Documentation update, March 2024. Corrects some docs for Amazon Kendra.

Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl APIs
This release relaxes constraints on the durationSeconds request parameter for the *Profile APIs that support it. This parameter can now take on values that go up to 43200.
Added new resource detail object to ASFF, including resource for LastKnownExploitAt
Updates Amazon Firehose documentation for message regarding Enforcing Tags IAM Policy.

Author: aws-sdk-cpp-automation

VERSION

@@ -1 +1 @@
-1.11.291
+1.11.292

generated/src/aws-cpp-sdk-firehose/include/aws/firehose/FirehoseClient.h

@@ -16,10 +16,12 @@ namespace Aws
 namespace Firehose
 {
   /**
-   * <fullname>Amazon Data Firehose</fullname> <p>Amazon Data Firehose is a fully
-   * managed service that delivers real-time streaming data to destinations such as
-   * Amazon Simple Storage Service (Amazon S3), Amazon OpenSearch Service, Amazon
-   * Redshift, Splunk, and various other supportd destinations.</p>
+   * <fullname>Amazon Data Firehose</fullname>  <p>Amazon Data Firehose was
+   * previously known as Amazon Kinesis Data Firehose.</p>  <p>Amazon Data
+   * Firehose is a fully managed service that delivers real-time streaming data to
+   * destinations such as Amazon Simple Storage Service (Amazon S3), Amazon
+   * OpenSearch Service, Amazon Redshift, Splunk, and various other supportd
+   * destinations.</p>
    */
   class AWS_FIREHOSE_API FirehoseClient : public Aws::Client::AWSJsonClient, public Aws::Client::ClientWithAsyncTemplateMethods<FirehoseClient>
   {

generated/src/aws-cpp-sdk-firehose/include/aws/firehose/model/CreateDeliveryStreamRequest.h

@@ -455,7 +455,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline const Aws::Vector<Tag>& GetTags() const{ return m_tags; }
 
@@ -468,7 +479,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
 
@@ -481,7 +503,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline void SetTags(const Aws::Vector<Tag>& value) { m_tagsHasBeenSet = true; m_tags = value; }
 
@@ -494,7 +527,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline void SetTags(Aws::Vector<Tag>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
 
@@ -507,7 +551,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline CreateDeliveryStreamRequest& WithTags(const Aws::Vector<Tag>& value) { SetTags(value); return *this;}
 
@@ -520,7 +575,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline CreateDeliveryStreamRequest& WithTags(Aws::Vector<Tag>&& value) { SetTags(std::move(value)); return *this;}
 
@@ -533,7 +599,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline CreateDeliveryStreamRequest& AddTags(const Tag& value) { m_tagsHasBeenSet = true; m_tags.push_back(value); return *this; }
 
@@ -546,7 +623,18 @@ namespace Model
      * href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html">Using
      * Cost Allocation Tags</a> in the Amazon Web Services Billing and Cost Management
      * User Guide.</p> <p>You can specify up to 50 tags when creating a delivery
-     * stream.</p>
+     * stream.</p> <p>If you specify tags in the <code>CreateDeliveryStream</code>
+     * action, Amazon Data Firehose performs an additional authorization on the
+     * <code>firehose:TagDeliveryStream</code> action to verify if users have
+     * permissions to create tags. If you do not provide this permission, requests to
+     * create new Firehose delivery streams with IAM resource tags will fail with an
+     * <code>AccessDeniedException</code> such as following.</p> <p>
+     * <b>AccessDeniedException</b> </p> <p>User: arn:aws:sts::x:assumed-role/x/x is
+     * not authorized to perform: firehose:TagDeliveryStream on resource:
+     * arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an
+     * identity-based policy.</p> <p>For an example IAM policy, see <a
+     * href="https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples">Tag
+     * example.</a> </p>
      */
     inline CreateDeliveryStreamRequest& AddTags(Tag&& value) { m_tagsHasBeenSet = true; m_tags.push_back(std::move(value)); return *this; }
 

generated/src/aws-cpp-sdk-kendra/include/aws/kendra/KendraClient.h

@@ -697,10 +697,10 @@ namespace kendra
         }
 
         /**
-         * <p>Deletes an existing Amazon Kendra index. An exception is not thrown if the
-         * index is already being deleted. While the index is being deleted, the
-         * <code>Status</code> field returned by a call to the <code>DescribeIndex</code>
-         * API is set to <code>DELETING</code>.</p><p><h3>See Also:</h3>   <a
+         * <p>Deletes an Amazon Kendra index. An exception is not thrown if the index is
+         * already being deleted. While the index is being deleted, the <code>Status</code>
+         * field returned by a call to the <code>DescribeIndex</code> API is set to
+         * <code>DELETING</code>.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/DeleteIndex">AWS
          * API Reference</a></p>
          */
@@ -792,7 +792,7 @@ namespace kendra
         }
 
         /**
-         * <p>Deletes an existing Amazon Kendra thesaurus. </p><p><h3>See Also:</h3>   <a
+         * <p>Deletes an Amazon Kendra thesaurus. </p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/DeleteThesaurus">AWS
          * API Reference</a></p>
          */
@@ -954,8 +954,7 @@ namespace kendra
         }
 
         /**
-         * <p>Gets information about an existing Amazon Kendra index.</p><p><h3>See
-         * Also:</h3>   <a
+         * <p>Gets information about an Amazon Kendra index.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/DescribeIndex">AWS
          * API Reference</a></p>
          */
@@ -1069,8 +1068,8 @@ namespace kendra
         }
 
         /**
-         * <p>Gets information about an existing Amazon Kendra thesaurus.</p><p><h3>See
-         * Also:</h3>   <a
+         * <p>Gets information about an Amazon Kendra thesaurus.</p><p><h3>See Also:</h3>  
+         * <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/DescribeThesaurus">AWS
          * API Reference</a></p>
          */
@@ -1879,8 +1878,7 @@ namespace kendra
         }
 
         /**
-         * <p>Updates an existing Amazon Kendra data source connector.</p><p><h3>See
-         * Also:</h3>   <a
+         * <p>Updates an Amazon Kendra data source connector.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/UpdateDataSource">AWS
          * API Reference</a></p>
          */
@@ -1962,7 +1960,7 @@ namespace kendra
         }
 
         /**
-         * <p>Updates an existing Amazon Kendra index.</p><p><h3>See Also:</h3>   <a
+         * <p>Updates an Amazon Kendra index.</p><p><h3>See Also:</h3>   <a
          * href="http://docs.aws.amazon.com/goto/WebAPI/kendra-2019-02-03/UpdateIndex">AWS
          * API Reference</a></p>
          */

generated/src/aws-cpp-sdk-kendra/include/aws/kendra/model/CreateIndexRequest.h

@@ -544,42 +544,54 @@ namespace Model
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline const UserGroupResolutionConfiguration& GetUserGroupResolutionConfiguration() const{ return m_userGroupResolutionConfiguration; }
 
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline bool UserGroupResolutionConfigurationHasBeenSet() const { return m_userGroupResolutionConfigurationHasBeenSet; }
 
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline void SetUserGroupResolutionConfiguration(const UserGroupResolutionConfiguration& value) { m_userGroupResolutionConfigurationHasBeenSet = true; m_userGroupResolutionConfiguration = value; }
 
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline void SetUserGroupResolutionConfiguration(UserGroupResolutionConfiguration&& value) { m_userGroupResolutionConfigurationHasBeenSet = true; m_userGroupResolutionConfiguration = std::move(value); }
 
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline CreateIndexRequest& WithUserGroupResolutionConfiguration(const UserGroupResolutionConfiguration& value) { SetUserGroupResolutionConfiguration(value); return *this;}
 
     /**
      * <p>Gets users and groups from IAM Identity Center identity source. To configure
      * this, see <a
-     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.</p>
+     * href="https://docs.aws.amazon.com/kendra/latest/dg/API_UserGroupResolutionConfiguration.html">UserGroupResolutionConfiguration</a>.
+     * This is useful for user context filtering, where search results are filtered
+     * based on the user or their group access to documents.</p>
      */
     inline CreateIndexRequest& WithUserGroupResolutionConfiguration(UserGroupResolutionConfiguration&& value) { SetUserGroupResolutionConfiguration(std::move(value)); return *this;}