
+     * A unique identifier associated with the Malware Protection plan resource.
+     */
+    MalwareProtectionPlanId?: String;
+  }
   export interface CreateMembersRequest {
     /**
      * The unique ID of the detector of the GuardDuty account that you want to associate member accounts with.
@@ -1277,6 +1345,12 @@ declare namespace GuardDuty {
      */
     UnprocessedAccounts: UnprocessedAccounts;
   }
+  export interface CreateProtectedResource {
+    /**
+     * Information about the protected S3 bucket resource.
+     */
+    S3Bucket?: CreateS3BucketResource;
+  }
   export interface CreatePublishingDestinationRequest {
     /**
      * The ID of the GuardDuty detector associated with the publishing destination.
@@ -1301,6 +1375,16 @@ declare namespace GuardDuty {
      */
     DestinationId: String;
   }
+  export interface CreateS3BucketResource {
+    /**
+     * Name of the S3 bucket.
+     */
+    BucketName?: String;
+    /**
+     * Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes.
+     */
+    ObjectPrefixes?: MalwareProtectionPlanObjectPrefixesList;
+  }
   export interface CreateSampleFindingsRequest {
     /**
      * The ID of the detector to create sample findings for.
@@ -1498,6 +1582,12 @@ declare namespace GuardDuty {
      */
     UnprocessedAccounts: UnprocessedAccounts;
   }
+  export interface DeleteMalwareProtectionPlanRequest {
+    /**
+     * A unique identifier associated with Malware Protection plan resource.
+     */
+    MalwareProtectionPlanId: String;
+  }
   export interface DeleteMembersRequest {
     /**
      * The unique ID of the detector of the GuardDuty account whose members you want to delete.
@@ -2317,6 +2407,46 @@ declare namespace GuardDuty {
      */
     InvitationsCount?: Integer;
   }
+  export interface GetMalwareProtectionPlanRequest {
+    /**
+     * A unique identifier associated with Malware Protection plan resource.
+     */
+    MalwareProtectionPlanId: String;
+  }
+  export interface GetMalwareProtectionPlanResponse {
+    /**
+     * Amazon Resource Name (ARN) of the protected resource.
+     */
+    Arn?: String;
+    /**
+     * IAM role that includes the permissions required to scan and add tags to the associated protected resource.
+     */
+    Role?: String;
+    /**
+     * Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource.
+     */
+    ProtectedResource?: CreateProtectedResource;
+    /**
+     * Information about whether the tags will be added to the S3 object after scanning.
+     */
+    Actions?: MalwareProtectionPlanActions;
+    /**
+     * The timestamp when the Malware Protection plan resource was created.
+     */
+    CreatedAt?: Timestamp;
+    /**
+     * Malware Protection plan status.
+     */
+    Status?: MalwareProtectionPlanStatus;
+    /**
+     * Information about the issue code and message associated to the status of your Malware Protection plan.
+     */
+    StatusReasons?: MalwareProtectionPlanStatusReasonsList;
+    /**
+     * Tags added to the Malware Protection plan resource.
+     */
+    Tags?: TagMap;
+  }
   export interface GetMalwareScanSettingsRequest {
     /**
      * The unique ID of the detector that the scan setting is associated with.
@@ -2626,6 +2756,17 @@ declare namespace GuardDuty {
   export type IpSetStatus = "INACTIVE"|"ACTIVATING"|"ACTIVE"|"DEACTIVATING"|"ERROR"|"DELETE_PENDING"|"DELETED"|string;
   export type Ipv6Addresses = String[];
   export type Issues = String[];
+  export interface ItemPath {
+    /**
+     * The nested item path where the infected file was found.
+     */
+    NestedItemPath?: String;
+    /**
+     * The hash value of the infected resource.
+     */
+    Hash?: String;
+  }
+  export type ItemPaths = ItemPath[];
   export interface KubernetesApiCallAction {
     /**
      * The Kubernetes API request URI.
@@ -3056,6 +3197,22 @@ declare namespace GuardDuty {
      */
     NextToken?: String;
   }
+  export interface ListMalwareProtectionPlansRequest {
+    /**
+     * You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
+     */
+    NextToken?: String;
+  }
+  export interface ListMalwareProtectionPlansResponse {
+    /**
+     * A list of unique identifiers associated with each Malware Protection plan.
+     */
+    MalwareProtectionPlans?: MalwareProtectionPlansSummary;
+    /**
+     * You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
+     */
+    NextToken?: String;
+  }
   export interface ListMembersRequest {
     /**
      * The unique ID of the detector the member is associated with.
@@ -3228,6 +3385,45 @@ declare namespace GuardDuty {
      */
     ScanEc2InstanceWithFindings?: DataSourceFreeTrial;
   }
+  export interface MalwareProtectionPlanActions {
+    /**
+     * Indicates whether the scanned S3 object will have tags about the scan result.
+     */
+    Tagging?: MalwareProtectionPlanTaggingAction;
+  }
+  export type MalwareProtectionPlanObjectPrefixesList = String[];
+  export type MalwareProtectionPlanStatus = "ACTIVE"|"WARNING"|"ERROR"|string;
+  export interface MalwareProtectionPlanStatusReason {
+    /**
+     * Issue code.
+     */
+    Code?: String;
+    /**
+     * Issue message that specifies the reason. For information about potential troubleshooting steps, see Troubleshooting Malware Protection for S3 status issues in the GuardDuty User Guide.
+     */
+    Message?: String;
+  }
+  export type MalwareProtectionPlanStatusReasonsList = MalwareProtectionPlanStatusReason[];
+  export interface MalwareProtectionPlanSummary {
+    /**
+     * A unique identifier associated with Malware Protection plan.
+     */
+    MalwareProtectionPlanId?: String;
+  }
+  export interface MalwareProtectionPlanTaggingAction {
+    /**
+     * Indicates whether or not the tags will added.
+     */
+    Status?: MalwareProtectionPlanTaggingActionStatus;
+  }
+  export type MalwareProtectionPlanTaggingActionStatus = "ENABLED"|"DISABLED"|string;
+  export type MalwareProtectionPlansSummary = MalwareProtectionPlanSummary[];
+  export interface MalwareScanDetails {
+    /**
+     * Information about the detected threats associated with the generated GuardDuty finding.
+     */
+    Threats?: Threats;
+  }
   export type ManagementType = "AUTO_MANAGED"|"MANUAL"|"DISABLED"|string;
   export type MapEquals = ScanConditionPair[];
   export interface Master {
@@ -3958,7 +4154,7 @@ declare namespace GuardDuty {
   export type ResourceArn = string;
   export interface ResourceDetails {
     /**
-     * InstanceArn that was scanned in the scan entry.
+     * Instance ARN that was scanned in the scan entry.
      */
     InstanceArn?: InstanceArn;
   }
@@ -4109,6 +4305,10 @@ declare namespace GuardDuty {
      * Describes the public access policies that apply to the S3 bucket.
      */
     PublicAccess?: PublicAccess;
+    /**
+     * Information about the S3 object that was scanned.
+     */
+    S3ObjectDetails?: S3ObjectDetails;
   }
   export type S3BucketDetails = S3BucketDetail[];
   export interface S3LogsConfiguration {
@@ -4123,6 +4323,29 @@ declare namespace GuardDuty {
      */
     Status: DataSourceStatus;
   }
+  export interface S3ObjectDetail {
+    /**
+     * Amazon Resource Name (ARN) of the S3 object.
+     */
+    ObjectArn?: String;
+    /**
+     * Key of the S3 object.
+     */
+    Key?: String;
+    /**
+     * The entity tag is a hash of the S3 object. The ETag reflects changes only to the contents of an object, and not its metadata.
+     */
+    ETag?: String;
+    /**
+     * Hash of the threat detected in this finding.
+     */
+    Hash?: String;
+    /**
+     * Version ID of the object.
+     */
+    VersionId?: String;
+  }
+  export type S3ObjectDetails = S3ObjectDetail[];
   export interface Scan {
     /**
      * The unique ID of the detector that the request is associated with.
@@ -4239,7 +4462,7 @@ declare namespace GuardDuty {
      */
     FilePath?: String;
     /**
-     * EBS volume Arn details of the infected file.
+     * EBS volume ARN details of the infected file.
      */
     VolumeArn?: String;
     /**
@@ -4387,6 +4610,10 @@ declare namespace GuardDuty {
      * Contains information about the detected unusual behavior.
      */
     Detection?: Detection;
+    /**
+     * Returns details from the malware scan that generated a GuardDuty finding.
+     */
+    MalwareScanDetails?: MalwareScanDetails;
   }
   export interface ServiceAdditionalInfo {
     /**
@@ -4484,6 +4711,20 @@ declare namespace GuardDuty {
   }
   export type TagValue = string;
   export type Tags = Tag[];
+  export interface Threat {
+    /**
+     * Name of the detected threat that caused GuardDuty to generate this finding.
+     */
+    Name?: String;
+    /**
+     * Source of the threat that generated this finding.
+     */
+    Source?: String;
+    /**
+     * Information about the nested item path and hash of the protected resource.
+     */
+    ItemPaths?: ItemPaths;
+  }
   export interface ThreatDetectedByName {
     /**
      * Total number of infected files identified.
@@ -4521,6 +4762,7 @@ declare namespace GuardDuty {
   }
   export type ThreatIntelligenceDetails = ThreatIntelligenceDetail[];
   export type ThreatNames = String[];
+  export type Threats = Threat[];
   export interface ThreatsDetectedItemCount {
     /**
      * Total number of infected files.
@@ -4686,6 +4928,24 @@ declare namespace GuardDuty {
   }
   export interface UpdateIPSetResponse {
   }
+  export interface UpdateMalwareProtectionPlanRequest {
+    /**
+     * A unique identifier associated with the Malware Protection plan.
+     */
+    MalwareProtectionPlanId: String;
+    /**
+     * IAM role with permissions required to scan and add tags to the associated protected resource.
+     */
+    Role?: String;
+    /**
+     * Information about whether the tags will be added to the S3 object after scanning.
+     */
+    Actions?: MalwareProtectionPlanActions;
+    /**
+     * Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource.
+     */
+    ProtectedResource?: UpdateProtectedResource;
+  }
   export interface UpdateMalwareScanSettingsRequest {
     /**
      * The unique ID of the detector that specifies the GuardDuty service where you want to update scan settings.
@@ -4750,6 +5010,12 @@ declare namespace GuardDuty {
   }
   export interface UpdateOrganizationConfigurationResponse {
   }
+  export interface UpdateProtectedResource {
+    /**
+     * Information about the protected S3 bucket resource.
+     */
+    S3Bucket?: UpdateS3BucketResource;
+  }
   export interface UpdatePublishingDestinationRequest {
     /**
      * The ID of the detector associated with the publishing destinations to update.
@@ -4766,6 +5032,12 @@ declare namespace GuardDuty {
   }
   export interface UpdatePublishingDestinationResponse {
   }
+  export interface UpdateS3BucketResource {
+    /**
+     * Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes.
+     */
+    ObjectPrefixes?: MalwareProtectionPlanObjectPrefixesList;
+  }
   export interface UpdateThreatIntelSetRequest {
     /**
      * The detectorID that specifies the GuardDuty service whose ThreatIntelSet you want to update.
@@ -4909,7 +5181,7 @@ declare namespace GuardDuty {
   }
   export interface VolumeDetail {
     /**
-     * EBS volume Arn information.
+     * EBS volume ARN information.
      */
     VolumeArn?: String;
     /**
@@ -4929,11 +5201,11 @@ declare namespace GuardDuty {
      */
     EncryptionType?: String;
     /**
-     * Snapshot Arn of the EBS volume.
+     * Snapshot ARN of the EBS volume.
      */
     SnapshotArn?: String;
     /**
-     * KMS key Arn used to encrypt the EBS volume.
+     * KMS key ARN used to encrypt the EBS volume.
      */
     KmsKeyArn?: String;
   }

package/node_modules/aws-sdk/clients/inspector2.d.ts

@@ -1108,6 +1108,7 @@ declare namespace Inspector2 {
   }
   export type CisNumberFilterList = CisNumberFilter[];
   export type CisOwnerId = string;
+  export type CisReportFormat = "PDF"|"CSV"|string;
   export type CisReportStatus = "SUCCEEDED"|"FAILED"|"IN_PROGRESS"|string;
   export type CisResultStatus = "PASSED"|"FAILED"|"SKIPPED"|string;
   export type CisResultStatusComparison = "EQUALS"|string;
@@ -1674,6 +1675,10 @@ declare namespace Inspector2 {
      * An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION, AWS_ECR_CONTAINER_IMAGE, AWS_ECR_REPOSITORY or AWS_ACCOUNT.
      */
     resourceType?: CoverageStringFilterList;
+    /**
+     * The filter to search for Amazon EC2 instance coverage by scan mode. Valid values are EC2_SSM_AGENT_BASED and EC2_HYBRID.
+     */
+    scanMode?: CoverageStringFilterList;
     /**
      * The scan status code to filter on. Valid values are: ValidationException, InternalServerException, ResourceNotFoundException, BadRequestException, and ThrottlingException.
      */
@@ -1738,6 +1743,10 @@ declare namespace Inspector2 {
      * The type of the covered resource.
      */
     resourceType: CoverageResourceType;
+    /**
+     * The scan method that is applied to the instance.
+     */
+    scanMode?: ScanMode;
     /**
      * The status of the scan covering the resource.
      */
@@ -2079,6 +2088,18 @@ declare namespace Inspector2 {
     accountId: AccountId;
   }
   export type Double = number;
+  export interface Ec2Configuration {
+    /**
+     * The scan method that is applied to the instance.
+     */
+    scanMode: Ec2ScanMode;
+  }
+  export interface Ec2ConfigurationState {
+    /**
+     * An object that contains details about the state of the Amazon EC2 scan mode.
+     */
+    scanModeState?: Ec2ScanModeState;
+  }
   export type Ec2DeepInspectionStatus = "ACTIVATED"|"DEACTIVATED"|"PENDING"|"FAILED"|string;
   export interface Ec2InstanceAggregation {
     /**
@@ -2152,6 +2173,18 @@ declare namespace Inspector2 {
     tags?: TagMap;
   }
   export type Ec2Platform = "WINDOWS"|"LINUX"|"UNKNOWN"|"MACOS"|string;
+  export type Ec2ScanMode = "EC2_SSM_AGENT_BASED"|"EC2_HYBRID"|string;
+  export interface Ec2ScanModeState {
+    /**
+     * The scan method that is applied to the instance.
+     */
+    scanMode?: Ec2ScanMode;
+    /**
+     * The status of the Amazon EC2 scan mode setting.
+     */
+    scanModeStatus?: Ec2ScanModeStatus;
+  }
+  export type Ec2ScanModeStatus = "SUCCESS"|"PENDING"|string;
   export interface EcrConfiguration {
     /**
      * The rescan duration configured for image pull date.
@@ -2608,7 +2641,7 @@ declare namespace Inspector2 {
      */
     inspectorScoreDetails?: InspectorScoreDetails;
     /**
-     * The date and time that the finding was last observed.
+     *  The date and time the finding was last observed. This timestamp for this field remains unchanged until a finding is updated. 
      */
     lastObservedAt: DateTimeTimestamp;
     /**
@@ -2789,6 +2822,10 @@ declare namespace Inspector2 {
   export type FreeTrialType = "EC2"|"ECR"|"LAMBDA"|"LAMBDA_CODE"|string;
   export type FunctionName = string;
   export interface GetCisScanReportRequest {
+    /**
+     *  The format of the report. Valid values are PDF and CSV. If no value is specified, the report format defaults to PDF. 
+     */
+    reportFormat?: CisReportFormat;
     /**
      * The scan ARN.
      */
@@ -2804,7 +2841,7 @@ declare namespace Inspector2 {
      */
     status?: CisReportStatus;
     /**
-     *  The URL where the CIS scan report PDF can be downloaded. 
+     *  The URL where a PDF or CSV of the CIS scan report can be downloaded. 
      */
     url?: String;
   }
@@ -2856,6 +2893,10 @@ declare namespace Inspector2 {
   export interface GetConfigurationRequest {
   }
   export interface GetConfigurationResponse {
+    /**
+     * Specifies how the Amazon EC2 automated scan mode is currently configured for your environment.
+     */
+    ec2Configuration?: Ec2ConfigurationState;
     /**
      * Specifies how the ECR automated re-scan duration is currently configured for your environment.
      */
@@ -4123,6 +4164,7 @@ declare namespace Inspector2 {
   export type RuleId = string;
   export type Runtime = "NODEJS"|"NODEJS_12_X"|"NODEJS_14_X"|"NODEJS_16_X"|"JAVA_8"|"JAVA_8_AL2"|"JAVA_11"|"PYTHON_3_7"|"PYTHON_3_8"|"PYTHON_3_9"|"UNSUPPORTED"|"NODEJS_18_X"|"GO_1_X"|"JAVA_17"|"PYTHON_3_10"|string;
   export type SbomReportFormat = "CYCLONEDX_1_4"|"SPDX_2_3"|string;
+  export type ScanMode = "EC2_SSM_AGENT_BASED"|"EC2_AGENTLESS"|string;
   export interface ScanStatus {
     /**
      * The scan status. Possible return values and descriptions are:   PENDING_INITIAL_SCAN - This resource has been identified for scanning, results will be available soon.  ACCESS_DENIED - Resource access policy restricting Amazon Inspector access. Please update the IAM policy.  INTERNAL_ERROR - Amazon Inspector has encountered an internal error for this resource. Amazon Inspector service will automatically resolve the issue and resume the scanning. No action required from the user.  UNMANAGED_EC2_INSTANCE - The EC2 instance is not managed by SSM, please use the following SSM automation to remediate the issue: https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/automation-awssupport-troubleshoot-managed-instance.html. Once the instance becomes managed by SSM, Inspector will automatically begin scanning this instance.   UNSUPPORTED_OS - Amazon Inspector does not support this OS, architecture, or image manifest type at this time. To see a complete list of supported operating systems see: https://docs.aws.amazon.com/inspector/latest/user/supported.html.  SCAN_ELIGIBILITY_EXPIRED - The configured scan duration has lapsed for this image.  RESOURCE_TERMINATED - This resource has been terminated. The findings and coverage associated with this resource are in the process of being cleaned up.  SUCCESSFUL - The scan was successful.  NO_RESOURCES_FOUND - Reserved for future use.  IMAGE_SIZE_EXCEEDED - Reserved for future use.  SCAN_FREQUENCY_MANUAL - This image will not be covered by Amazon Inspector due to the repository scan frequency configuration.  SCAN_FREQUENCY_SCAN_ON_PUSH - This image will be scanned one time and will not new findings because of the scan frequency configuration.  EC2_INSTANCE_STOPPED - This EC2 instance is in a stopped state, therefore, Amazon Inspector will pause scanning. The existing findings will continue to exist until the instance is terminated. Once the instance is re-started, Inspector will automatically start scanning the instance again. Please note that you will not be charged for this instance while it’s in a stopped state.  PENDING_DISABLE - This resource is pending cleanup during disablement. The customer will not be billed while a resource is in the pending disable status.  NO INVENTORY - Amazon Inspector couldn’t find software application inventory to scan for vulnerabilities. This might be caused due to required Amazon Inspector associations being deleted or failing to run on your resource. Please verify the status of InspectorInventoryCollection-do-not-delete association in the SSM console for the resource. Additionally, you can verify the instance’s inventory in the SSM Fleet Manager console.  STALE_INVENTORY - Amazon Inspector wasn’t able to collect an updated software application inventory in the last 7 days. Please confirm the required Amazon Inspector associations still exist and you can still see an updated inventory in the SSM console.  EXCLUDED_BY_TAG - This resource was not scanned because it has been excluded by a tag.  UNSUPPORTED_RUNTIME - The function was not scanned because it has an unsupported runtime. To see a complete list of supported runtimes see: https://docs.aws.amazon.com/inspector/latest/user/supported.html.  UNSUPPORTED_MEDIA_TYPE - The ECR image has an unsupported media type.  UNSUPPORTED_CONFIG_FILE - Reserved for future use.  DEEP_INSPECTION_PACKAGE_COLLECTION_LIMIT_EXCEEDED - The instance has exceeded the 5000 package limit for Amazon Inspector Deep inspection. To resume Deep inspection for this instance you can try to adjust the custom paths associated with the account.  DEEP_INSPECTION_DAILY_SSM_INVENTORY_LIMIT_EXCEEDED - The SSM agent couldn't send inventory to Amazon Inspector because the SSM quota for Inventory data collected per instance per day has already been reached for this instance.  DEEP_INSPECTION_COLLECTION_TIME_LIMIT_EXCEEDED - Amazon Inspector failed to extract the package inventory because the package collection time exceeding the maximum threshold of 15 minutes.  DEEP_INSPECTION_NO_INVENTORY The Amazon Inspector plugin hasn't yet been able to collect an inventory of packages for this instance. This is usually the result of a pending scan, however, if this status persists after 6 hours, use SSM to ensure that the required Amazon Inspector associations exist and are running for the instance. 
@@ -4562,10 +4604,14 @@ declare namespace Inspector2 {
     targetResourceTags?: TargetResourceTags;
   }
   export interface UpdateConfigurationRequest {
+    /**
+     * Specifies how the Amazon EC2 automated scan will be updated for your environment.
+     */
+    ec2Configuration?: Ec2Configuration;
     /**
      * Specifies how the ECR automated re-scan will be updated for your environment.
      */
-    ecrConfiguration: EcrConfiguration;
+    ecrConfiguration?: EcrConfiguration;
   }
   export interface UpdateConfigurationResponse {
   }

package/node_modules/aws-sdk/clients/iotfleetwise.d.ts

@@ -733,7 +733,7 @@ declare namespace IoTFleetWise {
      */
     description?: description;
     /**
-     * (Optional) The Amazon Resource Name (ARN) of the signal catalog to associate with the campaign. 
+     * The Amazon Resource Name (ARN) of the signal catalog to associate with the campaign. 
      */
     signalCatalogArn: arn;
     /**
@@ -1953,6 +1953,14 @@ declare namespace IoTFleetWise {
      *  The Amazon Resource Name (ARN) of a vehicle model (model manifest). You can use this optional parameter to list only the vehicles created from a certain vehicle model. 
      */
     modelManifestArn?: arn;
+    /**
+     * The fully qualified names of the attributes. For example, the fully qualified name of an attribute might be Vehicle.Body.Engine.Type.
+     */
+    attributeNames?: attributeNamesList;
+    /**
+     * Static information about a vehicle attribute value in string format. For example:  "1.3 L R2" 
+     */
+    attributeValues?: attributeValuesList;
     /**
      * A pagination token for the next set of results. If the results of a search are large, only a portion of the results are returned, and a nextToken pagination token is returned in the response. To retrieve the next set of results, reissue the search request and include the returned token. When all results have been returned, the response does not contain a pagination token value. 
      */
@@ -2839,7 +2847,9 @@ declare namespace IoTFleetWise {
   }
   export type arn = string;
   export type attributeName = string;
+  export type attributeNamesList = attributeName[];
   export type attributeValue = string;
+  export type attributeValuesList = attributeValue[];
   export type attributesMap = {[key: string]: attributeValue};
   export type campaignName = string;
   export type campaignSummaries = CampaignSummary[];

package/node_modules/aws-sdk/clients/iottwinmaker.d.ts

@@ -2453,7 +2453,7 @@ declare namespace IoTTwinMaker {
     areAllPropertyValuesReturned?: Boolean;
   }
   export type PropertyTableValue = {[key: string]: DataValue};
-  export type PropertyUpdateType = "UPDATE"|"DELETE"|"CREATE"|string;
+  export type PropertyUpdateType = "UPDATE"|"DELETE"|"CREATE"|"RESET_VALUE"|string;
   export interface PropertyValue {
     /**
      * The timestamp of a value for a time series property.

package/node_modules/aws-sdk/clients/iotwireless.d.ts

@@ -1875,7 +1875,7 @@ declare namespace IoTWireless {
   export type FirmwareUpdateRole = string;
   export type FragmentIntervalMS = number;
   export type FragmentSizeBytes = number;
-  export type FuotaDeviceStatus = "Initial"|"Package_Not_Supported"|"FragAlgo_unsupported"|"Not_enough_memory"|"FragIndex_unsupported"|"Wrong_descriptor"|"SessionCnt_replay"|"MissingFrag"|"MemoryError"|"MICError"|"Successful"|string;
+  export type FuotaDeviceStatus = "Initial"|"Package_Not_Supported"|"FragAlgo_unsupported"|"Not_enough_memory"|"FragIndex_unsupported"|"Wrong_descriptor"|"SessionCnt_replay"|"MissingFrag"|"MemoryError"|"MICError"|"Successful"|"Device_exist_in_conflict_fuota_task"|string;
   export interface FuotaTask {
     Id?: FuotaTaskId;
     Arn?: FuotaTaskArn;
@@ -3615,7 +3615,7 @@ declare namespace IoTWireless {
   }
   export type MessageId = string;
   export type MessageType = "CUSTOM_COMMAND_ID_NOTIFY"|"CUSTOM_COMMAND_ID_GET"|"CUSTOM_COMMAND_ID_SET"|"CUSTOM_COMMAND_ID_RESP"|string;
-  export type MetricName = "DeviceRSSI"|"DeviceSNR"|"DeviceUplinkCount"|"DeviceDownlinkCount"|"DeviceUplinkLostCount"|"DeviceUplinkLostRate"|"DeviceJoinRequestCount"|"DeviceJoinAcceptCount"|"DeviceRoamingUplinkCount"|"DeviceRoamingDownlinkCount"|"GatewayUpTime"|"GatewayDownTime"|"GatewayRSSI"|"GatewaySNR"|"GatewayUplinkCount"|"GatewayDownlinkCount"|"GatewayJoinRequestCount"|"GatewayJoinAcceptCount"|"AwsAccountUplinkCount"|"AwsAccountDownlinkCount"|"AwsAccountUplinkLostCount"|"AwsAccountUplinkLostRate"|"AwsAccountJoinRequestCount"|"AwsAccountJoinAcceptCount"|"AwsAccountRoamingUplinkCount"|"AwsAccountRoamingDownlinkCount"|"AwsAccountDeviceCount"|"AwsAccountGatewayCount"|"AwsAccountActiveDeviceCount"|"AwsAccountActiveGatewayCount"|string;
+  export type MetricName = "DeviceRSSI"|"DeviceSNR"|"DeviceRoamingRSSI"|"DeviceRoamingSNR"|"DeviceUplinkCount"|"DeviceDownlinkCount"|"DeviceUplinkLostCount"|"DeviceUplinkLostRate"|"DeviceJoinRequestCount"|"DeviceJoinAcceptCount"|"DeviceRoamingUplinkCount"|"DeviceRoamingDownlinkCount"|"GatewayUpTime"|"GatewayDownTime"|"GatewayRSSI"|"GatewaySNR"|"GatewayUplinkCount"|"GatewayDownlinkCount"|"GatewayJoinRequestCount"|"GatewayJoinAcceptCount"|"AwsAccountUplinkCount"|"AwsAccountDownlinkCount"|"AwsAccountUplinkLostCount"|"AwsAccountUplinkLostRate"|"AwsAccountJoinRequestCount"|"AwsAccountJoinAcceptCount"|"AwsAccountRoamingUplinkCount"|"AwsAccountRoamingDownlinkCount"|"AwsAccountDeviceCount"|"AwsAccountGatewayCount"|"AwsAccountActiveDeviceCount"|"AwsAccountActiveGatewayCount"|string;
   export type MetricQueryEndTimestamp = Date;
   export type MetricQueryError = string;
   export type MetricQueryId = string;