cdk-lambda-subminute 2.0.442 → 2.0.444

package/node_modules/aws-sdk/clients/eventbridge.d.ts

@@ -36,11 +36,11 @@ declare class EventBridge extends Service {
    */
   createApiDestination(callback?: (err: AWSError, data: EventBridge.Types.CreateApiDestinationResponse) => void): Request<EventBridge.Types.CreateApiDestinationResponse, AWSError>;
   /**
-   * Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.
+   * Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.  Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:   You call  CreateArchive  on an event bus set to use a customer managed key for encryption.   You call  CreateDiscoverer  on an event bus set to use a customer managed key for encryption.   You call  UpdatedEventBus  to set a customer managed key on an event bus with an archives or schema discovery enabled.   To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide. 
    */
   createArchive(params: EventBridge.Types.CreateArchiveRequest, callback?: (err: AWSError, data: EventBridge.Types.CreateArchiveResponse) => void): Request<EventBridge.Types.CreateArchiveResponse, AWSError>;
   /**
-   * Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.
+   * Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.  Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:   You call  CreateArchive  on an event bus set to use a customer managed key for encryption.   You call  CreateDiscoverer  on an event bus set to use a customer managed key for encryption.   You call  UpdatedEventBus  to set a customer managed key on an event bus with an archives or schema discovery enabled.   To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide. 
    */
   createArchive(callback?: (err: AWSError, data: EventBridge.Types.CreateArchiveResponse) => void): Request<EventBridge.Types.CreateArchiveResponse, AWSError>;
   /**
@@ -116,11 +116,11 @@ declare class EventBridge extends Service {
    */
   deleteConnection(callback?: (err: AWSError, data: EventBridge.Types.DeleteConnectionResponse) => void): Request<EventBridge.Types.DeleteConnectionResponse, AWSError>;
   /**
-   * Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   deleteEndpoint(params: EventBridge.Types.DeleteEndpointRequest, callback?: (err: AWSError, data: EventBridge.Types.DeleteEndpointResponse) => void): Request<EventBridge.Types.DeleteEndpointResponse, AWSError>;
   /**
-   * Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   deleteEndpoint(callback?: (err: AWSError, data: EventBridge.Types.DeleteEndpointResponse) => void): Request<EventBridge.Types.DeleteEndpointResponse, AWSError>;
   /**
@@ -172,11 +172,11 @@ declare class EventBridge extends Service {
    */
   describeConnection(callback?: (err: AWSError, data: EventBridge.Types.DescribeConnectionResponse) => void): Request<EventBridge.Types.DescribeConnectionResponse, AWSError>;
   /**
-   * Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   describeEndpoint(params: EventBridge.Types.DescribeEndpointRequest, callback?: (err: AWSError, data: EventBridge.Types.DescribeEndpointResponse) => void): Request<EventBridge.Types.DescribeEndpointResponse, AWSError>;
   /**
-   * Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   describeEndpoint(callback?: (err: AWSError, data: EventBridge.Types.DescribeEndpointResponse) => void): Request<EventBridge.Types.DescribeEndpointResponse, AWSError>;
   /**
@@ -260,11 +260,11 @@ declare class EventBridge extends Service {
    */
   listConnections(callback?: (err: AWSError, data: EventBridge.Types.ListConnectionsResponse) => void): Request<EventBridge.Types.ListConnectionsResponse, AWSError>;
   /**
-   * List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   listEndpoints(params: EventBridge.Types.ListEndpointsRequest, callback?: (err: AWSError, data: EventBridge.Types.ListEndpointsResponse) => void): Request<EventBridge.Types.ListEndpointsResponse, AWSError>;
   /**
-   * List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   listEndpoints(callback?: (err: AWSError, data: EventBridge.Types.ListEndpointsResponse) => void): Request<EventBridge.Types.ListEndpointsResponse, AWSError>;
   /**
@@ -340,11 +340,11 @@ declare class EventBridge extends Service {
    */
   listTargetsByRule(callback?: (err: AWSError, data: EventBridge.Types.ListTargetsByRuleResponse) => void): Request<EventBridge.Types.ListTargetsByRuleResponse, AWSError>;
   /**
-   * Sends custom events to Amazon EventBridge so that they can be matched to rules. The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the Amazon EventBridge User Guide  PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.  PutEvents will only process nested JSON up to 1100 levels deep. 
+   * Sends custom events to Amazon EventBridge so that they can be matched to rules. The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the  Amazon EventBridge User Guide   PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.  PutEvents will only process nested JSON up to 1100 levels deep. 
    */
   putEvents(params: EventBridge.Types.PutEventsRequest, callback?: (err: AWSError, data: EventBridge.Types.PutEventsResponse) => void): Request<EventBridge.Types.PutEventsResponse, AWSError>;
   /**
-   * Sends custom events to Amazon EventBridge so that they can be matched to rules. The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the Amazon EventBridge User Guide  PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.  PutEvents will only process nested JSON up to 1100 levels deep. 
+   * Sends custom events to Amazon EventBridge so that they can be matched to rules. The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the  Amazon EventBridge User Guide   PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.  PutEvents will only process nested JSON up to 1100 levels deep. 
    */
   putEvents(callback?: (err: AWSError, data: EventBridge.Types.PutEventsResponse) => void): Request<EventBridge.Types.PutEventsResponse, AWSError>;
   /**
@@ -372,11 +372,11 @@ declare class EventBridge extends Service {
    */
   putRule(callback?: (err: AWSError, data: EventBridge.Types.PutRuleResponse) => void): Request<EventBridge.Types.PutRuleResponse, AWSError>;
   /**
-   * Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. Targets are the resources that are invoked when a rule is triggered. The maximum number of entries per request is 10.  Each rule can have up to five (5) targets associated with it at one time.  For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide. Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:    Amazon EBS CreateSnapshot API call     Amazon EC2 RebootInstances API call     Amazon EC2 StopInstances API call     Amazon EC2 TerminateInstances API call    For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field. To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:    For Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.   For EC2 instances, Kinesis Data Streams, Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the RoleARN argument in PutTargets.   For more information, see Authentication and Access Control in the Amazon EventBridge User Guide. If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.   Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.  If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.  If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.  For more information about enabling cross-account events, see PutPermission.  Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:   If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).   If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.   If InputPath is specified in the form of JSONPath (for example, $.detail), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).   If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.   When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation. When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect. This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.
+   * Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. Targets are the resources that are invoked when a rule is triggered. The maximum number of entries per request is 10.  Each rule can have up to five (5) targets associated with it at one time.  For a list of services you can configure as targets for events, see EventBridge targets in the  Amazon EventBridge User Guide . Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:    Amazon EBS CreateSnapshot API call     Amazon EC2 RebootInstances API call     Amazon EC2 StopInstances API call     Amazon EC2 TerminateInstances API call    For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field. To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:    For Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.   For EC2 instances, Kinesis Data Streams, Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the RoleARN argument in PutTargets.   For more information, see Authentication and Access Control in the  Amazon EventBridge User Guide . If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.   Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.  If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.  If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.  For more information about enabling cross-account events, see PutPermission.  Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:   If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).   If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.   If InputPath is specified in the form of JSONPath (for example, $.detail), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).   If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.   When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation. When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect. This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.
    */
   putTargets(params: EventBridge.Types.PutTargetsRequest, callback?: (err: AWSError, data: EventBridge.Types.PutTargetsResponse) => void): Request<EventBridge.Types.PutTargetsResponse, AWSError>;
   /**
-   * Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. Targets are the resources that are invoked when a rule is triggered. The maximum number of entries per request is 10.  Each rule can have up to five (5) targets associated with it at one time.  For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide. Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:    Amazon EBS CreateSnapshot API call     Amazon EC2 RebootInstances API call     Amazon EC2 StopInstances API call     Amazon EC2 TerminateInstances API call    For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field. To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:    For Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.   For EC2 instances, Kinesis Data Streams, Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the RoleARN argument in PutTargets.   For more information, see Authentication and Access Control in the Amazon EventBridge User Guide. If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.   Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.  If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.  If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.  For more information about enabling cross-account events, see PutPermission.  Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:   If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).   If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.   If InputPath is specified in the form of JSONPath (for example, $.detail), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).   If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.   When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation. When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect. This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.
+   * Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. Targets are the resources that are invoked when a rule is triggered. The maximum number of entries per request is 10.  Each rule can have up to five (5) targets associated with it at one time.  For a list of services you can configure as targets for events, see EventBridge targets in the  Amazon EventBridge User Guide . Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:    Amazon EBS CreateSnapshot API call     Amazon EC2 RebootInstances API call     Amazon EC2 StopInstances API call     Amazon EC2 TerminateInstances API call    For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field. To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:    For Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.   For EC2 instances, Kinesis Data Streams, Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the RoleARN argument in PutTargets.   For more information, see Authentication and Access Control in the  Amazon EventBridge User Guide . If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.   Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.  If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.  If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.  For more information about enabling cross-account events, see PutPermission.  Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:   If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).   If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.   If InputPath is specified in the form of JSONPath (for example, $.detail), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).   If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.   When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation. When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect. This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.
    */
   putTargets(callback?: (err: AWSError, data: EventBridge.Types.PutTargetsResponse) => void): Request<EventBridge.Types.PutTargetsResponse, AWSError>;
   /**
@@ -452,13 +452,21 @@ declare class EventBridge extends Service {
    */
   updateConnection(callback?: (err: AWSError, data: EventBridge.Types.UpdateConnectionResponse) => void): Request<EventBridge.Types.UpdateConnectionResponse, AWSError>;
   /**
-   * Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   updateEndpoint(params: EventBridge.Types.UpdateEndpointRequest, callback?: (err: AWSError, data: EventBridge.Types.UpdateEndpointResponse) => void): Request<EventBridge.Types.UpdateEndpointResponse, AWSError>;
   /**
-   * Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.
+   * Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the  Amazon EventBridge User Guide .
    */
   updateEndpoint(callback?: (err: AWSError, data: EventBridge.Types.UpdateEndpointResponse) => void): Request<EventBridge.Types.UpdateEndpointResponse, AWSError>;
+  /**
+   * Updates the specified event bus.
+   */
+  updateEventBus(params: EventBridge.Types.UpdateEventBusRequest, callback?: (err: AWSError, data: EventBridge.Types.UpdateEventBusResponse) => void): Request<EventBridge.Types.UpdateEventBusResponse, AWSError>;
+  /**
+   * Updates the specified event bus.
+   */
+  updateEventBus(callback?: (err: AWSError, data: EventBridge.Types.UpdateEventBusResponse) => void): Request<EventBridge.Types.UpdateEventBusResponse, AWSError>;
 }
 declare namespace EventBridge {
   export type AccountId = string;
@@ -1067,6 +1075,15 @@ declare namespace EventBridge {
      * If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.
      */
     EventSourceName?: EventSourceName;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
+    /**
+     * The identifier of the KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN. If you do not specify a customer managed key identifier, EventBridge uses an Amazon Web Services owned key to encrypt events on the event bus. For more information, see Managing keys in the Key Management Service Developer Guide.   Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:   You call  CreateArchive  on an event bus set to use a customer managed key for encryption.   You call  CreateDiscoverer  on an event bus set to use a customer managed key for encryption.   You call  UpdatedEventBus  to set a customer managed key on an event bus with an archives or schema discovery enabled.   To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide. 
+     */
+    KmsKeyIdentifier?: KmsKeyIdentifier;
+    DeadLetterConfig?: DeadLetterConfig;
     /**
      * Tags to associate with the event bus.
      */
@@ -1077,6 +1094,15 @@ declare namespace EventBridge {
      * The ARN of the new event bus.
      */
     EventBusArn?: String;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
+    /**
+     * The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.
+     */
+    KmsKeyIdentifier?: KmsKeyIdentifier;
+    DeadLetterConfig?: DeadLetterConfig;
   }
   export interface CreatePartnerEventSourceRequest {
     /**
@@ -1450,10 +1476,27 @@ declare namespace EventBridge {
      * The Amazon Resource Name (ARN) of the account permitted to write events to the current account.
      */
     Arn?: String;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
+    /**
+     * The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.
+     */
+    KmsKeyIdentifier?: KmsKeyIdentifier;
+    DeadLetterConfig?: DeadLetterConfig;
     /**
      * The policy that enables the external account to send events to your account.
      */
     Policy?: String;
+    /**
+     * The time the event bus was created.
+     */
+    CreationTime?: Timestamp;
+    /**
+     * The time the event bus was last modified.
+     */
+    LastModifiedTime?: Timestamp;
   }
   export interface DescribeEventSourceRequest {
     /**
@@ -1579,7 +1622,7 @@ declare namespace EventBridge {
      */
     Arn?: RuleArn;
     /**
-     * The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.
+     * The event pattern. For more information, see Events and Event Patterns in the  Amazon EventBridge User Guide .
      */
     EventPattern?: EventPattern;
     /**
@@ -1769,11 +1812,24 @@ declare namespace EventBridge {
      * The ARN of the event bus.
      */
     Arn?: String;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
     /**
      * The permissions policy of the event bus, describing which other Amazon Web Services accounts can write events to this event bus.
      */
     Policy?: String;
+    /**
+     * The time the event bus was created.
+     */
+    CreationTime?: Timestamp;
+    /**
+     * The time the event bus was last modified.
+     */
+    LastModifiedTime?: Timestamp;
   }
+  export type EventBusDescription = string;
   export type EventBusList = EventBus[];
   export type EventBusName = string;
   export type EventBusNameOrArn = string;
@@ -1863,6 +1919,7 @@ declare namespace EventBridge {
      */
     PartitionKeyPath: TargetPartitionKeyPath;
   }
+  export type KmsKeyIdentifier = string;
   export type LaunchType = "EC2"|"FARGATE"|"EXTERNAL"|string;
   export type LimitMax100 = number;
   export type LimitMin1 = number;
@@ -2444,11 +2501,11 @@ declare namespace EventBridge {
      */
     ScheduleExpression?: ScheduleExpression;
     /**
-     * The event pattern. For more information, see Amazon EventBridge event patterns in the Amazon EventBridge User Guide.
+     * The event pattern. For more information, see Amazon EventBridge event patterns in the  Amazon EventBridge User Guide .
      */
     EventPattern?: EventPattern;
     /**
-     * Indicates whether the rule is enabled or disabled.
+     * The state of the rule. Valid values include:    DISABLED: The rule is disabled. EventBridge does not match any events against the rule.    ENABLED: The rule is enabled. EventBridge matches events against the rule, except for Amazon Web Services management events delivered through CloudTrail.    ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for all events, including Amazon Web Services management events delivered through CloudTrail. Management events provide visibility into management operations that are performed on resources in your Amazon Web Services account. These are also known as control plane operations. For more information, see Logging management events in the CloudTrail User Guide, and Filtering management events from Amazon Web Services services in the  Amazon EventBridge User Guide . This value is only valid for rules on the default event bus or custom event buses. It does not apply to partner event buses.  
      */
     State?: RuleState;
     /**
@@ -2698,11 +2755,11 @@ declare namespace EventBridge {
      */
     Arn?: RuleArn;
     /**
-     * The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.
+     * The event pattern of the rule. For more information, see Events and Event Patterns in the  Amazon EventBridge User Guide .
      */
     EventPattern?: EventPattern;
     /**
-     * The state of the rule.
+     * The state of the rule. Valid values include:    DISABLED: The rule is disabled. EventBridge does not match any events against the rule.    ENABLED: The rule is enabled. EventBridge matches events against the rule, except for Amazon Web Services management events delivered through CloudTrail.    ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for all events, including Amazon Web Services management events delivered through CloudTrail. Management events provide visibility into management operations that are performed on resources in your Amazon Web Services account. These are also known as control plane operations. For more information, see Logging management events in the CloudTrail User Guide, and Filtering management events from Amazon Web Services services in the  Amazon EventBridge User Guide . This value is only valid for rules on the default event bus or custom event buses. It does not apply to partner event buses.  
      */
     State?: RuleState;
     /**
@@ -2941,7 +2998,7 @@ declare namespace EventBridge {
   export type TargetPartitionKeyPath = string;
   export interface TestEventPatternRequest {
     /**
-     * The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.
+     * The event pattern. For more information, see Events and Event Patterns in the  Amazon EventBridge User Guide .
      */
     EventPattern: EventPattern;
     /**
@@ -3221,6 +3278,40 @@ declare namespace EventBridge {
      */
     State?: EndpointState;
   }
+  export interface UpdateEventBusRequest {
+    /**
+     * The name of the event bus.
+     */
+    Name?: EventBusName;
+    /**
+     * The identifier of the KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN. If you do not specify a customer managed key identifier, EventBridge uses an Amazon Web Services owned key to encrypt events on the event bus. For more information, see Managing keys in the Key Management Service Developer Guide.   Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:   You call  CreateArchive  on an event bus set to use a customer managed key for encryption.   You call  CreateDiscoverer  on an event bus set to use a customer managed key for encryption.   You call  UpdatedEventBus  to set a customer managed key on an event bus with an archives or schema discovery enabled.   To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide. 
+     */
+    KmsKeyIdentifier?: KmsKeyIdentifier;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
+    DeadLetterConfig?: DeadLetterConfig;
+  }
+  export interface UpdateEventBusResponse {
+    /**
+     * The event bus Amazon Resource Name (ARN).
+     */
+    Arn?: String;
+    /**
+     * The event bus name.
+     */
+    Name?: EventBusName;
+    /**
+     * The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.
+     */
+    KmsKeyIdentifier?: KmsKeyIdentifier;
+    /**
+     * The event bus description.
+     */
+    Description?: EventBusDescription;
+    DeadLetterConfig?: DeadLetterConfig;
+  }
   /**
    * A string in YYYY-MM-DD format that represents the latest possible API version that can be used in this service. Specify 'latest' to use the latest possible version.
    */

package/node_modules/aws-sdk/clients/firehose.d.ts

@@ -68,11 +68,11 @@ declare class Firehose extends Service {
    */
   putRecordBatch(callback?: (err: AWSError, data: Firehose.Types.PutRecordBatchOutput) => void): Request<Firehose.Types.PutRecordBatchOutput, AWSError>;
   /**
-   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, Firehose APIs StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
+   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, the Firehose API operations StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
    */
   startDeliveryStreamEncryption(params: Firehose.Types.StartDeliveryStreamEncryptionInput, callback?: (err: AWSError, data: Firehose.Types.StartDeliveryStreamEncryptionOutput) => void): Request<Firehose.Types.StartDeliveryStreamEncryptionOutput, AWSError>;
   /**
-   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, Firehose APIs StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
+   * Enables server-side encryption (SSE) for the delivery stream.  This operation is asynchronous. It returns immediately. When you invoke it, Firehose first sets the encryption status of the stream to ENABLING, and then to ENABLED. The encryption status of a delivery stream is the Status property in DeliveryStreamEncryptionConfiguration. If the operation fails, the encryption status changes to ENABLING_FAILED. You can continue to read and write data to your delivery stream while the encryption status is ENABLING, but the data is not encrypted. It can take up to 5 seconds after the encryption status changes to ENABLED before all records written to the delivery stream are encrypted. To find out whether a record or a batch of records was encrypted, check the response elements PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted, respectively. To check the encryption status of a delivery stream, use DescribeDeliveryStream. Even if encryption is currently enabled for a delivery stream, you can still invoke this operation on it to change the ARN of the CMK or both its type and ARN. If you invoke this method to change the CMK, and the old CMK is of type CUSTOMER_MANAGED_CMK, Firehose schedules the grant it had on the old CMK for retirement. If the new CMK is of type CUSTOMER_MANAGED_CMK, Firehose creates a grant that enables it to use the new CMK to encrypt and decrypt data and to manage the grant. For the KMS grant creation to be successful, the Firehose API operations StartDeliveryStreamEncryption and CreateDeliveryStream should not be called with session credentials that are more than 6 hours old. If a delivery stream already has encryption enabled and then you invoke this operation to change the ARN of the CMK or both its type and ARN and you get ENABLING_FAILED, this only means that the attempt to change the CMK failed. In this case, encryption remains enabled with the old CMK. If the encryption status of your delivery stream is ENABLING_FAILED, you can invoke this operation again with a valid CMK. The CMK must be enabled and the key policy mustn't explicitly deny the permission for Firehose to invoke KMS encrypt and decrypt operations. You can enable SSE for a delivery stream only if it's a delivery stream that uses DirectPut as its source.  The StartDeliveryStreamEncryption and StopDeliveryStreamEncryption operations have a combined limit of 25 calls per delivery stream per 24 hours. For example, you reach the limit if you call StartDeliveryStreamEncryption 13 times and StopDeliveryStreamEncryption 12 times for the same delivery stream in a 24-hour period.
    */
   startDeliveryStreamEncryption(callback?: (err: AWSError, data: Firehose.Types.StartDeliveryStreamEncryptionOutput) => void): Request<Firehose.Types.StartDeliveryStreamEncryptionOutput, AWSError>;
   /**
@@ -1182,7 +1182,7 @@ declare namespace Firehose {
     BufferingHints?: HttpEndpointBufferingHints;
     CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
     /**
-     * The configuration of the requeste sent to the HTTP endpoint specified as the destination.
+     * The configuration of the request sent to the HTTP endpoint that is specified as the destination.
      */
     RequestConfiguration?: HttpEndpointRequestConfiguration;
     ProcessingConfiguration?: ProcessingConfiguration;
@@ -1199,6 +1199,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: HttpEndpointS3BackupMode;
     S3Configuration: S3DestinationConfiguration;
+    /**
+     *  The configuration that defines how you access secrets for HTTP Endpoint destination. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface HttpEndpointDestinationDescription {
     /**
@@ -1228,6 +1232,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: HttpEndpointS3BackupMode;
     S3DestinationDescription?: S3DestinationDescription;
+    /**
+     *  The configuration that defines how you access secrets for HTTP Endpoint destination. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface HttpEndpointDestinationUpdate {
     /**
@@ -1257,6 +1265,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: HttpEndpointS3BackupMode;
     S3Update?: S3DestinationUpdate;
+    /**
+     *  The configuration that defines how you access secrets for HTTP Endpoint destination. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export type HttpEndpointName = string;
   export interface HttpEndpointRequestConfiguration {
@@ -1625,11 +1637,11 @@ declare namespace Firehose {
     /**
      * The name of the user.
      */
-    Username: Username;
+    Username?: Username;
     /**
      * The user password.
      */
-    Password: Password;
+    Password?: Password;
     /**
      * The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).
      */
@@ -1654,6 +1666,10 @@ declare namespace Firehose {
      * The CloudWatch logging options for your delivery stream.
      */
     CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
+    /**
+     *  The configuration that defines how you access secrets for Amazon Redshift. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface RedshiftDestinationDescription {
     /**
@@ -1671,7 +1687,7 @@ declare namespace Firehose {
     /**
      * The name of the user.
      */
-    Username: Username;
+    Username?: Username;
     /**
      * The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).
      */
@@ -1696,6 +1712,10 @@ declare namespace Firehose {
      * The Amazon CloudWatch logging options for your delivery stream.
      */
     CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
+    /**
+     *  The configuration that defines how you access secrets for Amazon Redshift. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface RedshiftDestinationUpdate {
     /**
@@ -1742,6 +1762,10 @@ declare namespace Firehose {
      * The Amazon CloudWatch logging options for your delivery stream.
      */
     CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
+    /**
+     *  The configuration that defines how you access secrets for Amazon Redshift. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export type RedshiftRetryDurationInSeconds = number;
   export interface RedshiftRetryOptions {
@@ -1888,6 +1912,21 @@ declare namespace Firehose {
      */
     VersionId?: NonEmptyStringWithoutWhitespace;
   }
+  export type SecretARN = string;
+  export interface SecretsManagerConfiguration {
+    /**
+     * The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the delivery stream and role as Firehose supports cross-account secret access. This parameter is required when Enabled is set to True.
+     */
+    SecretARN?: SecretARN;
+    /**
+     *  Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk. 
+     */
+    RoleARN?: RoleARN;
+    /**
+     * Specifies whether you want to use the the secrets manager feature. When set as True the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to False Firehose falls back to the credentials in the destination configuration.
+     */
+    Enabled: BooleanObject;
+  }
   export type SecurityGroupIdList = NonEmptyStringWithoutWhitespace[];
   export interface Serializer {
     /**
@@ -1912,7 +1951,7 @@ declare namespace Firehose {
     /**
      * The private key used to encrypt your Snowflake client. For information, see Using Key Pair Authentication &amp; Key Rotation.
      */
-    PrivateKey: SnowflakePrivateKey;
+    PrivateKey?: SnowflakePrivateKey;
     /**
      * Passphrase to decrypt the private key when the key is encrypted. For information, see Using Key Pair Authentication &amp; Key Rotation.
      */
@@ -1920,7 +1959,7 @@ declare namespace Firehose {
     /**
      * User login name for the Snowflake account.
      */
-    User: SnowflakeUser;
+    User?: SnowflakeUser;
     /**
      * All data in Snowflake is maintained in databases.
      */
@@ -1968,6 +2007,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: SnowflakeS3BackupMode;
     S3Configuration: S3DestinationConfiguration;
+    /**
+     *  The configuration that defines how you access secrets for Snowflake. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface SnowflakeDestinationDescription {
     /**
@@ -2025,6 +2068,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: SnowflakeS3BackupMode;
     S3DestinationDescription?: S3DestinationDescription;
+    /**
+     *  The configuration that defines how you access secrets for Snowflake. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface SnowflakeDestinationUpdate {
     /**
@@ -2086,6 +2133,10 @@ declare namespace Firehose {
      */
     S3BackupMode?: SnowflakeS3BackupMode;
     S3Update?: S3DestinationUpdate;
+    /**
+     *  Describes the Secrets Manager configuration in Snowflake. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export type SnowflakeKeyPassphrase = string;
   export type SnowflakeMetaDataColumnName = string;
@@ -2153,7 +2204,7 @@ declare namespace Firehose {
     /**
      * This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.
      */
-    HECToken: HECToken;
+    HECToken?: HECToken;
     /**
      * The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.
      */
@@ -2182,6 +2233,10 @@ declare namespace Firehose {
      * The buffering options. If no value is specified, the default values for Splunk are used.
      */
     BufferingHints?: SplunkBufferingHints;
+    /**
+     *  The configuration that defines how you access secrets for Splunk. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface SplunkDestinationDescription {
     /**
@@ -2224,6 +2279,10 @@ declare namespace Firehose {
      * The buffering options. If no value is specified, the default values for Splunk are used.
      */
     BufferingHints?: SplunkBufferingHints;
+    /**
+     *  The configuration that defines how you access secrets for Splunk. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export interface SplunkDestinationUpdate {
     /**
@@ -2266,6 +2325,10 @@ declare namespace Firehose {
      * The buffering options. If no value is specified, the default values for Splunk are used.
      */
     BufferingHints?: SplunkBufferingHints;
+    /**
+     *  The configuration that defines how you access secrets for Splunk. 
+     */
+    SecretsManagerConfiguration?: SecretsManagerConfiguration;
   }
   export type SplunkRetryDurationInSeconds = number;
   export interface SplunkRetryOptions {
@@ -2382,7 +2445,7 @@ declare namespace Firehose {
      */
     AmazonOpenSearchServerlessDestinationUpdate?: AmazonOpenSearchServerlessDestinationUpdate;
     /**
-     * Update to the Snowflake destination condiguration settings
+     * Update to the Snowflake destination configuration settings.
      */
     SnowflakeDestinationUpdate?: SnowflakeDestinationUpdate;
   }