Doc-only update to add more information to GetCertificate action.

This is the initial SDK release for Region switch
Added a note to Framework APIs (CreateAssessmentFramework, GetAssessmentFramework, UpdateAssessmentFramework) clarifying that the Controls object returns a partial response when called through Framework APIs. Added documentation that the Framework's controlSources parameter is no longer supported.
This release adds support for the Asia Pacific (Jakarta) (ap-southeast-3) Region.
Release new resource detail type CodeRepository
CloudWatch Observability Admin adds the ability to enable telemetry on AWS resources such as Amazon VPCs (Flow Logs) in customers AWS Accounts and Organizations. The release introduces new APIs to manage telemetry rules, which define telemetry settings to be applied on AWS resources.
Amazon SNS support for Amazon SQS fair queues
Add support for IPv6 Networking for Clusters.
This release includes fix for InvestigationGroup timestamp conversion issue.

Author: aws-sdk-cpp-automation

VERSION

@@ -1 +1 @@
-1.11.617
+1.11.618

generated/src/aws-cpp-sdk-acm-pca/include/aws/acm-pca/ACMPCAClient.h

@@ -252,7 +252,17 @@ namespace ACMPCA
          * action returns the time remaining in the restoration window of a private CA in
          * the <code>DELETED</code> state. To restore an eligible CA, call the <a
          * href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_RestoreCertificateAuthority.html">RestoreCertificateAuthority</a>
-         * action.</p><p><h3>See Also:</h3>   <a
+         * action.</p>  <p>A private CA can be deleted if it is in the
+         * <code>PENDING_CERTIFICATE</code>, <code>CREATING</code>, <code>EXPIRED</code>,
+         * <code>DISABLED</code>, or <code>FAILED</code> state. To delete a CA in the
+         * <code>ACTIVE</code> state, you must first disable it, or else the delete request
+         * results in an exception. If you are deleting a private CA in the
+         * <code>PENDING_CERTIFICATE</code> or <code>DISABLED</code> state, you can set the
+         * length of its restoration period to 7-30 days. The default is 30. During this
+         * time, the status is set to <code>DELETED</code> and the CA can be restored. A
+         * private CA deleted in the <code>CREATING</code> or <code>FAILED</code> state has
+         * no assigned restoration period and cannot be restored.</p>
+         * <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DeleteCertificateAuthority">AWS
          * API Reference</a></p>
          */
@@ -456,8 +466,8 @@ namespace ACMPCA
          * href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_IssueCertificate.html">IssueCertificate</a>
          * action. You must specify both the ARN of your private CA and the ARN of the
          * issued certificate when calling the <b>GetCertificate</b> action. You can
-         * retrieve the certificate if it is in the <b>ISSUED</b> state. You can call the
-         * <a
+         * retrieve the certificate if it is in the <b>ISSUED</b>, <b>EXPIRED</b>, or
+         * <b>REVOKED</b> state. You can call the <a
          * href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html">CreateCertificateAuthorityAuditReport</a>
          * action to create a report that contains information about all of the
          * certificates issued and revoked by your private CA. </p><p><h3>See Also:</h3>  

generated/src/aws-cpp-sdk-acm-pca/include/aws/acm-pca/model/CertificateAuthority.h

@@ -216,13 +216,15 @@ namespace Model
 
     ///@{
     /**
-     * <p>Defines a cryptographic key management compliance standard used for handling
-     * CA keys. </p> <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p> <p>Note: Amazon Web
-     * Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You
-     * must explicitly specify this parameter and value when creating a CA in that
-     * Region. Specifying a different value (or no value) results in an
-     * <code>InvalidArgsException</code> with the message "A certificate authority
-     * cannot be created in this region with the specified security standard."</p>
+     * <p>Defines a cryptographic key management compliance standard for handling and
+     * protecting CA keys.</p> <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p> 
+     * <p>Starting January 26, 2023, Amazon Web Services Private CA protects all CA
+     * private keys in non-China regions using hardware security modules (HSMs) that
+     * comply with FIPS PUB 140-2 Level 3.</p> <p>For information about security
+     * standard support in different Amazon Web Services Regions, see <a
+     * href="https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys">Storage
+     * and security compliance of Amazon Web Services Private CA private keys</a>.</p>
+     * 
      */
     inline KeyStorageSecurityStandard GetKeyStorageSecurityStandard() const { return m_keyStorageSecurityStandard; }
     inline bool KeyStorageSecurityStandardHasBeenSet() const { return m_keyStorageSecurityStandardHasBeenSet; }

generated/src/aws-cpp-sdk-acm-pca/include/aws/acm-pca/model/CreateCertificateAuthorityRequest.h

@@ -117,15 +117,15 @@ namespace Model
 
     ///@{
     /**
-     * <p>Specifies a cryptographic key management compliance standard used for
-     * handling CA keys.</p> <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p> 
-     * <p>Some Amazon Web Services Regions do not support the default. When creating a
-     * CA in these Regions, you must provide <code>FIPS_140_2_LEVEL_2_OR_HIGHER</code>
-     * as the argument for <code>KeyStorageSecurityStandard</code>. Failure to do this
-     * results in an <code>InvalidArgsException</code> with the message, "A certificate
-     * authority cannot be created in this region with the specified security
-     * standard."</p> <p>For information about security standard support in various
-     * Regions, see <a
+     * <p>Specifies a cryptographic key management compliance standard for handling and
+     * protecting CA keys.</p> <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p> 
+     * <p>Some Amazon Web Services Regions don't support the default value. When you
+     * create a CA in these Regions, you must use <code>CCPC_LEVEL_1_OR_HIGHER</code>
+     * for the <code>KeyStorageSecurityStandard</code> parameter. If you don't, the
+     * operation returns an <code>InvalidArgsException</code> with this message: "A
+     * certificate authority cannot be created in this region with the specified
+     * security standard."</p> <p>For information about security standard support in
+     * different Amazon Web Services Regions, see <a
      * href="https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys">Storage
      * and security compliance of Amazon Web Services Private CA private keys</a>.</p>
      * 

generated/src/aws-cpp-sdk-acm-pca/include/aws/acm-pca/model/GetPolicyRequest.h

@@ -38,7 +38,7 @@ namespace Model
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA that will have its policy
      * retrieved. You can find the CA's ARN by calling the ListCertificateAuthorities
-     * action. <pre><code> &lt;/p&gt; </code></pre>
+     * action. </p>
      */
     inline const Aws::String& GetResourceArn() const { return m_resourceArn; }
     inline bool ResourceArnHasBeenSet() const { return m_resourceArnHasBeenSet; }

generated/src/aws-cpp-sdk-aiops/include/aws/aiops/AIOpsClient.h

@@ -94,17 +94,17 @@ namespace AIOps
          * <p>Currently, you can have one investigation group in each Region in your
          * account. Each investigation in a Region is a part of the investigation group in
          * that Region</p> <p>To create an investigation group and set up CloudWatch
-         * investigations, you must be signed in to an IAM principal that has the either
-         * the <code>AIOpsConsoleAdminPolicy</code> or the <code>AdministratorAccess</code>
-         * IAM policy attached, or to an account that has similar permissions.</p>
-         *  <p>You can configure CloudWatch alarms to start investigations and
-         * add events to investigations. If you create your investigation group with
+         * investigations, you must be signed in to an IAM principal that has either the
+         * <code>AIOpsConsoleAdminPolicy</code> or the <code>AdministratorAccess</code> IAM
+         * policy attached, or to an account that has similar permissions.</p> 
+         * <p>You can configure CloudWatch alarms to start investigations and add events to
+         * investigations. If you create your investigation group with
          * <code>CreateInvestigationGroup</code> and you want to enable alarms to do this,
-         * you must use <a
-         * href="https://docs.aws.amazon.com/operationalinvestigations/latest/AmazonQDeveloperOperationalInvestigationsAPIReference/API_PutInvestigationGroupPolicy.html">PutInvestigationGroupPolicy</a>
-         * to create a resource policy that grants this permission to CloudWatch alarms.
-         * </p> <p>For more information about configuring CloudWatch alarms to work with
-         * CloudWatch investigations, see </p> <p><h3>See Also:</h3>   <a
+         * you must use <code>PutInvestigationGroupPolicy</code> to create a resource
+         * policy that grants this permission to CloudWatch alarms. </p> <p>For more
+         * information about configuring CloudWatch alarms, see <a
+         * href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html">Using
+         * Amazon CloudWatch alarms</a> </p> <p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/aiops-2018-05-10/CreateInvestigationGroup">AWS
          * API Reference</a></p>
          */
@@ -209,8 +209,10 @@ namespace AIOps
         }
 
         /**
-         * <p>Returns the IAM resource policy that is associated with the specified
-         * investigation group.</p><p><h3>See Also:</h3>   <a
+         * <p>Returns the JSON of the IAM resource policy associated with the specified
+         * investigation group in a string. For example,
+         * <code>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"aiops.alarms.cloudwatch.amazonaws.com\"},\"Action\":[\"aiops:CreateInvestigation\",\"aiops:CreateInvestigationEvent\"],\"Resource\":\"*\",\"Condition\":{\"StringEquals\":{\"aws:SourceAccount\":\"111122223333\"},\"ArnLike\":{\"aws:SourceArn\":\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\"}}}]}</code>.</p><p><h3>See
+         * Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/aiops-2018-05-10/GetInvestigationGroupPolicy">AWS
          * API Reference</a></p>
          */
@@ -291,14 +293,13 @@ namespace AIOps
          * group.</p> <p>If you create your investigation group with
          * <code>CreateInvestigationGroup</code> and you want to enable CloudWatch alarms
          * to create investigations and add events to investigations, you must use this
-         * operation to create a policy similar to this example.</p> <p> <code>{ "Version":
-         * "2008-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service":
-         * "aiops.alarms.cloudwatch.amazonaws.com" }, "Action":
-         * ["aiops:CreateInvestigation", "aiops:CreateInvestigationEvent"], "Resource":
-         * "*", "Condition": { "StringEquals": { "aws:SourceAccount": "<i>account-id</i>"
-         * }, "ArnLike": { "aws:SourceArn":
-         * "arn:aws:cloudwatch:<i>region</i>:<i>account-id</i>:alarm:*" } } }] }</code>
-         * </p><p><h3>See Also:</h3>   <a
+         * operation to create a policy similar to this example.</p> <p> <code> {
+         * "Version": "2008-10-17", "Statement": [ { "Effect": "Allow", "Principal": {
+         * "Service": "aiops.alarms.cloudwatch.amazonaws.com" }, "Action": [
+         * "aiops:CreateInvestigation", "aiops:CreateInvestigationEvent" ], "Resource":
+         * "*", "Condition": { "StringEquals": { "aws:SourceAccount": "account-id" },
+         * "ArnLike": { "aws:SourceArn": "arn:aws:cloudwatch:region:account-id:alarm:*" } }
+         * } ] } </code> </p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/aiops-2018-05-10/PutInvestigationGroupPolicy">AWS
          * API Reference</a></p>
          */

generated/src/aws-cpp-sdk-aiops/include/aws/aiops/model/CreateInvestigationGroupRequest.h

@@ -55,7 +55,8 @@ namespace Model
      * your resources that CloudWatch investigations will have access to during
      * investigations.</p> <p>For more information, see <a
      * href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations-Security.html#Investigations-Security-Data">How
-     * to control what data Amazon Q has access to during investigations</a>.</p>
+     * to control what data CloudWatch investigations has access to during
+     * investigations</a>.</p>
      */
     inline const Aws::String& GetRoleArn() const { return m_roleArn; }
     inline bool RoleArnHasBeenSet() const { return m_roleArnHasBeenSet; }
@@ -121,15 +122,16 @@ namespace Model
     ///@{
     /**
      * <p>Enter the existing custom tag keys for custom applications in your system.
-     * Resource tags help Amazon Q narrow the search space when it is unable to
-     * discover definite relationships between resources. For example, to discover that
-     * an Amazon ECS service depends on an Amazon RDS database, Amazon Q can discover
-     * this relationship using data sources such as X-Ray and CloudWatch Application
-     * Signals. However, if you haven't deployed these features, Amazon Q will attempt
-     * to identify possible relationships. Tag boundaries can be used to narrow the
-     * resources that will be discovered by Amazon Q in these cases.</p> <p>You don't
-     * need to enter tags created by myApplications or CloudFormation, because Amazon Q
-     * can automatically detect those tags.</p>
+     * Resource tags help CloudWatch investigations narrow the search space when it is
+     * unable to discover definite relationships between resources. For example, to
+     * discover that an Amazon ECS service depends on an Amazon RDS database,
+     * CloudWatch investigations can discover this relationship using data sources such
+     * as X-Ray and CloudWatch Application Signals. However, if you haven't deployed
+     * these features, CloudWatch investigations will attempt to identify possible
+     * relationships. Tag boundaries can be used to narrow the resources that will be
+     * discovered by CloudWatch investigations in these cases.</p> <p>You don't need to
+     * enter tags created by myApplications or CloudFormation, because CloudWatch
+     * investigations can automatically detect those tags.</p>
      */
     inline const Aws::Vector<Aws::String>& GetTagKeyBoundaries() const { return m_tagKeyBoundaries; }
     inline bool TagKeyBoundariesHasBeenSet() const { return m_tagKeyBoundariesHasBeenSet; }
@@ -143,12 +145,11 @@ namespace Model
 
     ///@{
     /**
-     * <p>Use this structure to integrate CloudWatch investigations with Amazon Q in
-     * chat applications. This structure is a string array. For the first string,
-     * specify the ARN of an Amazon SNS topic. For the array of strings, specify the
-     * ARNs of one or more Amazon Q in chat applications configurations that you want
-     * to associate with that topic. For more information about these configuration
-     * ARNs, see <a
+     * <p>Use this structure to integrate CloudWatch investigations with chat
+     * applications. This structure is a string array. For the first string, specify
+     * the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of
+     * one or more chat applications configurations that you want to associate with
+     * that topic. For more information about these configuration ARNs, see <a
      * href="https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html">Getting
      * started with Amazon Q in chat applications</a> and <a
      * href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies">Resource
@@ -180,7 +181,7 @@ namespace Model
 
     ///@{
     /**
-     * <p>Number of <code>sourceAccountId</code> values that have been configured for
+     * <p>List of <code>sourceRoleArn</code> values that have been configured for
      * cross-account access.</p>
      */
     inline const Aws::Vector<CrossAccountConfiguration>& GetCrossAccountConfigurations() const { return m_crossAccountConfigurations; }

generated/src/aws-cpp-sdk-aiops/include/aws/aiops/model/EncryptionConfiguration.h

@@ -42,7 +42,7 @@ namespace Model
     ///@{
     /**
      * <p>Displays whether investigation data is encrypted by a customer managed key or
-     * an Amazon Web Services owned kay.</p>
+     * an Amazon Web Services owned key.</p>
      */
     inline EncryptionConfigurationType GetType() const { return m_type; }
     inline bool TypeHasBeenSet() const { return m_typeHasBeenSet; }

generated/src/aws-cpp-sdk-aiops/include/aws/aiops/model/GetInvestigationGroupRequest.h

@@ -35,7 +35,7 @@ namespace Model
     ///@{
     /**
      * <p>Specify either the name or the ARN of the investigation group that you want
-     * to view.</p>
+     * to view. This is used to set the name of the investigation group.</p>
      */
     inline const Aws::String& GetIdentifier() const { return m_identifier; }
     inline bool IdentifierHasBeenSet() const { return m_identifierHasBeenSet; }

generated/src/aws-cpp-sdk-aiops/include/aws/aiops/model/GetInvestigationGroupResult.h

@@ -6,7 +6,6 @@
 #pragma once
 #include <aws/aiops/AIOps_EXPORTS.h>
 #include <aws/core/utils/memory/stl/AWSString.h>
-#include <aws/core/utils/DateTime.h>
 #include <aws/aiops/model/EncryptionConfiguration.h>
 #include <aws/core/utils/memory/stl/AWSMap.h>
 #include <aws/core/utils/memory/stl/AWSVector.h>
@@ -52,11 +51,9 @@ namespace Model
     /**
      * <p>The date and time that the investigation group was created.</p>
      */
-    inline const Aws::Utils::DateTime& GetCreatedAt() const { return m_createdAt; }
-    template<typename CreatedAtT = Aws::Utils::DateTime>
-    void SetCreatedAt(CreatedAtT&& value) { m_createdAtHasBeenSet = true; m_createdAt = std::forward<CreatedAtT>(value); }
-    template<typename CreatedAtT = Aws::Utils::DateTime>
-    GetInvestigationGroupResult& WithCreatedAt(CreatedAtT&& value) { SetCreatedAt(std::forward<CreatedAtT>(value)); return *this;}
+    inline long long GetCreatedAt() const { return m_createdAt; }
+    inline void SetCreatedAt(long long value) { m_createdAtHasBeenSet = true; m_createdAt = value; }
+    inline GetInvestigationGroupResult& WithCreatedAt(long long value) { SetCreatedAt(value); return *this;}
     ///@}
 
     ///@{
@@ -75,11 +72,9 @@ namespace Model
      * <p>The date and time that the investigation group was most recently
      * modified.</p>
      */
-    inline const Aws::Utils::DateTime& GetLastModifiedAt() const { return m_lastModifiedAt; }
-    template<typename LastModifiedAtT = Aws::Utils::DateTime>
-    void SetLastModifiedAt(LastModifiedAtT&& value) { m_lastModifiedAtHasBeenSet = true; m_lastModifiedAt = std::forward<LastModifiedAtT>(value); }
-    template<typename LastModifiedAtT = Aws::Utils::DateTime>
-    GetInvestigationGroupResult& WithLastModifiedAt(LastModifiedAtT&& value) { SetLastModifiedAt(std::forward<LastModifiedAtT>(value)); return *this;}
+    inline long long GetLastModifiedAt() const { return m_lastModifiedAt; }
+    inline void SetLastModifiedAt(long long value) { m_lastModifiedAtHasBeenSet = true; m_lastModifiedAt = value; }
+    inline GetInvestigationGroupResult& WithLastModifiedAt(long long value) { SetLastModifiedAt(value); return *this;}
     ///@}
 
     ///@{
@@ -141,9 +136,9 @@ namespace Model
     ///@{
     /**
      * <p>This structure is a string array. The first string is the ARN of a Amazon SNS
-     * topic. The array of strings display the ARNs of Amazon Q in chat applications
-     * configurations that are associated with that topic. For more information about
-     * these configuration ARNs, see <a
+     * topic. The array of strings display the ARNs of chat applications configurations
+     * that are associated with that topic. For more information about these
+     * configuration ARNs, see <a
      * href="https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html">Getting
      * started with Amazon Q in chat applications</a> and <a
      * href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies">Resource
@@ -163,9 +158,9 @@ namespace Model
     ///@{
     /**
      * <p>Displays the custom tag keys for custom applications in your system that you
-     * have specified in the investigation group. Resource tags help Amazon Q narrow
-     * the search space when it is unable to discover definite relationships between
-     * resources. </p>
+     * have specified in the investigation group. Resource tags help CloudWatch
+     * investigations narrow the search space when it is unable to discover definite
+     * relationships between resources. </p>
      */
     inline const Aws::Vector<Aws::String>& GetTagKeyBoundaries() const { return m_tagKeyBoundaries; }
     template<typename TagKeyBoundariesT = Aws::Vector<Aws::String>>
@@ -214,13 +209,13 @@ namespace Model
     Aws::String m_createdBy;
     bool m_createdByHasBeenSet = false;
 
-    Aws::Utils::DateTime m_createdAt{};
+    long long m_createdAt{0};
     bool m_createdAtHasBeenSet = false;
 
     Aws::String m_lastModifiedBy;
     bool m_lastModifiedByHasBeenSet = false;
 
-    Aws::Utils::DateTime m_lastModifiedAt{};
+    long long m_lastModifiedAt{0};
     bool m_lastModifiedAtHasBeenSet = false;
 
     Aws::String m_name;