Update generated code

manifest.json

@@ -1,6 +1,6 @@
 {
     "variables": {
-        "${LATEST}": "3.334.2"
+        "${LATEST}": "3.334.4"
     },
     "endpoints": "https://raw.githubusercontent.com/aws/aws-sdk-php/${LATEST}/src/data/endpoints.json",
     "services": {

src/Service/CognitoIdentityProvider/CHANGELOG.md

@@ -2,6 +2,10 @@
 
 ## NOT RELEASED
 
+### Changed
+
+- AWS enhancement: Documentation updates.
+
 ## 1.10.0
 
 ### Added

src/Service/CognitoIdentityProvider/src/Input/AdminAddUserToGroupRequest.php

@@ -10,7 +10,7 @@
 final class AdminAddUserToGroupRequest extends Input
 {
     /**
-     * The user pool ID for the user pool.
+     * The ID of the user pool that contains the group that you want to add the user to.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminConfirmSignUpRequest.php

@@ -13,7 +13,7 @@
 final class AdminConfirmSignUpRequest extends Input
 {
     /**
-     * The user pool ID for which you want to confirm user registration.
+     * The ID of the user pool where you want to confirm a user's sign-up request.
      *
      * @required
      *
@@ -44,13 +44,13 @@ final class AdminConfirmSignUpRequest extends Input
      * For more information, see Customizing user pool Workflows with Lambda Triggers [^1] in the *Amazon Cognito Developer
      * Guide*.
      *
-     * > When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
+     * > When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:
      * >
-     * > - Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool
-     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata
+     * > - Store the `ClientMetadata` value. This data is available only to Lambda triggers that are assigned to a user pool
+     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata`
      * >   parameter serves no purpose.
-     * > - Validate the ClientMetadata value.
-     * > - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+     * > - Validate the `ClientMetadata` value.
+     * > - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.
      * >
      *
      * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

src/Service/CognitoIdentityProvider/src/Input/AdminCreateUserRequest.php

@@ -16,7 +16,7 @@
 final class AdminCreateUserRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where the user will be created.
+     * The ID of the user pool where you want to create a user.
      *
      * @required
      *
@@ -123,9 +123,9 @@ final class AdminCreateUserRequest extends Input
      * This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True`. Otherwise,
      * it is ignored.
      *
-     * If this parameter is set to `True` and the phone number or email address specified in the UserAttributes parameter
-     * already exists as an alias with a different user, the API call will migrate the alias from the previous user to the
-     * newly created user. The previous user will no longer be able to log in using that alias.
+     * If this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter
+     * already exists as an alias with a different user, this request migrates the alias from the previous user to the
+     * newly-created user. The previous user will no longer be able to log in using that alias.
      *
      * If this parameter is set to `False`, the API throws an `AliasExistsException` error if the alias already exists. The
      * default value is `False`.
@@ -135,16 +135,17 @@ final class AdminCreateUserRequest extends Input
     private $forceAliasCreation;
 
     /**
-     * Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the
-     * user's account. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.
+     * Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password
+     * duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one
+     * value.
      *
      * @var MessageActionType::*|null
      */
     private $messageAction;
 
     /**
-     * Specify `"EMAIL"` if email will be used to send the welcome message. Specify `"SMS"` if the phone number will be
-     * used. The default value is `"SMS"`. You can specify more than one value.
+     * Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used.
+     * The default value is `SMS`. You can specify more than one value.
      *
      * @var list<DeliveryMediumType::*>|null
      */
@@ -156,20 +157,20 @@ final class AdminCreateUserRequest extends Input
      * You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminCreateUser API
      * action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito
      * invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a
-     * `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your
+     * `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your
      * AdminCreateUser request. In your function code in Lambda, you can process the `clientMetadata` value to enhance your
      * workflow for your specific needs.
      *
      * For more information, see Customizing user pool Workflows with Lambda Triggers [^1] in the *Amazon Cognito Developer
      * Guide*.
      *
-     * > When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
+     * > When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:
      * >
-     * > - Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool
-     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata
+     * > - Store the `ClientMetadata` value. This data is available only to Lambda triggers that are assigned to a user pool
+     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata`
      * >   parameter serves no purpose.
-     * > - Validate the ClientMetadata value.
-     * > - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+     * > - Validate the `ClientMetadata` value.
+     * > - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.
      * >
      *
      * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

src/Service/CognitoIdentityProvider/src/Input/AdminDeleteUserRequest.php

@@ -13,7 +13,7 @@
 final class AdminDeleteUserRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to delete the user.
+     * The ID of the user pool where you want to delete the user.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminDisableUserRequest.php

@@ -13,7 +13,7 @@
 final class AdminDisableUserRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to disable the user.
+     * The ID of the user pool where you want to disable the user.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminEnableUserRequest.php

@@ -13,7 +13,7 @@
 final class AdminEnableUserRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to enable the user.
+     * The ID of the user pool where you want to activate sign-in for the user.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminGetUserRequest.php

@@ -13,7 +13,7 @@
 final class AdminGetUserRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to get information about the user.
+     * The ID of the user pool where you want to get information about the user.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminInitiateAuthRequest.php

@@ -16,7 +16,7 @@
 final class AdminInitiateAuthRequest extends Input
 {
     /**
-     * The ID of the Amazon Cognito user pool.
+     * The ID of the user pool where the user wants to sign in.
      *
      * @required
      *
@@ -25,7 +25,7 @@ final class AdminInitiateAuthRequest extends Input
     private $userPoolId;
 
     /**
-     * The app client ID.
+     * The ID of the app client where the user wants to sign in.
      *
      * @required
      *
@@ -34,8 +34,8 @@ final class AdminInitiateAuthRequest extends Input
     private $clientId;
 
     /**
-     * The authentication flow that you want to initiate. The `AuthParameters` that you must submit are linked to the flow
-     * that you submit. For example:
+     * The authentication flow that you want to initiate. Each `AuthFlow` has linked `AuthParameters` that you must submit.
+     * The following are some example flows and their parameters.
      *
      * - `USER_AUTH`: Request a preferred authentication type or review available authentication types. From the offered
      *   authentication types, select one in a challenge response and then authenticate with that method in an additional
@@ -47,11 +47,11 @@ final class AdminInitiateAuthRequest extends Input
      * - `ADMIN_USER_PASSWORD_AUTH`: Receive new tokens or the next challenge, for example `SOFTWARE_TOKEN_MFA`, when you
      *   pass `USERNAME` and `PASSWORD` parameters.
      *
-     * Valid values include the following:
+     * *All flows*
      *
      * - `USER_AUTH`:
      *
-     *   The entry point for sign-in with passwords, one-time passwords, biometric devices, and security keys.
+     *   The entry point for sign-in with passwords, one-time passwords, and WebAuthN authenticators.
      * - `USER_SRP_AUTH`:
      *
      *   Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP
@@ -140,13 +140,13 @@ final class AdminInitiateAuthRequest extends Input
      * For more information, see Customizing user pool Workflows with Lambda Triggers [^1] in the *Amazon Cognito Developer
      * Guide*.
      *
-     * > When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
+     * > When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:
      * >
-     * > - Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool
-     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata
+     * > - Store the `ClientMetadata` value. This data is available only to Lambda triggers that are assigned to a user pool
+     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata`
      * >   parameter serves no purpose.
-     * > - Validate the ClientMetadata value.
-     * > - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+     * > - Validate the `ClientMetadata` value.
+     * > - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.
      * >
      *
      * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html
@@ -156,7 +156,7 @@ final class AdminInitiateAuthRequest extends Input
     private $clientMetadata;
 
     /**
-     * The analytics metadata for collecting Amazon Pinpoint metrics for `AdminInitiateAuth` calls.
+     * The analytics metadata for collecting Amazon Pinpoint metrics.
      *
      * @var AnalyticsMetadataType|null
      */
@@ -167,13 +167,18 @@ final class AdminInitiateAuthRequest extends Input
      * advanced security evaluates the risk of an authentication event based on the context that your app generates and
      * passes to Amazon Cognito when it makes API requests.
      *
+     * For more information, see Collecting data for threat protection in applications [^1].
+     *
+     * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-viewing-threat-protection-app.html
+     *
      * @var ContextDataType|null
      */
     private $contextData;
 
     /**
      * The optional session ID from a `ConfirmSignUp` API request. You can sign in a user directly from the sign-up process
-     * with the `USER_AUTH` authentication flow.
+     * with an `AuthFlow` of `USER_AUTH` and `AuthParameters` of `EMAIL_OTP` or `SMS_OTP`, depending on how your user pool
+     * sent the confirmation-code message.
      *
      * @var string|null
      */

src/Service/CognitoIdentityProvider/src/Input/AdminRemoveUserFromGroupRequest.php

@@ -10,7 +10,7 @@
 final class AdminRemoveUserFromGroupRequest extends Input
 {
     /**
-     * The user pool ID for the user pool.
+     * The ID of the user pool that contains the group and the user that you want to remove.
      *
      * @required
      *
@@ -30,7 +30,7 @@ final class AdminRemoveUserFromGroupRequest extends Input
     private $username;
 
     /**
-     * The group name.
+     * The name of the group that you want to remove the user from, for example `MyTestGroup`.
      *
      * @required
      *

src/Service/CognitoIdentityProvider/src/Input/AdminResetUserPasswordRequest.php

@@ -13,7 +13,7 @@
 final class AdminResetUserPasswordRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to reset the user's password.
+     * The ID of the user pool where you want to reset the user's password.
      *
      * @required
      *
@@ -35,23 +35,23 @@ final class AdminResetUserPasswordRequest extends Input
     /**
      * A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
      *
-     * You create custom workflows by assigning Lambda functions to user pool triggers. When you use the
-     * AdminResetUserPassword API action, Amazon Cognito invokes the function that is assigned to the *custom message*
-     * trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input.
-     * This payload contains a `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata
-     * parameter in your AdminResetUserPassword request. In your function code in Lambda, you can process the
-     * `clientMetadata` value to enhance your workflow for your specific needs.
+     * You create custom workflows by assigning Lambda functions to user pool triggers. The `AdminResetUserPassword` API
+     * operation invokes the function that is assigned to the *custom message* trigger. When Amazon Cognito invokes this
+     * function, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata`
+     * attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminResetUserPassword
+     * request. In your function code in Lambda, you can process the `clientMetadata` value to enhance your workflow for
+     * your specific needs.
      *
      * For more information, see Customizing user pool Workflows with Lambda Triggers [^1] in the *Amazon Cognito Developer
      * Guide*.
      *
-     * > When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
+     * > When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:
      * >
-     * > - Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool
-     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata
+     * > - Store the `ClientMetadata` value. This data is available only to Lambda triggers that are assigned to a user pool
+     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata`
      * >   parameter serves no purpose.
-     * > - Validate the ClientMetadata value.
-     * > - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+     * > - Validate the `ClientMetadata` value.
+     * > - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.
      * >
      *
      * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

src/Service/CognitoIdentityProvider/src/Input/AdminSetUserPasswordRequest.php

@@ -10,7 +10,7 @@
 final class AdminSetUserPasswordRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to set the user's password.
+     * The ID of the user pool where you want to set the user's password.
      *
      * @required
      *
@@ -30,7 +30,9 @@ final class AdminSetUserPasswordRequest extends Input
     private $username;
 
     /**
-     * The password for the user.
+     * The new temporary or permanent password that you want to set for the user. You can't remove the password for a user
+     * who already has a password so that they can only sign in with passwordless methods. In this scenario, you must create
+     * a new user without a password.
      *
      * @required
      *
@@ -39,7 +41,8 @@ final class AdminSetUserPasswordRequest extends Input
     private $password;
 
     /**
-     * `True` if the password is permanent, `False` if it is temporary.
+     * Set to `true` to set a password that the user can immediately sign in with. Set to `false` to set a temporary
+     * password that the user must change on their next sign-in.
      *
      * @var bool|null
      */

src/Service/CognitoIdentityProvider/src/Input/AdminUpdateUserAttributesRequest.php

@@ -14,7 +14,7 @@
 final class AdminUpdateUserAttributesRequest extends Input
 {
     /**
-     * The user pool ID for the user pool where you want to update user attributes.
+     * The ID of the user pool where you want to update user attributes.
      *
      * @required
      *
@@ -67,13 +67,13 @@ final class AdminUpdateUserAttributesRequest extends Input
      * For more information, see Customizing user pool Workflows with Lambda Triggers [^1] in the *Amazon Cognito Developer
      * Guide*.
      *
-     * > When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
+     * > When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:
      * >
-     * > - Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool
-     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata
+     * > - Store the `ClientMetadata` value. This data is available only to Lambda triggers that are assigned to a user pool
+     * >   to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata`
      * >   parameter serves no purpose.
-     * > - Validate the ClientMetadata value.
-     * > - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+     * > - Validate the `ClientMetadata` value.
+     * > - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.
      * >
      *
      * [^1]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

src/Service/CognitoIdentityProvider/src/Input/AdminUserGlobalSignOutRequest.php

@@ -13,7 +13,7 @@
 final class AdminUserGlobalSignOutRequest extends Input
 {
     /**
-     * The user pool ID.
+     * The ID of the user pool where you want to sign out a user.
      *
      * @required
      *