Update generated code

manifest.json

@@ -1,6 +1,6 @@
 {
     "variables": {
-        "${LATEST}": "3.321.7"
+        "${LATEST}": "3.321.10"
     },
     "endpoints": "https://raw.githubusercontent.com/aws/aws-sdk-php/${LATEST}/src/data/endpoints.json",
     "services": {

src/Service/CognitoIdentityProvider/CHANGELOG.md

@@ -5,6 +5,7 @@
 ### Added
 
 - AWS api-change: Added `PasswordHistoryPolicyViolationException` exception.
+- AWS api-change: Added email MFA option to user pools with advanced security features.
 
 ### Changed
 

src/Service/CognitoIdentityProvider/src/Enum/ChallengeNameType.php

@@ -8,6 +8,7 @@ final class ChallengeNameType
     public const CUSTOM_CHALLENGE = 'CUSTOM_CHALLENGE';
     public const DEVICE_PASSWORD_VERIFIER = 'DEVICE_PASSWORD_VERIFIER';
     public const DEVICE_SRP_AUTH = 'DEVICE_SRP_AUTH';
+    public const EMAIL_OTP = 'EMAIL_OTP';
     public const MFA_SETUP = 'MFA_SETUP';
     public const NEW_PASSWORD_REQUIRED = 'NEW_PASSWORD_REQUIRED';
     public const PASSWORD_VERIFIER = 'PASSWORD_VERIFIER';
@@ -22,6 +23,7 @@ public static function exists(string $value): bool
             self::CUSTOM_CHALLENGE => true,
             self::DEVICE_PASSWORD_VERIFIER => true,
             self::DEVICE_SRP_AUTH => true,
+            self::EMAIL_OTP => true,
             self::MFA_SETUP => true,
             self::NEW_PASSWORD_REQUIRED => true,
             self::PASSWORD_VERIFIER => true,

src/Service/CognitoIdentityProvider/src/Input/RespondToAuthChallengeRequest.php

@@ -55,9 +55,16 @@ final class RespondToAuthChallengeRequest extends Input
      *
      * - `SMS_MFA`:
      *
-     *   `"ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]", "USERNAME": "[username]"}`
+     *   `"ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[code]", "USERNAME": "[username]"}`
+     * - `EMAIL_OTP`:
+     *
+     *   `"ChallengeName": "EMAIL_OTP", "ChallengeResponses": {"EMAIL_OTP_CODE": "[code]", "USERNAME": "[username]"}`
      * - `PASSWORD_VERIFIER`:
      *
+     *   This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this
+     *   challenge within a few seconds. When the response time exceeds this period, your user pool returns a
+     *   `NotAuthorizedException` error.
+     *
      *   `"ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE": "[claim_signature]",
      *   "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}`
      *

src/Service/CognitoIdentityProvider/src/Input/SetUserMFAPreferenceRequest.php

@@ -2,6 +2,7 @@
 
 namespace AsyncAws\CognitoIdentityProvider\Input;
 
+use AsyncAws\CognitoIdentityProvider\ValueObject\EmailMfaSettingsType;
 use AsyncAws\CognitoIdentityProvider\ValueObject\SMSMfaSettingsType;
 use AsyncAws\CognitoIdentityProvider\ValueObject\SoftwareTokenMfaSettingsType;
 use AsyncAws\Core\Exception\InvalidArgument;
@@ -12,19 +13,32 @@
 final class SetUserMFAPreferenceRequest extends Input
 {
     /**
-     * The SMS text message multi-factor authentication (MFA) settings.
+     * User preferences for SMS message MFA. Activates or deactivates SMS MFA and sets it as the preferred MFA method when
+     * multiple methods are available.
      *
      * @var SMSMfaSettingsType|null
      */
     private $smsMfaSettings;
 
     /**
-     * The time-based one-time password (TOTP) software token MFA settings.
+     * User preferences for time-based one-time password (TOTP) MFA. Activates or deactivates TOTP MFA and sets it as the
+     * preferred MFA method when multiple methods are available.
      *
      * @var SoftwareTokenMfaSettingsType|null
      */
     private $softwareTokenMfaSettings;
 
+    /**
+     * User preferences for email message MFA. Activates or deactivates email MFA and sets it as the preferred MFA method
+     * when multiple methods are available. To activate this setting, advanced security features [^1] must be active in your
+     * user pool.
+     *
+     * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
+     *
+     * @var EmailMfaSettingsType|null
+     */
+    private $emailMfaSettings;
+
     /**
      * A valid access token that Amazon Cognito issued to the user whose MFA preference you want to set.
      *
@@ -38,6 +52,7 @@ final class SetUserMFAPreferenceRequest extends Input
      * @param array{
      *   SMSMfaSettings?: null|SMSMfaSettingsType|array,
      *   SoftwareTokenMfaSettings?: null|SoftwareTokenMfaSettingsType|array,
+     *   EmailMfaSettings?: null|EmailMfaSettingsType|array,
      *   AccessToken?: string,
      *   '@region'?: string|null,
      * } $input
@@ -46,6 +61,7 @@ public function __construct(array $input = [])
     {
         $this->smsMfaSettings = isset($input['SMSMfaSettings']) ? SMSMfaSettingsType::create($input['SMSMfaSettings']) : null;
         $this->softwareTokenMfaSettings = isset($input['SoftwareTokenMfaSettings']) ? SoftwareTokenMfaSettingsType::create($input['SoftwareTokenMfaSettings']) : null;
+        $this->emailMfaSettings = isset($input['EmailMfaSettings']) ? EmailMfaSettingsType::create($input['EmailMfaSettings']) : null;
         $this->accessToken = $input['AccessToken'] ?? null;
         parent::__construct($input);
     }
@@ -54,6 +70,7 @@ public function __construct(array $input = [])
      * @param array{
      *   SMSMfaSettings?: null|SMSMfaSettingsType|array,
      *   SoftwareTokenMfaSettings?: null|SoftwareTokenMfaSettingsType|array,
+     *   EmailMfaSettings?: null|EmailMfaSettingsType|array,
      *   AccessToken?: string,
      *   '@region'?: string|null,
      * }|SetUserMFAPreferenceRequest $input
@@ -68,6 +85,11 @@ public function getAccessToken(): ?string
         return $this->accessToken;
     }
 
+    public function getEmailMfaSettings(): ?EmailMfaSettingsType
+    {
+        return $this->emailMfaSettings;
+    }
+
     public function getSmsMfaSettings(): ?SMSMfaSettingsType
     {
         return $this->smsMfaSettings;
@@ -111,6 +133,13 @@ public function setAccessToken(?string $value): self
         return $this;
     }
 
+    public function setEmailMfaSettings(?EmailMfaSettingsType $value): self
+    {
+        $this->emailMfaSettings = $value;
+
+        return $this;
+    }
+
     public function setSmsMfaSettings(?SMSMfaSettingsType $value): self
     {
         $this->smsMfaSettings = $value;
@@ -134,6 +163,9 @@ private function requestBody(): array
         if (null !== $v = $this->softwareTokenMfaSettings) {
             $payload['SoftwareTokenMfaSettings'] = $v->requestBody();
         }
+        if (null !== $v = $this->emailMfaSettings) {
+            $payload['EmailMfaSettings'] = $v->requestBody();
+        }
         if (null === $v = $this->accessToken) {
             throw new InvalidArgument(\sprintf('Missing parameter "AccessToken" for "%s". The value cannot be null.', __CLASS__));
         }

src/Service/CognitoIdentityProvider/src/Result/AdminGetUserResponse.php

@@ -81,7 +81,7 @@ class AdminGetUserResponse extends Result
     private $preferredMfaSetting;
 
     /**
-     * The MFA options that are activated for the user. The possible values in this list are `SMS_MFA` and
+     * The MFA options that are activated for the user. The possible values in this list are `SMS_MFA`, `EMAIL_OTP`, and
      * `SOFTWARE_TOKEN_MFA`.
      *
      * @var string[]

src/Service/CognitoIdentityProvider/src/Result/AdminInitiateAuthResponse.php

@@ -19,9 +19,10 @@ class AdminInitiateAuthResponse extends Result
      *
      * - `MFA_SETUP`: If MFA is required, users who don't have at least one of the MFA methods set up are presented with an
      *   `MFA_SETUP` challenge. The user must set up at least one MFA type to continue to authenticate.
-     * - `SELECT_MFA_TYPE`: Selects the MFA type. Valid MFA options are `SMS_MFA` for text SMS MFA, and `SOFTWARE_TOKEN_MFA`
-     *   for time-based one-time password (TOTP) software token MFA.
-     * - `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`, delivered via SMS.
+     * - `SELECT_MFA_TYPE`: Selects the MFA type. Valid MFA options are `SMS_MFA` for SMS message MFA, `EMAIL_OTP` for email
+     *   message MFA, and `SOFTWARE_TOKEN_MFA` for time-based one-time password (TOTP) software token MFA.
+     * - `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`that your user pool delivered in an SMS message.
+     * - `EMAIL_OTP`: Next challenge is to supply an `EMAIL_OTP_CODE` that your user pool delivered in an email message.
      * - `PASSWORD_VERIFIER`: Next challenge is to supply `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
      *   `TIMESTAMP` after the client-side SRP calculations.
      * - `CUSTOM_CHALLENGE`: This is returned if your custom authentication flow determines that the user should pass

src/Service/CognitoIdentityProvider/src/Result/GetUserResponse.php

@@ -45,7 +45,7 @@ class GetUserResponse extends Result
     private $preferredMfaSetting;
 
     /**
-     * The MFA options that are activated for the user. The possible values in this list are `SMS_MFA` and
+     * The MFA options that are activated for the user. The possible values in this list are `SMS_MFA`, `EMAIL_OTP`, and
      * `SOFTWARE_TOKEN_MFA`.
      *
      * @var string[]

src/Service/CognitoIdentityProvider/src/Result/InitiateAuthResponse.php

@@ -21,7 +21,8 @@ class InitiateAuthResponse extends Result
      *
      * > All of the following challenges require `USERNAME` and `SECRET_HASH` (if applicable) in the parameters.
      *
-     * - `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`, delivered via SMS.
+     * - `SMS_MFA`: Next challenge is to supply an `SMS_MFA_CODE`that your user pool delivered in an SMS message.
+     * - `EMAIL_OTP`: Next challenge is to supply an `EMAIL_OTP_CODE` that your user pool delivered in an email message.
      * - `PASSWORD_VERIFIER`: Next challenge is to supply `PASSWORD_CLAIM_SIGNATURE`, `PASSWORD_CLAIM_SECRET_BLOCK`, and
      *   `TIMESTAMP` after the client-side SRP calculations.
      * - `CUSTOM_CHALLENGE`: This is returned if your custom authentication flow determines that the user should pass

src/Service/CognitoIdentityProvider/src/ValueObject/EmailMfaSettingsType.php

@@ -0,0 +1,78 @@
+<?php
+
+namespace AsyncAws\CognitoIdentityProvider\ValueObject;
+
+/**
+ * User preferences for multi-factor authentication with email messages. Activates or deactivates email MFA and sets it
+ * as the preferred MFA method when multiple methods are available. To activate this setting, advanced security features
+ * [^1] must be active in your user pool.
+ *
+ * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
+ */
+final class EmailMfaSettingsType
+{
+    /**
+     * Specifies whether email message MFA is active for a user. When the value of this parameter is `Enabled`, the user
+     * will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been
+     * trusted.
+     *
+     * @var bool|null
+     */
+    private $enabled;
+
+    /**
+     * Specifies whether email message MFA is the user's preferred method.
+     *
+     * @var bool|null
+     */
+    private $preferredMfa;
+
+    /**
+     * @param array{
+     *   Enabled?: null|bool,
+     *   PreferredMfa?: null|bool,
+     * } $input
+     */
+    public function __construct(array $input)
+    {
+        $this->enabled = $input['Enabled'] ?? null;
+        $this->preferredMfa = $input['PreferredMfa'] ?? null;
+    }
+
+    /**
+     * @param array{
+     *   Enabled?: null|bool,
+     *   PreferredMfa?: null|bool,
+     * }|EmailMfaSettingsType $input
+     */
+    public static function create($input): self
+    {
+        return $input instanceof self ? $input : new self($input);
+    }
+
+    public function getEnabled(): ?bool
+    {
+        return $this->enabled;
+    }
+
+    public function getPreferredMfa(): ?bool
+    {
+        return $this->preferredMfa;
+    }
+
+    /**
+     * @internal
+     */
+    public function requestBody(): array
+    {
+        $payload = [];
+        if (null !== $v = $this->enabled) {
+            $payload['Enabled'] = (bool) $v;
+        }
+        if (null !== $v = $this->preferredMfa) {
+            $payload['PreferredMfa'] = (bool) $v;
+        }
+
+        return $payload;
+    }
+}

src/Service/CognitoIdentityProvider/src/ValueObject/SMSMfaSettingsType.php

@@ -12,8 +12,8 @@
 final class SMSMfaSettingsType
 {
     /**
-     * Specifies whether SMS text message MFA is activated. If an MFA type is activated for a user, the user will be
-     * prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted.
+     * Specifies whether SMS message MFA is activated. If an MFA type is activated for a user, the user will be prompted for
+     * MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted.
      *
      * @var bool|null
      */

src/Service/MediaConvert/CHANGELOG.md

@@ -2,6 +2,10 @@
 
 ## NOT RELEASED
 
+### Added
+
+- AWS api-change: This release includes support for dynamic video overlay workflows, including picture-in-picture and squeezeback
+
 ### Changed
 
 - Enable compiler optimization for the `sprintf` function.

src/Service/MediaConvert/composer.json

@@ -28,7 +28,7 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "1.3-dev"
+            "dev-master": "1.4-dev"
         }
     }
 }

src/Service/MediaConvert/src/Enum/AacCodecProfile.php

@@ -3,7 +3,10 @@
 namespace AsyncAws\MediaConvert\Enum;
 
 /**
- * AAC Profile.
+ * Specify the AAC profile. For the widest player compatibility and where higher bitrates are acceptable: Keep the
+ * default profile, LC (AAC-LC) For improved audio performance at lower bitrates: Choose HEV1 or HEV2. HEV1 (AAC-HE v1)
+ * adds spectral band replication to improve speech audio at low bitrates. HEV2 (AAC-HE v2) adds parametric stereo,
+ * which optimizes for encoding stereo audio at very low bitrates.
  */
 final class AacCodecProfile
 {

src/Service/MediaConvert/src/Enum/AacRateControlMode.php

@@ -3,7 +3,9 @@
 namespace AsyncAws\MediaConvert\Enum;
 
 /**
- * Rate Control Mode.
+ * Specify the AAC rate control mode. For a constant bitrate: Choose CBR. Your AAC output bitrate will be equal to the
+ * value that you choose for Bitrate. For a variable bitrate: Choose VBR. Your AAC output bitrate will vary according to
+ * your audio content and the value that you choose for Bitrate quality.
  */
 final class AacRateControlMode
 {

src/Service/MediaConvert/src/Enum/AacVbrQuality.php

@@ -3,7 +3,8 @@
 namespace AsyncAws\MediaConvert\Enum;
 
 /**
- * VBR Quality Level - Only used if rate_control_mode is VBR.
+ * Specify the quality of your variable bitrate (VBR) AAC audio. For a list of approximate VBR bitrates, see:
+ * https://docs.aws.amazon.com/mediaconvert/latest/ug/aac-support.html#aac_vbr
  */
 final class AacVbrQuality
 {

src/Service/MediaConvert/src/Enum/AudioDurationCorrection.php

@@ -11,12 +11,15 @@
  * align the audio track length with STTS duration. Track-level correction does not affect pitch, and is recommended for
  * tonal audio content such as music. * Frame: Adjust the duration of each audio frame by a variable amount to align
  * audio frames with STTS timestamps. No corrections are made to already-aligned frames. Frame-level correction may
- * affect the pitch of corrected frames, and is recommended for atonal audio content such as speech or percussion.
+ * affect the pitch of corrected frames, and is recommended for atonal audio content such as speech or percussion. *
+ * Force: Apply audio duration correction, either Track or Frame depending on your input, regardless of the accuracy of
+ * your input's STTS table. Your output audio and video may not be aligned or it may contain audio artifacts.
  */
 final class AudioDurationCorrection
 {
     public const AUTO = 'AUTO';
     public const DISABLED = 'DISABLED';
+    public const FORCE = 'FORCE';
     public const FRAME = 'FRAME';
     public const TRACK = 'TRACK';
 
@@ -25,6 +28,7 @@ public static function exists(string $value): bool
         return isset([
             self::AUTO => true,
             self::DISABLED => true,
+            self::FORCE => true,
             self::FRAME => true,
             self::TRACK => true,
         ][$value]);

src/Service/MediaConvert/src/Enum/CaptionSourceByteRateLimit.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace AsyncAws\MediaConvert\Enum;
+
+/**
+ * Choose whether to limit the byte rate at which your SCC input captions are inserted into your output. To not limit
+ * the caption rate: We recommend that you keep the default value, Disabled. MediaConvert inserts captions in your
+ * output according to the byte rates listed in the EIA-608 specification, typically 2 or 3 caption bytes per frame
+ * depending on your output frame rate. To limit your output caption rate: Choose Enabled. Choose this option if your
+ * downstream systems require a maximum of 2 caption bytes per frame. Note that this setting has no effect when your
+ * output frame rate is 30 or 60.
+ */
+final class CaptionSourceByteRateLimit
+{
+    public const DISABLED = 'DISABLED';
+    public const ENABLED = 'ENABLED';
+
+    public static function exists(string $value): bool
+    {
+        return isset([
+            self::DISABLED => true,
+            self::ENABLED => true,
+        ][$value]);
+    }
+}