Merge branch 'main' of github.com:awslabs/aws-sdk-kotlin into feat-auth-preference

Author: lauzadis

.changes/525a1637-f0f1-4cbd-97dd-5e9c6bcd182e.json

@@ -5,6 +5,10 @@ on:
   release:
     types: [ published ]
 
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   update-canary:
     runs-on: ubuntu-latest

.github/workflows/update-canary.yml

@@ -1,5 +1,87 @@
 # Changelog
 
+## [1.4.71] - 04/25/2025
+
+### Features
+* (**bedrockruntime**) You can now reference images and documents stored in Amazon S3 when using InvokeModel and Converse APIs with Amazon Nova Lite and Nova Pro. This enables direct integration of S3-stored multimedia assets in your model requests without manual downloading or base64 encoding.
+
+### Documentation
+* (**ecs**) Documentation only release for Amazon ECS.
+* (**marketplacedeployment**) Doc only update for the AWS Marketplace Deployment Service that fixes several customer-reported issues.
+
+## [1.4.70] - 04/24/2025
+
+### Features
+* (**apprunner**) AWS App Runner adds Node.js 22 runtime.
+* (**appsync**) Add data source support to Event APIs
+* (**bedrockdataautomation**) Added support for modality routing and modality enablement on CreateDataAutomationProject and UpdateDataAutomationProject APIs
+* (**codebuild**) Remove redundant validation check.
+* (**dynamodb**) Add support for ARN-sourced account endpoint generation for TransactWriteItems. This will generate account endpoints for DynamoDB TransactWriteItems requests using ARN-sourced account ID when available.
+* (**rds**) This Amazon RDS release adds support for managed master user passwords for Oracle CDBs.
+* [#1577](https://github.com/awslabs/aws-sdk-kotlin/issues/1577) Add support for DynamoDB Mapper `getItem` overloads that specify primary key(s)
+
+### Documentation
+* (**ecs**) Documentation only release for Amazon ECS
+* (**pcs**) Documentation-only update: added valid values for the version property of the Scheduler and SchedulerRequest data types.
+
+## [1.4.69] - 04/23/2025
+
+### Features
+* (**codebuild**) Add support for custom instance type for reserved capacity fleets
+* (**ecs**) Add support to roll back an In_Progress ECS Service Deployment
+
+### Documentation
+* (**resourceexplorer2**) Documentation-only update for CreateView option correction
+
+## [1.4.68] - 04/22/2025
+
+### Features
+* (**account**) AWS Account Management now supports account name update via IAM principals.
+* (**cognitoidentityprovider**) This release adds refresh token rotation.
+* (**ec2**) Added support for  ClientRouteEnforcementOptions flag in CreateClientVpnEndpoint and ModifyClientVpnEndpoint requests and DescribeClientVpnEndpoints responses
+* (**entityresolution**) To expand support for matching records using digital identifiers with TransUnion
+* (**mq**) You can now delete Amazon MQ broker configurations using the DeleteConfiguration API. For more information, see Configurations in the Amazon MQ API Reference.
+* (**redshiftserverless**) Provides new and updated API members to support the Redshift Serverless reservations feature.
+* (**s3control**) Fix endpoint resolution test cases
+
+### Fixes
+* [#1214](https://github.com/awslabs/aws-sdk-kotlin/issues/1214) Bump **smithy-kotlin** version to pick up fix for connection polling
+
+## [1.4.67] - 04/21/2025
+
+### Features
+* (**arczonalshift**) Updates to documentation and exception types for Zonal Autoshift
+* (**budgets**) Releasing the new Budget FilterExpression and Metrics fields to support more granular filtering options. These new fields are intended to replace CostFilters and CostTypes, which are deprecated as of 2025/18/04.
+* (**mediatailor**) Added support for Recurring Prefetch and Traffic Shaping on both Single and Recurring Prefetch. ListPrefetchSchedules now return single prefetchs by default and can be provided scheduleType of SINGLE, RECURRING, AND ALL.
+* (**qbusiness**) The CheckDocumentAccess API for Amazon Q Business is a self-service debugging API that allows administrators to verify document access permissions and review Access Control List (ACL) configurations.
+
+### Documentation
+* (**firehose**) Documentation update regarding the number of streams you can create using the CreateDeliveryStream API.
+* (**securityhub**) Minor documentation update for the GetConfigurationPolicyAssociation example
+
+## [1.4.66] - 04/18/2025
+
+### Features
+* (**qconnect**) This release adds support for the following capabilities: Chunking generative answer replies from Amazon Q in Connect. Integration support for the use of additional LLM models with Amazon Q in Connect.
+* (**sagemaker**) This release adds a new Neuron driver option in InferenceAmiVersion parameter for ProductionVariant. Additionally, it adds support for fetching model lifecycle status in the ListModelPackages API. Users can now use this API to view the lifecycle stage of models that have been shared with them.
+* (**servicequotas**) Add new optional SupportCaseAllowed query parameter to the RequestServiceQuotaIncrease API
+
+## [1.4.65] - 04/17/2025
+
+### Features
+* (**accessanalyzer**) Added new resource types to evaluate for public access in resource policies and added support for S3 directory bucket access points.
+* (**amp**) Add Workspace Configuration APIs for Amazon Prometheus
+* (**bedrock**) With this release, Bedrock Evaluation will now support custom metrics for evaluation.
+* (**connect**) This release adds following capabilities to Contact Lens Rules APIs 1/ 'ASSIGN_SLA' action and  '$.Case.TemplateId' comparison value for 'OnCaseCreate' and 'OnCaseUpdate' event sources 2/ 'OnSlaBreach' Cases event source which supports '$.RelatedItem.SlaConfiguration.Name' comparison value
+* (**ecs**) Adds a new AccountSetting - defaultLogDriverMode for ECS.
+* (**iotfleetwise**) We've added stricter parameter validations to AWS IoT FleetWise signal catalog, model manifest, and decoder manifest APIs.
+* (**memorydb**) Added support for IPv6 and dual stack for Valkey and Redis clusters. Customers can now launch new Valkey and Redis clusters with IPv6 and dual stack networking support.
+* (**omics**) Add versioning for HealthOmics workflows
+* Add support for fetching account ID from IMDS credentials on EC2
+
+### Documentation
+* (**autoscaling**) Doc only update for EC2 Auto Scaling.
+
 ## [1.4.64] - 04/16/2025
 
 ### Features

CHANGELOG.md

@@ -36528,6 +36528,11 @@
           "us-iso-west-1" : { }
         }
       },
+      "batch" : {
+        "endpoints" : {
+          "us-iso-east-1" : { }
+        }
+      },
       "bedrock" : {
         "endpoints" : {
           "bedrock-runtime-us-iso-east-1" : {
@@ -37422,6 +37427,12 @@
           }
         }
       },
+      "servicediscovery" : {
+        "endpoints" : {
+          "us-iso-east-1" : { },
+          "us-iso-west-1" : { }
+        }
+      },
       "snowball" : {
         "endpoints" : {
           "us-iso-east-1" : { },
@@ -37652,6 +37663,12 @@
             } ]
           }
         }
+      },
+      "xray" : {
+        "endpoints" : {
+          "us-iso-east-1" : { },
+          "us-iso-west-1" : { }
+        }
       }
     }
   }, {
@@ -37736,6 +37753,11 @@
           "us-isob-east-1" : { }
         }
       },
+      "batch" : {
+        "endpoints" : {
+          "us-isob-east-1" : { }
+        }
+      },
       "budgets" : {
         "endpoints" : {
           "aws-iso-b-global" : {
@@ -37982,6 +38004,11 @@
           "us-isob-east-1" : { }
         }
       },
+      "fsx" : {
+        "endpoints" : {
+          "us-isob-east-1" : { }
+        }
+      },
       "glacier" : {
         "endpoints" : {
           "fips-us-isob-east-1" : {
@@ -37999,6 +38026,11 @@
           }
         }
       },
+      "glue" : {
+        "endpoints" : {
+          "us-isob-east-1" : { }
+        }
+      },
       "health" : {
         "endpoints" : {
           "us-isob-east-1" : { }
@@ -38293,6 +38325,11 @@
           }
         }
       },
+      "servicediscovery" : {
+        "endpoints" : {
+          "us-isob-east-1" : { }
+        }
+      },
       "snowball" : {
         "endpoints" : {
           "us-isob-east-1" : { }

codegen/aws-sdk-codegen/src/main/resources/aws/sdk/kotlin/codegen/endpoints.json

@@ -1254,6 +1254,38 @@
                     {
                         "value": "AWS::IAM::AssumeRolePolicyDocument",
                         "name": "ROLE_TRUST"
+                    },
+                    {
+                        "value": "AWS::S3Tables::TableBucket",
+                        "name": "S3_TABLE_BUCKET"
+                    },
+                    {
+                        "value": "AWS::ApiGateway::RestApi",
+                        "name": "API_GATEWAY_REST_API"
+                    },
+                    {
+                        "value": "AWS::CodeArtifact::Domain",
+                        "name": "CODE_ARTIFACT_DOMAIN"
+                    },
+                    {
+                        "value": "AWS::Backup::BackupVault",
+                        "name": "BACKUP_VAULT"
+                    },
+                    {
+                        "value": "AWS::CloudTrail::Dashboard",
+                        "name": "CLOUDTRAIL_DASHBOARD"
+                    },
+                    {
+                        "value": "AWS::CloudTrail::EventDataStore",
+                        "name": "CLOUDTRAIL_EVENT_DATA_STORE"
+                    },
+                    {
+                        "value": "AWS::S3Tables::Table",
+                        "name": "S3_TABLE"
+                    },
+                    {
+                        "value": "AWS::S3Express::AccessPoint",
+                        "name": "S3_EXPRESS_ACCESS_POINT"
                     }
                 ]
             }
@@ -6297,7 +6329,7 @@
                 }
             },
             "traits": {
-                "smithy.api#documentation": "<p>The proposed <code>InternetConfiguration</code> or <code>VpcConfiguration</code> to\n         apply to the Amazon S3 access point. <code>VpcConfiguration</code> does not apply to\n         multi-region access points. You can make the access point accessible from the internet, or\n         you can specify that all requests made through that access point must originate from a\n         specific virtual private cloud (VPC). You can specify only one type of network\n         configuration. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html\">Creating access\n         points</a>.</p>"
+                "smithy.api#documentation": "<p>The proposed <code>InternetConfiguration</code> or <code>VpcConfiguration</code> to\n         apply to the Amazon S3 access point. You can make the access point accessible from the internet,\n         or you can specify that all requests made through that access point must originate from a\n         specific virtual private cloud (VPC). You can specify only one type of network\n         configuration. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html\">Creating access\n         points</a>.</p>"
             }
         },
         "com.amazonaws.accessanalyzer#OrderBy": {
@@ -6934,7 +6966,7 @@
                 "networkOrigin": {
                     "target": "com.amazonaws.accessanalyzer#NetworkOriginConfiguration",
                     "traits": {
-                        "smithy.api#documentation": "<p>The proposed <code>Internet</code> and <code>VpcConfiguration</code> to apply to this\n         Amazon S3 access point. <code>VpcConfiguration</code> does not apply to multi-region access\n         points. If the access preview is for a new resource and neither is specified, the access\n         preview uses <code>Internet</code> for the network origin. If the access preview is for an\n         existing resource and neither is specified, the access preview uses the exiting network\n         origin.</p>"
+                        "smithy.api#documentation": "<p>The proposed <code>Internet</code> and <code>VpcConfiguration</code> to apply to this\n         Amazon S3 access point. <code>VpcConfiguration</code> does not apply to multi-region access\n         points. If the access preview is for a new resource and neither is specified, the access\n         preview uses <code>Internet</code> for the network origin. If the access preview is for an\n         existing resource and neither is specified, the access preview uses the existing network\n         origin.</p>"
                     }
                 }
             },
@@ -7014,6 +7046,38 @@
         "com.amazonaws.accessanalyzer#S3BucketPolicy": {
             "type": "string"
         },
+        "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointArn": {
+            "type": "string",
+            "traits": {
+                "smithy.api#pattern": "^arn:[^:]*:s3express:[^:]*:[^:]*:accesspoint/.*$"
+            }
+        },
+        "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointConfiguration": {
+            "type": "structure",
+            "members": {
+                "accessPointPolicy": {
+                    "target": "com.amazonaws.accessanalyzer#AccessPointPolicy",
+                    "traits": {
+                        "smithy.api#documentation": "<p>The proposed access point policy for an Amazon S3 directory bucket access point.</p>"
+                    }
+                },
+                "networkOrigin": {
+                    "target": "com.amazonaws.accessanalyzer#NetworkOriginConfiguration"
+                }
+            },
+            "traits": {
+                "smithy.api#documentation": "<p>Proposed configuration for an access point attached to an Amazon S3 directory bucket. You can\n         propose up to 10 access points per bucket. If the proposed access point configuration is\n         for an existing Amazon S3 directory bucket, the access preview uses the proposed access point\n         configuration in place of the existing access points. To propose an access point without a\n         policy, you can provide an empty string as the access point policy. For more information\n         about access points for Amazon S3 directory buckets, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html\">Managing access to\n            directory buckets with access points</a> in the Amazon Simple Storage Service User Guide.</p>"
+            }
+        },
+        "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointConfigurationsMap": {
+            "type": "map",
+            "key": {
+                "target": "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointArn"
+            },
+            "value": {
+                "target": "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointConfiguration"
+            }
+        },
         "com.amazonaws.accessanalyzer#S3ExpressDirectoryBucketConfiguration": {
             "type": "structure",
             "members": {
@@ -7022,10 +7086,16 @@
                     "traits": {
                         "smithy.api#documentation": "<p>The proposed bucket policy for the Amazon S3 directory bucket.</p>"
                     }
+                },
+                "accessPoints": {
+                    "target": "com.amazonaws.accessanalyzer#S3ExpressDirectoryAccessPointConfigurationsMap",
+                    "traits": {
+                        "smithy.api#documentation": "<p>The proposed access points for the Amazon S3 directory bucket.</p>"
+                    }
                 }
             },
             "traits": {
-                "smithy.api#documentation": "<p>Proposed access control configuration for an Amazon S3 directory bucket. You can propose a\n         configuration for a new Amazon S3 directory bucket or an existing Amazon S3 directory bucket that you\n         own by specifying the Amazon S3 bucket policy. If the configuration is for an existing Amazon S3\n         directory bucket and you do not specify the Amazon S3 bucket policy, the access preview uses the\n         existing policy attached to the directory bucket. If the access preview is for a new\n         resource and you do not specify the Amazon S3 bucket policy, the access preview assumes an\n         directory bucket without a policy. To propose deletion of an existing bucket policy, you\n         can specify an empty string. For more information about Amazon S3 directory bucket policies, see\n            <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example directory bucket policies for S3 Express One Zone</a>.</p>"
+                "smithy.api#documentation": "<p>Proposed access control configuration for an Amazon S3 directory bucket. You can propose a\n         configuration for a new Amazon S3 directory bucket or an existing Amazon S3 directory bucket that you\n         own by specifying the Amazon S3 bucket policy. If the configuration is for an existing Amazon S3\n         directory bucket and you do not specify the Amazon S3 bucket policy, the access preview uses the\n         existing policy attached to the directory bucket. If the access preview is for a new\n         resource and you do not specify the Amazon S3 bucket policy, the access preview assumes an\n         directory bucket without a policy. To propose deletion of an existing bucket policy, you\n         can specify an empty string. For more information about Amazon S3 directory bucket policies, see\n            <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example bucket policies for directory buckets</a> in the Amazon Simple Storage Service User\n         Guide.</p>"
             }
         },
         "com.amazonaws.accessanalyzer#S3ExpressDirectoryBucketPolicy": {