chore: sync aws models (#596)

Author: ianbotsf

.changes/bf90661c-f9bc-4d05-9bdb-e657df26c984.json

@@ -0,0 +1,5 @@
+{
+    "id": "bf90661c-f9bc-4d05-9bdb-e657df26c984",
+    "type": "misc",
+    "description": "Sync latest AWS service models"
+}

codegen/sdk/aws-models/amplify.json

@@ -340,7 +340,7 @@
                 "repositoryCloneMethod": {
                     "target": "com.amazonaws.amplify#RepositoryCloneMethod",
                     "traits": {
-                        "smithy.api#documentation": "<p>The authentication protocol to use to access the Git repository for an Amplify app.\n            For a GitHub repository, specify <code>TOKEN</code>. For an Amazon Web Services CodeCommit repository,\n            specify <code>SIGV4</code>. For GitLab and Bitbucket repositories, specify\n                <code>SSH</code>.</p>"
+                        "smithy.api#documentation": "<note>\n            <p>This is for internal use.</p>\n        </note>\n        <p>The Amplify service uses this parameter to specify the authentication protocol to use to access\n            the Git repository for an Amplify app. Amplify specifies <code>TOKEN</code> for a GitHub\n            repository, <code>SIGV4</code> for an Amazon Web Services CodeCommit repository, and\n                <code>SSH</code> for GitLab and Bitbucket repositories.</p>"
                     }
                 }
             },
@@ -1001,13 +1001,13 @@
                 "oauthToken": {
                     "target": "com.amazonaws.amplify#OauthToken",
                     "traits": {
-                        "smithy.api#documentation": "<p> The OAuth token for a third-party source control system for an Amplify app. The OAuth\n            token is used to create a webhook and a read-only deploy key. The OAuth token is not\n            stored. </p>"
+                        "smithy.api#documentation": "<p>The OAuth token for a third-party source control system for an Amplify app. The OAuth\n            token is used to create a webhook and a read-only deploy key using SSH cloning. The\n            OAuth token is not stored.</p>\n        <p>Use <code>oauthToken</code> for repository providers other than GitHub, such as\n            Bitbucket or CodeCommit. To authorize access to GitHub as your repository provider, use\n                <code>accessToken</code>.</p>\n        <p>You must specify either <code>oauthToken</code> or <code>accessToken</code> when you\n            create a new app.</p>\n        <p>Existing Amplify apps deployed from a GitHub repository using OAuth continue to work\n            with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub\n            App. For more information, see <a href=\"https://docs.aws.amazon.com/amplify/latest/UserGuide/setting-up-GitHub-access.html#migrating-to-github-app-auth\">Migrating an existing OAuth app to the Amplify GitHub App</a> in the\n                <i>Amplify User Guide</i> .</p>"
                     }
                 },
                 "accessToken": {
                     "target": "com.amazonaws.amplify#AccessToken",
                     "traits": {
-                        "smithy.api#documentation": "<p> The personal access token for a third-party source control system for an Amplify app.\n            The personal access token is used to create a webhook and a read-only deploy key. The\n            token is not stored. </p>"
+                        "smithy.api#documentation": "<p>The personal access token for a GitHub repository for an Amplify app. The personal\n            access token is used to authorize access to a GitHub repository using the Amplify GitHub\n            App. The token is not stored.</p>\n        <p>Use <code>accessToken</code> for GitHub repositories only. To authorize access to a\n            repository provider such as Bitbucket or CodeCommit, use <code>oauthToken</code>.</p>\n        <p>You must specify either <code>accessToken</code> or <code>oauthToken</code> when you\n            create a new app.</p>\n        <p>Existing Amplify apps deployed from a GitHub repository using OAuth continue to work\n            with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub\n            App. For more information, see <a href=\"https://docs.aws.amazon.com/amplify/latest/UserGuide/setting-up-GitHub-access.html#migrating-to-github-app-auth\">Migrating an existing OAuth app to the Amplify GitHub App</a> in the\n                <i>Amplify User Guide</i> .</p>"
                     }
                 },
                 "environmentVariables": {
@@ -5008,13 +5008,13 @@
                 "oauthToken": {
                     "target": "com.amazonaws.amplify#OauthToken",
                     "traits": {
-                        "smithy.api#documentation": "<p> The OAuth token for a third-party source control system for an Amplify app. The token\n            is used to create a webhook and a read-only deploy key. The OAuth token is not stored.\n        </p>"
+                        "smithy.api#documentation": "<p>The OAuth token for a third-party source control system for an Amplify app. The OAuth\n            token is used to create a webhook and a read-only deploy key using SSH cloning. The\n            OAuth token is not stored.</p>\n        <p>Use <code>oauthToken</code> for repository providers other than GitHub, such as\n            Bitbucket or CodeCommit.</p>\n        <p>To authorize access to GitHub as your repository provider, use\n                <code>accessToken</code>.</p>\n        <p>You must specify either <code>oauthToken</code> or <code>accessToken</code> when you\n            update an app.</p>\n        <p>Existing Amplify apps deployed from a GitHub repository using OAuth continue to work\n            with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub\n            App. For more information, see <a href=\"https://docs.aws.amazon.com/amplify/latest/UserGuide/setting-up-GitHub-access.html#migrating-to-github-app-auth\">Migrating an existing OAuth app to the Amplify GitHub App</a> in the\n                <i>Amplify User Guide</i> .</p>"
                     }
                 },
                 "accessToken": {
                     "target": "com.amazonaws.amplify#AccessToken",
                     "traits": {
-                        "smithy.api#documentation": "<p> The personal access token for a third-party source control system for an Amplify app.\n            The token is used to create webhook and a read-only deploy key. The token is not stored.\n        </p>"
+                        "smithy.api#documentation": "<p>The personal access token for a GitHub repository for an Amplify app. The personal\n            access token is used to authorize access to a GitHub repository using the Amplify GitHub\n            App. The token is not stored.</p>\n        <p>Use <code>accessToken</code> for GitHub repositories only. To authorize access to a\n            repository provider such as Bitbucket or CodeCommit, use <code>oauthToken</code>.</p>\n        <p>You must specify either <code>accessToken</code> or <code>oauthToken</code> when you\n            update an app.</p>\n        <p>Existing Amplify apps deployed from a GitHub repository using OAuth continue to work\n            with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub\n            App. For more information, see <a href=\"https://docs.aws.amazon.com/amplify/latest/UserGuide/setting-up-GitHub-access.html#migrating-to-github-app-auth\">Migrating an existing OAuth app to the Amplify GitHub App</a> in the\n                <i>Amplify User Guide</i> .</p>"
                     }
                 }
             },

codegen/sdk/aws-models/auditmanager.json

@@ -3295,7 +3295,7 @@
                 }
             ],
             "traits": {
-                "smithy.api#documentation": "<p> Deletes an assessment report from an assessment in Audit Manager. </p>",
+                "smithy.api#documentation": "<p>Deletes an assessment report in Audit Manager. </p>\n         <p>When you run the <code>DeleteAssessmentReport</code> operation, Audit Manager attempts to delete the following data:</p>\n         <ol>\n            <li>\n               <p>The specified assessment report that’s stored in your S3 bucket</p>\n            </li>\n            <li>\n               <p>The associated metadata that’s stored in Audit Manager</p>\n            </li>\n         </ol>\n         <p>If Audit Manager can’t access the assessment report in your S3 bucket, the report\n         isn’t deleted. In this event, the <code>DeleteAssessmentReport</code> operation doesn’t\n         fail. Instead, it proceeds to delete the associated metadata only. You must then delete the\n         assessment report from the S3 bucket yourself. </p>\n         <p>This scenario happens when Audit Manager receives a <code>403 (Forbidden)</code> or\n            <code>404 (Not Found)</code> error from Amazon S3. To avoid this, make sure that\n         your S3 bucket is available, and that you configured the correct permissions for Audit Manager to delete resources in your S3 bucket. For an example permissions policy that\n         you can use, see <a href=\"https://docs.aws.amazon.com/audit-manager/latest/userguide/security_iam_id-based-policy-examples.html#full-administrator-access-assessment-report-destination\">Assessment report destination permissions</a> in the <i>Audit Manager User Guide</i>. For information about the issues that could cause a <code>403\n            (Forbidden)</code> or <code>404 (Not Found</code>) error from Amazon S3, see\n            <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList\">List of Error Codes</a> in the <i>Amazon Simple Storage Service API\n            Reference</i>. </p>",
                 "smithy.api#http": {
                     "method": "DELETE",
                     "uri": "/assessments/{assessmentId}/reports/{assessmentReportId}",
@@ -6743,13 +6743,13 @@
                 "keywordInputType": {
                     "target": "com.amazonaws.auditmanager#KeywordInputType",
                     "traits": {
-                        "smithy.api#documentation": "<p> The method of input for the keyword. </p>"
+                        "smithy.api#documentation": "<p> The input method for the keyword. </p>"
                     }
                 },
                 "keywordValue": {
                     "target": "com.amazonaws.auditmanager#KeywordValue",
                     "traits": {
-                        "smithy.api#documentation": "<p> The value of the keyword that's used to search CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names\n         when mapping a control data source. </p>"
+                        "smithy.api#documentation": "<p> The value of the keyword that's used when mapping a control data source. For example,\n         this can be a CloudTrail event name, a rule name for Config, a\n            Security Hub control, or the name of an Amazon Web Services API call. </p>\n         <p>If you’re mapping a data source to a rule in Config, the\n            <code>keywordValue</code> that you specify depends on the type of rule:</p>\n         <ul>\n            <li>\n               <p>For <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html\">managed rules</a>, you can use the rule identifier as the\n                  <code>keywordValue</code>. You can find the rule identifier from the <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html\">list of Config managed rules</a>.</p>\n               <ul>\n                  <li>\n                     <p>Managed rule name: <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-acl-prohibited.html\">s3-bucket-acl-prohibited</a>\n                     </p>\n                     <p>\n                        <code>keywordValue</code>: <code>S3_BUCKET_ACL_PROHIBITED</code>\n                     </p>\n                  </li>\n               </ul>\n            </li>\n            <li>\n               <p>For <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html\">custom rules</a>, you form the <code>keywordValue</code>\n               by adding the <code>Custom_</code> prefix to the rule name. This prefix distinguishes\n               the rule from a managed rule.</p>\n               <ul>\n                  <li>\n                     <p>Custom rule name: my-custom-config-rule</p>\n                     <p>\n                        <code>keywordValue</code>: <code>Custom_my-custom-config-rule</code>\n                     </p>\n                  </li>\n               </ul>\n            </li>\n            <li>\n               <p>For <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/service-linked-awsconfig-rules.html\">service-linked rules</a>, you form the\n                  <code>keywordValue</code> by adding the <code>Custom_</code> prefix to the rule\n               name. In addition, you remove the suffix ID that appears at the end of the rule\n               name.</p>\n               <ul>\n                  <li>\n                     <p>Service-linked rule name:\n                     CustomRuleForAccount-conformance-pack-szsm1uv0w</p>\n                     <p>\n                        <code>keywordValue</code>:\n                        <code>Custom_CustomRuleForAccount-conformance-pack</code>\n                     </p>\n                  </li>\n                  <li>\n                     <p>Service-linked rule name: securityhub-api-gw-cache-encrypted-101104e1</p>\n                     <p>\n                        <code>keywordValue</code>:\n                        <code>Custom_securityhub-api-gw-cache-encrypted</code>\n                     </p>\n                  </li>\n                  <li>\n                     <p>Service-linked rule name:\n                     OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba</p>\n                     <p>\n                        <code>keywordValue</code>:\n                        <code>Custom_OrgConfigRule-s3-bucket-versioning-enabled</code>\n                     </p>\n                  </li>\n               </ul>\n            </li>\n         </ul>"
                     }
                 }
             },