cdk-lambda-subminute 2.0.451 → 2.0.453

package/node_modules/aws-sdk/clients/ecr.d.ts

@@ -68,6 +68,14 @@ declare class ECR extends Service {
    * Creates a repository. For more information, see Amazon ECR repositories in the Amazon Elastic Container Registry User Guide.
    */
   createRepository(callback?: (err: AWSError, data: ECR.Types.CreateRepositoryResponse) => void): Request<ECR.Types.CreateRepositoryResponse, AWSError>;
+  /**
+   * Creates a repository creation template. This template is used to define the settings for repositories created by Amazon ECR on your behalf. For example, repositories created through pull through cache actions. For more information, see Private repository creation templates in the Amazon Elastic Container Registry User Guide.
+   */
+  createRepositoryCreationTemplate(params: ECR.Types.CreateRepositoryCreationTemplateRequest, callback?: (err: AWSError, data: ECR.Types.CreateRepositoryCreationTemplateResponse) => void): Request<ECR.Types.CreateRepositoryCreationTemplateResponse, AWSError>;
+  /**
+   * Creates a repository creation template. This template is used to define the settings for repositories created by Amazon ECR on your behalf. For example, repositories created through pull through cache actions. For more information, see Private repository creation templates in the Amazon Elastic Container Registry User Guide.
+   */
+  createRepositoryCreationTemplate(callback?: (err: AWSError, data: ECR.Types.CreateRepositoryCreationTemplateResponse) => void): Request<ECR.Types.CreateRepositoryCreationTemplateResponse, AWSError>;
   /**
    * Deletes the lifecycle policy associated with the specified repository.
    */
@@ -100,6 +108,14 @@ declare class ECR extends Service {
    * Deletes a repository. If the repository isn't empty, you must either delete the contents of the repository or use the force option to delete the repository and have Amazon ECR delete all of its contents on your behalf.
    */
   deleteRepository(callback?: (err: AWSError, data: ECR.Types.DeleteRepositoryResponse) => void): Request<ECR.Types.DeleteRepositoryResponse, AWSError>;
+  /**
+   * Deletes a repository creation template.
+   */
+  deleteRepositoryCreationTemplate(params: ECR.Types.DeleteRepositoryCreationTemplateRequest, callback?: (err: AWSError, data: ECR.Types.DeleteRepositoryCreationTemplateResponse) => void): Request<ECR.Types.DeleteRepositoryCreationTemplateResponse, AWSError>;
+  /**
+   * Deletes a repository creation template.
+   */
+  deleteRepositoryCreationTemplate(callback?: (err: AWSError, data: ECR.Types.DeleteRepositoryCreationTemplateResponse) => void): Request<ECR.Types.DeleteRepositoryCreationTemplateResponse, AWSError>;
   /**
    * Deletes the repository policy associated with the specified repository.
    */
@@ -156,6 +172,14 @@ declare class ECR extends Service {
    * Describes image repositories in a registry.
    */
   describeRepositories(callback?: (err: AWSError, data: ECR.Types.DescribeRepositoriesResponse) => void): Request<ECR.Types.DescribeRepositoriesResponse, AWSError>;
+  /**
+   * Returns details about the repository creation templates in a registry. The prefixes request parameter can be used to return the details for a specific repository creation template.
+   */
+  describeRepositoryCreationTemplates(params: ECR.Types.DescribeRepositoryCreationTemplatesRequest, callback?: (err: AWSError, data: ECR.Types.DescribeRepositoryCreationTemplatesResponse) => void): Request<ECR.Types.DescribeRepositoryCreationTemplatesResponse, AWSError>;
+  /**
+   * Returns details about the repository creation templates in a registry. The prefixes request parameter can be used to return the details for a specific repository creation template.
+   */
+  describeRepositoryCreationTemplates(callback?: (err: AWSError, data: ECR.Types.DescribeRepositoryCreationTemplatesResponse) => void): Request<ECR.Types.DescribeRepositoryCreationTemplatesResponse, AWSError>;
   /**
    * Retrieves an authorization token. An authorization token represents your IAM authentication credentials and can be used to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours. The authorizationToken returned is a base64 encoded string that can be decoded and used in a docker login command to authenticate to a registry. The CLI offers an get-login-password command that simplifies the login process. For more information, see Registry authentication in the Amazon Elastic Container Registry User Guide.
    */
@@ -285,11 +309,11 @@ declare class ECR extends Service {
    */
   putRegistryScanningConfiguration(callback?: (err: AWSError, data: ECR.Types.PutRegistryScanningConfigurationResponse) => void): Request<ECR.Types.PutRegistryScanningConfigurationResponse, AWSError>;
   /**
-   * Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see Using service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide.  When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see PutRegistryPolicy. 
+   * Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see Using service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide. For more information on the custom role for replication, see Creating an IAM role for replication.  When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see PutRegistryPolicy. 
    */
   putReplicationConfiguration(params: ECR.Types.PutReplicationConfigurationRequest, callback?: (err: AWSError, data: ECR.Types.PutReplicationConfigurationResponse) => void): Request<ECR.Types.PutReplicationConfigurationResponse, AWSError>;
   /**
-   * Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see Using service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide.  When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see PutRegistryPolicy. 
+   * Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see Using service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide. For more information on the custom role for replication, see Creating an IAM role for replication.  When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see PutRegistryPolicy. 
    */
   putReplicationConfiguration(callback?: (err: AWSError, data: ECR.Types.PutReplicationConfigurationResponse) => void): Request<ECR.Types.PutReplicationConfigurationResponse, AWSError>;
   /**
@@ -340,6 +364,14 @@ declare class ECR extends Service {
    * Updates an existing pull through cache rule.
    */
   updatePullThroughCacheRule(callback?: (err: AWSError, data: ECR.Types.UpdatePullThroughCacheRuleResponse) => void): Request<ECR.Types.UpdatePullThroughCacheRuleResponse, AWSError>;
+  /**
+   * Updates an existing repository creation template.
+   */
+  updateRepositoryCreationTemplate(params: ECR.Types.UpdateRepositoryCreationTemplateRequest, callback?: (err: AWSError, data: ECR.Types.UpdateRepositoryCreationTemplateResponse) => void): Request<ECR.Types.UpdateRepositoryCreationTemplateResponse, AWSError>;
+  /**
+   * Updates an existing repository creation template.
+   */
+  updateRepositoryCreationTemplate(callback?: (err: AWSError, data: ECR.Types.UpdateRepositoryCreationTemplateResponse) => void): Request<ECR.Types.UpdateRepositoryCreationTemplateResponse, AWSError>;
   /**
    * Uploads an image layer part to Amazon ECR. When an image is pushed, each new image layer is uploaded in parts. The maximum size of each image layer part can be 20971520 bytes (or about 20MB). The UploadLayerPart API is called once per each new image layer part.  This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images. 
    */
@@ -577,7 +609,7 @@ declare namespace ECR {
      */
     ecrRepositoryPrefix: PullThroughCacheRuleRepositoryPrefix;
     /**
-     * The registry URL of the upstream public registry to use as the source for the pull through cache rule. The following is the syntax to use for each supported upstream registry.   Amazon ECR Public (ecr-public) - public.ecr.aws    Docker Hub (docker-hub) - registry-1.docker.io    Quay (quay) - quay.io    Kubernetes (k8s) - registry.k8s.io    GitHub Container Registry (github-container-registry) - ghcr.io    Microsoft Azure Container Registry (azure-container-registry) - &lt;custom&gt;.azurecr.io    GitLab Container Registry (gitlab-container-registry) - registry.gitlab.com   
+     * The registry URL of the upstream public registry to use as the source for the pull through cache rule. The following is the syntax to use for each supported upstream registry.   Amazon ECR Public (ecr-public) - public.ecr.aws    Docker Hub (docker-hub) - registry-1.docker.io    Quay (quay) - quay.io    Kubernetes (k8s) - registry.k8s.io    GitHub Container Registry (github-container-registry) - ghcr.io    Microsoft Azure Container Registry (azure-container-registry) - &lt;custom&gt;.azurecr.io   
      */
     upstreamRegistryUrl: Url;
     /**
@@ -619,6 +651,54 @@ declare namespace ECR {
      */
     credentialArn?: CredentialArn;
   }
+  export interface CreateRepositoryCreationTemplateRequest {
+    /**
+     * The repository namespace prefix to associate with the template. All repositories created using this namespace prefix will have the settings defined in this template applied. For example, a prefix of prod would apply to all repositories beginning with prod/. Similarly, a prefix of prod/team would apply to all repositories beginning with prod/team/. To apply a template to all repositories in your registry that don't have an associated creation template, you can use ROOT as the prefix.  There is always an assumed / applied to the end of the prefix. If you specify ecr-public as the prefix, Amazon ECR treats that as ecr-public/. When using a pull through cache rule, the repository prefix you specify during rule creation is what you should specify as your repository creation template prefix as well. 
+     */
+    prefix: Prefix;
+    /**
+     * A description for the repository creation template.
+     */
+    description?: RepositoryTemplateDescription;
+    /**
+     * The encryption configuration to use for repositories created using the template.
+     */
+    encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate;
+    /**
+     * The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
+     */
+    resourceTags?: TagList;
+    /**
+     * The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
+     */
+    imageTagMutability?: ImageTagMutability;
+    /**
+     * The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions. 
+     */
+    repositoryPolicy?: RepositoryPolicyText;
+    /**
+     * The lifecycle policy to use for repositories created using the template.
+     */
+    lifecyclePolicy?: LifecyclePolicyTextForRepositoryCreationTemplate;
+    /**
+     * A list of enumerable strings representing the Amazon ECR repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION 
+     */
+    appliedFor: RCTAppliedForList;
+    /**
+     * The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as the registry that you are configuring.
+     */
+    customRoleArn?: CustomRoleArn;
+  }
+  export interface CreateRepositoryCreationTemplateResponse {
+    /**
+     * The registry ID associated with the request.
+     */
+    registryId?: RegistryId;
+    /**
+     * The details of the repository creation template associated with the request.
+     */
+    repositoryCreationTemplate?: RepositoryCreationTemplate;
+  }
   export interface CreateRepositoryRequest {
     /**
      * The Amazon Web Services account ID associated with the registry to create the repository. If you do not specify a registry, the default registry is assumed.
@@ -653,6 +733,7 @@ declare namespace ECR {
   }
   export type CreationTimestamp = Date;
   export type CredentialArn = string;
+  export type CustomRoleArn = string;
   export interface CvssScore {
     /**
      * The base CVSS score used for the finding.
@@ -778,6 +859,22 @@ declare namespace ECR {
      */
     policyText?: RegistryPolicyText;
   }
+  export interface DeleteRepositoryCreationTemplateRequest {
+    /**
+     * The repository namespace prefix associated with the repository creation template.
+     */
+    prefix: Prefix;
+  }
+  export interface DeleteRepositoryCreationTemplateResponse {
+    /**
+     * The registry ID associated with the request.
+     */
+    registryId?: RegistryId;
+    /**
+     * The details of the repository creation template that was deleted.
+     */
+    repositoryCreationTemplate?: RepositoryCreationTemplate;
+  }
   export interface DeleteRepositoryPolicyRequest {
     /**
      * The Amazon Web Services account ID associated with the registry that contains the repository policy to delete. If you do not specify a registry, the default registry is assumed.
@@ -960,7 +1057,7 @@ declare namespace ECR {
   }
   export interface DescribeRegistryResponse {
     /**
-     * The ID of the registry.
+     * The registry ID associated with the request.
      */
     registryId?: RegistryId;
     /**
@@ -996,9 +1093,37 @@ declare namespace ECR {
      */
     nextToken?: NextToken;
   }
+  export interface DescribeRepositoryCreationTemplatesRequest {
+    /**
+     * The repository namespace prefixes associated with the repository creation templates to describe. If this value is not specified, all repository creation templates are returned.
+     */
+    prefixes?: PrefixList;
+    /**
+     * The nextToken value returned from a previous paginated DescribeRepositoryCreationTemplates request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value. This value is null when there are no more results to return.  This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes. 
+     */
+    nextToken?: NextToken;
+    /**
+     * The maximum number of repository results returned by DescribeRepositoryCreationTemplatesRequest in paginated output. When this parameter is used, DescribeRepositoryCreationTemplatesRequest only returns maxResults results in a single page along with a nextToken response element. The remaining results of the initial request can be seen by sending another DescribeRepositoryCreationTemplatesRequest request with the returned nextToken value. This value can be between 1 and 1000. If this parameter is not used, then DescribeRepositoryCreationTemplatesRequest returns up to 100 results and a nextToken value, if applicable.
+     */
+    maxResults?: MaxResults;
+  }
+  export interface DescribeRepositoryCreationTemplatesResponse {
+    /**
+     * The registry ID associated with the request.
+     */
+    registryId?: RegistryId;
+    /**
+     * The details of the repository creation templates.
+     */
+    repositoryCreationTemplates?: RepositoryCreationTemplateList;
+    /**
+     * The nextToken value to include in a future DescribeRepositoryCreationTemplates request. When the results of a DescribeRepositoryCreationTemplates request exceed maxResults, this value can be used to retrieve the next page of results. This value is null when there are no more results to return.
+     */
+    nextToken?: NextToken;
+  }
   export interface EncryptionConfiguration {
     /**
-     * The encryption type to use. If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see Protecting data using server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple Storage Service Console Developer Guide. If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage Service Console Developer Guide.
+     * The encryption type to use. If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see Protecting data using server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple Storage Service Console Developer Guide. If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage Service Console Developer Guide.
      */
     encryptionType: EncryptionType;
     /**
@@ -1006,6 +1131,16 @@ declare namespace ECR {
      */
     kmsKey?: KmsKey;
   }
+  export interface EncryptionConfigurationForRepositoryCreationTemplate {
+    /**
+     * The encryption type to use. If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see Protecting data using server-side encryption with an KMS key stored in Key Management Service (SSE-KMS) in the Amazon Simple Storage Service Console Developer Guide. If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the Amazon Simple Storage Service Console Developer Guide.
+     */
+    encryptionType: EncryptionType;
+    /**
+     * If you use the KMS encryption type, specify the KMS key to use for encryption. The full ARN of the KMS key must be specified. The key must exist in the same Region as the repository. If no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR will be used.
+     */
+    kmsKey?: KmsKeyForRepositoryCreationTemplate;
+  }
   export type EncryptionType = "AES256"|"KMS"|string;
   export interface EnhancedImageScanFinding {
     /**
@@ -1205,7 +1340,7 @@ declare namespace ECR {
   }
   export interface GetRegistryPolicyResponse {
     /**
-     * The ID of the registry.
+     * The registry ID associated with the request.
      */
     registryId?: RegistryId;
     /**
@@ -1217,7 +1352,7 @@ declare namespace ECR {
   }
   export interface GetRegistryScanningConfigurationResponse {
     /**
-     * The ID of the registry.
+     * The registry ID associated with the request.
      */
     registryId?: RegistryId;
     /**
@@ -1472,6 +1607,7 @@ declare namespace ECR {
   }
   export type IsPTCRuleValid = boolean;
   export type KmsKey = string;
+  export type KmsKeyForRepositoryCreationTemplate = string;
   export interface Layer {
     /**
      * The sha256 digest of the image layer.
@@ -1557,6 +1693,7 @@ declare namespace ECR {
   }
   export type LifecyclePolicyRulePriority = number;
   export type LifecyclePolicyText = string;
+  export type LifecyclePolicyTextForRepositoryCreationTemplate = string;
   export type LifecyclePreviewMaxResults = number;
   export interface ListImagesFilter {
     /**
@@ -1659,6 +1796,8 @@ declare namespace ECR {
   }
   export type PartSize = number;
   export type Platform = string;
+  export type Prefix = string;
+  export type PrefixList = Prefix[];
   export type ProxyEndpoint = string;
   export interface PullThroughCacheRule {
     /**
@@ -1818,7 +1957,7 @@ declare namespace ECR {
   }
   export interface PutRegistryPolicyResponse {
     /**
-     * The registry ID.
+     * The registry ID associated with the request.
      */
     registryId?: RegistryId;
     /**
@@ -1854,6 +1993,8 @@ declare namespace ECR {
      */
     replicationConfiguration?: ReplicationConfiguration;
   }
+  export type RCTAppliedFor = "REPLICATION"|"PULL_THROUGH_CACHE"|string;
+  export type RCTAppliedForList = RCTAppliedFor[];
   export type Reason = string;
   export interface Recommendation {
     /**
@@ -1962,6 +2103,53 @@ declare namespace ECR {
      */
     encryptionConfiguration?: EncryptionConfiguration;
   }
+  export interface RepositoryCreationTemplate {
+    /**
+     * The repository namespace prefix associated with the repository creation template.
+     */
+    prefix?: Prefix;
+    /**
+     * The description associated with the repository creation template.
+     */
+    description?: RepositoryTemplateDescription;
+    /**
+     * The encryption configuration associated with the repository creation template.
+     */
+    encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate;
+    /**
+     * The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
+     */
+    resourceTags?: TagList;
+    /**
+     * The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
+     */
+    imageTagMutability?: ImageTagMutability;
+    /**
+     * he repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions. 
+     */
+    repositoryPolicy?: RepositoryPolicyText;
+    /**
+     * The lifecycle policy to use for repositories created using the template.
+     */
+    lifecyclePolicy?: LifecyclePolicyTextForRepositoryCreationTemplate;
+    /**
+     * A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION
+     */
+    appliedFor?: RCTAppliedForList;
+    /**
+     * The ARN of the role to be assumed by Amazon ECR.
+     */
+    customRoleArn?: CustomRoleArn;
+    /**
+     * The date and time, in JavaScript date format, when the repository creation template was created.
+     */
+    createdAt?: _Date;
+    /**
+     * The date and time, in JavaScript date format, when the repository creation template was last updated.
+     */
+    updatedAt?: _Date;
+  }
+  export type RepositoryCreationTemplateList = RepositoryCreationTemplate[];
   export interface RepositoryFilter {
     /**
      * The repository filter details. When the PREFIX_MATCH filter type is specified, this value is required and should be the repository name prefix to configure replication for.
@@ -2017,6 +2205,7 @@ declare namespace ECR {
   }
   export type RepositoryScanningConfigurationFailureList = RepositoryScanningConfigurationFailure[];
   export type RepositoryScanningConfigurationList = RepositoryScanningConfiguration[];
+  export type RepositoryTemplateDescription = string;
   export interface Resource {
     /**
      * An object that contains details about the resource involved in a finding.
@@ -2242,6 +2431,51 @@ declare namespace ECR {
      */
     credentialArn?: CredentialArn;
   }
+  export interface UpdateRepositoryCreationTemplateRequest {
+    /**
+     * The repository namespace prefix that matches an existing repository creation template in the registry. All repositories created using this namespace prefix will have the settings defined in this template applied. For example, a prefix of prod would apply to all repositories beginning with prod/. This includes a repository named prod/team1 as well as a repository named prod/repository1. To apply a template to all repositories in your registry that don't have an associated creation template, you can use ROOT as the prefix.
+     */
+    prefix: Prefix;
+    /**
+     * A description for the repository creation template.
+     */
+    description?: RepositoryTemplateDescription;
+    encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate;
+    /**
+     * The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
+     */
+    resourceTags?: TagList;
+    /**
+     * Updates the tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
+     */
+    imageTagMutability?: ImageTagMutability;
+    /**
+     * Updates the repository policy created using the template. A repository policy is a permissions policy associated with a repository to control access permissions. 
+     */
+    repositoryPolicy?: RepositoryPolicyText;
+    /**
+     * Updates the lifecycle policy associated with the specified repository creation template.
+     */
+    lifecyclePolicy?: LifecyclePolicyTextForRepositoryCreationTemplate;
+    /**
+     * Updates the list of enumerable strings representing the Amazon ECR repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION 
+     */
+    appliedFor?: RCTAppliedForList;
+    /**
+     * The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as the registry that you are configuring.
+     */
+    customRoleArn?: CustomRoleArn;
+  }
+  export interface UpdateRepositoryCreationTemplateResponse {
+    /**
+     * The registry ID associated with the request.
+     */
+    registryId?: RegistryId;
+    /**
+     * The details of the repository creation template associated with the request.
+     */
+    repositoryCreationTemplate?: RepositoryCreationTemplate;
+  }
   export type UpdatedTimestamp = Date;
   export type UploadId = string;
   export interface UploadLayerPartRequest {

package/node_modules/aws-sdk/clients/eks.d.ts

@@ -969,6 +969,10 @@ declare namespace EKS {
      * The access configuration for the cluster.
      */
     accessConfig?: AccessConfigResponse;
+    /**
+     * This value indicates if extended support is enabled or disabled for the cluster.  Learn more about EKS Extended Support in the EKS User Guide. 
+     */
+    upgradePolicy?: UpgradePolicyResponse;
   }
   export interface ClusterHealth {
     /**
@@ -1187,6 +1191,10 @@ declare namespace EKS {
      * If you set this value to False when creating a cluster, the default networking add-ons will not be installed. The default networking addons include vpc-cni, coredns, and kube-proxy. Use this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.
      */
     bootstrapSelfManagedAddons?: BoxedBoolean;
+    /**
+     * New clusters, by default, have extended support enabled. You can disable extended support when creating a cluster by setting this value to STANDARD.
+     */
+    upgradePolicy?: UpgradePolicyRequest;
   }
   export interface CreateClusterResponse {
     /**
@@ -2890,6 +2898,7 @@ declare namespace EKS {
   export type RoleArn = string;
   export type String = string;
   export type StringList = String[];
+  export type SupportType = "STANDARD"|"EXTENDED"|string;
   export type TagKey = string;
   export type TagKeyList = TagKey[];
   export type TagMap = {[key: string]: TagValue};
@@ -3049,6 +3058,10 @@ declare namespace EKS {
      * The access configuration for the cluster.
      */
     accessConfig?: UpdateAccessConfigRequest;
+    /**
+     * You can enable or disable extended support for clusters currently on standard support. You cannot disable extended support once it starts. You must enable extended support before your cluster exits standard support.
+     */
+    upgradePolicy?: UpgradePolicyRequest;
   }
   export interface UpdateClusterConfigResponse {
     update?: Update;
@@ -3179,7 +3192,7 @@ declare namespace EKS {
      */
     value?: String;
   }
-  export type UpdateParamType = "Version"|"PlatformVersion"|"EndpointPrivateAccess"|"EndpointPublicAccess"|"ClusterLogging"|"DesiredSize"|"LabelsToAdd"|"LabelsToRemove"|"TaintsToAdd"|"TaintsToRemove"|"MaxSize"|"MinSize"|"ReleaseVersion"|"PublicAccessCidrs"|"LaunchTemplateName"|"LaunchTemplateVersion"|"IdentityProviderConfig"|"EncryptionConfig"|"AddonVersion"|"ServiceAccountRoleArn"|"ResolveConflicts"|"MaxUnavailable"|"MaxUnavailablePercentage"|"ConfigurationValues"|"SecurityGroups"|"Subnets"|"AuthenticationMode"|"PodIdentityAssociations"|string;
+  export type UpdateParamType = "Version"|"PlatformVersion"|"EndpointPrivateAccess"|"EndpointPublicAccess"|"ClusterLogging"|"DesiredSize"|"LabelsToAdd"|"LabelsToRemove"|"TaintsToAdd"|"TaintsToRemove"|"MaxSize"|"MinSize"|"ReleaseVersion"|"PublicAccessCidrs"|"LaunchTemplateName"|"LaunchTemplateVersion"|"IdentityProviderConfig"|"EncryptionConfig"|"AddonVersion"|"ServiceAccountRoleArn"|"ResolveConflicts"|"MaxUnavailable"|"MaxUnavailablePercentage"|"ConfigurationValues"|"SecurityGroups"|"Subnets"|"AuthenticationMode"|"PodIdentityAssociations"|"UpgradePolicy"|string;
   export type UpdateParams = UpdateParam[];
   export interface UpdatePodIdentityAssociationRequest {
     /**
@@ -3216,7 +3229,19 @@ declare namespace EKS {
      */
     removeTaints?: taintsList;
   }
-  export type UpdateType = "VersionUpdate"|"EndpointAccessUpdate"|"LoggingUpdate"|"ConfigUpdate"|"AssociateIdentityProviderConfig"|"DisassociateIdentityProviderConfig"|"AssociateEncryptionConfig"|"AddonUpdate"|"VpcConfigUpdate"|"AccessConfigUpdate"|string;
+  export type UpdateType = "VersionUpdate"|"EndpointAccessUpdate"|"LoggingUpdate"|"ConfigUpdate"|"AssociateIdentityProviderConfig"|"DisassociateIdentityProviderConfig"|"AssociateEncryptionConfig"|"AddonUpdate"|"VpcConfigUpdate"|"AccessConfigUpdate"|"UpgradePolicyUpdate"|string;
+  export interface UpgradePolicyRequest {
+    /**
+     * If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.  Learn more about EKS Extended Support in the EKS User Guide. 
+     */
+    supportType?: SupportType;
+  }
+  export interface UpgradePolicyResponse {
+    /**
+     * If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.  Learn more about EKS Extended Support in the EKS User Guide. 
+     */
+    supportType?: SupportType;
+  }
   export interface VpcConfigRequest {
     /**
      * Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.

package/node_modules/aws-sdk/clients/elbv2.d.ts

@@ -100,6 +100,14 @@ declare class ELBv2 extends Service {
    * Deletes the specified rule. You can't delete the default rule.
    */
   deleteRule(callback?: (err: AWSError, data: ELBv2.Types.DeleteRuleOutput) => void): Request<ELBv2.Types.DeleteRuleOutput, AWSError>;
+  /**
+   * Deletes a shared trust store association.
+   */
+  deleteSharedTrustStoreAssociation(params: ELBv2.Types.DeleteSharedTrustStoreAssociationInput, callback?: (err: AWSError, data: ELBv2.Types.DeleteSharedTrustStoreAssociationOutput) => void): Request<ELBv2.Types.DeleteSharedTrustStoreAssociationOutput, AWSError>;
+  /**
+   * Deletes a shared trust store association.
+   */
+  deleteSharedTrustStoreAssociation(callback?: (err: AWSError, data: ELBv2.Types.DeleteSharedTrustStoreAssociationOutput) => void): Request<ELBv2.Types.DeleteSharedTrustStoreAssociationOutput, AWSError>;
   /**
    * Deletes the specified target group. You can delete a target group if it is not referenced by any actions. Deleting a target group also deletes any associated health checks. Deleting a target group does not affect its registered targets. For example, any EC2 instances continue to run until you stop or terminate them.
    */
@@ -221,21 +229,29 @@ declare class ELBv2 extends Service {
    */
   describeTrustStoreAssociations(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreAssociationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreAssociationsOutput, AWSError>;
   /**
-   * Describes the revocation files in use by the specified trust store arn, or revocation ID.
+   * Describes the revocation files in use by the specified trust store or revocation files.
    */
   describeTrustStoreRevocations(params: ELBv2.Types.DescribeTrustStoreRevocationsInput, callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreRevocationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreRevocationsOutput, AWSError>;
   /**
-   * Describes the revocation files in use by the specified trust store arn, or revocation ID.
+   * Describes the revocation files in use by the specified trust store or revocation files.
    */
   describeTrustStoreRevocations(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoreRevocationsOutput) => void): Request<ELBv2.Types.DescribeTrustStoreRevocationsOutput, AWSError>;
   /**
-   * Describes all trust stores for a given account by trust store arn’s or name.
+   * Describes all trust stores for the specified account.
    */
   describeTrustStores(params: ELBv2.Types.DescribeTrustStoresInput, callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoresOutput) => void): Request<ELBv2.Types.DescribeTrustStoresOutput, AWSError>;
   /**
-   * Describes all trust stores for a given account by trust store arn’s or name.
+   * Describes all trust stores for the specified account.
    */
   describeTrustStores(callback?: (err: AWSError, data: ELBv2.Types.DescribeTrustStoresOutput) => void): Request<ELBv2.Types.DescribeTrustStoresOutput, AWSError>;
+  /**
+   * Retrieves the resource policy for a specified resource.
+   */
+  getResourcePolicy(params: ELBv2.Types.GetResourcePolicyInput, callback?: (err: AWSError, data: ELBv2.Types.GetResourcePolicyOutput) => void): Request<ELBv2.Types.GetResourcePolicyOutput, AWSError>;
+  /**
+   * Retrieves the resource policy for a specified resource.
+   */
+  getResourcePolicy(callback?: (err: AWSError, data: ELBv2.Types.GetResourcePolicyOutput) => void): Request<ELBv2.Types.GetResourcePolicyOutput, AWSError>;
   /**
    * Retrieves the ca certificate bundle. This action returns a pre-signed S3 URI which is active for ten minutes.
    */
@@ -293,11 +309,11 @@ declare class ELBv2 extends Service {
    */
   modifyTargetGroupAttributes(callback?: (err: AWSError, data: ELBv2.Types.ModifyTargetGroupAttributesOutput) => void): Request<ELBv2.Types.ModifyTargetGroupAttributesOutput, AWSError>;
   /**
-   * Update the ca certificate bundle for a given trust store.
+   * Update the ca certificate bundle for the specified trust store.
    */
   modifyTrustStore(params: ELBv2.Types.ModifyTrustStoreInput, callback?: (err: AWSError, data: ELBv2.Types.ModifyTrustStoreOutput) => void): Request<ELBv2.Types.ModifyTrustStoreOutput, AWSError>;
   /**
-   * Update the ca certificate bundle for a given trust store.
+   * Update the ca certificate bundle for the specified trust store.
    */
   modifyTrustStore(callback?: (err: AWSError, data: ELBv2.Types.ModifyTrustStoreOutput) => void): Request<ELBv2.Types.ModifyTrustStoreOutput, AWSError>;
   /**
@@ -903,6 +919,18 @@ declare namespace ELBv2 {
   }
   export interface DeleteRuleOutput {
   }
+  export interface DeleteSharedTrustStoreAssociationInput {
+    /**
+     * The Amazon Resource Name (ARN) of the trust store.
+     */
+    TrustStoreArn: TrustStoreArn;
+    /**
+     * The Amazon Resource Name (ARN) of the resource.
+     */
+    ResourceArn: ResourceArn;
+  }
+  export interface DeleteSharedTrustStoreAssociationOutput {
+  }
   export interface DeleteTargetGroupInput {
     /**
      * The Amazon Resource Name (ARN) of the target group.
@@ -1165,7 +1193,7 @@ declare namespace ELBv2 {
      */
     Targets?: TargetDescriptions;
     /**
-     * Used to inclue anomaly detection information.
+     * Used to include anomaly detection information.
      */
     Include?: ListOfDescribeTargetHealthIncludeOptions;
   }
@@ -1305,6 +1333,18 @@ declare namespace ELBv2 {
      */
     TargetGroupStickinessConfig?: TargetGroupStickinessConfig;
   }
+  export interface GetResourcePolicyInput {
+    /**
+     * The Amazon Resource Name (ARN) of the resource.
+     */
+    ResourceArn: ResourceArn;
+  }
+  export interface GetResourcePolicyOutput {
+    /**
+     * The content of the resource policy.
+     */
+    Policy?: Policy;
+  }
   export interface GetTrustStoreCaCertificatesBundleInput {
     /**
      * The Amazon Resource Name (ARN) of the trust store.
@@ -1722,6 +1762,10 @@ declare namespace ELBv2 {
      * Indicates whether expired client certificates are ignored.
      */
     IgnoreClientCertificateExpiry?: IgnoreClientCertificateExpiry;
+    /**
+     * Indicates a shared trust stores association status.
+     */
+    TrustStoreAssociationStatus?: TrustStoreAssociationStatusEnum;
   }
   export type Name = string;
   export type NumberOfCaCertificates = number;
@@ -1735,6 +1779,7 @@ declare namespace ELBv2 {
      */
     Values?: ListOfString;
   }
+  export type Policy = string;
   export type Port = number;
   export type PrivateIPv4Address = string;
   export type ProtocolEnum = "HTTP"|"HTTPS"|"TCP"|"TLS"|"UDP"|"TCP_UDP"|"GENEVE"|string;
@@ -1943,7 +1988,7 @@ declare namespace ELBv2 {
      */
     LoadBalancerArn: LoadBalancerArn;
     /**
-     * Note: Internal load balancers must use the ipv4 IP address type. [Application Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses), dualstack (for IPv4 and IPv6 addresses), and dualstack-without-public-ipv4 (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). [Network Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
+     * Note: Internal load balancers must use the ipv4 IP address type. [Application Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses), dualstack (for IPv4 and IPv6 addresses), and dualstack-without-public-ipv4 (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ipv4 (for only IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
      */
     IpAddressType: IpAddressType;
   }
@@ -2296,6 +2341,7 @@ declare namespace ELBv2 {
     ResourceArn?: TrustStoreAssociationResourceArn;
   }
   export type TrustStoreAssociationResourceArn = string;
+  export type TrustStoreAssociationStatusEnum = "active"|"removed"|string;
   export type TrustStoreAssociations = TrustStoreAssociation[];
   export type TrustStoreName = string;
   export type TrustStoreNames = TrustStoreName[];