From 7905a8e0411106fb5e50118d6602e83016c8f349 Mon Sep 17 00:00:00 2001
From: awstools <awstools@amazon.com>
Date: Tue, 19 Nov 2024 20:36:46 +0000
Subject: [PATCH] feat(client-ec2): This release adds VPC Block Public Access
 (VPC BPA), a new declarative control which blocks resources in VPCs and
 subnets that you own in a Region from reaching or being reached from the
 internet through internet gateways and egress-only internet gateways.

---
 clients/client-ec2/README.md                  |    48 +
 clients/client-ec2/src/EC2.ts                 |   140 +
 clients/client-ec2/src/EC2Client.ts           |    36 +
 .../src/commands/BundleInstanceCommand.ts     |     6 +-
 .../CancelImageLaunchPermissionCommand.ts     |     7 +-
 .../src/commands/CopyImageCommand.ts          |    15 +-
 .../commands/CreateDefaultSubnetCommand.ts    |     3 +
 .../src/commands/CreateDefaultVpcCommand.ts   |     3 +
 .../src/commands/CreateImageCommand.ts        |    11 +-
 ...CreateNetworkInsightsAccessScopeCommand.ts |     3 +-
 .../commands/CreateRestoreImageTaskCommand.ts |     6 +-
 .../commands/CreateStoreImageTaskCommand.ts   |     2 +-
 .../src/commands/CreateSubnetCommand.ts       |     3 +
 ...ateVpcBlockPublicAccessExclusionCommand.ts |   129 +
 .../src/commands/CreateVpcCommand.ts          |     3 +
 ...xternalResourceVerificationTokenCommand.ts |     6 +-
 .../src/commands/DeleteIpamPoolCommand.ts     |     2 +-
 .../DeleteIpamResourceDiscoveryCommand.ts     |     2 +-
 .../src/commands/DeleteIpamScopeCommand.ts    |     2 +-
 ...eteVpcBlockPublicAccessExclusionCommand.ts |   116 +
 .../src/commands/DeregisterImageCommand.ts    |    22 +-
 .../commands/DescribeBundleTasksCommand.ts    |    10 +-
 .../src/commands/DescribeHostsCommand.ts      |     2 +-
 ...beIamInstanceProfileAssociationsCommand.ts |     2 +-
 .../commands/DescribeImageAttributeCommand.ts |     8 +-
 .../src/commands/DescribeImagesCommand.ts     |    15 +-
 .../DescribeSnapshotAttributeCommand.ts       |     2 +-
 .../DescribeSnapshotTierStatusCommand.ts      |     3 +-
 .../src/commands/DescribeSnapshotsCommand.ts  |     2 +-
 .../DescribeStoreImageTasksCommand.ts         |     2 +-
 .../src/commands/DescribeSubnetsCommand.ts    |     3 +
 ...beVpcBlockPublicAccessExclusionsCommand.ts |   132 +
 ...cribeVpcBlockPublicAccessOptionsCommand.ts |   107 +
 .../src/commands/DescribeVpcsCommand.ts       |     3 +
 .../src/commands/DisableFastLaunchCommand.ts  |    10 +-
 .../DisableImageBlockPublicAccessCommand.ts   |     4 +-
 .../src/commands/EnableFastLaunchCommand.ts   |    15 +-
 .../commands/EnableImageDeprecationCommand.ts |     3 +-
 ...ciatedEnclaveCertificateIamRolesCommand.ts |     2 +-
 .../GetAssociatedIpv6PoolCidrsCommand.ts      |     2 +-
 .../GetAwsNetworkPerformanceDataCommand.ts    |     2 +-
 .../GetCapacityReservationUsageCommand.ts     |     2 +-
 .../src/commands/GetCoipPoolUsageCommand.ts   |     3 +-
 .../commands/ListImagesInRecycleBinCommand.ts |     4 +-
 .../commands/ModifyImageAttributeCommand.ts   |    12 +-
 .../ModifyVerifiedAccessEndpointCommand.ts    |     2 +-
 ...difyVerifiedAccessEndpointPolicyCommand.ts |     2 +-
 .../ModifyVerifiedAccessGroupCommand.ts       |     2 +-
 .../ModifyVerifiedAccessGroupPolicyCommand.ts |     2 +-
 .../ModifyVerifiedAccessInstanceCommand.ts    |     2 +-
 ...cessInstanceLoggingConfigurationCommand.ts |     2 +-
 ...ifyVpcBlockPublicAccessExclusionCommand.ts |   117 +
 ...odifyVpcBlockPublicAccessOptionsCommand.ts |   105 +
 .../src/commands/RegisterImageCommand.ts      |    13 +-
 .../RestoreImageFromRecycleBinCommand.ts      |     3 +-
 clients/client-ec2/src/commands/index.ts      |     6 +
 clients/client-ec2/src/models/models_0.ts     |    50 +-
 clients/client-ec2/src/models/models_1.ts     |   160 +-
 clients/client-ec2/src/models/models_2.ts     |   370 +-
 clients/client-ec2/src/models/models_3.ts     |   590 +-
 clients/client-ec2/src/models/models_4.ts     | 13631 ++++++++--------
 clients/client-ec2/src/models/models_5.ts     | 10033 ++++++------
 clients/client-ec2/src/models/models_6.ts     |  3944 ++---
 clients/client-ec2/src/models/models_7.ts     |   600 +-
 clients/client-ec2/src/protocols/Aws_ec2.ts   |   739 +-
 codegen/sdk-codegen/aws-models/ec2.json       |   946 +-
 66 files changed, 17560 insertions(+), 14674 deletions(-)
 create mode 100644 clients/client-ec2/src/commands/CreateVpcBlockPublicAccessExclusionCommand.ts
 create mode 100644 clients/client-ec2/src/commands/DeleteVpcBlockPublicAccessExclusionCommand.ts
 create mode 100644 clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessExclusionsCommand.ts
 create mode 100644 clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessOptionsCommand.ts
 create mode 100644 clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessExclusionCommand.ts
 create mode 100644 clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessOptionsCommand.ts

diff --git a/clients/client-ec2/README.md b/clients/client-ec2/README.md
index e95635548af0..3d7ab7b020db 100644
--- a/clients/client-ec2/README.md
+++ b/clients/client-ec2/README.md
@@ -1285,6 +1285,14 @@ CreateVpc
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateVpcCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/CreateVpcCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/CreateVpcCommandOutput/)
 
+</details>
+<details>
+<summary>
+CreateVpcBlockPublicAccessExclusion
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/CreateVpcBlockPublicAccessExclusionCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/CreateVpcBlockPublicAccessExclusionCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/CreateVpcBlockPublicAccessExclusionCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -1885,6 +1893,14 @@ DeleteVpc
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteVpcCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DeleteVpcCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DeleteVpcCommandOutput/)
 
+</details>
+<details>
+<summary>
+DeleteVpcBlockPublicAccessExclusion
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DeleteVpcBlockPublicAccessExclusionCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DeleteVpcBlockPublicAccessExclusionCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DeleteVpcBlockPublicAccessExclusionCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -3149,6 +3165,22 @@ DescribeVpcAttribute
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeVpcAttributeCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcAttributeCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcAttributeCommandOutput/)
 
+</details>
+<details>
+<summary>
+DescribeVpcBlockPublicAccessExclusions
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeVpcBlockPublicAccessExclusionsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcBlockPublicAccessExclusionsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcBlockPublicAccessExclusionsCommandOutput/)
+
+</details>
+<details>
+<summary>
+DescribeVpcBlockPublicAccessOptions
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/DescribeVpcBlockPublicAccessOptionsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcBlockPublicAccessOptionsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/DescribeVpcBlockPublicAccessOptionsCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -4637,6 +4669,22 @@ ModifyVpcAttribute
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ModifyVpcAttributeCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcAttributeCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcAttributeCommandOutput/)
 
+</details>
+<details>
+<summary>
+ModifyVpcBlockPublicAccessExclusion
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ModifyVpcBlockPublicAccessExclusionCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcBlockPublicAccessExclusionCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcBlockPublicAccessExclusionCommandOutput/)
+
+</details>
+<details>
+<summary>
+ModifyVpcBlockPublicAccessOptions
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/ec2/command/ModifyVpcBlockPublicAccessOptionsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcBlockPublicAccessOptionsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ec2/Interface/ModifyVpcBlockPublicAccessOptionsCommandOutput/)
+
 </details>
 <details>
 <summary>
diff --git a/clients/client-ec2/src/EC2.ts b/clients/client-ec2/src/EC2.ts
index 53a9f0c17cab..60489b95a10e 100644
--- a/clients/client-ec2/src/EC2.ts
+++ b/clients/client-ec2/src/EC2.ts
@@ -648,6 +648,11 @@ import {
   CreateVolumeCommandInput,
   CreateVolumeCommandOutput,
 } from "./commands/CreateVolumeCommand";
+import {
+  CreateVpcBlockPublicAccessExclusionCommand,
+  CreateVpcBlockPublicAccessExclusionCommandInput,
+  CreateVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/CreateVpcBlockPublicAccessExclusionCommand";
 import { CreateVpcCommand, CreateVpcCommandInput, CreateVpcCommandOutput } from "./commands/CreateVpcCommand";
 import {
   CreateVpcEndpointCommand,
@@ -1007,6 +1012,11 @@ import {
   DeleteVolumeCommandInput,
   DeleteVolumeCommandOutput,
 } from "./commands/DeleteVolumeCommand";
+import {
+  DeleteVpcBlockPublicAccessExclusionCommand,
+  DeleteVpcBlockPublicAccessExclusionCommandInput,
+  DeleteVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/DeleteVpcBlockPublicAccessExclusionCommand";
 import { DeleteVpcCommand, DeleteVpcCommandInput, DeleteVpcCommandOutput } from "./commands/DeleteVpcCommand";
 import {
   DeleteVpcEndpointConnectionNotificationsCommand,
@@ -1798,6 +1808,16 @@ import {
   DescribeVpcAttributeCommandInput,
   DescribeVpcAttributeCommandOutput,
 } from "./commands/DescribeVpcAttributeCommand";
+import {
+  DescribeVpcBlockPublicAccessExclusionsCommand,
+  DescribeVpcBlockPublicAccessExclusionsCommandInput,
+  DescribeVpcBlockPublicAccessExclusionsCommandOutput,
+} from "./commands/DescribeVpcBlockPublicAccessExclusionsCommand";
+import {
+  DescribeVpcBlockPublicAccessOptionsCommand,
+  DescribeVpcBlockPublicAccessOptionsCommandInput,
+  DescribeVpcBlockPublicAccessOptionsCommandOutput,
+} from "./commands/DescribeVpcBlockPublicAccessOptionsCommand";
 import {
   DescribeVpcClassicLinkCommand,
   DescribeVpcClassicLinkCommandInput,
@@ -2704,6 +2724,16 @@ import {
   ModifyVpcAttributeCommandInput,
   ModifyVpcAttributeCommandOutput,
 } from "./commands/ModifyVpcAttributeCommand";
+import {
+  ModifyVpcBlockPublicAccessExclusionCommand,
+  ModifyVpcBlockPublicAccessExclusionCommandInput,
+  ModifyVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/ModifyVpcBlockPublicAccessExclusionCommand";
+import {
+  ModifyVpcBlockPublicAccessOptionsCommand,
+  ModifyVpcBlockPublicAccessOptionsCommandInput,
+  ModifyVpcBlockPublicAccessOptionsCommandOutput,
+} from "./commands/ModifyVpcBlockPublicAccessOptionsCommand";
 import {
   ModifyVpcEndpointCommand,
   ModifyVpcEndpointCommandInput,
@@ -3257,6 +3287,7 @@ const commands = {
   CreateVerifiedAccessTrustProviderCommand,
   CreateVolumeCommand,
   CreateVpcCommand,
+  CreateVpcBlockPublicAccessExclusionCommand,
   CreateVpcEndpointCommand,
   CreateVpcEndpointConnectionNotificationCommand,
   CreateVpcEndpointServiceConfigurationCommand,
@@ -3332,6 +3363,7 @@ const commands = {
   DeleteVerifiedAccessTrustProviderCommand,
   DeleteVolumeCommand,
   DeleteVpcCommand,
+  DeleteVpcBlockPublicAccessExclusionCommand,
   DeleteVpcEndpointConnectionNotificationsCommand,
   DeleteVpcEndpointsCommand,
   DeleteVpcEndpointServiceConfigurationsCommand,
@@ -3490,6 +3522,8 @@ const commands = {
   DescribeVolumesModificationsCommand,
   DescribeVolumeStatusCommand,
   DescribeVpcAttributeCommand,
+  DescribeVpcBlockPublicAccessExclusionsCommand,
+  DescribeVpcBlockPublicAccessOptionsCommand,
   DescribeVpcClassicLinkCommand,
   DescribeVpcClassicLinkDnsSupportCommand,
   DescribeVpcEndpointConnectionNotificationsCommand,
@@ -3676,6 +3710,8 @@ const commands = {
   ModifyVolumeCommand,
   ModifyVolumeAttributeCommand,
   ModifyVpcAttributeCommand,
+  ModifyVpcBlockPublicAccessExclusionCommand,
+  ModifyVpcBlockPublicAccessOptionsCommand,
   ModifyVpcEndpointCommand,
   ModifyVpcEndpointConnectionNotificationCommand,
   ModifyVpcEndpointServiceConfigurationCommand,
@@ -5960,6 +5996,23 @@ export interface EC2 {
     cb: (err: any, data?: CreateVpcCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link CreateVpcBlockPublicAccessExclusionCommand}
+   */
+  createVpcBlockPublicAccessExclusion(
+    args: CreateVpcBlockPublicAccessExclusionCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<CreateVpcBlockPublicAccessExclusionCommandOutput>;
+  createVpcBlockPublicAccessExclusion(
+    args: CreateVpcBlockPublicAccessExclusionCommandInput,
+    cb: (err: any, data?: CreateVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+  createVpcBlockPublicAccessExclusion(
+    args: CreateVpcBlockPublicAccessExclusionCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: CreateVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link CreateVpcEndpointCommand}
    */
@@ -7171,6 +7224,23 @@ export interface EC2 {
     cb: (err: any, data?: DeleteVpcCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link DeleteVpcBlockPublicAccessExclusionCommand}
+   */
+  deleteVpcBlockPublicAccessExclusion(
+    args: DeleteVpcBlockPublicAccessExclusionCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DeleteVpcBlockPublicAccessExclusionCommandOutput>;
+  deleteVpcBlockPublicAccessExclusion(
+    args: DeleteVpcBlockPublicAccessExclusionCommandInput,
+    cb: (err: any, data?: DeleteVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+  deleteVpcBlockPublicAccessExclusion(
+    args: DeleteVpcBlockPublicAccessExclusionCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DeleteVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link DeleteVpcEndpointConnectionNotificationsCommand}
    */
@@ -9944,6 +10014,42 @@ export interface EC2 {
     cb: (err: any, data?: DescribeVpcAttributeCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link DescribeVpcBlockPublicAccessExclusionsCommand}
+   */
+  describeVpcBlockPublicAccessExclusions(): Promise<DescribeVpcBlockPublicAccessExclusionsCommandOutput>;
+  describeVpcBlockPublicAccessExclusions(
+    args: DescribeVpcBlockPublicAccessExclusionsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DescribeVpcBlockPublicAccessExclusionsCommandOutput>;
+  describeVpcBlockPublicAccessExclusions(
+    args: DescribeVpcBlockPublicAccessExclusionsCommandInput,
+    cb: (err: any, data?: DescribeVpcBlockPublicAccessExclusionsCommandOutput) => void
+  ): void;
+  describeVpcBlockPublicAccessExclusions(
+    args: DescribeVpcBlockPublicAccessExclusionsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DescribeVpcBlockPublicAccessExclusionsCommandOutput) => void
+  ): void;
+
+  /**
+   * @see {@link DescribeVpcBlockPublicAccessOptionsCommand}
+   */
+  describeVpcBlockPublicAccessOptions(): Promise<DescribeVpcBlockPublicAccessOptionsCommandOutput>;
+  describeVpcBlockPublicAccessOptions(
+    args: DescribeVpcBlockPublicAccessOptionsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DescribeVpcBlockPublicAccessOptionsCommandOutput>;
+  describeVpcBlockPublicAccessOptions(
+    args: DescribeVpcBlockPublicAccessOptionsCommandInput,
+    cb: (err: any, data?: DescribeVpcBlockPublicAccessOptionsCommandOutput) => void
+  ): void;
+  describeVpcBlockPublicAccessOptions(
+    args: DescribeVpcBlockPublicAccessOptionsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DescribeVpcBlockPublicAccessOptionsCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link DescribeVpcClassicLinkCommand}
    */
@@ -13044,6 +13150,40 @@ export interface EC2 {
     cb: (err: any, data?: ModifyVpcAttributeCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link ModifyVpcBlockPublicAccessExclusionCommand}
+   */
+  modifyVpcBlockPublicAccessExclusion(
+    args: ModifyVpcBlockPublicAccessExclusionCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<ModifyVpcBlockPublicAccessExclusionCommandOutput>;
+  modifyVpcBlockPublicAccessExclusion(
+    args: ModifyVpcBlockPublicAccessExclusionCommandInput,
+    cb: (err: any, data?: ModifyVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+  modifyVpcBlockPublicAccessExclusion(
+    args: ModifyVpcBlockPublicAccessExclusionCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: ModifyVpcBlockPublicAccessExclusionCommandOutput) => void
+  ): void;
+
+  /**
+   * @see {@link ModifyVpcBlockPublicAccessOptionsCommand}
+   */
+  modifyVpcBlockPublicAccessOptions(
+    args: ModifyVpcBlockPublicAccessOptionsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<ModifyVpcBlockPublicAccessOptionsCommandOutput>;
+  modifyVpcBlockPublicAccessOptions(
+    args: ModifyVpcBlockPublicAccessOptionsCommandInput,
+    cb: (err: any, data?: ModifyVpcBlockPublicAccessOptionsCommandOutput) => void
+  ): void;
+  modifyVpcBlockPublicAccessOptions(
+    args: ModifyVpcBlockPublicAccessOptionsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: ModifyVpcBlockPublicAccessOptionsCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link ModifyVpcEndpointCommand}
    */
diff --git a/clients/client-ec2/src/EC2Client.ts b/clients/client-ec2/src/EC2Client.ts
index 0a41d878b8dc..f5809f0f055c 100644
--- a/clients/client-ec2/src/EC2Client.ts
+++ b/clients/client-ec2/src/EC2Client.ts
@@ -487,6 +487,10 @@ import {
   CreateVerifiedAccessTrustProviderCommandOutput,
 } from "./commands/CreateVerifiedAccessTrustProviderCommand";
 import { CreateVolumeCommandInput, CreateVolumeCommandOutput } from "./commands/CreateVolumeCommand";
+import {
+  CreateVpcBlockPublicAccessExclusionCommandInput,
+  CreateVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/CreateVpcBlockPublicAccessExclusionCommand";
 import { CreateVpcCommandInput, CreateVpcCommandOutput } from "./commands/CreateVpcCommand";
 import { CreateVpcEndpointCommandInput, CreateVpcEndpointCommandOutput } from "./commands/CreateVpcEndpointCommand";
 import {
@@ -724,6 +728,10 @@ import {
   DeleteVerifiedAccessTrustProviderCommandOutput,
 } from "./commands/DeleteVerifiedAccessTrustProviderCommand";
 import { DeleteVolumeCommandInput, DeleteVolumeCommandOutput } from "./commands/DeleteVolumeCommand";
+import {
+  DeleteVpcBlockPublicAccessExclusionCommandInput,
+  DeleteVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/DeleteVpcBlockPublicAccessExclusionCommand";
 import { DeleteVpcCommandInput, DeleteVpcCommandOutput } from "./commands/DeleteVpcCommand";
 import {
   DeleteVpcEndpointConnectionNotificationsCommandInput,
@@ -1282,6 +1290,14 @@ import {
   DescribeVpcAttributeCommandInput,
   DescribeVpcAttributeCommandOutput,
 } from "./commands/DescribeVpcAttributeCommand";
+import {
+  DescribeVpcBlockPublicAccessExclusionsCommandInput,
+  DescribeVpcBlockPublicAccessExclusionsCommandOutput,
+} from "./commands/DescribeVpcBlockPublicAccessExclusionsCommand";
+import {
+  DescribeVpcBlockPublicAccessOptionsCommandInput,
+  DescribeVpcBlockPublicAccessOptionsCommandOutput,
+} from "./commands/DescribeVpcBlockPublicAccessOptionsCommand";
 import {
   DescribeVpcClassicLinkCommandInput,
   DescribeVpcClassicLinkCommandOutput,
@@ -1942,6 +1958,14 @@ import {
 } from "./commands/ModifyVolumeAttributeCommand";
 import { ModifyVolumeCommandInput, ModifyVolumeCommandOutput } from "./commands/ModifyVolumeCommand";
 import { ModifyVpcAttributeCommandInput, ModifyVpcAttributeCommandOutput } from "./commands/ModifyVpcAttributeCommand";
+import {
+  ModifyVpcBlockPublicAccessExclusionCommandInput,
+  ModifyVpcBlockPublicAccessExclusionCommandOutput,
+} from "./commands/ModifyVpcBlockPublicAccessExclusionCommand";
+import {
+  ModifyVpcBlockPublicAccessOptionsCommandInput,
+  ModifyVpcBlockPublicAccessOptionsCommandOutput,
+} from "./commands/ModifyVpcBlockPublicAccessOptionsCommand";
 import { ModifyVpcEndpointCommandInput, ModifyVpcEndpointCommandOutput } from "./commands/ModifyVpcEndpointCommand";
 import {
   ModifyVpcEndpointConnectionNotificationCommandInput,
@@ -2366,6 +2390,7 @@ export type ServiceInputTypes =
   | CreateVerifiedAccessInstanceCommandInput
   | CreateVerifiedAccessTrustProviderCommandInput
   | CreateVolumeCommandInput
+  | CreateVpcBlockPublicAccessExclusionCommandInput
   | CreateVpcCommandInput
   | CreateVpcEndpointCommandInput
   | CreateVpcEndpointConnectionNotificationCommandInput
@@ -2441,6 +2466,7 @@ export type ServiceInputTypes =
   | DeleteVerifiedAccessInstanceCommandInput
   | DeleteVerifiedAccessTrustProviderCommandInput
   | DeleteVolumeCommandInput
+  | DeleteVpcBlockPublicAccessExclusionCommandInput
   | DeleteVpcCommandInput
   | DeleteVpcEndpointConnectionNotificationsCommandInput
   | DeleteVpcEndpointServiceConfigurationsCommandInput
@@ -2600,6 +2626,8 @@ export type ServiceInputTypes =
   | DescribeVolumesCommandInput
   | DescribeVolumesModificationsCommandInput
   | DescribeVpcAttributeCommandInput
+  | DescribeVpcBlockPublicAccessExclusionsCommandInput
+  | DescribeVpcBlockPublicAccessOptionsCommandInput
   | DescribeVpcClassicLinkCommandInput
   | DescribeVpcClassicLinkDnsSupportCommandInput
   | DescribeVpcEndpointConnectionNotificationsCommandInput
@@ -2786,6 +2814,8 @@ export type ServiceInputTypes =
   | ModifyVolumeAttributeCommandInput
   | ModifyVolumeCommandInput
   | ModifyVpcAttributeCommandInput
+  | ModifyVpcBlockPublicAccessExclusionCommandInput
+  | ModifyVpcBlockPublicAccessOptionsCommandInput
   | ModifyVpcEndpointCommandInput
   | ModifyVpcEndpointConnectionNotificationCommandInput
   | ModifyVpcEndpointServiceConfigurationCommandInput
@@ -3008,6 +3038,7 @@ export type ServiceOutputTypes =
   | CreateVerifiedAccessInstanceCommandOutput
   | CreateVerifiedAccessTrustProviderCommandOutput
   | CreateVolumeCommandOutput
+  | CreateVpcBlockPublicAccessExclusionCommandOutput
   | CreateVpcCommandOutput
   | CreateVpcEndpointCommandOutput
   | CreateVpcEndpointConnectionNotificationCommandOutput
@@ -3083,6 +3114,7 @@ export type ServiceOutputTypes =
   | DeleteVerifiedAccessInstanceCommandOutput
   | DeleteVerifiedAccessTrustProviderCommandOutput
   | DeleteVolumeCommandOutput
+  | DeleteVpcBlockPublicAccessExclusionCommandOutput
   | DeleteVpcCommandOutput
   | DeleteVpcEndpointConnectionNotificationsCommandOutput
   | DeleteVpcEndpointServiceConfigurationsCommandOutput
@@ -3242,6 +3274,8 @@ export type ServiceOutputTypes =
   | DescribeVolumesCommandOutput
   | DescribeVolumesModificationsCommandOutput
   | DescribeVpcAttributeCommandOutput
+  | DescribeVpcBlockPublicAccessExclusionsCommandOutput
+  | DescribeVpcBlockPublicAccessOptionsCommandOutput
   | DescribeVpcClassicLinkCommandOutput
   | DescribeVpcClassicLinkDnsSupportCommandOutput
   | DescribeVpcEndpointConnectionNotificationsCommandOutput
@@ -3428,6 +3462,8 @@ export type ServiceOutputTypes =
   | ModifyVolumeAttributeCommandOutput
   | ModifyVolumeCommandOutput
   | ModifyVpcAttributeCommandOutput
+  | ModifyVpcBlockPublicAccessExclusionCommandOutput
+  | ModifyVpcBlockPublicAccessOptionsCommandOutput
   | ModifyVpcEndpointCommandOutput
   | ModifyVpcEndpointConnectionNotificationCommandOutput
   | ModifyVpcEndpointServiceConfigurationCommandOutput
diff --git a/clients/client-ec2/src/commands/BundleInstanceCommand.ts b/clients/client-ec2/src/commands/BundleInstanceCommand.ts
index c090ba00916f..c640470342f0 100644
--- a/clients/client-ec2/src/commands/BundleInstanceCommand.ts
+++ b/clients/client-ec2/src/commands/BundleInstanceCommand.ts
@@ -34,9 +34,11 @@ export interface BundleInstanceCommandOutput extends BundleInstanceResult, __Met
 
 /**
  * <p>Bundles an Amazon instance store-backed Windows instance.</p>
- *          <p>During bundling, only the root device volume (C:\) is bundled. Data on other instance store volumes is not preserved.</p>
+ *          <p>During bundling, only the root device volume (C:\) is bundled. Data on other instance
+ *       store volumes is not preserved.</p>
  *          <note>
- *             <p>This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.</p>
+ *             <p>This action is not applicable for Linux/Unix instances or Windows instances that are
+ *         backed by Amazon EBS.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/CancelImageLaunchPermissionCommand.ts b/clients/client-ec2/src/commands/CancelImageLaunchPermissionCommand.ts
index c4cbbb42dc45..c8bda69dccc8 100644
--- a/clients/client-ec2/src/commands/CancelImageLaunchPermissionCommand.ts
+++ b/clients/client-ec2/src/commands/CancelImageLaunchPermissionCommand.ts
@@ -28,10 +28,9 @@ export interface CancelImageLaunchPermissionCommandInput extends CancelImageLaun
 export interface CancelImageLaunchPermissionCommandOutput extends CancelImageLaunchPermissionResult, __MetadataBearer {}
 
 /**
- * <p>Removes your Amazon Web Services account from the launch permissions for the specified AMI. For more
- *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html">
- *         Cancel having an AMI shared with your Amazon Web Services account</a> in the
- *       <i>Amazon EC2 User Guide</i>.</p>
+ * <p>Removes your Amazon Web Services account from the launch permissions for the specified AMI.
+ *       For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html"> Cancel having an AMI shared with
+ *         your Amazon Web Services account</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/CopyImageCommand.ts b/clients/client-ec2/src/commands/CopyImageCommand.ts
index 84b15a648fc8..b8f2d3779232 100644
--- a/clients/client-ec2/src/commands/CopyImageCommand.ts
+++ b/clients/client-ec2/src/commands/CopyImageCommand.ts
@@ -31,13 +31,14 @@ export interface CopyImageCommandOutput extends CopyImageResult, __MetadataBeare
  * <p>Initiates an AMI copy operation. You can copy an AMI from one Region to another, or from a
  *       Region to an Outpost. You can't copy an AMI from an Outpost to a Region, from one Outpost to
  *       another, or within the same Outpost. To copy an AMI to another partition, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html">CreateStoreImageTask</a>.</p>
- *          <p>When you copy an AMI from one Region to another, the destination Region is the
- *      	current Region.</p>
- *          <p>When you copy an AMI from a Region to an Outpost, specify the ARN of the Outpost as
- *    	  the destination. Backing snapshots copied to an Outpost are encrypted by default using
- *    	  the default encryption key for the Region or the key that you specify. Outposts do not
- *    	  support unencrypted snapshots.</p>
- *          <p>For information about the prerequisites  when copying an AMI, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html">Copy an AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ *          <p>When you copy an AMI from one Region to another, the destination Region is the current
+ *       Region.</p>
+ *          <p>When you copy an AMI from a Region to an Outpost, specify the ARN of the Outpost as the
+ *       destination. Backing snapshots copied to an Outpost are encrypted by default using the default
+ *       encryption key for the Region or the key that you specify. Outposts do not support unencrypted
+ *       snapshots.</p>
+ *          <p>For information about the prerequisites when copying an AMI, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html">Copy an AMI</a> in the
+ *         <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/CreateDefaultSubnetCommand.ts b/clients/client-ec2/src/commands/CreateDefaultSubnetCommand.ts
index f56ffd604427..caa7a9b167ac 100644
--- a/clients/client-ec2/src/commands/CreateDefaultSubnetCommand.ts
+++ b/clients/client-ec2/src/commands/CreateDefaultSubnetCommand.ts
@@ -80,6 +80,9 @@ export interface CreateDefaultSubnetCommandOutput extends CreateDefaultSubnetRes
  * //       EnableResourceNameDnsARecord: true || false,
  * //       EnableResourceNameDnsAAAARecord: true || false,
  * //     },
+ * //     BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //       InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     },
  * //     SubnetId: "STRING_VALUE",
  * //     State: "pending" || "available" || "unavailable",
  * //     VpcId: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/CreateDefaultVpcCommand.ts b/clients/client-ec2/src/commands/CreateDefaultVpcCommand.ts
index a58b9dd8b88b..6be20a0df9ab 100644
--- a/clients/client-ec2/src/commands/CreateDefaultVpcCommand.ts
+++ b/clients/client-ec2/src/commands/CreateDefaultVpcCommand.ts
@@ -81,6 +81,9 @@ export interface CreateDefaultVpcCommandOutput extends CreateDefaultVpcResult, _
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //       InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     },
  * //     VpcId: "STRING_VALUE",
  * //     State: "pending" || "available",
  * //     CidrBlock: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/CreateImageCommand.ts b/clients/client-ec2/src/commands/CreateImageCommand.ts
index c882290ea8aa..236f14b0f0e8 100644
--- a/clients/client-ec2/src/commands/CreateImageCommand.ts
+++ b/clients/client-ec2/src/commands/CreateImageCommand.ts
@@ -28,11 +28,12 @@ export interface CreateImageCommandInput extends CreateImageRequest {}
 export interface CreateImageCommandOutput extends CreateImageResult, __MetadataBearer {}
 
 /**
- * <p>Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance
- *      	that is either running or stopped.</p>
- *          <p>If you customized your instance with instance store volumes or Amazon EBS volumes in addition to the root device volume, the
- *      	new AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI,
- *      	the instance automatically launches with those additional volumes.</p>
+ * <p>Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or
+ *       stopped.</p>
+ *          <p>If you customized your instance with instance store volumes or Amazon EBS volumes in addition
+ *       to the root device volume, the new AMI contains block device mapping information for those
+ *       volumes. When you launch an instance from this new AMI, the instance automatically launches
+ *       with those additional volumes.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html">Create an Amazon EBS-backed Linux
  *         AMI</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>
  * @example
diff --git a/clients/client-ec2/src/commands/CreateNetworkInsightsAccessScopeCommand.ts b/clients/client-ec2/src/commands/CreateNetworkInsightsAccessScopeCommand.ts
index e2e13e2bc27b..297d2a9293db 100644
--- a/clients/client-ec2/src/commands/CreateNetworkInsightsAccessScopeCommand.ts
+++ b/clients/client-ec2/src/commands/CreateNetworkInsightsAccessScopeCommand.ts
@@ -6,8 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { CreateNetworkInsightsAccessScopeRequest } from "../models/models_1";
-import { CreateNetworkInsightsAccessScopeResult } from "../models/models_2";
+import { CreateNetworkInsightsAccessScopeRequest, CreateNetworkInsightsAccessScopeResult } from "../models/models_2";
 import {
   de_CreateNetworkInsightsAccessScopeCommand,
   se_CreateNetworkInsightsAccessScopeCommand,
diff --git a/clients/client-ec2/src/commands/CreateRestoreImageTaskCommand.ts b/clients/client-ec2/src/commands/CreateRestoreImageTaskCommand.ts
index a2010f2056d3..db179f7fac01 100644
--- a/clients/client-ec2/src/commands/CreateRestoreImageTaskCommand.ts
+++ b/clients/client-ec2/src/commands/CreateRestoreImageTaskCommand.ts
@@ -28,12 +28,12 @@ export interface CreateRestoreImageTaskCommandInput extends CreateRestoreImageTa
 export interface CreateRestoreImageTaskCommandOutput extends CreateRestoreImageTaskResult, __MetadataBearer {}
 
 /**
- * <p>Starts a task that restores an AMI from an Amazon S3 object that was previously created by using
- *       <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html">CreateStoreImageTask</a>.</p>
+ * <p>Starts a task that restores an AMI from an Amazon S3 object that was previously created by
+ *       using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html">CreateStoreImageTask</a>.</p>
  *          <p>To use this API, you must have the required permissions. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions">Permissions for storing and restoring AMIs using Amazon S3</a> in the
  *         <i>Amazon EC2 User Guide</i>.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html">Store and restore an AMI using
- *     	Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ *         Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/CreateStoreImageTaskCommand.ts b/clients/client-ec2/src/commands/CreateStoreImageTaskCommand.ts
index 9666d1d83410..b561e7069ec5 100644
--- a/clients/client-ec2/src/commands/CreateStoreImageTaskCommand.ts
+++ b/clients/client-ec2/src/commands/CreateStoreImageTaskCommand.ts
@@ -32,7 +32,7 @@ export interface CreateStoreImageTaskCommandOutput extends CreateStoreImageTaskR
  *          <p>To use this API, you must have the required permissions. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions">Permissions for storing and restoring AMIs using Amazon S3</a> in the
  *         <i>Amazon EC2 User Guide</i>.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html">Store and restore an AMI using
- *     	Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ *         Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/CreateSubnetCommand.ts b/clients/client-ec2/src/commands/CreateSubnetCommand.ts
index a1b0b4523875..44d6ed69f084 100644
--- a/clients/client-ec2/src/commands/CreateSubnetCommand.ts
+++ b/clients/client-ec2/src/commands/CreateSubnetCommand.ts
@@ -113,6 +113,9 @@ export interface CreateSubnetCommandOutput extends CreateSubnetResult, __Metadat
  * //       EnableResourceNameDnsARecord: true || false,
  * //       EnableResourceNameDnsAAAARecord: true || false,
  * //     },
+ * //     BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //       InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     },
  * //     SubnetId: "STRING_VALUE",
  * //     State: "pending" || "available" || "unavailable",
  * //     VpcId: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/CreateVpcBlockPublicAccessExclusionCommand.ts b/clients/client-ec2/src/commands/CreateVpcBlockPublicAccessExclusionCommand.ts
new file mode 100644
index 000000000000..05abd9338054
--- /dev/null
+++ b/clients/client-ec2/src/commands/CreateVpcBlockPublicAccessExclusionCommand.ts
@@ -0,0 +1,129 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import {
+  CreateVpcBlockPublicAccessExclusionRequest,
+  CreateVpcBlockPublicAccessExclusionResult,
+} from "../models/models_2";
+import {
+  de_CreateVpcBlockPublicAccessExclusionCommand,
+  se_CreateVpcBlockPublicAccessExclusionCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link CreateVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface CreateVpcBlockPublicAccessExclusionCommandInput extends CreateVpcBlockPublicAccessExclusionRequest {}
+/**
+ * @public
+ *
+ * The output of {@link CreateVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface CreateVpcBlockPublicAccessExclusionCommandOutput
+  extends CreateVpcBlockPublicAccessExclusionResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Create a VPC Block Public Access (BPA) exclusion. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, CreateVpcBlockPublicAccessExclusionCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, CreateVpcBlockPublicAccessExclusionCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // CreateVpcBlockPublicAccessExclusionRequest
+ *   DryRun: true || false,
+ *   SubnetId: "STRING_VALUE",
+ *   VpcId: "STRING_VALUE",
+ *   InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress", // required
+ *   TagSpecifications: [ // TagSpecificationList
+ *     { // TagSpecification
+ *       ResourceType: "capacity-reservation" || "client-vpn-endpoint" || "customer-gateway" || "carrier-gateway" || "coip-pool" || "dedicated-host" || "dhcp-options" || "egress-only-internet-gateway" || "elastic-ip" || "elastic-gpu" || "export-image-task" || "export-instance-task" || "fleet" || "fpga-image" || "host-reservation" || "image" || "import-image-task" || "import-snapshot-task" || "instance" || "instance-event-window" || "internet-gateway" || "ipam" || "ipam-pool" || "ipam-scope" || "ipv4pool-ec2" || "ipv6pool-ec2" || "key-pair" || "launch-template" || "local-gateway" || "local-gateway-route-table" || "local-gateway-virtual-interface" || "local-gateway-virtual-interface-group" || "local-gateway-route-table-vpc-association" || "local-gateway-route-table-virtual-interface-group-association" || "natgateway" || "network-acl" || "network-interface" || "network-insights-analysis" || "network-insights-path" || "network-insights-access-scope" || "network-insights-access-scope-analysis" || "placement-group" || "prefix-list" || "replace-root-volume-task" || "reserved-instances" || "route-table" || "security-group" || "security-group-rule" || "snapshot" || "spot-fleet-request" || "spot-instances-request" || "subnet" || "subnet-cidr-reservation" || "traffic-mirror-filter" || "traffic-mirror-session" || "traffic-mirror-target" || "transit-gateway" || "transit-gateway-attachment" || "transit-gateway-connect-peer" || "transit-gateway-multicast-domain" || "transit-gateway-policy-table" || "transit-gateway-route-table" || "transit-gateway-route-table-announcement" || "volume" || "vpc" || "vpc-endpoint" || "vpc-endpoint-connection" || "vpc-endpoint-service" || "vpc-endpoint-service-permission" || "vpc-peering-connection" || "vpn-connection" || "vpn-gateway" || "vpc-flow-log" || "capacity-reservation-fleet" || "traffic-mirror-filter-rule" || "vpc-endpoint-connection-device-type" || "verified-access-instance" || "verified-access-group" || "verified-access-endpoint" || "verified-access-policy" || "verified-access-trust-provider" || "vpn-connection-device-type" || "vpc-block-public-access-exclusion" || "ipam-resource-discovery" || "ipam-resource-discovery-association" || "instance-connect-endpoint" || "ipam-external-resource-verification-token",
+ *       Tags: [ // TagList
+ *         { // Tag
+ *           Key: "STRING_VALUE",
+ *           Value: "STRING_VALUE",
+ *         },
+ *       ],
+ *     },
+ *   ],
+ * };
+ * const command = new CreateVpcBlockPublicAccessExclusionCommand(input);
+ * const response = await client.send(command);
+ * // { // CreateVpcBlockPublicAccessExclusionResult
+ * //   VpcBlockPublicAccessExclusion: { // VpcBlockPublicAccessExclusion
+ * //     ExclusionId: "STRING_VALUE",
+ * //     InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress",
+ * //     ResourceArn: "STRING_VALUE",
+ * //     State: "create-in-progress" || "create-complete" || "create-failed" || "update-in-progress" || "update-complete" || "update-failed" || "delete-in-progress" || "delete-complete" || "disable-in-progress" || "disable-complete",
+ * //     Reason: "STRING_VALUE",
+ * //     CreationTimestamp: new Date("TIMESTAMP"),
+ * //     LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //     DeletionTimestamp: new Date("TIMESTAMP"),
+ * //     Tags: [ // TagList
+ * //       { // Tag
+ * //         Key: "STRING_VALUE",
+ * //         Value: "STRING_VALUE",
+ * //       },
+ * //     ],
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param CreateVpcBlockPublicAccessExclusionCommandInput - {@link CreateVpcBlockPublicAccessExclusionCommandInput}
+ * @returns {@link CreateVpcBlockPublicAccessExclusionCommandOutput}
+ * @see {@link CreateVpcBlockPublicAccessExclusionCommandInput} for command's `input` shape.
+ * @see {@link CreateVpcBlockPublicAccessExclusionCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class CreateVpcBlockPublicAccessExclusionCommand extends $Command
+  .classBuilder<
+    CreateVpcBlockPublicAccessExclusionCommandInput,
+    CreateVpcBlockPublicAccessExclusionCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "CreateVpcBlockPublicAccessExclusion", {})
+  .n("EC2Client", "CreateVpcBlockPublicAccessExclusionCommand")
+  .f(void 0, void 0)
+  .ser(se_CreateVpcBlockPublicAccessExclusionCommand)
+  .de(de_CreateVpcBlockPublicAccessExclusionCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: CreateVpcBlockPublicAccessExclusionRequest;
+      output: CreateVpcBlockPublicAccessExclusionResult;
+    };
+    sdk: {
+      input: CreateVpcBlockPublicAccessExclusionCommandInput;
+      output: CreateVpcBlockPublicAccessExclusionCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/CreateVpcCommand.ts b/clients/client-ec2/src/commands/CreateVpcCommand.ts
index 3d12021e5855..ac52adb3967d 100644
--- a/clients/client-ec2/src/commands/CreateVpcCommand.ts
+++ b/clients/client-ec2/src/commands/CreateVpcCommand.ts
@@ -107,6 +107,9 @@ export interface CreateVpcCommandOutput extends CreateVpcResult, __MetadataBeare
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //       InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     },
  * //     VpcId: "STRING_VALUE",
  * //     State: "pending" || "available",
  * //     CidrBlock: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/DeleteIpamExternalResourceVerificationTokenCommand.ts b/clients/client-ec2/src/commands/DeleteIpamExternalResourceVerificationTokenCommand.ts
index b3b1c9084ee5..5a2b290654ce 100644
--- a/clients/client-ec2/src/commands/DeleteIpamExternalResourceVerificationTokenCommand.ts
+++ b/clients/client-ec2/src/commands/DeleteIpamExternalResourceVerificationTokenCommand.ts
@@ -6,10 +6,8 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import {
-  DeleteIpamExternalResourceVerificationTokenRequest,
-  DeleteIpamExternalResourceVerificationTokenResult,
-} from "../models/models_2";
+import { DeleteIpamExternalResourceVerificationTokenRequest } from "../models/models_2";
+import { DeleteIpamExternalResourceVerificationTokenResult } from "../models/models_3";
 import {
   de_DeleteIpamExternalResourceVerificationTokenCommand,
   se_DeleteIpamExternalResourceVerificationTokenCommand,
diff --git a/clients/client-ec2/src/commands/DeleteIpamPoolCommand.ts b/clients/client-ec2/src/commands/DeleteIpamPoolCommand.ts
index 4ed97632d8d8..e491a9ffc285 100644
--- a/clients/client-ec2/src/commands/DeleteIpamPoolCommand.ts
+++ b/clients/client-ec2/src/commands/DeleteIpamPoolCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DeleteIpamPoolRequest, DeleteIpamPoolResult } from "../models/models_2";
+import { DeleteIpamPoolRequest, DeleteIpamPoolResult } from "../models/models_3";
 import { de_DeleteIpamPoolCommand, se_DeleteIpamPoolCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DeleteIpamResourceDiscoveryCommand.ts b/clients/client-ec2/src/commands/DeleteIpamResourceDiscoveryCommand.ts
index 04f57662f27b..8f1c08c6dbd1 100644
--- a/clients/client-ec2/src/commands/DeleteIpamResourceDiscoveryCommand.ts
+++ b/clients/client-ec2/src/commands/DeleteIpamResourceDiscoveryCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DeleteIpamResourceDiscoveryRequest, DeleteIpamResourceDiscoveryResult } from "../models/models_2";
+import { DeleteIpamResourceDiscoveryRequest, DeleteIpamResourceDiscoveryResult } from "../models/models_3";
 import { de_DeleteIpamResourceDiscoveryCommand, se_DeleteIpamResourceDiscoveryCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DeleteIpamScopeCommand.ts b/clients/client-ec2/src/commands/DeleteIpamScopeCommand.ts
index 0a3e85861446..8e6234ebe2d5 100644
--- a/clients/client-ec2/src/commands/DeleteIpamScopeCommand.ts
+++ b/clients/client-ec2/src/commands/DeleteIpamScopeCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DeleteIpamScopeRequest, DeleteIpamScopeResult } from "../models/models_2";
+import { DeleteIpamScopeRequest, DeleteIpamScopeResult } from "../models/models_3";
 import { de_DeleteIpamScopeCommand, se_DeleteIpamScopeCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DeleteVpcBlockPublicAccessExclusionCommand.ts b/clients/client-ec2/src/commands/DeleteVpcBlockPublicAccessExclusionCommand.ts
new file mode 100644
index 000000000000..d9e7b1cb26d8
--- /dev/null
+++ b/clients/client-ec2/src/commands/DeleteVpcBlockPublicAccessExclusionCommand.ts
@@ -0,0 +1,116 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import {
+  DeleteVpcBlockPublicAccessExclusionRequest,
+  DeleteVpcBlockPublicAccessExclusionResult,
+} from "../models/models_3";
+import {
+  de_DeleteVpcBlockPublicAccessExclusionCommand,
+  se_DeleteVpcBlockPublicAccessExclusionCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link DeleteVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface DeleteVpcBlockPublicAccessExclusionCommandInput extends DeleteVpcBlockPublicAccessExclusionRequest {}
+/**
+ * @public
+ *
+ * The output of {@link DeleteVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface DeleteVpcBlockPublicAccessExclusionCommandOutput
+  extends DeleteVpcBlockPublicAccessExclusionResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Delete a VPC Block Public Access (BPA) exclusion. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, DeleteVpcBlockPublicAccessExclusionCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, DeleteVpcBlockPublicAccessExclusionCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // DeleteVpcBlockPublicAccessExclusionRequest
+ *   DryRun: true || false,
+ *   ExclusionId: "STRING_VALUE", // required
+ * };
+ * const command = new DeleteVpcBlockPublicAccessExclusionCommand(input);
+ * const response = await client.send(command);
+ * // { // DeleteVpcBlockPublicAccessExclusionResult
+ * //   VpcBlockPublicAccessExclusion: { // VpcBlockPublicAccessExclusion
+ * //     ExclusionId: "STRING_VALUE",
+ * //     InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress",
+ * //     ResourceArn: "STRING_VALUE",
+ * //     State: "create-in-progress" || "create-complete" || "create-failed" || "update-in-progress" || "update-complete" || "update-failed" || "delete-in-progress" || "delete-complete" || "disable-in-progress" || "disable-complete",
+ * //     Reason: "STRING_VALUE",
+ * //     CreationTimestamp: new Date("TIMESTAMP"),
+ * //     LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //     DeletionTimestamp: new Date("TIMESTAMP"),
+ * //     Tags: [ // TagList
+ * //       { // Tag
+ * //         Key: "STRING_VALUE",
+ * //         Value: "STRING_VALUE",
+ * //       },
+ * //     ],
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param DeleteVpcBlockPublicAccessExclusionCommandInput - {@link DeleteVpcBlockPublicAccessExclusionCommandInput}
+ * @returns {@link DeleteVpcBlockPublicAccessExclusionCommandOutput}
+ * @see {@link DeleteVpcBlockPublicAccessExclusionCommandInput} for command's `input` shape.
+ * @see {@link DeleteVpcBlockPublicAccessExclusionCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class DeleteVpcBlockPublicAccessExclusionCommand extends $Command
+  .classBuilder<
+    DeleteVpcBlockPublicAccessExclusionCommandInput,
+    DeleteVpcBlockPublicAccessExclusionCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "DeleteVpcBlockPublicAccessExclusion", {})
+  .n("EC2Client", "DeleteVpcBlockPublicAccessExclusionCommand")
+  .f(void 0, void 0)
+  .ser(se_DeleteVpcBlockPublicAccessExclusionCommand)
+  .de(de_DeleteVpcBlockPublicAccessExclusionCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: DeleteVpcBlockPublicAccessExclusionRequest;
+      output: DeleteVpcBlockPublicAccessExclusionResult;
+    };
+    sdk: {
+      input: DeleteVpcBlockPublicAccessExclusionCommandInput;
+      output: DeleteVpcBlockPublicAccessExclusionCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/DeregisterImageCommand.ts b/clients/client-ec2/src/commands/DeregisterImageCommand.ts
index 2673143ef050..0cdf76e82533 100644
--- a/clients/client-ec2/src/commands/DeregisterImageCommand.ts
+++ b/clients/client-ec2/src/commands/DeregisterImageCommand.ts
@@ -28,18 +28,18 @@ export interface DeregisterImageCommandInput extends DeregisterImageRequest {}
 export interface DeregisterImageCommandOutput extends __MetadataBearer {}
 
 /**
- * <p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to
- *        launch new instances.</p>
- *          <p>If you deregister an AMI that matches a Recycle Bin retention rule, the AMI is retained
- *       in the Recycle Bin for the specified retention period. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle Bin</a> in
+ * <p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to launch new
+ *       instances.</p>
+ *          <p>If you deregister an AMI that matches a Recycle Bin retention rule, the AMI is retained in
+ *       the Recycle Bin for the specified retention period. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle Bin</a> in
  *       the <i>Amazon EC2 User Guide</i>.</p>
- *          <p>When you deregister an AMI, it doesn't affect any instances that you've already
- *        launched from the AMI. You'll continue to incur usage costs for those instances until
- *        you terminate them.</p>
- *          <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was
- * 			created for the root volume of the instance during the AMI creation process. When you
- * 			deregister an instance store-backed AMI, it doesn't affect the files that you uploaded
- * 			to Amazon S3 when you created the AMI.</p>
+ *          <p>When you deregister an AMI, it doesn't affect any instances that you've already launched
+ *       from the AMI. You'll continue to incur usage costs for those instances until you terminate
+ *       them.</p>
+ *          <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was created
+ *       for the root volume of the instance during the AMI creation process. When you deregister an
+ *       instance store-backed AMI, it doesn't affect the files that you uploaded to Amazon S3 when you
+ *       created the AMI.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/DescribeBundleTasksCommand.ts b/clients/client-ec2/src/commands/DescribeBundleTasksCommand.ts
index 330b662916bf..411f0abe3e14 100644
--- a/clients/client-ec2/src/commands/DescribeBundleTasksCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeBundleTasksCommand.ts
@@ -34,12 +34,14 @@ export interface DescribeBundleTasksCommandOutput extends DescribeBundleTasksRes
 /**
  * <p>Describes the specified bundle tasks or all of your bundle tasks.</p>
  *          <note>
- *             <p>Completed bundle tasks are listed for only a limited time. If your bundle task is no longer in the list, you can still register an AMI from it. Just use <code>RegisterImage</code> with the Amazon S3 bucket name and image manifest name you provided to the bundle task.</p>
+ *             <p>Completed bundle tasks are listed for only a limited time. If your bundle task is no
+ *         longer in the list, you can still register an AMI from it. Just use
+ *           <code>RegisterImage</code> with the Amazon S3 bucket name and image manifest name you provided
+ *         to the bundle task.</p>
  *          </note>
  *          <note>
- *             <p>The order of the elements in the response, including those within nested
- *          structures, might vary. Applications should not assume the elements appear in a
- *          particular order.</p>
+ *             <p>The order of the elements in the response, including those within nested structures,
+ *         might vary. Applications should not assume the elements appear in a particular order.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/DescribeHostsCommand.ts b/clients/client-ec2/src/commands/DescribeHostsCommand.ts
index f1c2c9452ed5..3c74f74b82dc 100644
--- a/clients/client-ec2/src/commands/DescribeHostsCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeHostsCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DescribeHostsRequest, DescribeHostsResult } from "../models/models_3";
+import { DescribeHostsRequest, DescribeHostsResult } from "../models/models_4";
 import { de_DescribeHostsCommand, se_DescribeHostsCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DescribeIamInstanceProfileAssociationsCommand.ts b/clients/client-ec2/src/commands/DescribeIamInstanceProfileAssociationsCommand.ts
index b7ff1308332d..97f3ced2995b 100644
--- a/clients/client-ec2/src/commands/DescribeIamInstanceProfileAssociationsCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeIamInstanceProfileAssociationsCommand.ts
@@ -9,7 +9,7 @@ import { commonParams } from "../endpoint/EndpointParameters";
 import {
   DescribeIamInstanceProfileAssociationsRequest,
   DescribeIamInstanceProfileAssociationsResult,
-} from "../models/models_3";
+} from "../models/models_4";
 import {
   de_DescribeIamInstanceProfileAssociationsCommand,
   se_DescribeIamInstanceProfileAssociationsCommand,
diff --git a/clients/client-ec2/src/commands/DescribeImageAttributeCommand.ts b/clients/client-ec2/src/commands/DescribeImageAttributeCommand.ts
index 95f7c543eb56..afc22fdbd92f 100644
--- a/clients/client-ec2/src/commands/DescribeImageAttributeCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeImageAttributeCommand.ts
@@ -28,11 +28,11 @@ export interface DescribeImageAttributeCommandInput extends DescribeImageAttribu
 export interface DescribeImageAttributeCommandOutput extends ImageAttribute, __MetadataBearer {}
 
 /**
- * <p>Describes the specified attribute of the specified AMI. You can specify only one attribute at a time.</p>
+ * <p>Describes the specified attribute of the specified AMI. You can specify only one attribute
+ *       at a time.</p>
  *          <note>
- *             <p>The order of the elements in the response, including those within nested
- *          structures, might vary. Applications should not assume the elements appear in a
- *          particular order.</p>
+ *             <p>The order of the elements in the response, including those within nested structures,
+ *         might vary. Applications should not assume the elements appear in a particular order.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/DescribeImagesCommand.ts b/clients/client-ec2/src/commands/DescribeImagesCommand.ts
index 5c5c8b466ab2..946420ccb6ea 100644
--- a/clients/client-ec2/src/commands/DescribeImagesCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeImagesCommand.ts
@@ -28,21 +28,22 @@ export interface DescribeImagesCommandInput extends DescribeImagesRequest {}
 export interface DescribeImagesCommandOutput extends DescribeImagesResult, __MetadataBearer {}
 
 /**
- * <p>Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.</p>
- *          <p>The images available to you include public images, private images that you own, and private images owned by other
- *        Amazon Web Services accounts for which you have explicit launch permissions.</p>
+ * <p>Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the
+ *       images available to you.</p>
+ *          <p>The images available to you include public images, private images that you own, and
+ *       private images owned by other Amazon Web Services accounts for which you have explicit launch
+ *       permissions.</p>
  *          <p>Recently deregistered images appear in the returned results for a short interval and then
  *       return empty results. After all instances that reference a deregistered AMI are terminated,
  *       specifying the ID of the image will eventually return an error indicating that the AMI ID
  *       cannot be found.</p>
  *          <important>
  *             <p>We strongly recommend using only paginated requests. Unpaginated requests are
- *          susceptible to throttling and timeouts.</p>
+ *         susceptible to throttling and timeouts.</p>
  *          </important>
  *          <note>
- *             <p>The order of the elements in the response, including those within nested
- *          structures, might vary. Applications should not assume the elements appear in a
- *          particular order.</p>
+ *             <p>The order of the elements in the response, including those within nested structures,
+ *         might vary. Applications should not assume the elements appear in a particular order.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/DescribeSnapshotAttributeCommand.ts b/clients/client-ec2/src/commands/DescribeSnapshotAttributeCommand.ts
index 929a4368d11f..c5c1f9b70938 100644
--- a/clients/client-ec2/src/commands/DescribeSnapshotAttributeCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeSnapshotAttributeCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DescribeSnapshotAttributeRequest, DescribeSnapshotAttributeResult } from "../models/models_4";
+import { DescribeSnapshotAttributeRequest, DescribeSnapshotAttributeResult } from "../models/models_5";
 import { de_DescribeSnapshotAttributeCommand, se_DescribeSnapshotAttributeCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DescribeSnapshotTierStatusCommand.ts b/clients/client-ec2/src/commands/DescribeSnapshotTierStatusCommand.ts
index bd4cb6cab43e..f33309e250bf 100644
--- a/clients/client-ec2/src/commands/DescribeSnapshotTierStatusCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeSnapshotTierStatusCommand.ts
@@ -6,8 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DescribeSnapshotTierStatusRequest } from "../models/models_4";
-import { DescribeSnapshotTierStatusResult } from "../models/models_5";
+import { DescribeSnapshotTierStatusRequest, DescribeSnapshotTierStatusResult } from "../models/models_5";
 import { de_DescribeSnapshotTierStatusCommand, se_DescribeSnapshotTierStatusCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DescribeSnapshotsCommand.ts b/clients/client-ec2/src/commands/DescribeSnapshotsCommand.ts
index b641635e9ab0..01ee99409790 100644
--- a/clients/client-ec2/src/commands/DescribeSnapshotsCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeSnapshotsCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { DescribeSnapshotsRequest, DescribeSnapshotsResult } from "../models/models_4";
+import { DescribeSnapshotsRequest, DescribeSnapshotsResult } from "../models/models_5";
 import { de_DescribeSnapshotsCommand, se_DescribeSnapshotsCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/DescribeStoreImageTasksCommand.ts b/clients/client-ec2/src/commands/DescribeStoreImageTasksCommand.ts
index e2e0557b3461..8651f60aca3f 100644
--- a/clients/client-ec2/src/commands/DescribeStoreImageTasksCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeStoreImageTasksCommand.ts
@@ -39,7 +39,7 @@ export interface DescribeStoreImageTasksCommandOutput extends DescribeStoreImage
  *          <p>To use this API, you must have the required permissions. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions">Permissions for storing and restoring AMIs using Amazon S3</a> in the
  *         <i>Amazon EC2 User Guide</i>.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html">Store and restore an AMI using
- *     	Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ *         Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/DescribeSubnetsCommand.ts b/clients/client-ec2/src/commands/DescribeSubnetsCommand.ts
index 6c590e1319d7..d5a673d46ec2 100644
--- a/clients/client-ec2/src/commands/DescribeSubnetsCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeSubnetsCommand.ts
@@ -94,6 +94,9 @@ export interface DescribeSubnetsCommandOutput extends DescribeSubnetsResult, __M
  * //         EnableResourceNameDnsARecord: true || false,
  * //         EnableResourceNameDnsAAAARecord: true || false,
  * //       },
+ * //       BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //         InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //       },
  * //       SubnetId: "STRING_VALUE",
  * //       State: "pending" || "available" || "unavailable",
  * //       VpcId: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessExclusionsCommand.ts b/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessExclusionsCommand.ts
new file mode 100644
index 000000000000..6cb1f8af3076
--- /dev/null
+++ b/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessExclusionsCommand.ts
@@ -0,0 +1,132 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import {
+  DescribeVpcBlockPublicAccessExclusionsRequest,
+  DescribeVpcBlockPublicAccessExclusionsResult,
+} from "../models/models_5";
+import {
+  de_DescribeVpcBlockPublicAccessExclusionsCommand,
+  se_DescribeVpcBlockPublicAccessExclusionsCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link DescribeVpcBlockPublicAccessExclusionsCommand}.
+ */
+export interface DescribeVpcBlockPublicAccessExclusionsCommandInput
+  extends DescribeVpcBlockPublicAccessExclusionsRequest {}
+/**
+ * @public
+ *
+ * The output of {@link DescribeVpcBlockPublicAccessExclusionsCommand}.
+ */
+export interface DescribeVpcBlockPublicAccessExclusionsCommandOutput
+  extends DescribeVpcBlockPublicAccessExclusionsResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Describe VPC Block Public Access (BPA) exclusions. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, DescribeVpcBlockPublicAccessExclusionsCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, DescribeVpcBlockPublicAccessExclusionsCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // DescribeVpcBlockPublicAccessExclusionsRequest
+ *   DryRun: true || false,
+ *   Filters: [ // FilterList
+ *     { // Filter
+ *       Name: "STRING_VALUE",
+ *       Values: [ // ValueStringList
+ *         "STRING_VALUE",
+ *       ],
+ *     },
+ *   ],
+ *   ExclusionIds: [ // VpcBlockPublicAccessExclusionIdList
+ *     "STRING_VALUE",
+ *   ],
+ *   NextToken: "STRING_VALUE",
+ *   MaxResults: Number("int"),
+ * };
+ * const command = new DescribeVpcBlockPublicAccessExclusionsCommand(input);
+ * const response = await client.send(command);
+ * // { // DescribeVpcBlockPublicAccessExclusionsResult
+ * //   VpcBlockPublicAccessExclusions: [ // VpcBlockPublicAccessExclusionList
+ * //     { // VpcBlockPublicAccessExclusion
+ * //       ExclusionId: "STRING_VALUE",
+ * //       InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress",
+ * //       ResourceArn: "STRING_VALUE",
+ * //       State: "create-in-progress" || "create-complete" || "create-failed" || "update-in-progress" || "update-complete" || "update-failed" || "delete-in-progress" || "delete-complete" || "disable-in-progress" || "disable-complete",
+ * //       Reason: "STRING_VALUE",
+ * //       CreationTimestamp: new Date("TIMESTAMP"),
+ * //       LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //       DeletionTimestamp: new Date("TIMESTAMP"),
+ * //       Tags: [ // TagList
+ * //         { // Tag
+ * //           Key: "STRING_VALUE",
+ * //           Value: "STRING_VALUE",
+ * //         },
+ * //       ],
+ * //     },
+ * //   ],
+ * //   NextToken: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param DescribeVpcBlockPublicAccessExclusionsCommandInput - {@link DescribeVpcBlockPublicAccessExclusionsCommandInput}
+ * @returns {@link DescribeVpcBlockPublicAccessExclusionsCommandOutput}
+ * @see {@link DescribeVpcBlockPublicAccessExclusionsCommandInput} for command's `input` shape.
+ * @see {@link DescribeVpcBlockPublicAccessExclusionsCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class DescribeVpcBlockPublicAccessExclusionsCommand extends $Command
+  .classBuilder<
+    DescribeVpcBlockPublicAccessExclusionsCommandInput,
+    DescribeVpcBlockPublicAccessExclusionsCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "DescribeVpcBlockPublicAccessExclusions", {})
+  .n("EC2Client", "DescribeVpcBlockPublicAccessExclusionsCommand")
+  .f(void 0, void 0)
+  .ser(se_DescribeVpcBlockPublicAccessExclusionsCommand)
+  .de(de_DescribeVpcBlockPublicAccessExclusionsCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: DescribeVpcBlockPublicAccessExclusionsRequest;
+      output: DescribeVpcBlockPublicAccessExclusionsResult;
+    };
+    sdk: {
+      input: DescribeVpcBlockPublicAccessExclusionsCommandInput;
+      output: DescribeVpcBlockPublicAccessExclusionsCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessOptionsCommand.ts b/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessOptionsCommand.ts
new file mode 100644
index 000000000000..7b43f97c3671
--- /dev/null
+++ b/clients/client-ec2/src/commands/DescribeVpcBlockPublicAccessOptionsCommand.ts
@@ -0,0 +1,107 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import {
+  DescribeVpcBlockPublicAccessOptionsRequest,
+  DescribeVpcBlockPublicAccessOptionsResult,
+} from "../models/models_5";
+import {
+  de_DescribeVpcBlockPublicAccessOptionsCommand,
+  se_DescribeVpcBlockPublicAccessOptionsCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link DescribeVpcBlockPublicAccessOptionsCommand}.
+ */
+export interface DescribeVpcBlockPublicAccessOptionsCommandInput extends DescribeVpcBlockPublicAccessOptionsRequest {}
+/**
+ * @public
+ *
+ * The output of {@link DescribeVpcBlockPublicAccessOptionsCommand}.
+ */
+export interface DescribeVpcBlockPublicAccessOptionsCommandOutput
+  extends DescribeVpcBlockPublicAccessOptionsResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Describe VPC Block Public Access (BPA) options. VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, DescribeVpcBlockPublicAccessOptionsCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, DescribeVpcBlockPublicAccessOptionsCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // DescribeVpcBlockPublicAccessOptionsRequest
+ *   DryRun: true || false,
+ * };
+ * const command = new DescribeVpcBlockPublicAccessOptionsCommand(input);
+ * const response = await client.send(command);
+ * // { // DescribeVpcBlockPublicAccessOptionsResult
+ * //   VpcBlockPublicAccessOptions: { // VpcBlockPublicAccessOptions
+ * //     AwsAccountId: "STRING_VALUE",
+ * //     AwsRegion: "STRING_VALUE",
+ * //     State: "default-state" || "update-in-progress" || "update-complete",
+ * //     InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     Reason: "STRING_VALUE",
+ * //     LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param DescribeVpcBlockPublicAccessOptionsCommandInput - {@link DescribeVpcBlockPublicAccessOptionsCommandInput}
+ * @returns {@link DescribeVpcBlockPublicAccessOptionsCommandOutput}
+ * @see {@link DescribeVpcBlockPublicAccessOptionsCommandInput} for command's `input` shape.
+ * @see {@link DescribeVpcBlockPublicAccessOptionsCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class DescribeVpcBlockPublicAccessOptionsCommand extends $Command
+  .classBuilder<
+    DescribeVpcBlockPublicAccessOptionsCommandInput,
+    DescribeVpcBlockPublicAccessOptionsCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "DescribeVpcBlockPublicAccessOptions", {})
+  .n("EC2Client", "DescribeVpcBlockPublicAccessOptionsCommand")
+  .f(void 0, void 0)
+  .ser(se_DescribeVpcBlockPublicAccessOptionsCommand)
+  .de(de_DescribeVpcBlockPublicAccessOptionsCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: DescribeVpcBlockPublicAccessOptionsRequest;
+      output: DescribeVpcBlockPublicAccessOptionsResult;
+    };
+    sdk: {
+      input: DescribeVpcBlockPublicAccessOptionsCommandInput;
+      output: DescribeVpcBlockPublicAccessOptionsCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/DescribeVpcsCommand.ts b/clients/client-ec2/src/commands/DescribeVpcsCommand.ts
index 6aac92e92407..d7d2ef3ff7d3 100644
--- a/clients/client-ec2/src/commands/DescribeVpcsCommand.ts
+++ b/clients/client-ec2/src/commands/DescribeVpcsCommand.ts
@@ -92,6 +92,9 @@ export interface DescribeVpcsCommandOutput extends DescribeVpcsResult, __Metadat
  * //           Value: "STRING_VALUE",
  * //         },
  * //       ],
+ * //       BlockPublicAccessStates: { // BlockPublicAccessStates
+ * //         InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //       },
  * //       VpcId: "STRING_VALUE",
  * //       State: "pending" || "available",
  * //       CidrBlock: "STRING_VALUE",
diff --git a/clients/client-ec2/src/commands/DisableFastLaunchCommand.ts b/clients/client-ec2/src/commands/DisableFastLaunchCommand.ts
index 018040329651..480cc0ecfb9e 100644
--- a/clients/client-ec2/src/commands/DisableFastLaunchCommand.ts
+++ b/clients/client-ec2/src/commands/DisableFastLaunchCommand.ts
@@ -28,11 +28,13 @@ export interface DisableFastLaunchCommandInput extends DisableFastLaunchRequest
 export interface DisableFastLaunchCommandOutput extends DisableFastLaunchResult, __MetadataBearer {}
 
 /**
- * <p>Discontinue Windows fast launch for a Windows AMI, and clean up existing pre-provisioned snapshots.
- * 			After you disable Windows fast launch, the AMI uses the standard launch process for each
- * 			new instance. Amazon EC2 must remove all pre-provisioned snapshots before you can enable Windows fast launch again.</p>
+ * <p>Discontinue Windows fast launch for a Windows AMI, and clean up existing pre-provisioned
+ *       snapshots. After you disable Windows fast launch, the AMI uses the standard launch process for
+ *       each new instance. Amazon EC2 must remove all pre-provisioned snapshots before you can enable
+ *       Windows fast launch again.</p>
  *          <note>
- *             <p>You can only change these settings for Windows AMIs that you own or that have been shared with you.</p>
+ *             <p>You can only change these settings for Windows AMIs that you own or that have been
+ *         shared with you.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/DisableImageBlockPublicAccessCommand.ts b/clients/client-ec2/src/commands/DisableImageBlockPublicAccessCommand.ts
index 425cd05e56e7..1deb375ea52f 100644
--- a/clients/client-ec2/src/commands/DisableImageBlockPublicAccessCommand.ts
+++ b/clients/client-ec2/src/commands/DisableImageBlockPublicAccessCommand.ts
@@ -38,8 +38,8 @@ export interface DisableImageBlockPublicAccessCommandOutput
  *         <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html">GetImageBlockPublicAccessState</a>, the response will be
  *       <code>block-new-sharing</code>. When the API has completed the configuration, the response
  *       will be <code>unblocked</code>.</p>
- *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis">Block public access to your AMIs</a> in
- *       the <i>Amazon EC2 User Guide</i>.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis">Block
+ *         public access to your AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/EnableFastLaunchCommand.ts b/clients/client-ec2/src/commands/EnableFastLaunchCommand.ts
index f68731b896ad..6771b13f86fd 100644
--- a/clients/client-ec2/src/commands/EnableFastLaunchCommand.ts
+++ b/clients/client-ec2/src/commands/EnableFastLaunchCommand.ts
@@ -28,14 +28,15 @@ export interface EnableFastLaunchCommandInput extends EnableFastLaunchRequest {}
 export interface EnableFastLaunchCommandOutput extends EnableFastLaunchResult, __MetadataBearer {}
 
 /**
- * <p>When you enable Windows fast launch for a Windows AMI, images are pre-provisioned,
- * 			using snapshots to launch instances up to 65% faster. To create the optimized Windows
- * 			image, Amazon EC2 launches an instance and runs through Sysprep steps, rebooting as required.
- * 			Then it creates a set of reserved snapshots that are used for subsequent launches. The
- * 			reserved snapshots are automatically replenished as they are used, depending on your
- * 			settings for launch frequency.</p>
+ * <p>When you enable Windows fast launch for a Windows AMI, images are pre-provisioned, using
+ *       snapshots to launch instances up to 65% faster. To create the optimized Windows image, Amazon EC2
+ *       launches an instance and runs through Sysprep steps, rebooting as required. Then it creates a
+ *       set of reserved snapshots that are used for subsequent launches. The reserved snapshots are
+ *       automatically replenished as they are used, depending on your settings for launch
+ *       frequency.</p>
  *          <note>
- *             <p>You can only change these settings for Windows AMIs that you own or that have been shared with you.</p>
+ *             <p>You can only change these settings for Windows AMIs that you own or that have been
+ *         shared with you.</p>
  *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/EnableImageDeprecationCommand.ts b/clients/client-ec2/src/commands/EnableImageDeprecationCommand.ts
index 211b5b2428b3..76a67511aae2 100644
--- a/clients/client-ec2/src/commands/EnableImageDeprecationCommand.ts
+++ b/clients/client-ec2/src/commands/EnableImageDeprecationCommand.ts
@@ -29,7 +29,8 @@ export interface EnableImageDeprecationCommandOutput extends EnableImageDeprecat
 
 /**
  * <p>Enables deprecation of the specified AMI at the specified date and time.</p>
- *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deprecate.html">Deprecate an AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deprecate.html">Deprecate an AMI</a> in the
+ *         <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/GetAssociatedEnclaveCertificateIamRolesCommand.ts b/clients/client-ec2/src/commands/GetAssociatedEnclaveCertificateIamRolesCommand.ts
index b7214bcfeb2a..0725bdaa1703 100644
--- a/clients/client-ec2/src/commands/GetAssociatedEnclaveCertificateIamRolesCommand.ts
+++ b/clients/client-ec2/src/commands/GetAssociatedEnclaveCertificateIamRolesCommand.ts
@@ -9,7 +9,7 @@ import { commonParams } from "../endpoint/EndpointParameters";
 import {
   GetAssociatedEnclaveCertificateIamRolesRequest,
   GetAssociatedEnclaveCertificateIamRolesResult,
-} from "../models/models_5";
+} from "../models/models_6";
 import {
   de_GetAssociatedEnclaveCertificateIamRolesCommand,
   se_GetAssociatedEnclaveCertificateIamRolesCommand,
diff --git a/clients/client-ec2/src/commands/GetAssociatedIpv6PoolCidrsCommand.ts b/clients/client-ec2/src/commands/GetAssociatedIpv6PoolCidrsCommand.ts
index 74767d8709b9..d4b7ca3f1225 100644
--- a/clients/client-ec2/src/commands/GetAssociatedIpv6PoolCidrsCommand.ts
+++ b/clients/client-ec2/src/commands/GetAssociatedIpv6PoolCidrsCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { GetAssociatedIpv6PoolCidrsRequest, GetAssociatedIpv6PoolCidrsResult } from "../models/models_5";
+import { GetAssociatedIpv6PoolCidrsRequest, GetAssociatedIpv6PoolCidrsResult } from "../models/models_6";
 import { de_GetAssociatedIpv6PoolCidrsCommand, se_GetAssociatedIpv6PoolCidrsCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/GetAwsNetworkPerformanceDataCommand.ts b/clients/client-ec2/src/commands/GetAwsNetworkPerformanceDataCommand.ts
index a9ffae84f027..a4ea27d1c611 100644
--- a/clients/client-ec2/src/commands/GetAwsNetworkPerformanceDataCommand.ts
+++ b/clients/client-ec2/src/commands/GetAwsNetworkPerformanceDataCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { GetAwsNetworkPerformanceDataRequest, GetAwsNetworkPerformanceDataResult } from "../models/models_5";
+import { GetAwsNetworkPerformanceDataRequest, GetAwsNetworkPerformanceDataResult } from "../models/models_6";
 import { de_GetAwsNetworkPerformanceDataCommand, se_GetAwsNetworkPerformanceDataCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/GetCapacityReservationUsageCommand.ts b/clients/client-ec2/src/commands/GetCapacityReservationUsageCommand.ts
index 3c93b9c87468..34d8ada0a32c 100644
--- a/clients/client-ec2/src/commands/GetCapacityReservationUsageCommand.ts
+++ b/clients/client-ec2/src/commands/GetCapacityReservationUsageCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { GetCapacityReservationUsageRequest, GetCapacityReservationUsageResult } from "../models/models_5";
+import { GetCapacityReservationUsageRequest, GetCapacityReservationUsageResult } from "../models/models_6";
 import { de_GetCapacityReservationUsageCommand, se_GetCapacityReservationUsageCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/GetCoipPoolUsageCommand.ts b/clients/client-ec2/src/commands/GetCoipPoolUsageCommand.ts
index f8a27912efa1..86be9f3bc435 100644
--- a/clients/client-ec2/src/commands/GetCoipPoolUsageCommand.ts
+++ b/clients/client-ec2/src/commands/GetCoipPoolUsageCommand.ts
@@ -6,8 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { GetCoipPoolUsageRequest } from "../models/models_5";
-import { GetCoipPoolUsageResult } from "../models/models_6";
+import { GetCoipPoolUsageRequest, GetCoipPoolUsageResult } from "../models/models_6";
 import { de_GetCoipPoolUsageCommand, se_GetCoipPoolUsageCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/ListImagesInRecycleBinCommand.ts b/clients/client-ec2/src/commands/ListImagesInRecycleBinCommand.ts
index 559ff88d02bf..91183d6b6f48 100644
--- a/clients/client-ec2/src/commands/ListImagesInRecycleBinCommand.ts
+++ b/clients/client-ec2/src/commands/ListImagesInRecycleBinCommand.ts
@@ -28,8 +28,8 @@ export interface ListImagesInRecycleBinCommandInput extends ListImagesInRecycleB
 export interface ListImagesInRecycleBinCommandOutput extends ListImagesInRecycleBinResult, __MetadataBearer {}
 
 /**
- * <p>Lists one or more AMIs that are currently in the Recycle Bin. For more information,
- *       see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle
+ * <p>Lists one or more AMIs that are currently in the Recycle Bin. For more information, see
+ *         <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle
  *         Bin</a> in the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
diff --git a/clients/client-ec2/src/commands/ModifyImageAttributeCommand.ts b/clients/client-ec2/src/commands/ModifyImageAttributeCommand.ts
index c1f098307c02..e8b9e7c189b4 100644
--- a/clients/client-ec2/src/commands/ModifyImageAttributeCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyImageAttributeCommand.ts
@@ -28,12 +28,14 @@ export interface ModifyImageAttributeCommandInput extends ModifyImageAttributeRe
 export interface ModifyImageAttributeCommandOutput extends __MetadataBearer {}
 
 /**
- * <p>Modifies the specified attribute of the specified AMI. You can specify only one attribute at a time.</p>
- *          <p>To specify the attribute, you can use the <code>Attribute</code> parameter, or one of the following parameters:
- *        <code>Description</code>, <code>ImdsSupport</code>, or <code>LaunchPermission</code>.</p>
+ * <p>Modifies the specified attribute of the specified AMI. You can specify only one attribute
+ *       at a time.</p>
+ *          <p>To specify the attribute, you can use the <code>Attribute</code> parameter, or one of the
+ *       following parameters: <code>Description</code>, <code>ImdsSupport</code>, or
+ *         <code>LaunchPermission</code>.</p>
  *          <p>Images with an Amazon Web Services Marketplace product code cannot be made public.</p>
- *          <p>To enable the SriovNetSupport enhanced networking attribute of an image, enable SriovNetSupport on an instance
- *        and create an AMI from the instance.</p>
+ *          <p>To enable the SriovNetSupport enhanced networking attribute of an image, enable
+ *       SriovNetSupport on an instance and create an AMI from the instance.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointCommand.ts
index 57de21334c6a..d104658f994a 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { ModifyVerifiedAccessEndpointRequest, ModifyVerifiedAccessEndpointResult } from "../models/models_6";
+import { ModifyVerifiedAccessEndpointRequest, ModifyVerifiedAccessEndpointResult } from "../models/models_7";
 import { de_ModifyVerifiedAccessEndpointCommand, se_ModifyVerifiedAccessEndpointCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointPolicyCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointPolicyCommand.ts
index 909c121af75c..4a24471bc2cc 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointPolicyCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessEndpointPolicyCommand.ts
@@ -9,7 +9,7 @@ import { commonParams } from "../endpoint/EndpointParameters";
 import {
   ModifyVerifiedAccessEndpointPolicyRequest,
   ModifyVerifiedAccessEndpointPolicyResult,
-} from "../models/models_6";
+} from "../models/models_7";
 import {
   de_ModifyVerifiedAccessEndpointPolicyCommand,
   se_ModifyVerifiedAccessEndpointPolicyCommand,
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupCommand.ts
index 841baaa75286..3ffe6a96e8bd 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { ModifyVerifiedAccessGroupRequest, ModifyVerifiedAccessGroupResult } from "../models/models_6";
+import { ModifyVerifiedAccessGroupRequest, ModifyVerifiedAccessGroupResult } from "../models/models_7";
 import { de_ModifyVerifiedAccessGroupCommand, se_ModifyVerifiedAccessGroupCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupPolicyCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupPolicyCommand.ts
index 0265d100b8b6..5dc31bba1da2 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupPolicyCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessGroupPolicyCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { ModifyVerifiedAccessGroupPolicyRequest, ModifyVerifiedAccessGroupPolicyResult } from "../models/models_6";
+import { ModifyVerifiedAccessGroupPolicyRequest, ModifyVerifiedAccessGroupPolicyResult } from "../models/models_7";
 import {
   de_ModifyVerifiedAccessGroupPolicyCommand,
   se_ModifyVerifiedAccessGroupPolicyCommand,
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceCommand.ts
index cde502e674ff..ad88bb83d7eb 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceCommand.ts
@@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 
 import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { ModifyVerifiedAccessInstanceRequest, ModifyVerifiedAccessInstanceResult } from "../models/models_6";
+import { ModifyVerifiedAccessInstanceRequest, ModifyVerifiedAccessInstanceResult } from "../models/models_7";
 import { de_ModifyVerifiedAccessInstanceCommand, se_ModifyVerifiedAccessInstanceCommand } from "../protocols/Aws_ec2";
 
 /**
diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts
index c349a9b5256b..541a3cb7223b 100644
--- a/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts
+++ b/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts
@@ -9,7 +9,7 @@ import { commonParams } from "../endpoint/EndpointParameters";
 import {
   ModifyVerifiedAccessInstanceLoggingConfigurationRequest,
   ModifyVerifiedAccessInstanceLoggingConfigurationResult,
-} from "../models/models_6";
+} from "../models/models_7";
 import {
   de_ModifyVerifiedAccessInstanceLoggingConfigurationCommand,
   se_ModifyVerifiedAccessInstanceLoggingConfigurationCommand,
diff --git a/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessExclusionCommand.ts b/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessExclusionCommand.ts
new file mode 100644
index 000000000000..4f4a04aab9fd
--- /dev/null
+++ b/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessExclusionCommand.ts
@@ -0,0 +1,117 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import {
+  ModifyVpcBlockPublicAccessExclusionRequest,
+  ModifyVpcBlockPublicAccessExclusionResult,
+} from "../models/models_7";
+import {
+  de_ModifyVpcBlockPublicAccessExclusionCommand,
+  se_ModifyVpcBlockPublicAccessExclusionCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link ModifyVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface ModifyVpcBlockPublicAccessExclusionCommandInput extends ModifyVpcBlockPublicAccessExclusionRequest {}
+/**
+ * @public
+ *
+ * The output of {@link ModifyVpcBlockPublicAccessExclusionCommand}.
+ */
+export interface ModifyVpcBlockPublicAccessExclusionCommandOutput
+  extends ModifyVpcBlockPublicAccessExclusionResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Modify VPC Block Public Access (BPA) exclusions. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, ModifyVpcBlockPublicAccessExclusionCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, ModifyVpcBlockPublicAccessExclusionCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // ModifyVpcBlockPublicAccessExclusionRequest
+ *   DryRun: true || false,
+ *   ExclusionId: "STRING_VALUE", // required
+ *   InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress", // required
+ * };
+ * const command = new ModifyVpcBlockPublicAccessExclusionCommand(input);
+ * const response = await client.send(command);
+ * // { // ModifyVpcBlockPublicAccessExclusionResult
+ * //   VpcBlockPublicAccessExclusion: { // VpcBlockPublicAccessExclusion
+ * //     ExclusionId: "STRING_VALUE",
+ * //     InternetGatewayExclusionMode: "allow-bidirectional" || "allow-egress",
+ * //     ResourceArn: "STRING_VALUE",
+ * //     State: "create-in-progress" || "create-complete" || "create-failed" || "update-in-progress" || "update-complete" || "update-failed" || "delete-in-progress" || "delete-complete" || "disable-in-progress" || "disable-complete",
+ * //     Reason: "STRING_VALUE",
+ * //     CreationTimestamp: new Date("TIMESTAMP"),
+ * //     LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //     DeletionTimestamp: new Date("TIMESTAMP"),
+ * //     Tags: [ // TagList
+ * //       { // Tag
+ * //         Key: "STRING_VALUE",
+ * //         Value: "STRING_VALUE",
+ * //       },
+ * //     ],
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param ModifyVpcBlockPublicAccessExclusionCommandInput - {@link ModifyVpcBlockPublicAccessExclusionCommandInput}
+ * @returns {@link ModifyVpcBlockPublicAccessExclusionCommandOutput}
+ * @see {@link ModifyVpcBlockPublicAccessExclusionCommandInput} for command's `input` shape.
+ * @see {@link ModifyVpcBlockPublicAccessExclusionCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class ModifyVpcBlockPublicAccessExclusionCommand extends $Command
+  .classBuilder<
+    ModifyVpcBlockPublicAccessExclusionCommandInput,
+    ModifyVpcBlockPublicAccessExclusionCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "ModifyVpcBlockPublicAccessExclusion", {})
+  .n("EC2Client", "ModifyVpcBlockPublicAccessExclusionCommand")
+  .f(void 0, void 0)
+  .ser(se_ModifyVpcBlockPublicAccessExclusionCommand)
+  .de(de_ModifyVpcBlockPublicAccessExclusionCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: ModifyVpcBlockPublicAccessExclusionRequest;
+      output: ModifyVpcBlockPublicAccessExclusionResult;
+    };
+    sdk: {
+      input: ModifyVpcBlockPublicAccessExclusionCommandInput;
+      output: ModifyVpcBlockPublicAccessExclusionCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessOptionsCommand.ts b/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessOptionsCommand.ts
new file mode 100644
index 000000000000..183317b355a2
--- /dev/null
+++ b/clients/client-ec2/src/commands/ModifyVpcBlockPublicAccessOptionsCommand.ts
@@ -0,0 +1,105 @@
+// smithy-typescript generated code
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+
+import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client";
+import { commonParams } from "../endpoint/EndpointParameters";
+import { ModifyVpcBlockPublicAccessOptionsRequest, ModifyVpcBlockPublicAccessOptionsResult } from "../models/models_7";
+import {
+  de_ModifyVpcBlockPublicAccessOptionsCommand,
+  se_ModifyVpcBlockPublicAccessOptionsCommand,
+} from "../protocols/Aws_ec2";
+
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link ModifyVpcBlockPublicAccessOptionsCommand}.
+ */
+export interface ModifyVpcBlockPublicAccessOptionsCommandInput extends ModifyVpcBlockPublicAccessOptionsRequest {}
+/**
+ * @public
+ *
+ * The output of {@link ModifyVpcBlockPublicAccessOptionsCommand}.
+ */
+export interface ModifyVpcBlockPublicAccessOptionsCommandOutput
+  extends ModifyVpcBlockPublicAccessOptionsResult,
+    __MetadataBearer {}
+
+/**
+ * <p>Modify VPC Block Public Access (BPA) options. VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { EC2Client, ModifyVpcBlockPublicAccessOptionsCommand } from "@aws-sdk/client-ec2"; // ES Modules import
+ * // const { EC2Client, ModifyVpcBlockPublicAccessOptionsCommand } = require("@aws-sdk/client-ec2"); // CommonJS import
+ * const client = new EC2Client(config);
+ * const input = { // ModifyVpcBlockPublicAccessOptionsRequest
+ *   DryRun: true || false,
+ *   InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress", // required
+ * };
+ * const command = new ModifyVpcBlockPublicAccessOptionsCommand(input);
+ * const response = await client.send(command);
+ * // { // ModifyVpcBlockPublicAccessOptionsResult
+ * //   VpcBlockPublicAccessOptions: { // VpcBlockPublicAccessOptions
+ * //     AwsAccountId: "STRING_VALUE",
+ * //     AwsRegion: "STRING_VALUE",
+ * //     State: "default-state" || "update-in-progress" || "update-complete",
+ * //     InternetGatewayBlockMode: "off" || "block-bidirectional" || "block-ingress",
+ * //     Reason: "STRING_VALUE",
+ * //     LastUpdateTimestamp: new Date("TIMESTAMP"),
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param ModifyVpcBlockPublicAccessOptionsCommandInput - {@link ModifyVpcBlockPublicAccessOptionsCommandInput}
+ * @returns {@link ModifyVpcBlockPublicAccessOptionsCommandOutput}
+ * @see {@link ModifyVpcBlockPublicAccessOptionsCommandInput} for command's `input` shape.
+ * @see {@link ModifyVpcBlockPublicAccessOptionsCommandOutput} for command's `response` shape.
+ * @see {@link EC2ClientResolvedConfig | config} for EC2Client's `config` shape.
+ *
+ * @throws {@link EC2ServiceException}
+ * <p>Base exception class for all service exceptions from EC2 service.</p>
+ *
+ * @public
+ */
+export class ModifyVpcBlockPublicAccessOptionsCommand extends $Command
+  .classBuilder<
+    ModifyVpcBlockPublicAccessOptionsCommandInput,
+    ModifyVpcBlockPublicAccessOptionsCommandOutput,
+    EC2ClientResolvedConfig,
+    ServiceInputTypes,
+    ServiceOutputTypes
+  >()
+  .ep(commonParams)
+  .m(function (this: any, Command: any, cs: any, config: EC2ClientResolvedConfig, o: any) {
+    return [
+      getSerdePlugin(config, this.serialize, this.deserialize),
+      getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
+    ];
+  })
+  .s("AmazonEC2", "ModifyVpcBlockPublicAccessOptions", {})
+  .n("EC2Client", "ModifyVpcBlockPublicAccessOptionsCommand")
+  .f(void 0, void 0)
+  .ser(se_ModifyVpcBlockPublicAccessOptionsCommand)
+  .de(de_ModifyVpcBlockPublicAccessOptionsCommand)
+  .build() {
+  /** @internal type navigation helper, not in runtime. */
+  protected declare static __types: {
+    api: {
+      input: ModifyVpcBlockPublicAccessOptionsRequest;
+      output: ModifyVpcBlockPublicAccessOptionsResult;
+    };
+    sdk: {
+      input: ModifyVpcBlockPublicAccessOptionsCommandInput;
+      output: ModifyVpcBlockPublicAccessOptionsCommandOutput;
+    };
+  };
+}
diff --git a/clients/client-ec2/src/commands/RegisterImageCommand.ts b/clients/client-ec2/src/commands/RegisterImageCommand.ts
index ef8bc95a8f1f..d22511ca6872 100644
--- a/clients/client-ec2/src/commands/RegisterImageCommand.ts
+++ b/clients/client-ec2/src/commands/RegisterImageCommand.ts
@@ -44,18 +44,17 @@ export interface RegisterImageCommandOutput extends RegisterImageResult, __Metad
  *          <p>
  *             <b>Register a snapshot of a root device volume</b>
  *          </p>
- *          <p>You can use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from
- *        a snapshot of a root device volume. You specify the snapshot using a block device mapping.
- *        You can't set the encryption state of the volume using the block device mapping. If the
- *        snapshot is encrypted, or encryption by default is enabled, the root volume of an instance
- *        launched from the AMI is encrypted.</p>
+ *          <p>You can use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from a snapshot
+ *       of a root device volume. You specify the snapshot using a block device mapping. You can't set
+ *       the encryption state of the volume using the block device mapping. If the snapshot is
+ *       encrypted, or encryption by default is enabled, the root volume of an instance launched from
+ *       the AMI is encrypted.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot">Create an AMI from a snapshot</a> and <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html">Use encryption with Amazon EBS-backed
  *         AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>
  *          <p>
  *             <b>Amazon Web Services Marketplace product codes</b>
  *          </p>
- *          <p>If any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new
- *       AMI.</p>
+ *          <p>If any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new AMI.</p>
  *          <p>In most cases, AMIs for Windows, RedHat, SUSE, and SQL Server require correct licensing
  *       information to be present on the AMI. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html">Understand AMI billing
  *         information</a> in the <i>Amazon EC2 User Guide</i>. When creating an AMI from
diff --git a/clients/client-ec2/src/commands/RestoreImageFromRecycleBinCommand.ts b/clients/client-ec2/src/commands/RestoreImageFromRecycleBinCommand.ts
index 77bc240388e4..92c238eff7dc 100644
--- a/clients/client-ec2/src/commands/RestoreImageFromRecycleBinCommand.ts
+++ b/clients/client-ec2/src/commands/RestoreImageFromRecycleBinCommand.ts
@@ -28,7 +28,8 @@ export interface RestoreImageFromRecycleBinCommandInput extends RestoreImageFrom
 export interface RestoreImageFromRecycleBinCommandOutput extends RestoreImageFromRecycleBinResult, __MetadataBearer {}
 
 /**
- * <p>Restores an AMI from the Recycle Bin. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle Bin</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ * <p>Restores an AMI from the Recycle Bin. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html">Recycle Bin</a> in
+ *       the <i>Amazon EC2 User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-ec2/src/commands/index.ts b/clients/client-ec2/src/commands/index.ts
index c83f4befc176..0efb6dbe30c7 100644
--- a/clients/client-ec2/src/commands/index.ts
+++ b/clients/client-ec2/src/commands/index.ts
@@ -133,6 +133,7 @@ export * from "./CreateVerifiedAccessGroupCommand";
 export * from "./CreateVerifiedAccessInstanceCommand";
 export * from "./CreateVerifiedAccessTrustProviderCommand";
 export * from "./CreateVolumeCommand";
+export * from "./CreateVpcBlockPublicAccessExclusionCommand";
 export * from "./CreateVpcCommand";
 export * from "./CreateVpcEndpointCommand";
 export * from "./CreateVpcEndpointConnectionNotificationCommand";
@@ -208,6 +209,7 @@ export * from "./DeleteVerifiedAccessGroupCommand";
 export * from "./DeleteVerifiedAccessInstanceCommand";
 export * from "./DeleteVerifiedAccessTrustProviderCommand";
 export * from "./DeleteVolumeCommand";
+export * from "./DeleteVpcBlockPublicAccessExclusionCommand";
 export * from "./DeleteVpcCommand";
 export * from "./DeleteVpcEndpointConnectionNotificationsCommand";
 export * from "./DeleteVpcEndpointServiceConfigurationsCommand";
@@ -367,6 +369,8 @@ export * from "./DescribeVolumeStatusCommand";
 export * from "./DescribeVolumesCommand";
 export * from "./DescribeVolumesModificationsCommand";
 export * from "./DescribeVpcAttributeCommand";
+export * from "./DescribeVpcBlockPublicAccessExclusionsCommand";
+export * from "./DescribeVpcBlockPublicAccessOptionsCommand";
 export * from "./DescribeVpcClassicLinkCommand";
 export * from "./DescribeVpcClassicLinkDnsSupportCommand";
 export * from "./DescribeVpcEndpointConnectionNotificationsCommand";
@@ -553,6 +557,8 @@ export * from "./ModifyVerifiedAccessTrustProviderCommand";
 export * from "./ModifyVolumeAttributeCommand";
 export * from "./ModifyVolumeCommand";
 export * from "./ModifyVpcAttributeCommand";
+export * from "./ModifyVpcBlockPublicAccessExclusionCommand";
+export * from "./ModifyVpcBlockPublicAccessOptionsCommand";
 export * from "./ModifyVpcEndpointCommand";
 export * from "./ModifyVpcEndpointConnectionNotificationCommand";
 export * from "./ModifyVpcEndpointServiceConfigurationCommand";
diff --git a/clients/client-ec2/src/models/models_0.ts b/clients/client-ec2/src/models/models_0.ts
index 181ed7030efd..be5f843a0f33 100644
--- a/clients/client-ec2/src/models/models_0.ts
+++ b/clients/client-ec2/src/models/models_0.ts
@@ -7073,21 +7073,23 @@ export interface AuthorizeSecurityGroupIngressResult {
 }
 
 /**
- * <p>Describes the storage parameters for Amazon S3 and Amazon S3 buckets for an instance store-backed AMI.</p>
+ * <p>Describes the storage parameters for Amazon S3 and Amazon S3 buckets for an instance store-backed
+ *       AMI.</p>
  * @public
  */
 export interface S3Storage {
   /**
    * <p>The access key ID of the owner of the bucket. Before you specify a value for your access
-   *        key ID, review and follow the guidance in <a href="https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html">Best
-   *          Practices for Amazon Web Services accounts</a> in the <i>Account ManagementReference
-   *            Guide</i>.</p>
+   *       key ID, review and follow the guidance in <a href="https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html">Best Practices for Amazon Web Services
+   *         accounts</a> in the <i>Account ManagementReference Guide</i>.</p>
    * @public
    */
   AWSAccessKeyId?: string | undefined;
 
   /**
-   * <p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>
+   * <p>The bucket in which to store the AMI. You can specify a bucket that you already own or a
+   *       new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone
+   *       else, Amazon EC2 returns an error.</p>
    * @public
    */
   Bucket?: string | undefined;
@@ -7099,7 +7101,8 @@ export interface S3Storage {
   Prefix?: string | undefined;
 
   /**
-   * <p>An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.</p>
+   * <p>An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your
+   *       behalf.</p>
    * @public
    */
   UploadPolicy?: Uint8Array | undefined;
@@ -7136,7 +7139,9 @@ export interface BundleInstanceRequest {
   InstanceId: string | undefined;
 
   /**
-   * <p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>
+   * <p>The bucket in which to store the AMI. You can specify a bucket that you already own or a
+   *       new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone
+   *       else, Amazon EC2 returns an error.</p>
    * @public
    */
   Storage: Storage | undefined;
@@ -8047,9 +8052,9 @@ export interface CopyFpgaImageResult {
  */
 export interface CopyImageRequest {
   /**
-   * <p>Unique, case-sensitive identifier you provide to ensure
-   *        idempotency of the request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring idempotency</a>
-   *        in the <i>Amazon EC2 API Reference</i>.</p>
+   * <p>Unique, case-sensitive identifier you provide to ensure idempotency of the request. For
+   *       more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring idempotency</a>
+   *       in the <i>Amazon EC2 API Reference</i>.</p>
    * @public
    */
   ClientToken?: string | undefined;
@@ -8071,9 +8076,9 @@ export interface CopyImageRequest {
   Encrypted?: boolean | undefined;
 
   /**
-   * <p>The identifier of the symmetric Key Management Service (KMS) KMS key to use when creating
-   *    		encrypted volumes. If this parameter is not specified, your Amazon Web Services managed KMS key for Amazon EBS is used.
-   *    		If you specify a KMS key, you must also set the encrypted state to <code>true</code>.</p>
+   * <p>The identifier of the symmetric Key Management Service (KMS) KMS key to use when creating encrypted volumes.
+   *       If this parameter is not specified, your Amazon Web Services managed KMS key for Amazon EBS is used. If you
+   *       specify a KMS key, you must also set the encrypted state to <code>true</code>.</p>
    *          <p>You can specify a KMS key using any of the following:</p>
    *          <ul>
    *             <li>
@@ -8089,8 +8094,8 @@ export interface CopyImageRequest {
    *                <p>Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.</p>
    *             </li>
    *          </ul>
-   *          <p>Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an identifier that is not valid,
-   *       the action can appear to complete, but eventually fails.</p>
+   *          <p>Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an identifier
+   *       that is not valid, the action can appear to complete, but eventually fails.</p>
    *          <p>The specified KMS key must exist in the destination Region.</p>
    *          <p>Amazon EBS does not support asymmetric KMS keys.</p>
    * @public
@@ -8116,13 +8121,12 @@ export interface CopyImageRequest {
   SourceRegion: string | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only
-   *   		specify this parameter when copying an AMI from an Amazon Web Services Region to an Outpost.
-   *   		The AMI must be in the Region of the destination Outpost. You cannot copy an
-   *   		AMI from an Outpost to a Region, from one Outpost to another, or within the same
-   *   		Outpost.</p>
-   *          <p>For more information, see <a href="https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis">Copy AMIs from an Amazon Web Services
-   *         Region to an Outpost</a> in the <i>Amazon EBS User Guide</i>.</p>
+   * <p>The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only specify this
+   *       parameter when copying an AMI from an Amazon Web Services Region to an Outpost. The AMI must be in the
+   *       Region of the destination Outpost. You cannot copy an AMI from an Outpost to a Region, from
+   *       one Outpost to another, or within the same Outpost.</p>
+   *          <p>For more information, see <a href="https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis">Copy AMIs from an Amazon Web Services Region
+   *         to an Outpost</a> in the <i>Amazon EBS User Guide</i>.</p>
    * @public
    */
   DestinationOutpostArn?: string | undefined;
@@ -8154,7 +8158,7 @@ export interface CopyImageRequest {
    *             </li>
    *             <li>
    *                <p>To tag the new snapshots, the value for <code>ResourceType</code> must be
-   *           <code>snapshot</code>. The same tag is applied to all the new snapshots.</p>
+   *             <code>snapshot</code>. The same tag is applied to all the new snapshots.</p>
    *             </li>
    *          </ul>
    *          <p>If you specify other values for <code>ResourceType</code>, the request fails.</p>
diff --git a/clients/client-ec2/src/models/models_1.ts b/clients/client-ec2/src/models/models_1.ts
index 18f6d47a952e..ba6612a61380 100644
--- a/clients/client-ec2/src/models/models_1.ts
+++ b/clients/client-ec2/src/models/models_1.ts
@@ -9,7 +9,6 @@ import {
   AcceleratorTotalMemoryMiB,
   AcceleratorTotalMemoryMiBRequest,
   AcceleratorType,
-  AccessScopePathRequest,
   AddIpamOperatingRegion,
   AddPrefixListEntry,
   AddressFamily,
@@ -2520,6 +2519,47 @@ export interface CreateDefaultSubnetRequest {
   Ipv6Native?: boolean | undefined;
 }
 
+/**
+ * @public
+ * @enum
+ */
+export const BlockPublicAccessMode = {
+  block_bidirectional: "block-bidirectional",
+  block_ingress: "block-ingress",
+  off: "off",
+} as const;
+
+/**
+ * @public
+ */
+export type BlockPublicAccessMode = (typeof BlockPublicAccessMode)[keyof typeof BlockPublicAccessMode];
+
+/**
+ * <p>The state of VPC Block Public Access (BPA).</p>
+ * @public
+ */
+export interface BlockPublicAccessStates {
+  /**
+   * <p>The mode of VPC BPA.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  InternetGatewayBlockMode?: BlockPublicAccessMode | undefined;
+}
+
 /**
  * @public
  * @enum
@@ -2669,6 +2709,12 @@ export interface Subnet {
    */
   PrivateDnsNameOptionsOnLaunch?: PrivateDnsNameOptionsOnLaunch | undefined;
 
+  /**
+   * <p>The state of VPC Block Public Access (BPA).</p>
+   * @public
+   */
+  BlockPublicAccessStates?: BlockPublicAccessStates | undefined;
+
   /**
    * <p>The ID of the subnet.</p>
    * @public
@@ -2815,6 +2861,12 @@ export interface Vpc {
    */
   Tags?: Tag[] | undefined;
 
+  /**
+   * <p>The state of VPC Block Public Access (BPA).</p>
+   * @public
+   */
+  BlockPublicAccessStates?: BlockPublicAccessStates | undefined;
+
   /**
    * <p>The ID of the VPC.</p>
    * @public
@@ -6090,8 +6142,8 @@ export interface CreateImageRequest {
    *           <code>image</code>.</p>
    *             </li>
    *             <li>
-   *                <p>To tag the snapshots that are created of the root volume and of other Amazon EBS volumes that
-   *           are attached to the instance, the value for <code>ResourceType</code> must be
+   *                <p>To tag the snapshots that are created of the root volume and of other Amazon EBS volumes
+   *           that are attached to the instance, the value for <code>ResourceType</code> must be
    *             <code>snapshot</code>. The same tag is applied to all of the snapshots that are
    *           created.</p>
    *             </li>
@@ -6118,7 +6170,9 @@ export interface CreateImageRequest {
 
   /**
    * <p>A name for the new image.</p>
-   *          <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>
+   *          <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces
+   *       ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or
+   *       underscores(_)</p>
    * @public
    */
   Name: string | undefined;
@@ -6130,21 +6184,21 @@ export interface CreateImageRequest {
   Description?: string | undefined;
 
   /**
-   * <p>Indicates whether or not the instance should be automatically rebooted before creating
-   *        the image. Specify one of the following values:</p>
+   * <p>Indicates whether or not the instance should be automatically rebooted before creating the
+   *       image. Specify one of the following values:</p>
    *          <ul>
    *             <li>
    *                <p>
    *                   <code>true</code> - The instance is not rebooted before creating the image. This
-   *            creates crash-consistent snapshots that include only the data that has been written
-   *            to the volumes at the time the snapshots are created. Buffered data and data in
-   *            memory that has not yet been written to the volumes is not included in the snapshots.</p>
+   *           creates crash-consistent snapshots that include only the data that has been written to the
+   *           volumes at the time the snapshots are created. Buffered data and data in memory that has
+   *           not yet been written to the volumes is not included in the snapshots.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>false</code> - The instance is rebooted before creating the image. This
-   *            ensures that all buffered data and data in memory is written to the volumes before the
-   *            snapshots are created.</p>
+   *                   <code>false</code> - The instance is rebooted before creating the image. This ensures
+   *           that all buffered data and data in memory is written to the volumes before the snapshots
+   *           are created.</p>
    *             </li>
    *          </ul>
    *          <p>Default: <code>false</code>
@@ -9057,8 +9111,8 @@ export interface LaunchTemplateInstanceNetworkInterfaceSpecificationRequest {
   /**
    * <p>A security group connection tracking specification that enables you to set the timeout
    *             for connection tracking on an Elastic network interface. For more information, see
-   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Idle connection tracking timeout</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
+   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Idle connection tracking timeout</a> in the
+   *             <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
   ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined;
@@ -10552,8 +10606,8 @@ export interface LaunchTemplateInstanceNetworkInterfaceSpecification {
   /**
    * <p>A security group connection tracking specification that enables you to set the timeout
    *             for connection tracking on an Elastic network interface. For more information, see
-   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Idle connection tracking timeout</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
+   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Idle connection tracking timeout</a> in the
+   *             <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
   ConnectionTrackingSpecification?: ConnectionTrackingSpecification | undefined;
@@ -12292,80 +12346,6 @@ export interface CreateNetworkAclEntryRequest {
   PortRange?: PortRange | undefined;
 }
 
-/**
- * @public
- */
-export interface CreateNetworkInsightsAccessScopeRequest {
-  /**
-   * <p>The paths to match.</p>
-   * @public
-   */
-  MatchPaths?: AccessScopePathRequest[] | undefined;
-
-  /**
-   * <p>The paths to exclude.</p>
-   * @public
-   */
-  ExcludePaths?: AccessScopePathRequest[] | undefined;
-
-  /**
-   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information,
-   *    see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">How to ensure idempotency</a>.</p>
-   * @public
-   */
-  ClientToken?: string | undefined;
-
-  /**
-   * <p>The tags to apply.</p>
-   * @public
-   */
-  TagSpecifications?: TagSpecification[] | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-}
-
-/**
- * <p>Describes a Network Access Scope.</p>
- * @public
- */
-export interface NetworkInsightsAccessScope {
-  /**
-   * <p>The ID of the Network Access Scope.</p>
-   * @public
-   */
-  NetworkInsightsAccessScopeId?: string | undefined;
-
-  /**
-   * <p>The Amazon Resource Name (ARN) of the Network Access Scope.</p>
-   * @public
-   */
-  NetworkInsightsAccessScopeArn?: string | undefined;
-
-  /**
-   * <p>The creation date.</p>
-   * @public
-   */
-  CreatedDate?: Date | undefined;
-
-  /**
-   * <p>The last updated date.</p>
-   * @public
-   */
-  UpdatedDate?: Date | undefined;
-
-  /**
-   * <p>The tags.</p>
-   * @public
-   */
-  Tags?: Tag[] | undefined;
-}
-
 /**
  * @internal
  */
diff --git a/clients/client-ec2/src/models/models_2.ts b/clients/client-ec2/src/models/models_2.ts
index 313cc233cccf..36cd2db9c5c5 100644
--- a/clients/client-ec2/src/models/models_2.ts
+++ b/clients/client-ec2/src/models/models_2.ts
@@ -3,6 +3,7 @@ import { SENSITIVE_STRING } from "@smithy/smithy-client";
 
 import {
   AccessScopePath,
+  AccessScopePathRequest,
   ApplianceModeSupportValue,
   AttachmentStatus,
   CurrencyCodeValues,
@@ -45,13 +46,8 @@ import {
   GatewayType,
   InstanceIpv6Address,
   Ipam,
-  IpamExternalResourceVerificationToken,
-  IpamPool,
-  IpamResourceDiscovery,
-  IpamScope,
   Ipv4PrefixSpecificationRequest,
   Ipv6PrefixSpecificationRequest,
-  NetworkInsightsAccessScope,
   OperatorRequest,
   OperatorResponse,
   PrivateIpAddressSpecification,
@@ -61,6 +57,80 @@ import {
   Vpc,
 } from "./models_1";
 
+/**
+ * @public
+ */
+export interface CreateNetworkInsightsAccessScopeRequest {
+  /**
+   * <p>The paths to match.</p>
+   * @public
+   */
+  MatchPaths?: AccessScopePathRequest[] | undefined;
+
+  /**
+   * <p>The paths to exclude.</p>
+   * @public
+   */
+  ExcludePaths?: AccessScopePathRequest[] | undefined;
+
+  /**
+   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information,
+   *    see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">How to ensure idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>The tags to apply.</p>
+   * @public
+   */
+  TagSpecifications?: TagSpecification[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
+
+/**
+ * <p>Describes a Network Access Scope.</p>
+ * @public
+ */
+export interface NetworkInsightsAccessScope {
+  /**
+   * <p>The ID of the Network Access Scope.</p>
+   * @public
+   */
+  NetworkInsightsAccessScopeId?: string | undefined;
+
+  /**
+   * <p>The Amazon Resource Name (ARN) of the Network Access Scope.</p>
+   * @public
+   */
+  NetworkInsightsAccessScopeArn?: string | undefined;
+
+  /**
+   * <p>The creation date.</p>
+   * @public
+   */
+  CreatedDate?: Date | undefined;
+
+  /**
+   * <p>The last updated date.</p>
+   * @public
+   */
+  UpdatedDate?: Date | undefined;
+
+  /**
+   * <p>The tags.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
+}
+
 /**
  * <p>Describes the Network Access Scope content.</p>
  * @public
@@ -1693,12 +1763,13 @@ export interface CreateRestoreImageTaskRequest {
    *       snapshots, or both.</p>
    *          <ul>
    *             <li>
-   *                <p>To tag the AMI, the value for <code>ResourceType</code> must be <code>image</code>.</p>
+   *                <p>To tag the AMI, the value for <code>ResourceType</code> must be
+   *           <code>image</code>.</p>
    *             </li>
    *             <li>
-   *                <p>To
-   *           tag the snapshots, the value for <code>ResourceType</code> must be <code>snapshot</code>. The
-   *           same tag is applied to all of the snapshots that are created.</p>
+   *                <p>To tag the snapshots, the value for <code>ResourceType</code> must be
+   *             <code>snapshot</code>. The same tag is applied to all of the snapshots that are
+   *           created.</p>
    *             </li>
    *          </ul>
    * @public
@@ -6614,6 +6685,176 @@ export interface CreateVpcResult {
   Vpc?: Vpc | undefined;
 }
 
+/**
+ * @public
+ * @enum
+ */
+export const InternetGatewayExclusionMode = {
+  allow_bidirectional: "allow-bidirectional",
+  allow_egress: "allow-egress",
+} as const;
+
+/**
+ * @public
+ */
+export type InternetGatewayExclusionMode =
+  (typeof InternetGatewayExclusionMode)[keyof typeof InternetGatewayExclusionMode];
+
+/**
+ * @public
+ */
+export interface CreateVpcBlockPublicAccessExclusionRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>A subnet ID.</p>
+   * @public
+   */
+  SubnetId?: string | undefined;
+
+  /**
+   * <p>A VPC ID.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
+
+  /**
+   * <p>The exclusion mode for internet gateway traffic.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  InternetGatewayExclusionMode: InternetGatewayExclusionMode | undefined;
+
+  /**
+   * <p>
+   *             <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   * @public
+   */
+  TagSpecifications?: TagSpecification[] | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const VpcBlockPublicAccessExclusionState = {
+  create_complete: "create-complete",
+  create_failed: "create-failed",
+  create_in_progress: "create-in-progress",
+  delete_complete: "delete-complete",
+  delete_in_progress: "delete-in-progress",
+  disable_complete: "disable-complete",
+  disable_in_progress: "disable-in-progress",
+  update_complete: "update-complete",
+  update_failed: "update-failed",
+  update_in_progress: "update-in-progress",
+} as const;
+
+/**
+ * @public
+ */
+export type VpcBlockPublicAccessExclusionState =
+  (typeof VpcBlockPublicAccessExclusionState)[keyof typeof VpcBlockPublicAccessExclusionState];
+
+/**
+ * <p>A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @public
+ */
+export interface VpcBlockPublicAccessExclusion {
+  /**
+   * <p>The ID of the exclusion.</p>
+   * @public
+   */
+  ExclusionId?: string | undefined;
+
+  /**
+   * <p>The exclusion mode for internet gateway traffic.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  InternetGatewayExclusionMode?: InternetGatewayExclusionMode | undefined;
+
+  /**
+   * <p>The ARN of the exclusion.</p>
+   * @public
+   */
+  ResourceArn?: string | undefined;
+
+  /**
+   * <p>The state of the exclusion.</p>
+   * @public
+   */
+  State?: VpcBlockPublicAccessExclusionState | undefined;
+
+  /**
+   * <p>The reason for the current exclusion state.</p>
+   * @public
+   */
+  Reason?: string | undefined;
+
+  /**
+   * <p>When the exclusion was created.</p>
+   * @public
+   */
+  CreationTimestamp?: Date | undefined;
+
+  /**
+   * <p>When the exclusion was last updated.</p>
+   * @public
+   */
+  LastUpdateTimestamp?: Date | undefined;
+
+  /**
+   * <p>When the exclusion was deleted.</p>
+   * @public
+   */
+  DeletionTimestamp?: Date | undefined;
+
+  /**
+   * <p>
+   *             <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
+}
+
+/**
+ * @public
+ */
+export interface CreateVpcBlockPublicAccessExclusionResult {
+  /**
+   * <p>Details about an exclusion.</p>
+   * @public
+   */
+  VpcBlockPublicAccessExclusion?: VpcBlockPublicAccessExclusion | undefined;
+}
+
 /**
  * @public
  * @enum
@@ -9390,117 +9631,6 @@ export interface DeleteIpamExternalResourceVerificationTokenRequest {
   IpamExternalResourceVerificationTokenId: string | undefined;
 }
 
-/**
- * @public
- */
-export interface DeleteIpamExternalResourceVerificationTokenResult {
-  /**
-   * <p>The verification token.</p>
-   * @public
-   */
-  IpamExternalResourceVerificationToken?: IpamExternalResourceVerificationToken | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamPoolRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the pool to delete.</p>
-   * @public
-   */
-  IpamPoolId: string | undefined;
-
-  /**
-   * <p>Enables you to quickly delete an IPAM pool and all resources within that pool, including
-   *          provisioned CIDRs, allocations, and other pools.</p>
-   *          <important>
-   *             <p>You can only use this option to delete pools in the private scope or pools in the public scope with a source resource. A source resource is a resource used to provision CIDRs to a resource planning pool.</p>
-   *          </important>
-   * @public
-   */
-  Cascade?: boolean | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamPoolResult {
-  /**
-   * <p>Information about the results of the deletion.</p>
-   * @public
-   */
-  IpamPool?: IpamPool | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamResourceDiscoveryRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The IPAM resource discovery ID.</p>
-   * @public
-   */
-  IpamResourceDiscoveryId: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamResourceDiscoveryResult {
-  /**
-   * <p>The IPAM resource discovery.</p>
-   * @public
-   */
-  IpamResourceDiscovery?: IpamResourceDiscovery | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamScopeRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the scope to delete.</p>
-   * @public
-   */
-  IpamScopeId: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DeleteIpamScopeResult {
-  /**
-   * <p>Information about the results of the deletion.</p>
-   * @public
-   */
-  IpamScope?: IpamScope | undefined;
-}
-
 /**
  * @internal
  */
diff --git a/clients/client-ec2/src/models/models_3.ts b/clients/client-ec2/src/models/models_3.ts
index 7413d9760009..7522bc23740c 100644
--- a/clients/client-ec2/src/models/models_3.ts
+++ b/clients/client-ec2/src/models/models_3.ts
@@ -9,10 +9,7 @@ import {
   AddressAttribute,
   AddressAttributeName,
   AddressTransfer,
-  AllocationState,
-  AllowsMultipleInstanceTypes,
   AssociationStatus,
-  AutoPlacement,
   BundleTask,
   BundleTaskFilterSensitiveLog,
   ByoipCidr,
@@ -20,9 +17,6 @@ import {
   CapacityReservationTenancy,
   ClientVpnAuthorizationRuleStatus,
   CurrencyCodeValues,
-  HostMaintenance,
-  HostRecovery,
-  IamInstanceProfileAssociation,
   Tag,
   TransitGatewayPeeringAttachment,
   TransitGatewayVpcAttachment,
@@ -58,6 +52,10 @@ import {
   FleetReplacementStrategy,
   FleetType,
   InstanceLifecycle,
+  IpamExternalResourceVerificationToken,
+  IpamPool,
+  IpamResourceDiscovery,
+  IpamScope,
   LaunchTemplate,
   LaunchTemplateAndOverridesResponse,
   LocalGatewayRoute,
@@ -89,8 +87,120 @@ import {
   TransitGatewayRouteTableAnnouncement,
   VerifiedAccessEndpoint,
   VerifiedAccessGroup,
+  VpcBlockPublicAccessExclusion,
 } from "./models_2";
 
+/**
+ * @public
+ */
+export interface DeleteIpamExternalResourceVerificationTokenResult {
+  /**
+   * <p>The verification token.</p>
+   * @public
+   */
+  IpamExternalResourceVerificationToken?: IpamExternalResourceVerificationToken | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamPoolRequest {
+  /**
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the pool to delete.</p>
+   * @public
+   */
+  IpamPoolId: string | undefined;
+
+  /**
+   * <p>Enables you to quickly delete an IPAM pool and all resources within that pool, including
+   *          provisioned CIDRs, allocations, and other pools.</p>
+   *          <important>
+   *             <p>You can only use this option to delete pools in the private scope or pools in the public scope with a source resource. A source resource is a resource used to provision CIDRs to a resource planning pool.</p>
+   *          </important>
+   * @public
+   */
+  Cascade?: boolean | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamPoolResult {
+  /**
+   * <p>Information about the results of the deletion.</p>
+   * @public
+   */
+  IpamPool?: IpamPool | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamResourceDiscoveryRequest {
+  /**
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The IPAM resource discovery ID.</p>
+   * @public
+   */
+  IpamResourceDiscoveryId: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamResourceDiscoveryResult {
+  /**
+   * <p>The IPAM resource discovery.</p>
+   * @public
+   */
+  IpamResourceDiscovery?: IpamResourceDiscovery | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamScopeRequest {
+  /**
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the scope to delete.</p>
+   * @public
+   */
+  IpamScopeId: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteIpamScopeResult {
+  /**
+   * <p>Information about the results of the deletion.</p>
+   * @public
+   */
+  IpamScope?: IpamScope | undefined;
+}
+
 /**
  * @public
  */
@@ -1751,6 +1861,36 @@ export interface DeleteVpcRequest {
   DryRun?: boolean | undefined;
 }
 
+/**
+ * @public
+ */
+export interface DeleteVpcBlockPublicAccessExclusionRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the exclusion.</p>
+   * @public
+   */
+  ExclusionId: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DeleteVpcBlockPublicAccessExclusionResult {
+  /**
+   * <p>Details about an exclusion.</p>
+   * @public
+   */
+  VpcBlockPublicAccessExclusion?: VpcBlockPublicAccessExclusion | undefined;
+}
+
 /**
  * @public
  */
@@ -3137,7 +3277,8 @@ export interface DescribeBundleTasksRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>progress</code> - The level of task completion, as a percentage (for example, 20%).</p>
+   *                   <code>progress</code> - The level of task completion, as a percentage (for example,
+   *           20%).</p>
    *             </li>
    *             <li>
    *                <p>
@@ -3149,12 +3290,14 @@ export interface DescribeBundleTasksRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>start-time</code> - The time the task started (for example, 2013-09-15T17:15:20.000Z).</p>
+   *                   <code>start-time</code> - The time the task started (for example,
+   *           2013-09-15T17:15:20.000Z).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the task (<code>pending</code> | <code>waiting-for-shutdown</code> | <code>bundling</code> |
-   *            <code>storing</code> | <code>cancelling</code> | <code>complete</code> | <code>failed</code>).</p>
+   *                   <code>state</code> - The state of the task (<code>pending</code> |
+   *             <code>waiting-for-shutdown</code> | <code>bundling</code> | <code>storing</code> |
+   *             <code>cancelling</code> | <code>complete</code> | <code>failed</code>).</p>
    *             </li>
    *             <li>
    *                <p>
@@ -4058,7 +4201,7 @@ export interface DescribeClassicLinkInstancesRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
@@ -5561,7 +5704,7 @@ export interface DescribeDhcpOptionsRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
@@ -5628,7 +5771,7 @@ export interface DescribeEgressOnlyInternetGatewaysRequest {
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
@@ -6091,14 +6234,14 @@ export const FastLaunchResourceType = {
 export type FastLaunchResourceType = (typeof FastLaunchResourceType)[keyof typeof FastLaunchResourceType];
 
 /**
- * <p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows fast launch
- * 			enabled Windows AMI.</p>
+ * <p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows
+ *       fast launch enabled Windows AMI.</p>
  * @public
  */
 export interface FastLaunchSnapshotConfigurationResponse {
   /**
-   * <p>The number of pre-provisioned snapshots requested to keep on hand for a Windows fast launch
-   * 			enabled AMI.</p>
+   * <p>The number of pre-provisioned snapshots requested to keep on hand for a Windows fast
+   *       launch enabled AMI.</p>
    * @public
    */
   TargetResourceCount?: number | undefined;
@@ -6123,8 +6266,9 @@ export const FastLaunchStateCode = {
 export type FastLaunchStateCode = (typeof FastLaunchStateCode)[keyof typeof FastLaunchStateCode];
 
 /**
- * <p>Describe details about a Windows image with Windows fast launch enabled that meets the requested
- * 			criteria. Criteria are defined by the <code>DescribeFastLaunchImages</code> action filters.</p>
+ * <p>Describe details about a Windows image with Windows fast launch enabled that meets the
+ *       requested criteria. Criteria are defined by the <code>DescribeFastLaunchImages</code> action
+ *       filters.</p>
  * @public
  */
 export interface DescribeFastLaunchImagesSuccessItem {
@@ -6136,28 +6280,28 @@ export interface DescribeFastLaunchImagesSuccessItem {
 
   /**
    * <p>The resource type that Amazon EC2 uses for pre-provisioning the Windows AMI. Supported values
-   * 			include: <code>snapshot</code>.</p>
+   *       include: <code>snapshot</code>.</p>
    * @public
    */
   ResourceType?: FastLaunchResourceType | undefined;
 
   /**
-   * <p>A group of parameters that are used for pre-provisioning the associated
-   * 			Windows AMI using snapshots.</p>
+   * <p>A group of parameters that are used for pre-provisioning the associated Windows AMI using
+   *       snapshots.</p>
    * @public
    */
   SnapshotConfiguration?: FastLaunchSnapshotConfigurationResponse | undefined;
 
   /**
-   * <p>The launch template that the Windows fast launch enabled AMI uses when it launches
-   * 			Windows instances from pre-provisioned snapshots.</p>
+   * <p>The launch template that the Windows fast launch enabled AMI uses when it launches Windows
+   *       instances from pre-provisioned snapshots.</p>
    * @public
    */
   LaunchTemplate?: FastLaunchLaunchTemplateSpecificationResponse | undefined;
 
   /**
    * <p>The maximum number of instances that Amazon EC2 can launch at the same time to create
-   * 			pre-provisioned snapshots for Windows fast launch.</p>
+   *       pre-provisioned snapshots for Windows fast launch.</p>
    * @public
    */
   MaxParallelLaunches?: number | undefined;
@@ -6192,8 +6336,8 @@ export interface DescribeFastLaunchImagesSuccessItem {
  */
 export interface DescribeFastLaunchImagesResult {
   /**
-   * <p>A collection of details about the fast-launch enabled Windows images that meet
-   * 			the requested criteria.</p>
+   * <p>A collection of details about the fast-launch enabled Windows images that meet the
+   *       requested criteria.</p>
    * @public
    */
   FastLaunchImages?: DescribeFastLaunchImagesSuccessItem[] | undefined;
@@ -8423,398 +8567,6 @@ export interface DescribeHostReservationsResult {
   NextToken?: string | undefined;
 }
 
-/**
- * @public
- */
-export interface DescribeHostsRequest {
-  /**
-   * <p>The IDs of the Dedicated Hosts. The IDs are used for targeted instance
-   *             launches.</p>
-   * @public
-   */
-  HostIds?: string[] | undefined;
-
-  /**
-   * <p>The token to use to retrieve the next page of results.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>
-   *          <p>You cannot specify this parameter and the host IDs parameter in the same
-   *             request.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>auto-placement</code> - Whether auto-placement is enabled or disabled
-   *                         (<code>on</code> | <code>off</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the host.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>client-token</code> - The idempotency token that you provided when you
-   *                     allocated the host.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>host-reservation-id</code> - The ID of the reservation assigned to this
-   *                     host.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type size that the Dedicated Host is
-   *                     configured to support.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The allocation state of the Dedicated Host
-   *                         (<code>available</code> | <code>under-assessment</code> |
-   *                         <code>permanent-failure</code> | <code>released</code> |
-   *                         <code>released-permanent-failure</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  Filter?: Filter[] | undefined;
-}
-
-/**
- * <p>Information about the number of instances that can be launched onto the Dedicated
- *             Host.</p>
- * @public
- */
-export interface InstanceCapacity {
-  /**
-   * <p>The number of instances that can be launched onto the Dedicated Host based on the
-   *             host's available capacity.</p>
-   * @public
-   */
-  AvailableCapacity?: number | undefined;
-
-  /**
-   * <p>The instance type supported by the Dedicated Host.</p>
-   * @public
-   */
-  InstanceType?: string | undefined;
-
-  /**
-   * <p>The total number of instances that can be launched onto the Dedicated Host if there
-   *             are no instances running on it.</p>
-   * @public
-   */
-  TotalCapacity?: number | undefined;
-}
-
-/**
- * <p>The capacity information for instances that can be launched onto the Dedicated Host.
- *         </p>
- * @public
- */
-export interface AvailableCapacity {
-  /**
-   * <p>The number of instances that can be launched onto the Dedicated Host depending on the
-   *             host's available capacity. For Dedicated Hosts that support multiple instance types,
-   *             this parameter represents the number of instances for each instance size that is
-   *             supported on the host.</p>
-   * @public
-   */
-  AvailableInstanceCapacity?: InstanceCapacity[] | undefined;
-
-  /**
-   * <p>The number of vCPUs available for launching instances onto the Dedicated Host.</p>
-   * @public
-   */
-  AvailableVCpus?: number | undefined;
-}
-
-/**
- * <p>Describes the properties of a Dedicated Host.</p>
- * @public
- */
-export interface HostProperties {
-  /**
-   * <p>The number of cores on the Dedicated Host.</p>
-   * @public
-   */
-  Cores?: number | undefined;
-
-  /**
-   * <p>The instance type supported by the Dedicated Host. For example, <code>m5.large</code>.
-   *             If the host supports multiple instance types, no <b>instanceType</b> is returned.</p>
-   * @public
-   */
-  InstanceType?: string | undefined;
-
-  /**
-   * <p>The instance family supported by the Dedicated Host. For example,
-   *             <code>m5</code>.</p>
-   * @public
-   */
-  InstanceFamily?: string | undefined;
-
-  /**
-   * <p>The number of sockets on the Dedicated Host.</p>
-   * @public
-   */
-  Sockets?: number | undefined;
-
-  /**
-   * <p>The total number of vCPUs on the Dedicated Host.</p>
-   * @public
-   */
-  TotalVCpus?: number | undefined;
-}
-
-/**
- * <p>Describes an instance running on a Dedicated Host.</p>
- * @public
- */
-export interface HostInstance {
-  /**
-   * <p>The ID of instance that is running on the Dedicated Host.</p>
-   * @public
-   */
-  InstanceId?: string | undefined;
-
-  /**
-   * <p>The instance type (for example, <code>m3.medium</code>) of the running
-   *             instance.</p>
-   * @public
-   */
-  InstanceType?: string | undefined;
-
-  /**
-   * <p>The ID of the Amazon Web Services account that owns the instance.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
-}
-
-/**
- * <p>Describes the properties of the Dedicated Host.</p>
- * @public
- */
-export interface Host {
-  /**
-   * <p>Whether auto-placement is on or off.</p>
-   * @public
-   */
-  AutoPlacement?: AutoPlacement | undefined;
-
-  /**
-   * <p>The Availability Zone of the Dedicated Host.</p>
-   * @public
-   */
-  AvailabilityZone?: string | undefined;
-
-  /**
-   * <p>Information about the instances running on the Dedicated Host.</p>
-   * @public
-   */
-  AvailableCapacity?: AvailableCapacity | undefined;
-
-  /**
-   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
-   * @public
-   */
-  ClientToken?: string | undefined;
-
-  /**
-   * <p>The ID of the Dedicated Host.</p>
-   * @public
-   */
-  HostId?: string | undefined;
-
-  /**
-   * <p>The hardware specifications of the Dedicated Host.</p>
-   * @public
-   */
-  HostProperties?: HostProperties | undefined;
-
-  /**
-   * <p>The reservation ID of the Dedicated Host. This returns a <code>null</code> response if
-   *             the Dedicated Host doesn't have an associated reservation.</p>
-   * @public
-   */
-  HostReservationId?: string | undefined;
-
-  /**
-   * <p>The IDs and instance type that are currently running on the Dedicated Host.</p>
-   * @public
-   */
-  Instances?: HostInstance[] | undefined;
-
-  /**
-   * <p>The Dedicated Host's state.</p>
-   * @public
-   */
-  State?: AllocationState | undefined;
-
-  /**
-   * <p>The time that the Dedicated Host was allocated.</p>
-   * @public
-   */
-  AllocationTime?: Date | undefined;
-
-  /**
-   * <p>The time that the Dedicated Host was released.</p>
-   * @public
-   */
-  ReleaseTime?: Date | undefined;
-
-  /**
-   * <p>Any tags assigned to the Dedicated Host.</p>
-   * @public
-   */
-  Tags?: Tag[] | undefined;
-
-  /**
-   * <p>Indicates whether host recovery is enabled or disabled for the Dedicated Host.</p>
-   * @public
-   */
-  HostRecovery?: HostRecovery | undefined;
-
-  /**
-   * <p>Indicates whether the Dedicated Host supports multiple instance types of the same
-   *             instance family. If the value is <code>on</code>, the Dedicated Host supports multiple
-   *             instance types in the instance family. If the value is <code>off</code>, the Dedicated
-   *             Host supports a single instance type only.</p>
-   * @public
-   */
-  AllowsMultipleInstanceTypes?: AllowsMultipleInstanceTypes | undefined;
-
-  /**
-   * <p>The ID of the Amazon Web Services account that owns the Dedicated Host.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
-
-  /**
-   * <p>The ID of the Availability Zone in which the Dedicated Host is allocated.</p>
-   * @public
-   */
-  AvailabilityZoneId?: string | undefined;
-
-  /**
-   * <p>Indicates whether the Dedicated Host is in a host resource group. If <b>memberOfServiceLinkedResourceGroup</b> is <code>true</code>, the
-   *             host is in a host resource group; otherwise, it is not.</p>
-   * @public
-   */
-  MemberOfServiceLinkedResourceGroup?: boolean | undefined;
-
-  /**
-   * <p>The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which the
-   *             Dedicated Host is allocated.</p>
-   * @public
-   */
-  OutpostArn?: string | undefined;
-
-  /**
-   * <p>Indicates whether host maintenance is enabled or disabled for the Dedicated
-   *             Host.</p>
-   * @public
-   */
-  HostMaintenance?: HostMaintenance | undefined;
-
-  /**
-   * <p>The ID of the Outpost hardware asset on which the Dedicated Host is allocated.</p>
-   * @public
-   */
-  AssetId?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeHostsResult {
-  /**
-   * <p>Information about the Dedicated Hosts.</p>
-   * @public
-   */
-  Hosts?: Host[] | undefined;
-
-  /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeIamInstanceProfileAssociationsRequest {
-  /**
-   * <p>The IAM instance profile associations.</p>
-   * @public
-   */
-  AssociationIds?: string[] | undefined;
-
-  /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The ID of the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the association (<code>associating</code> |
-   *                 <code>associated</code> | <code>disassociating</code>).</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The maximum number of items to return for this request. To get the next page of
-   *             items, make another request with the token returned in the output. For more information,
-   *             see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token returned from a previous paginated request.
-   *             Pagination continues from the end of the items returned by the previous request.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeIamInstanceProfileAssociationsResult {
-  /**
-   * <p>Information about the IAM instance profile associations.</p>
-   * @public
-   */
-  IamInstanceProfileAssociations?: IamInstanceProfileAssociation[] | undefined;
-
-  /**
-   * <p>The token to include in another request to get the next page of items.
-   *             This value is <code>null</code> when there are no more items to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
 /**
  * @internal
  */
diff --git a/clients/client-ec2/src/models/models_4.ts b/clients/client-ec2/src/models/models_4.ts
index ba12c0f83fe2..e400b565350a 100644
--- a/clients/client-ec2/src/models/models_4.ts
+++ b/clients/client-ec2/src/models/models_4.ts
@@ -2,11 +2,17 @@
 import { SENSITIVE_STRING } from "@smithy/smithy-client";
 
 import {
+  AllocationState,
+  AllowsMultipleInstanceTypes,
   AlternatePathHint,
   AttachmentStatus,
+  AutoPlacement,
   CurrencyCodeValues,
   Explanation,
+  HostMaintenance,
+  HostRecovery,
   IamInstanceProfile,
+  IamInstanceProfileAssociation,
   InstanceEventWindow,
   IpamResourceDiscoveryAssociation,
   IpPermission,
@@ -43,7 +49,6 @@ import {
   ManagedPrefixList,
   NatGateway,
   NetworkAcl,
-  NetworkInsightsAccessScope,
   OperatorResponse,
   Placement,
   PlatformValues,
@@ -53,6 +58,7 @@ import {
 
 import {
   GroupIdentifier,
+  NetworkInsightsAccessScope,
   NetworkInsightsPath,
   NetworkInterface,
   NetworkInterfaceAttachment,
@@ -61,9 +67,6 @@ import {
   PlacementGroup,
   ReplaceRootVolumeTask,
   RouteTable,
-  Snapshot,
-  SnapshotState,
-  StorageTier,
 } from "./models_2";
 
 import { Byoasn, Filter, IdFormat, InstanceTagNotificationAttribute, PermissionGroup, ProductCode } from "./models_3";
@@ -71,1196 +74,1330 @@ import { Byoasn, Filter, IdFormat, InstanceTagNotificationAttribute, PermissionG
 /**
  * @public
  */
-export interface DescribeIdentityIdFormatRequest {
+export interface DescribeHostsRequest {
   /**
-   * <p>The type of resource: <code>bundle</code> |
-   *           <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
-   *           <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
-   *           <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
-   *           <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
-   *           <code>network-acl</code> | <code>network-acl-association</code> |
-   *           <code>network-interface</code> | <code>network-interface-attachment</code> |
-   *           <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
-   *           <code>route-table-association</code> | <code>security-group</code> |
-   *           <code>snapshot</code> | <code>subnet</code> |
-   *           <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
-   *           | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
-   *           <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
-   *          </p>
+   * <p>The IDs of the Dedicated Hosts. The IDs are used for targeted instance
+   *             launches.</p>
    * @public
    */
-  Resource?: string | undefined;
+  HostIds?: string[] | undefined;
 
   /**
-   * <p>The ARN of the principal, which can be an IAM role, IAM user, or the root user.</p>
+   * <p>The token to use to retrieve the next page of results.</p>
    * @public
    */
-  PrincipalArn: string | undefined;
-}
+  NextToken?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeIdentityIdFormatResult {
   /**
-   * <p>Information about the ID format for the resources.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>
+   *          <p>You cannot specify this parameter and the host IDs parameter in the same
+   *             request.</p>
    * @public
    */
-  Statuses?: IdFormat[] | undefined;
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>auto-placement</code> - Whether auto-placement is enabled or disabled
+   *                         (<code>on</code> | <code>off</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone of the host.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>client-token</code> - The idempotency token that you provided when you
+   *                     allocated the host.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>host-reservation-id</code> - The ID of the reservation assigned to this
+   *                     host.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type size that the Dedicated Host is
+   *                     configured to support.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The allocation state of the Dedicated Host
+   *                         (<code>available</code> | <code>under-assessment</code> |
+   *                         <code>permanent-failure</code> | <code>released</code> |
+   *                         <code>released-permanent-failure</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filter?: Filter[] | undefined;
 }
 
 /**
+ * <p>Information about the number of instances that can be launched onto the Dedicated
+ *             Host.</p>
  * @public
  */
-export interface DescribeIdFormatRequest {
+export interface InstanceCapacity {
   /**
-   * <p>The type of resource: <code>bundle</code> |
-   *            <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
-   *            <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
-   *            <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
-   *            <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
-   *            <code>network-acl</code> | <code>network-acl-association</code> |
-   *            <code>network-interface</code> | <code>network-interface-attachment</code> |
-   *            <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
-   *            <code>route-table-association</code> | <code>security-group</code> |
-   *            <code>snapshot</code> | <code>subnet</code> |
-   *            <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
-   *            | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
-   *            <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
-   *          </p>
+   * <p>The number of instances that can be launched onto the Dedicated Host based on the
+   *             host's available capacity.</p>
    * @public
    */
-  Resource?: string | undefined;
+  AvailableCapacity?: number | undefined;
+
+  /**
+   * <p>The instance type supported by the Dedicated Host.</p>
+   * @public
+   */
+  InstanceType?: string | undefined;
+
+  /**
+   * <p>The total number of instances that can be launched onto the Dedicated Host if there
+   *             are no instances running on it.</p>
+   * @public
+   */
+  TotalCapacity?: number | undefined;
 }
 
 /**
+ * <p>The capacity information for instances that can be launched onto the Dedicated Host.
+ *         </p>
  * @public
  */
-export interface DescribeIdFormatResult {
+export interface AvailableCapacity {
   /**
-   * <p>Information about the ID format for the resource.</p>
+   * <p>The number of instances that can be launched onto the Dedicated Host depending on the
+   *             host's available capacity. For Dedicated Hosts that support multiple instance types,
+   *             this parameter represents the number of instances for each instance size that is
+   *             supported on the host.</p>
    * @public
    */
-  Statuses?: IdFormat[] | undefined;
+  AvailableInstanceCapacity?: InstanceCapacity[] | undefined;
+
+  /**
+   * <p>The number of vCPUs available for launching instances onto the Dedicated Host.</p>
+   * @public
+   */
+  AvailableVCpus?: number | undefined;
 }
 
 /**
+ * <p>Describes the properties of a Dedicated Host.</p>
  * @public
- * @enum
  */
-export const ImageAttributeName = {
-  blockDeviceMapping: "blockDeviceMapping",
-  bootMode: "bootMode",
-  deregistrationProtection: "deregistrationProtection",
-  description: "description",
-  imdsSupport: "imdsSupport",
-  kernel: "kernel",
-  lastLaunchedTime: "lastLaunchedTime",
-  launchPermission: "launchPermission",
-  productCodes: "productCodes",
-  ramdisk: "ramdisk",
-  sriovNetSupport: "sriovNetSupport",
-  tpmSupport: "tpmSupport",
-  uefiData: "uefiData",
-} as const;
+export interface HostProperties {
+  /**
+   * <p>The number of cores on the Dedicated Host.</p>
+   * @public
+   */
+  Cores?: number | undefined;
 
-/**
- * @public
- */
-export type ImageAttributeName = (typeof ImageAttributeName)[keyof typeof ImageAttributeName];
+  /**
+   * <p>The instance type supported by the Dedicated Host. For example, <code>m5.large</code>.
+   *             If the host supports multiple instance types, no <b>instanceType</b> is returned.</p>
+   * @public
+   */
+  InstanceType?: string | undefined;
 
-/**
- * <p>Contains the parameters for DescribeImageAttribute.</p>
- * @public
- */
-export interface DescribeImageAttributeRequest {
   /**
-   * <p>The AMI attribute.</p>
-   *          <p>
-   *             <b>Note</b>: The <code>blockDeviceMapping</code> attribute is deprecated.
-   *    	    Using this attribute returns the <code>Client.AuthFailure</code> error. To get information about
-   *    	    the block device mappings for an AMI, use the <a>DescribeImages</a> action.</p>
+   * <p>The instance family supported by the Dedicated Host. For example,
+   *             <code>m5</code>.</p>
    * @public
    */
-  Attribute: ImageAttributeName | undefined;
+  InstanceFamily?: string | undefined;
 
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The number of sockets on the Dedicated Host.</p>
    * @public
    */
-  ImageId: string | undefined;
+  Sockets?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The total number of vCPUs on the Dedicated Host.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TotalVCpus?: number | undefined;
 }
 
 /**
- * <p>Describes a launch permission.</p>
+ * <p>Describes an instance running on a Dedicated Host.</p>
  * @public
  */
-export interface LaunchPermission {
-  /**
-   * <p>The Amazon Resource Name (ARN) of an organization.</p>
-   * @public
-   */
-  OrganizationArn?: string | undefined;
-
+export interface HostInstance {
   /**
-   * <p>The Amazon Resource Name (ARN) of an organizational unit (OU).</p>
+   * <p>The ID of instance that is running on the Dedicated Host.</p>
    * @public
    */
-  OrganizationalUnitArn?: string | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>The Amazon Web Services account ID.</p>
-   *          <p>Constraints: Up to 10 000 account IDs can be specified in a single request.</p>
+   * <p>The instance type (for example, <code>m3.medium</code>) of the running
+   *             instance.</p>
    * @public
    */
-  UserId?: string | undefined;
+  InstanceType?: string | undefined;
 
   /**
-   * <p>The name of the group.</p>
+   * <p>The ID of the Amazon Web Services account that owns the instance.</p>
    * @public
    */
-  Group?: PermissionGroup | undefined;
+  OwnerId?: string | undefined;
 }
 
 /**
- * <p>Describes an image attribute.</p>
+ * <p>Describes the properties of the Dedicated Host.</p>
  * @public
  */
-export interface ImageAttribute {
+export interface Host {
   /**
-   * <p>A description for the AMI.</p>
+   * <p>Whether auto-placement is on or off.</p>
    * @public
    */
-  Description?: AttributeValue | undefined;
+  AutoPlacement?: AutoPlacement | undefined;
 
   /**
-   * <p>The kernel ID.</p>
+   * <p>The Availability Zone of the Dedicated Host.</p>
    * @public
    */
-  KernelId?: AttributeValue | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The RAM disk ID.</p>
+   * <p>Information about the instances running on the Dedicated Host.</p>
    * @public
    */
-  RamdiskId?: AttributeValue | undefined;
+  AvailableCapacity?: AvailableCapacity | undefined;
 
   /**
-   * <p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>
+   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
    * @public
    */
-  SriovNetSupport?: AttributeValue | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>The boot mode.</p>
+   * <p>The ID of the Dedicated Host.</p>
    * @public
    */
-  BootMode?: AttributeValue | undefined;
+  HostId?: string | undefined;
 
   /**
-   * <p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>.</p>
+   * <p>The hardware specifications of the Dedicated Host.</p>
    * @public
    */
-  TpmSupport?: AttributeValue | undefined;
+  HostProperties?: HostProperties | undefined;
 
   /**
-   * <p>Base64 representation of the non-volatile UEFI variable store. To retrieve the UEFI data,
-   *       use the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData">GetInstanceUefiData</a> command. You can inspect and modify the UEFI data by using the
-   *       <a href="https://github.com/awslabs/python-uefivars">python-uefivars tool</a> on
-   *       GitHub. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/uefi-secure-boot.html">UEFI Secure Boot</a> in the
-   *       <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The reservation ID of the Dedicated Host. This returns a <code>null</code> response if
+   *             the Dedicated Host doesn't have an associated reservation.</p>
    * @public
    */
-  UefiData?: AttributeValue | undefined;
+  HostReservationId?: string | undefined;
 
   /**
-   * <p>The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time
-   *         format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used
-   *       to launch an instance, there is a 24-hour delay before that usage is reported.</p>
-   *          <note>
-   *             <p>
-   *                <code>lastLaunchedTime</code> data is available starting April 2017.</p>
-   *          </note>
+   * <p>The IDs and instance type that are currently running on the Dedicated Host.</p>
    * @public
    */
-  LastLaunchedTime?: AttributeValue | undefined;
+  Instances?: HostInstance[] | undefined;
 
   /**
-   * <p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched
-   *       from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so
-   *       that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.
-   *       In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more
-   *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure
-   *         the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The Dedicated Host's state.</p>
    * @public
    */
-  ImdsSupport?: AttributeValue | undefined;
+  State?: AllocationState | undefined;
 
   /**
-   * <p>Indicates whether deregistration protection is enabled for the AMI.</p>
+   * <p>The time that the Dedicated Host was allocated.</p>
    * @public
    */
-  DeregistrationProtection?: AttributeValue | undefined;
+  AllocationTime?: Date | undefined;
 
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The time that the Dedicated Host was released.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  ReleaseTime?: Date | undefined;
 
   /**
-   * <p>The launch permissions.</p>
+   * <p>Any tags assigned to the Dedicated Host.</p>
    * @public
    */
-  LaunchPermissions?: LaunchPermission[] | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The product codes.</p>
+   * <p>Indicates whether host recovery is enabled or disabled for the Dedicated Host.</p>
    * @public
    */
-  ProductCodes?: ProductCode[] | undefined;
+  HostRecovery?: HostRecovery | undefined;
 
   /**
-   * <p>The block device mapping entries.</p>
+   * <p>Indicates whether the Dedicated Host supports multiple instance types of the same
+   *             instance family. If the value is <code>on</code>, the Dedicated Host supports multiple
+   *             instance types in the instance family. If the value is <code>off</code>, the Dedicated
+   *             Host supports a single instance type only.</p>
    * @public
    */
-  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
-}
+  AllowsMultipleInstanceTypes?: AllowsMultipleInstanceTypes | undefined;
 
-/**
- * @public
- */
-export interface DescribeImagesRequest {
   /**
-   * <p>Scopes the images by users with explicit launch permissions.
-   *        Specify an Amazon Web Services account ID, <code>self</code> (the sender of the request),
-   * 				or <code>all</code> (public AMIs).</p>
-   *          <ul>
-   *             <li>
-   *                <p>If you specify an Amazon Web Services account ID that is not your own, only AMIs
-   *           shared with that specific Amazon Web Services account ID are returned. However, AMIs that
-   *           are shared with the account’s organization or organizational unit (OU) are not
-   *           returned.</p>
-   *             </li>
-   *             <li>
-   *                <p>If you specify <code>self</code> or your own Amazon Web Services account ID, AMIs
-   *           shared with your account are returned. In addition, AMIs that are shared with the
-   *           organization or OU of which you are member are also returned. </p>
-   *             </li>
-   *             <li>
-   *                <p>If you specify <code>all</code>, all public AMIs are returned.</p>
-   *             </li>
-   *          </ul>
+   * <p>The ID of the Amazon Web Services account that owns the Dedicated Host.</p>
    * @public
    */
-  ExecutableUsers?: string[] | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The image IDs.</p>
-   *          <p>Default: Describes all images available to you.</p>
+   * <p>The ID of the Availability Zone in which the Dedicated Host is allocated.</p>
    * @public
    */
-  ImageIds?: string[] | undefined;
+  AvailabilityZoneId?: string | undefined;
 
   /**
-   * <p>Scopes the results to images with the specified owners. You can specify a combination of
-   *       Amazon Web Services account IDs, <code>self</code>, <code>amazon</code>, <code>aws-backup-vault</code>, and <code>aws-marketplace</code>.
-   *       If you omit this parameter, the results include all images for which you have launch permissions,
-   *       regardless of ownership.</p>
+   * <p>Indicates whether the Dedicated Host is in a host resource group. If <b>memberOfServiceLinkedResourceGroup</b> is <code>true</code>, the
+   *             host is in a host resource group; otherwise, it is not.</p>
    * @public
    */
-  Owners?: string[] | undefined;
+  MemberOfServiceLinkedResourceGroup?: boolean | undefined;
 
   /**
-   * <p>Specifies whether to include deprecated AMIs.</p>
-   *          <p>Default: No deprecated AMIs are included in the response.</p>
-   *          <note>
-   *             <p>If you are the AMI owner, all deprecated AMIs appear in the response regardless of what
-   *         you specify for this parameter.</p>
-   *          </note>
+   * <p>The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which the
+   *             Dedicated Host is allocated.</p>
    * @public
    */
-  IncludeDeprecated?: boolean | undefined;
+  OutpostArn?: string | undefined;
 
   /**
-   * <p>Specifies whether to include disabled AMIs.</p>
-   *          <p>Default: No disabled AMIs are included in the response.</p>
+   * <p>Indicates whether host maintenance is enabled or disabled for the Dedicated
+   *             Host.</p>
    * @public
    */
-  IncludeDisabled?: boolean | undefined;
+  HostMaintenance?: HostMaintenance | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The ID of the Outpost hardware asset on which the Dedicated Host is allocated.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  AssetId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeHostsResult {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>Information about the Dedicated Hosts.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Hosts?: Host[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
+}
 
-  /**
-   * <p>The filters.</p>
+/**
+ * @public
+ */
+export interface DescribeIamInstanceProfileAssociationsRequest {
+  /**
+   * <p>The IAM instance profile associations.</p>
+   * @public
+   */
+  AssociationIds?: string[] | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>architecture</code> - The image architecture (<code>i386</code> | <code>x86_64</code> |
-   *           <code>arm64</code> | <code>x86_64_mac</code> | <code>arm64_mac</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.delete-on-termination</code> - A Boolean value that indicates
-   *         	whether the Amazon EBS volume is deleted on instance termination.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for
-   *           example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.snapshot-id</code> - The ID of the snapshot used for the Amazon EBS
-   *           volume.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.volume-size</code> - The volume size of the Amazon EBS volume, in GiB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.volume-type</code> - The volume type of the Amazon EBS volume
-   *             (<code>io1</code> | <code>io2</code> | <code>gp2</code> | <code>gp3</code> | <code>sc1
-   *           </code>| <code>st1</code> | <code>standard</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-device-mapping.encrypted</code> - A Boolean that indicates whether the Amazon EBS volume is encrypted.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>creation-date</code> - The time when the image was created, in the ISO 8601
-   *           format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,
-   *             <code>2021-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for
-   *           example, <code>2021-09-29T*</code>, which matches an entire day.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>description</code> - The description of the image (provided during image
-   *           creation).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ena-support</code> - A Boolean that indicates whether enhanced networking
-   *           with ENA is enabled.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>hypervisor</code> - The hypervisor type (<code>ovm</code> |
-   *           <code>xen</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>image-id</code> - The ID of the image.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>image-type</code> - The image type (<code>machine</code> | <code>kernel</code> |
-   *             <code>ramdisk</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>is-public</code> - A Boolean that indicates whether the image is public.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>kernel-id</code> - The kernel ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>manifest-location</code> - The location of the image manifest.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>name</code> - The name of the AMI (provided during image creation).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-alias</code> - The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>).
-   *           The valid aliases are defined in an Amazon-maintained list. This is not the Amazon Web Services account alias that can be
-   *         	set using the IAM console. We recommend that you use the <b>Owner</b>
-   *         	request parameter instead of this filter.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend that you use the
-   *       		<b>Owner</b> request parameter instead of this filter.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>platform</code> - The platform. The only supported value is <code>windows</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>product-code</code> - The product code.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>product-code.type</code> - The type of the product code (<code>marketplace</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ramdisk-id</code> - The RAM disk ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> |
-   *             <code>instance-store</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>source-instance-id</code> - The ID of the instance that the AMI was created from
-   *           if the AMI was created using CreateImage. This filter is applicable only if the AMI was
-   *           created using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html">CreateImage</a>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the image (<code>available</code> | <code>pending</code>
-   *           | <code>failed</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state-reason-code</code> - The reason code for the state change.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state-reason-message</code> - The message for the state change.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>sriov-net-support</code> - A value of <code>simple</code> indicates
-   *                     that enhanced networking with the Intel 82599 VF interface is enabled.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>instance-id</code> - The ID of the instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>virtualization-type</code> - The virtualization type (<code>paravirtual</code> |
-   *             <code>hvm</code>).</p>
+   *                   <code>state</code> - The state of the association (<code>associating</code> |
+   *                 <code>associated</code> | <code>disassociating</code>).</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request. To get the next page of
+   *             items, make another request with the token returned in the output. For more information,
+   *             see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request.
+   *             Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const ArchitectureValues = {
-  arm64: "arm64",
-  arm64_mac: "arm64_mac",
-  i386: "i386",
-  x86_64: "x86_64",
-  x86_64_mac: "x86_64_mac",
-} as const;
+export interface DescribeIamInstanceProfileAssociationsResult {
+  /**
+   * <p>Information about the IAM instance profile associations.</p>
+   * @public
+   */
+  IamInstanceProfileAssociations?: IamInstanceProfileAssociation[] | undefined;
 
-/**
- * @public
- */
-export type ArchitectureValues = (typeof ArchitectureValues)[keyof typeof ArchitectureValues];
+  /**
+   * <p>The token to include in another request to get the next page of items.
+   *             This value is <code>null</code> when there are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
 
 /**
  * @public
- * @enum
  */
-export const BootModeValues = {
-  legacy_bios: "legacy-bios",
-  uefi: "uefi",
-  uefi_preferred: "uefi-preferred",
-} as const;
+export interface DescribeIdentityIdFormatRequest {
+  /**
+   * <p>The type of resource: <code>bundle</code> |
+   *           <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
+   *           <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
+   *           <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
+   *           <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
+   *           <code>network-acl</code> | <code>network-acl-association</code> |
+   *           <code>network-interface</code> | <code>network-interface-attachment</code> |
+   *           <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
+   *           <code>route-table-association</code> | <code>security-group</code> |
+   *           <code>snapshot</code> | <code>subnet</code> |
+   *           <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
+   *           | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
+   *           <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
+   *          </p>
+   * @public
+   */
+  Resource?: string | undefined;
+
+  /**
+   * <p>The ARN of the principal, which can be an IAM role, IAM user, or the root user.</p>
+   * @public
+   */
+  PrincipalArn: string | undefined;
+}
 
 /**
  * @public
  */
-export type BootModeValues = (typeof BootModeValues)[keyof typeof BootModeValues];
+export interface DescribeIdentityIdFormatResult {
+  /**
+   * <p>Information about the ID format for the resources.</p>
+   * @public
+   */
+  Statuses?: IdFormat[] | undefined;
+}
 
 /**
  * @public
- * @enum
  */
-export const HypervisorType = {
-  ovm: "ovm",
-  xen: "xen",
-} as const;
+export interface DescribeIdFormatRequest {
+  /**
+   * <p>The type of resource: <code>bundle</code> |
+   *            <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
+   *            <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
+   *            <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
+   *            <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
+   *            <code>network-acl</code> | <code>network-acl-association</code> |
+   *            <code>network-interface</code> | <code>network-interface-attachment</code> |
+   *            <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
+   *            <code>route-table-association</code> | <code>security-group</code> |
+   *            <code>snapshot</code> | <code>subnet</code> |
+   *            <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
+   *            | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
+   *            <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
+   *          </p>
+   * @public
+   */
+  Resource?: string | undefined;
+}
 
 /**
  * @public
  */
-export type HypervisorType = (typeof HypervisorType)[keyof typeof HypervisorType];
+export interface DescribeIdFormatResult {
+  /**
+   * <p>Information about the ID format for the resource.</p>
+   * @public
+   */
+  Statuses?: IdFormat[] | undefined;
+}
 
 /**
  * @public
  * @enum
  */
-export const ImageTypeValues = {
+export const ImageAttributeName = {
+  blockDeviceMapping: "blockDeviceMapping",
+  bootMode: "bootMode",
+  deregistrationProtection: "deregistrationProtection",
+  description: "description",
+  imdsSupport: "imdsSupport",
   kernel: "kernel",
-  machine: "machine",
+  lastLaunchedTime: "lastLaunchedTime",
+  launchPermission: "launchPermission",
+  productCodes: "productCodes",
   ramdisk: "ramdisk",
+  sriovNetSupport: "sriovNetSupport",
+  tpmSupport: "tpmSupport",
+  uefiData: "uefiData",
 } as const;
 
 /**
  * @public
  */
-export type ImageTypeValues = (typeof ImageTypeValues)[keyof typeof ImageTypeValues];
-
-/**
- * @public
- * @enum
- */
-export const ImdsSupportValues = {
-  v2_0: "v2.0",
-} as const;
-
-/**
- * @public
- */
-export type ImdsSupportValues = (typeof ImdsSupportValues)[keyof typeof ImdsSupportValues];
-
-/**
- * @public
- * @enum
- */
-export const DeviceType = {
-  ebs: "ebs",
-  instance_store: "instance-store",
-} as const;
-
-/**
- * @public
- */
-export type DeviceType = (typeof DeviceType)[keyof typeof DeviceType];
-
-/**
- * @public
- * @enum
- */
-export const ImageState = {
-  available: "available",
-  deregistered: "deregistered",
-  disabled: "disabled",
-  error: "error",
-  failed: "failed",
-  invalid: "invalid",
-  pending: "pending",
-  transient: "transient",
-} as const;
-
-/**
- * @public
- */
-export type ImageState = (typeof ImageState)[keyof typeof ImageState];
-
-/**
- * @public
- * @enum
- */
-export const TpmSupportValues = {
-  v2_0: "v2.0",
-} as const;
-
-/**
- * @public
- */
-export type TpmSupportValues = (typeof TpmSupportValues)[keyof typeof TpmSupportValues];
-
-/**
- * @public
- * @enum
- */
-export const VirtualizationType = {
-  hvm: "hvm",
-  paravirtual: "paravirtual",
-} as const;
-
-/**
- * @public
- */
-export type VirtualizationType = (typeof VirtualizationType)[keyof typeof VirtualizationType];
+export type ImageAttributeName = (typeof ImageAttributeName)[keyof typeof ImageAttributeName];
 
 /**
- * <p>Describes an image.</p>
+ * <p>Contains the parameters for DescribeImageAttribute.</p>
  * @public
  */
-export interface Image {
-  /**
-   * <p>The platform details associated with the billing code of the AMI. For more information,
-   *       see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html">Understand
-   *         AMI billing information</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  PlatformDetails?: string | undefined;
-
+export interface DescribeImageAttributeRequest {
   /**
-   * <p>The operation of the Amazon EC2 instance and the billing code that is associated with the AMI.
-   *         <code>usageOperation</code> corresponds to the <a href="https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation">lineitem/Operation</a> column on your Amazon Web Services Cost and Usage Report and in the <a href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html">Amazon Web Services Price
-   *         	List API</a>. You can view these fields on the <b>Instances</b> or
-   *     	<b>AMIs</b> pages in the Amazon EC2 console, or in the responses that are
-   *     	returned by the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html">DescribeImages</a>
-   *     	command in the Amazon EC2 API, or the <a href="https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html">describe-images</a>
-   *     	command in the CLI.</p>
+   * <p>The AMI attribute.</p>
+   *          <p>
+   *             <b>Note</b>: The <code>blockDeviceMapping</code> attribute is
+   *       deprecated. Using this attribute returns the <code>Client.AuthFailure</code> error. To get
+   *       information about the block device mappings for an AMI, use the <a>DescribeImages</a> action.</p>
    * @public
    */
-  UsageOperation?: string | undefined;
+  Attribute: ImageAttributeName | undefined;
 
   /**
-   * <p>Any block device mapping entries.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>The description of the AMI that was provided during image creation.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Description?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Describes a launch permission.</p>
+ * @public
+ */
+export interface LaunchPermission {
   /**
-   * <p>Specifies whether enhanced networking with ENA is enabled.</p>
+   * <p>The Amazon Resource Name (ARN) of an organization.</p>
    * @public
    */
-  EnaSupport?: boolean | undefined;
+  OrganizationArn?: string | undefined;
 
   /**
-   * <p>The hypervisor type of the image. Only <code>xen</code> is supported. <code>ovm</code> is
-   *       not supported.</p>
+   * <p>The Amazon Resource Name (ARN) of an organizational unit (OU).</p>
    * @public
    */
-  Hypervisor?: HypervisorType | undefined;
+  OrganizationalUnitArn?: string | undefined;
 
   /**
-   * <p>The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>).</p>
+   * <p>The Amazon Web Services account ID.</p>
+   *          <p>Constraints: Up to 10 000 account IDs can be specified in a single request.</p>
    * @public
    */
-  ImageOwnerAlias?: string | undefined;
+  UserId?: string | undefined;
 
   /**
-   * <p>The name of the AMI that was provided during image creation.</p>
+   * <p>The name of the group.</p>
    * @public
    */
-  Name?: string | undefined;
+  Group?: PermissionGroup | undefined;
+}
 
+/**
+ * <p>Describes an image attribute.</p>
+ * @public
+ */
+export interface ImageAttribute {
   /**
-   * <p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>
+   * <p>A description for the AMI.</p>
    * @public
    */
-  RootDeviceName?: string | undefined;
+  Description?: AttributeValue | undefined;
 
   /**
-   * <p>The type of root device used by the AMI. The AMI can use an Amazon EBS volume or an instance store volume.</p>
+   * <p>The kernel ID.</p>
    * @public
    */
-  RootDeviceType?: DeviceType | undefined;
+  KernelId?: AttributeValue | undefined;
 
   /**
-   * <p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>
+   * <p>The RAM disk ID.</p>
    * @public
    */
-  SriovNetSupport?: string | undefined;
+  RamdiskId?: AttributeValue | undefined;
 
   /**
-   * <p>The reason for the state change.</p>
+   * <p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is
+   *       enabled.</p>
    * @public
    */
-  StateReason?: StateReason | undefined;
+  SriovNetSupport?: AttributeValue | undefined;
 
   /**
-   * <p>Any tags assigned to the image.</p>
+   * <p>The boot mode.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  BootMode?: AttributeValue | undefined;
 
   /**
-   * <p>The type of virtualization of the AMI.</p>
+   * <p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>.</p>
    * @public
    */
-  VirtualizationType?: VirtualizationType | undefined;
+  TpmSupport?: AttributeValue | undefined;
 
   /**
-   * <p>The boot mode of the image. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
+   * <p>Base64 representation of the non-volatile UEFI variable store. To retrieve the UEFI data,
+   *       use the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData">GetInstanceUefiData</a> command. You can inspect and modify the UEFI data by using the
+   *         <a href="https://github.com/awslabs/python-uefivars">python-uefivars tool</a> on
+   *       GitHub. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/uefi-secure-boot.html">UEFI Secure Boot</a> in the
    *         <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  BootMode?: BootModeValues | undefined;
-
-  /**
-   * <p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>.
-   *       For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html">NitroTPM</a> in the
-   *       <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  TpmSupport?: TpmSupportValues | undefined;
+  UefiData?: AttributeValue | undefined;
 
   /**
-   * <p>The date and time to deprecate the AMI, in UTC, in the following format:
-   *      <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.
-   *       If you specified a value for seconds, Amazon EC2 rounds the seconds to the
-   *       nearest minute.</p>
+   * <p>The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time
+   *         format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used
+   *       to launch an instance, there is a 24-hour delay before that usage is reported.</p>
+   *          <note>
+   *             <p>
+   *                <code>lastLaunchedTime</code> data is available starting April 2017.</p>
+   *          </note>
    * @public
    */
-  DeprecationTime?: string | undefined;
+  LastLaunchedTime?: AttributeValue | undefined;
 
   /**
    * <p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched
    *       from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so
    *       that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.
    *       In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more
-   *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure
-   *         the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  ImdsSupport?: ImdsSupportValues | undefined;
+  ImdsSupport?: AttributeValue | undefined;
 
   /**
-   * <p>The ID of the instance that the AMI was created from if the AMI was created using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html">CreateImage</a>. This field only appears if the AMI was created using
-   *       CreateImage.</p>
+   * <p>Indicates whether deregistration protection is enabled for the AMI.</p>
    * @public
    */
-  SourceInstanceId?: string | undefined;
+  DeregistrationProtection?: AttributeValue | undefined;
 
   /**
-   * <p>Indicates whether deregistration protection is enabled for the AMI.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  DeregistrationProtection?: string | undefined;
+  ImageId?: string | undefined;
 
   /**
-   * <p>The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time
-   *       format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used
-   *       to launch an instance, there is a 24-hour delay before that usage is reported.</p>
-   *          <note>
-   *             <p>
-   *                <code>lastLaunchedTime</code> data is available starting April 2017.</p>
-   *          </note>
+   * <p>The launch permissions.</p>
    * @public
    */
-  LastLaunchedTime?: string | undefined;
+  LaunchPermissions?: LaunchPermission[] | undefined;
 
   /**
-   * <p>The ID of the source AMI from which the AMI was created.</p>
-   *          <p>The ID only appears if the AMI was created using <a>CreateImage</a>, <a>CopyImage</a>, or <a>CreateRestoreImageTask</a>. The ID does not appear
-   *       if the AMI was created using any other API. For some older AMIs, the ID might not be
-   *       available. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify-source-ami-used-to-create-new-ami.html">Identify the
-   *         source AMI used to create a new AMI</a> in the
-   *       <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The product codes.</p>
    * @public
    */
-  SourceImageId?: string | undefined;
+  ProductCodes?: ProductCode[] | undefined;
 
   /**
-   * <p>The Region of the source AMI. </p>
-   *          <p>The Region only appears if the AMI was created using <a>CreateImage</a>, <a>CopyImage</a>, or <a>CreateRestoreImageTask</a>. The Region does not
-   *       appear if the AMI was created using any other API. For some older AMIs, the Region might not
-   *       be available. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify-source-ami-used-to-create-new-ami.html">Identify the
-   *         source AMI used to create a new AMI</a> in the
-   *       <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The block device mapping entries.</p>
    * @public
    */
-  SourceImageRegion?: string | undefined;
+  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeImagesRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>Scopes the images by users with explicit launch permissions. Specify an Amazon Web Services account ID, <code>self</code> (the sender of the request), or <code>all</code>
+   *       (public AMIs).</p>
+   *          <ul>
+   *             <li>
+   *                <p>If you specify an Amazon Web Services account ID that is not your own, only AMIs shared
+   *           with that specific Amazon Web Services account ID are returned. However, AMIs that are
+   *           shared with the account’s organization or organizational unit (OU) are not
+   *           returned.</p>
+   *             </li>
+   *             <li>
+   *                <p>If you specify <code>self</code> or your own Amazon Web Services account ID, AMIs
+   *           shared with your account are returned. In addition, AMIs that are shared with the
+   *           organization or OU of which you are member are also returned. </p>
+   *             </li>
+   *             <li>
+   *                <p>If you specify <code>all</code>, all public AMIs are returned.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  ImageId?: string | undefined;
+  ExecutableUsers?: string[] | undefined;
 
   /**
-   * <p>The location of the AMI.</p>
+   * <p>The image IDs.</p>
+   *          <p>Default: Describes all images available to you.</p>
    * @public
    */
-  ImageLocation?: string | undefined;
+  ImageIds?: string[] | undefined;
 
   /**
-   * <p>The current state of the AMI. If the state is <code>available</code>, the image is successfully registered and can be used to launch an instance.</p>
+   * <p>Scopes the results to images with the specified owners. You can specify a combination of
+   *         Amazon Web Services account IDs, <code>self</code>, <code>amazon</code>,
+   *         <code>aws-backup-vault</code>, and <code>aws-marketplace</code>. If you omit this parameter,
+   *       the results include all images for which you have launch permissions, regardless of
+   *       ownership.</p>
    * @public
    */
-  State?: ImageState | undefined;
+  Owners?: string[] | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the image.</p>
+   * <p>Specifies whether to include deprecated AMIs.</p>
+   *          <p>Default: No deprecated AMIs are included in the response.</p>
+   *          <note>
+   *             <p>If you are the AMI owner, all deprecated AMIs appear in the response regardless of what
+   *         you specify for this parameter.</p>
+   *          </note>
    * @public
    */
-  OwnerId?: string | undefined;
-
-  /**
-   * <p>The date and time the image was created.</p>
-   * @public
-   */
-  CreationDate?: string | undefined;
-
-  /**
-   * <p>Indicates whether the image has public launch permissions. The value is <code>true</code> if
-   * 				this image has public launch permissions or <code>false</code>
-   * 				if it has only implicit and explicit launch permissions.</p>
-   * @public
-   */
-  Public?: boolean | undefined;
-
-  /**
-   * <p>Any product codes associated with the AMI.</p>
-   * @public
-   */
-  ProductCodes?: ProductCode[] | undefined;
+  IncludeDeprecated?: boolean | undefined;
 
   /**
-   * <p>The architecture of the image.</p>
+   * <p>Specifies whether to include disabled AMIs.</p>
+   *          <p>Default: No disabled AMIs are included in the response.</p>
    * @public
    */
-  Architecture?: ArchitectureValues | undefined;
+  IncludeDisabled?: boolean | undefined;
 
   /**
-   * <p>The type of image.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  ImageType?: ImageTypeValues | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The kernel associated with the image, if any. Only applicable for machine images.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  KernelId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The RAM disk associated with the image, if any. Only applicable for machine images.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  RamdiskId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>This value is set to <code>windows</code> for Windows AMIs; otherwise, it is blank.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>architecture</code> - The image architecture (<code>i386</code> |
+   *             <code>x86_64</code> | <code>arm64</code> | <code>x86_64_mac</code> |
+   *             <code>arm64_mac</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.delete-on-termination</code> - A Boolean value that indicates
+   *           whether the Amazon EBS volume is deleted on instance termination.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.device-name</code> - The device name specified in the block
+   *           device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.snapshot-id</code> - The ID of the snapshot used for the Amazon EBS
+   *           volume.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.volume-size</code> - The volume size of the Amazon EBS volume, in
+   *           GiB.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.volume-type</code> - The volume type of the Amazon EBS volume
+   *             (<code>io1</code> | <code>io2</code> | <code>gp2</code> | <code>gp3</code> | <code>sc1
+   *           </code>| <code>st1</code> | <code>standard</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.encrypted</code> - A Boolean that indicates whether the Amazon EBS
+   *           volume is encrypted.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>creation-date</code> - The time when the image was created, in the ISO 8601
+   *           format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,
+   *             <code>2021-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for
+   *           example, <code>2021-09-29T*</code>, which matches an entire day.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>description</code> - The description of the image (provided during image
+   *           creation).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ena-support</code> - A Boolean that indicates whether enhanced networking with
+   *           ENA is enabled.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>hypervisor</code> - The hypervisor type (<code>ovm</code> |
+   *           <code>xen</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>image-id</code> - The ID of the image.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>image-type</code> - The image type (<code>machine</code> | <code>kernel</code> |
+   *             <code>ramdisk</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>is-public</code> - A Boolean that indicates whether the image is public.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>kernel-id</code> - The kernel ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>manifest-location</code> - The location of the image manifest.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>name</code> - The name of the AMI (provided during image creation).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-alias</code> - The owner alias (<code>amazon</code> |
+   *             <code>aws-backup-vault</code> | <code>aws-marketplace</code>). The valid aliases are
+   *           defined in an Amazon-maintained list. This is not the Amazon Web Services account alias
+   *           that can be set using the IAM console. We recommend that you use the <b>Owner</b> request parameter instead of this filter.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend
+   *           that you use the <b>Owner</b> request parameter instead of this
+   *           filter.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>platform</code> - The platform. The only supported value is
+   *           <code>windows</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>product-code</code> - The product code.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>product-code.type</code> - The type of the product code
+   *           (<code>marketplace</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ramdisk-id</code> - The RAM disk ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>root-device-name</code> - The device name of the root device volume (for example,
+   *             <code>/dev/sda1</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> |
+   *             <code>instance-store</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>source-instance-id</code> - The ID of the instance that the AMI was created from
+   *           if the AMI was created using CreateImage. This filter is applicable only if the AMI was
+   *           created using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html">CreateImage</a>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the image (<code>available</code> | <code>pending</code>
+   *           | <code>failed</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state-reason-code</code> - The reason code for the state change.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state-reason-message</code> - The message for the state change.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>sriov-net-support</code> - A value of <code>simple</code> indicates that
+   *           enhanced networking with the Intel 82599 VF interface is enabled.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>virtualization-type</code> - The virtualization type (<code>paravirtual</code> |
+   *             <code>hvm</code>).</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Platform?: PlatformValues | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeImagesResult {
-  /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>Information about the images.</p>
-   * @public
-   */
-  Images?: Image[] | undefined;
-}
+export const ArchitectureValues = {
+  arm64: "arm64",
+  arm64_mac: "arm64_mac",
+  i386: "i386",
+  x86_64: "x86_64",
+  x86_64_mac: "x86_64_mac",
+} as const;
 
 /**
  * @public
  */
-export interface DescribeImportImageTasksRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>Filter tasks using the <code>task-state</code> filter and one of the following values: <code>active</code>,
-   *     <code>completed</code>, <code>deleting</code>, or <code>deleted</code>.</p>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The IDs of the import image tasks.</p>
-   * @public
-   */
-  ImportTaskIds?: string[] | undefined;
-
-  /**
-   * <p>The maximum number of results to return in a single call.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>A token that indicates the next page of results.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
+export type ArchitectureValues = (typeof ArchitectureValues)[keyof typeof ArchitectureValues];
 
 /**
- * <p> The response information for license configurations.</p>
  * @public
+ * @enum
  */
-export interface ImportImageLicenseConfigurationResponse {
-  /**
-   * <p>The ARN of a license configuration.</p>
-   * @public
-   */
-  LicenseConfigurationArn?: string | undefined;
-}
+export const BootModeValues = {
+  legacy_bios: "legacy-bios",
+  uefi: "uefi",
+  uefi_preferred: "uefi-preferred",
+} as const;
 
 /**
- * <p>Describes the Amazon S3 bucket for the disk image.</p>
  * @public
  */
-export interface UserBucketDetails {
-  /**
-   * <p>The Amazon S3 bucket from which the disk image was created.</p>
-   * @public
-   */
-  S3Bucket?: string | undefined;
+export type BootModeValues = (typeof BootModeValues)[keyof typeof BootModeValues];
 
-  /**
-   * <p>The file name of the disk image.</p>
-   * @public
-   */
-  S3Key?: string | undefined;
-}
+/**
+ * @public
+ * @enum
+ */
+export const HypervisorType = {
+  ovm: "ovm",
+  xen: "xen",
+} as const;
 
 /**
- * <p>Describes the snapshot created from the imported disk.</p>
  * @public
  */
-export interface SnapshotDetail {
+export type HypervisorType = (typeof HypervisorType)[keyof typeof HypervisorType];
+
+/**
+ * @public
+ * @enum
+ */
+export const ImageTypeValues = {
+  kernel: "kernel",
+  machine: "machine",
+  ramdisk: "ramdisk",
+} as const;
+
+/**
+ * @public
+ */
+export type ImageTypeValues = (typeof ImageTypeValues)[keyof typeof ImageTypeValues];
+
+/**
+ * @public
+ * @enum
+ */
+export const ImdsSupportValues = {
+  v2_0: "v2.0",
+} as const;
+
+/**
+ * @public
+ */
+export type ImdsSupportValues = (typeof ImdsSupportValues)[keyof typeof ImdsSupportValues];
+
+/**
+ * @public
+ * @enum
+ */
+export const DeviceType = {
+  ebs: "ebs",
+  instance_store: "instance-store",
+} as const;
+
+/**
+ * @public
+ */
+export type DeviceType = (typeof DeviceType)[keyof typeof DeviceType];
+
+/**
+ * @public
+ * @enum
+ */
+export const ImageState = {
+  available: "available",
+  deregistered: "deregistered",
+  disabled: "disabled",
+  error: "error",
+  failed: "failed",
+  invalid: "invalid",
+  pending: "pending",
+  transient: "transient",
+} as const;
+
+/**
+ * @public
+ */
+export type ImageState = (typeof ImageState)[keyof typeof ImageState];
+
+/**
+ * @public
+ * @enum
+ */
+export const TpmSupportValues = {
+  v2_0: "v2.0",
+} as const;
+
+/**
+ * @public
+ */
+export type TpmSupportValues = (typeof TpmSupportValues)[keyof typeof TpmSupportValues];
+
+/**
+ * @public
+ * @enum
+ */
+export const VirtualizationType = {
+  hvm: "hvm",
+  paravirtual: "paravirtual",
+} as const;
+
+/**
+ * @public
+ */
+export type VirtualizationType = (typeof VirtualizationType)[keyof typeof VirtualizationType];
+
+/**
+ * <p>Describes an image.</p>
+ * @public
+ */
+export interface Image {
   /**
-   * <p>A description for the snapshot.</p>
+   * <p>The platform details associated with the billing code of the AMI. For more information,
+   *       see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html">Understand
+   *         AMI billing information</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  Description?: string | undefined;
+  PlatformDetails?: string | undefined;
 
   /**
-   * <p>The block device mapping for the snapshot.</p>
+   * <p>The operation of the Amazon EC2 instance and the billing code that is associated with the AMI.
+   *         <code>usageOperation</code> corresponds to the <a href="https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation">lineitem/Operation</a> column on your Amazon Web Services Cost and Usage Report and in the <a href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html">Amazon Web Services Price
+   *         List API</a>. You can view these fields on the <b>Instances</b> or <b>AMIs</b> pages in the Amazon EC2 console,
+   *       or in the responses that are returned by the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html">DescribeImages</a> command in
+   *       the Amazon EC2 API, or the <a href="https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html">describe-images</a> command in the
+   *       CLI.</p>
    * @public
    */
-  DeviceName?: string | undefined;
+  UsageOperation?: string | undefined;
 
   /**
-   * <p>The size of the disk in the snapshot, in GiB.</p>
+   * <p>Any block device mapping entries.</p>
    * @public
    */
-  DiskImageSize?: number | undefined;
+  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
 
   /**
-   * <p>The format of the disk image from which the snapshot is created.</p>
+   * <p>The description of the AMI that was provided during image creation.</p>
    * @public
    */
-  Format?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The percentage of progress for the task.</p>
+   * <p>Specifies whether enhanced networking with ENA is enabled.</p>
    * @public
    */
-  Progress?: string | undefined;
+  EnaSupport?: boolean | undefined;
 
   /**
-   * <p>The snapshot ID of the disk being imported.</p>
+   * <p>The hypervisor type of the image. Only <code>xen</code> is supported. <code>ovm</code> is
+   *       not supported.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  Hypervisor?: HypervisorType | undefined;
 
   /**
-   * <p>A brief status of the snapshot creation.</p>
+   * <p>The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> |
+   *         <code>aws-marketplace</code>).</p>
    * @public
    */
-  Status?: string | undefined;
+  ImageOwnerAlias?: string | undefined;
 
   /**
-   * <p>A detailed status message for the snapshot creation.</p>
+   * <p>The name of the AMI that was provided during image creation.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  Name?: string | undefined;
 
   /**
-   * <p>The URL used to access the disk image.</p>
+   * <p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>
    * @public
    */
-  Url?: string | undefined;
+  RootDeviceName?: string | undefined;
 
   /**
-   * <p>The Amazon S3 bucket for the disk image.</p>
+   * <p>The type of root device used by the AMI. The AMI can use an Amazon EBS volume or an instance
+   *       store volume.</p>
    * @public
    */
-  UserBucket?: UserBucketDetails | undefined;
-}
+  RootDeviceType?: DeviceType | undefined;
 
-/**
- * <p>Describes an import image task.</p>
- * @public
- */
-export interface ImportImageTask {
   /**
-   * <p>The architecture of the virtual machine.</p>
-   *          <p>Valid values: <code>i386</code> | <code>x86_64</code> | <code>arm64</code>
-   *          </p>
+   * <p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is
+   *       enabled.</p>
    * @public
    */
-  Architecture?: string | undefined;
+  SriovNetSupport?: string | undefined;
 
   /**
-   * <p>A description of the import task.</p>
+   * <p>The reason for the state change.</p>
    * @public
    */
-  Description?: string | undefined;
+  StateReason?: StateReason | undefined;
 
   /**
-   * <p>Indicates whether the image is encrypted.</p>
+   * <p>Any tags assigned to the image.</p>
    * @public
    */
-  Encrypted?: boolean | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The target hypervisor for the import task.</p>
-   *          <p>Valid values: <code>xen</code>
-   *          </p>
+   * <p>The type of virtualization of the AMI.</p>
    * @public
    */
-  Hypervisor?: string | undefined;
+  VirtualizationType?: VirtualizationType | undefined;
 
   /**
-   * <p>The ID of the Amazon Machine Image (AMI) of the imported virtual machine.</p>
+   * <p>The boot mode of the image. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
+   *         <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  BootMode?: BootModeValues | undefined;
 
   /**
-   * <p>The ID of the import image task.</p>
+   * <p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>. For more
+   *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html">NitroTPM</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  ImportTaskId?: string | undefined;
+  TpmSupport?: TpmSupportValues | undefined;
 
   /**
-   * <p>The identifier for the KMS key that was used to create the encrypted image.</p>
+   * <p>The date and time to deprecate the AMI, in UTC, in the following format:
+   *         <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.
+   *       If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute.</p>
    * @public
    */
-  KmsKeyId?: string | undefined;
+  DeprecationTime?: string | undefined;
 
   /**
-   * <p>The license type of the virtual machine.</p>
+   * <p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched
+   *       from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so
+   *       that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.
+   *       In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more
+   *       information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  LicenseType?: string | undefined;
+  ImdsSupport?: ImdsSupportValues | undefined;
 
   /**
-   * <p>The description string for the import image task.</p>
+   * <p>The ID of the instance that the AMI was created from if the AMI was created using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html">CreateImage</a>. This field only appears if the AMI was created using
+   *       CreateImage.</p>
    * @public
    */
-  Platform?: string | undefined;
+  SourceInstanceId?: string | undefined;
 
   /**
-   * <p>The percentage of progress of the import image task.</p>
+   * <p>Indicates whether deregistration protection is enabled for the AMI.</p>
    * @public
    */
-  Progress?: string | undefined;
+  DeregistrationProtection?: string | undefined;
 
   /**
-   * <p>Information about the snapshots.</p>
+   * <p>The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time
+   *         format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used
+   *       to launch an instance, there is a 24-hour delay before that usage is reported.</p>
+   *          <note>
+   *             <p>
+   *                <code>lastLaunchedTime</code> data is available starting April 2017.</p>
+   *          </note>
    * @public
    */
-  SnapshotDetails?: SnapshotDetail[] | undefined;
+  LastLaunchedTime?: string | undefined;
 
   /**
-   * <p>A brief status for the import image task.</p>
+   * <p>The ID of the source AMI from which the AMI was created.</p>
+   *          <p>The ID only appears if the AMI was created using <a>CreateImage</a>, <a>CopyImage</a>, or <a>CreateRestoreImageTask</a>. The ID does not appear
+   *       if the AMI was created using any other API. For some older AMIs, the ID might not be
+   *       available. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify-source-ami-used-to-create-new-ami.html">Identify the
+   *         source AMI used to create a new AMI</a> in the
+   *       <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  Status?: string | undefined;
+  SourceImageId?: string | undefined;
 
   /**
-   * <p>A descriptive status message for the import image task.</p>
+   * <p>The Region of the source AMI. </p>
+   *          <p>The Region only appears if the AMI was created using <a>CreateImage</a>, <a>CopyImage</a>, or <a>CreateRestoreImageTask</a>. The Region does not
+   *       appear if the AMI was created using any other API. For some older AMIs, the Region might not
+   *       be available. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify-source-ami-used-to-create-new-ami.html">Identify the
+   *         source AMI used to create a new AMI</a> in the
+   *       <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  SourceImageRegion?: string | undefined;
 
   /**
-   * <p>The tags for the import image task.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  ImageId?: string | undefined;
 
   /**
-   * <p>The ARNs of the license configurations that are associated with the import image task.</p>
+   * <p>The location of the AMI.</p>
    * @public
    */
-  LicenseSpecifications?: ImportImageLicenseConfigurationResponse[] | undefined;
+  ImageLocation?: string | undefined;
 
   /**
-   * <p>The usage operation value.</p>
+   * <p>The current state of the AMI. If the state is <code>available</code>, the image is
+   *       successfully registered and can be used to launch an instance.</p>
    * @public
    */
-  UsageOperation?: string | undefined;
+  State?: ImageState | undefined;
 
   /**
-   * <p>The boot mode of the virtual machine.</p>
+   * <p>The ID of the Amazon Web Services account that owns the image.</p>
    * @public
    */
-  BootMode?: BootModeValues | undefined;
-}
+  OwnerId?: string | undefined;
+
+  /**
+   * <p>The date and time the image was created.</p>
+   * @public
+   */
+  CreationDate?: string | undefined;
+
+  /**
+   * <p>Indicates whether the image has public launch permissions. The value is <code>true</code>
+   *       if this image has public launch permissions or <code>false</code> if it has only implicit and
+   *       explicit launch permissions.</p>
+   * @public
+   */
+  Public?: boolean | undefined;
+
+  /**
+   * <p>Any product codes associated with the AMI.</p>
+   * @public
+   */
+  ProductCodes?: ProductCode[] | undefined;
+
+  /**
+   * <p>The architecture of the image.</p>
+   * @public
+   */
+  Architecture?: ArchitectureValues | undefined;
+
+  /**
+   * <p>The type of image.</p>
+   * @public
+   */
+  ImageType?: ImageTypeValues | undefined;
+
+  /**
+   * <p>The kernel associated with the image, if any. Only applicable for machine images.</p>
+   * @public
+   */
+  KernelId?: string | undefined;
+
+  /**
+   * <p>The RAM disk associated with the image, if any. Only applicable for machine images.</p>
+   * @public
+   */
+  RamdiskId?: string | undefined;
+
+  /**
+   * <p>This value is set to <code>windows</code> for Windows AMIs; otherwise, it is blank.</p>
+   * @public
+   */
+  Platform?: PlatformValues | undefined;
+}
 
 /**
  * @public
  */
-export interface DescribeImportImageTasksResult {
+export interface DescribeImagesResult {
   /**
-   * <p>A list of zero or more import image tasks that are currently active or were completed or canceled in the
-   *    previous 7 days.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  ImportImageTasks?: ImportImageTask[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results
-   *    to return.</p>
+   * <p>Information about the images.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Images?: Image[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeImportSnapshotTasksRequest {
+export interface DescribeImportImageTasksRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -1270,20 +1407,20 @@ export interface DescribeImportSnapshotTasksRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>Filter tasks using the <code>task-state</code> filter and one of the following values: <code>active</code>,
+   *     <code>completed</code>, <code>deleting</code>, or <code>deleted</code>.</p>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>A list of import snapshot task IDs.</p>
+   * <p>The IDs of the import image tasks.</p>
    * @public
    */
   ImportTaskIds?: string[] | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call
-   *    with the returned <code>NextToken</code> value.</p>
+   * <p>The maximum number of results to return in a single call.</p>
    * @public
    */
   MaxResults?: number | undefined;
@@ -1296,42 +1433,66 @@ export interface DescribeImportSnapshotTasksRequest {
 }
 
 /**
- * <p>Details about the import snapshot task.</p>
+ * <p> The response information for license configurations.</p>
  * @public
  */
-export interface SnapshotTaskDetail {
+export interface ImportImageLicenseConfigurationResponse {
   /**
-   * <p>The description of the disk image being imported.</p>
+   * <p>The ARN of a license configuration.</p>
    * @public
    */
-  Description?: string | undefined;
+  LicenseConfigurationArn?: string | undefined;
+}
 
+/**
+ * <p>Describes the Amazon S3 bucket for the disk image.</p>
+ * @public
+ */
+export interface UserBucketDetails {
   /**
-   * <p>The size of the disk in the snapshot, in GiB.</p>
+   * <p>The Amazon S3 bucket from which the disk image was created.</p>
    * @public
    */
-  DiskImageSize?: number | undefined;
+  S3Bucket?: string | undefined;
 
   /**
-   * <p>Indicates whether the snapshot is encrypted.</p>
+   * <p>The file name of the disk image.</p>
    * @public
    */
-  Encrypted?: boolean | undefined;
+  S3Key?: string | undefined;
+}
+
+/**
+ * <p>Describes the snapshot created from the imported disk.</p>
+ * @public
+ */
+export interface SnapshotDetail {
+  /**
+   * <p>A description for the snapshot.</p>
+   * @public
+   */
+  Description?: string | undefined;
 
   /**
-   * <p>The format of the disk image from which the snapshot is created.</p>
+   * <p>The block device mapping for the snapshot.</p>
    * @public
    */
-  Format?: string | undefined;
+  DeviceName?: string | undefined;
 
   /**
-   * <p>The identifier for the KMS key that was used to create the encrypted snapshot.</p>
+   * <p>The size of the disk in the snapshot, in GiB.</p>
    * @public
    */
-  KmsKeyId?: string | undefined;
+  DiskImageSize?: number | undefined;
 
   /**
-   * <p>The percentage of completion for the import snapshot task.</p>
+   * <p>The format of the disk image from which the snapshot is created.</p>
+   * @public
+   */
+  Format?: string | undefined;
+
+  /**
+   * <p>The percentage of progress for the task.</p>
    * @public
    */
   Progress?: string | undefined;
@@ -1343,19 +1504,19 @@ export interface SnapshotTaskDetail {
   SnapshotId?: string | undefined;
 
   /**
-   * <p>A brief status for the import snapshot task.</p>
+   * <p>A brief status of the snapshot creation.</p>
    * @public
    */
   Status?: string | undefined;
 
   /**
-   * <p>A detailed status message for the import snapshot task.</p>
+   * <p>A detailed status message for the snapshot creation.</p>
    * @public
    */
   StatusMessage?: string | undefined;
 
   /**
-   * <p>The URL of the disk image from which the snapshot is created.</p>
+   * <p>The URL used to access the disk image.</p>
    * @public
    */
   Url?: string | undefined;
@@ -1368,410 +1529,290 @@ export interface SnapshotTaskDetail {
 }
 
 /**
- * <p>Describes an import snapshot task.</p>
+ * <p>Describes an import image task.</p>
  * @public
  */
-export interface ImportSnapshotTask {
+export interface ImportImageTask {
   /**
-   * <p>A description of the import snapshot task.</p>
+   * <p>The architecture of the virtual machine.</p>
+   *          <p>Valid values: <code>i386</code> | <code>x86_64</code> | <code>arm64</code>
+   *          </p>
    * @public
    */
-  Description?: string | undefined;
+  Architecture?: string | undefined;
 
   /**
-   * <p>The ID of the import snapshot task.</p>
+   * <p>A description of the import task.</p>
    * @public
    */
-  ImportTaskId?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>Describes an import snapshot task.</p>
+   * <p>Indicates whether the image is encrypted.</p>
    * @public
    */
-  SnapshotTaskDetail?: SnapshotTaskDetail | undefined;
+  Encrypted?: boolean | undefined;
 
   /**
-   * <p>The tags for the import snapshot task.</p>
+   * <p>The target hypervisor for the import task.</p>
+   *          <p>Valid values: <code>xen</code>
+   *          </p>
    * @public
    */
-  Tags?: Tag[] | undefined;
-}
+  Hypervisor?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeImportSnapshotTasksResult {
   /**
-   * <p>A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the
-   *    previous 7 days.</p>
+   * <p>The ID of the Amazon Machine Image (AMI) of the imported virtual machine.</p>
    * @public
    */
-  ImportSnapshotTasks?: ImportSnapshotTask[] | undefined;
+  ImageId?: string | undefined;
 
   /**
-   * <p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results
-   *    to return.</p>
+   * <p>The ID of the import image task.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceAttributeName = {
-  blockDeviceMapping: "blockDeviceMapping",
-  disableApiStop: "disableApiStop",
-  disableApiTermination: "disableApiTermination",
-  ebsOptimized: "ebsOptimized",
-  enaSupport: "enaSupport",
-  enclaveOptions: "enclaveOptions",
-  groupSet: "groupSet",
-  instanceInitiatedShutdownBehavior: "instanceInitiatedShutdownBehavior",
-  instanceType: "instanceType",
-  kernel: "kernel",
-  productCodes: "productCodes",
-  ramdisk: "ramdisk",
-  rootDeviceName: "rootDeviceName",
-  sourceDestCheck: "sourceDestCheck",
-  sriovNetSupport: "sriovNetSupport",
-  userData: "userData",
-} as const;
+  ImportTaskId?: string | undefined;
 
-/**
- * @public
- */
-export type InstanceAttributeName = (typeof InstanceAttributeName)[keyof typeof InstanceAttributeName];
+  /**
+   * <p>The identifier for the KMS key that was used to create the encrypted image.</p>
+   * @public
+   */
+  KmsKeyId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceAttributeRequest {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The license type of the virtual machine.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  LicenseType?: string | undefined;
 
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The description string for the import image task.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  Platform?: string | undefined;
 
   /**
-   * <p>The instance attribute.</p>
-   *          <p>Note: The <code>enaSupport</code> attribute is not supported at this time.</p>
+   * <p>The percentage of progress of the import image task.</p>
    * @public
    */
-  Attribute: InstanceAttributeName | undefined;
-}
+  Progress?: string | undefined;
 
-/**
- * <p>Describes a parameter used to set up an EBS volume in a block device mapping.</p>
- * @public
- */
-export interface EbsInstanceBlockDevice {
   /**
-   * <p>The time stamp when the attachment initiated.</p>
+   * <p>Information about the snapshots.</p>
    * @public
    */
-  AttachTime?: Date | undefined;
+  SnapshotDetails?: SnapshotDetail[] | undefined;
 
   /**
-   * <p>Indicates whether the volume is deleted on instance termination.</p>
+   * <p>A brief status for the import image task.</p>
    * @public
    */
-  DeleteOnTermination?: boolean | undefined;
+  Status?: string | undefined;
 
   /**
-   * <p>The attachment state.</p>
+   * <p>A descriptive status message for the import image task.</p>
    * @public
    */
-  Status?: AttachmentStatus | undefined;
+  StatusMessage?: string | undefined;
 
   /**
-   * <p>The ID of the EBS volume.</p>
+   * <p>The tags for the import image task.</p>
    * @public
    */
-  VolumeId?: string | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The ARN of the Amazon ECS or Fargate task
-   *             to which the volume is attached.</p>
+   * <p>The ARNs of the license configurations that are associated with the import image task.</p>
    * @public
    */
-  AssociatedResource?: string | undefined;
+  LicenseSpecifications?: ImportImageLicenseConfigurationResponse[] | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the volume.</p>
-   *          <p>This parameter is returned only for volumes that are attached to
-   *             Fargate tasks.</p>
+   * <p>The usage operation value.</p>
    * @public
    */
-  VolumeOwnerId?: string | undefined;
+  UsageOperation?: string | undefined;
 
   /**
-   * <p>The entity that manages the EBS volume.</p>
+   * <p>The boot mode of the virtual machine.</p>
    * @public
    */
-  Operator?: OperatorResponse | undefined;
+  BootMode?: BootModeValues | undefined;
 }
 
 /**
- * <p>Describes a block device mapping.</p>
- * @public
- */
-export interface InstanceBlockDeviceMapping {
-  /**
-   * <p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>
-   * @public
-   */
-  DeviceName?: string | undefined;
-
-  /**
-   * <p>Parameters used to automatically set up EBS volumes when the instance is
-   *             launched.</p>
-   * @public
-   */
-  Ebs?: EbsInstanceBlockDevice | undefined;
-}
-
-/**
- * <p>Describes a value for a resource attribute that is a Boolean value.</p>
  * @public
  */
-export interface AttributeBooleanValue {
+export interface DescribeImportImageTasksResult {
   /**
-   * <p>The attribute value. The valid values are <code>true</code> or <code>false</code>.</p>
+   * <p>A list of zero or more import image tasks that are currently active or were completed or canceled in the
+   *    previous 7 days.</p>
    * @public
    */
-  Value?: boolean | undefined;
-}
+  ImportImageTasks?: ImportImageTask[] | undefined;
 
-/**
- * <p>Indicates whether the instance is enabled for Amazon Web Services Nitro
- *             Enclaves.</p>
- * @public
- */
-export interface EnclaveOptions {
   /**
-   * <p>If this parameter is set to <code>true</code>, the instance is enabled for Amazon Web Services Nitro Enclaves; otherwise, it is not enabled for Amazon Web Services Nitro
-   *             Enclaves.</p>
+   * <p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results
+   *    to return.</p>
    * @public
    */
-  Enabled?: boolean | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes an instance attribute.</p>
  * @public
  */
-export interface InstanceAttribute {
-  /**
-   * <p>The block device mapping of the instance.</p>
-   * @public
-   */
-  BlockDeviceMappings?: InstanceBlockDeviceMapping[] | undefined;
-
+export interface DescribeImportSnapshotTasksRequest {
   /**
-   * <p>If the value is <code>true</code>, you can't terminate the instance through the Amazon
-   *             EC2 console, CLI, or API; otherwise, you can.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DisableApiTermination?: AttributeBooleanValue | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Indicates whether enhanced networking with ENA is enabled.</p>
+   * <p>The filters.</p>
    * @public
    */
-  EnaSupport?: AttributeBooleanValue | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to
-   *                 <code>true</code>; otherwise, set it to <code>false</code>.</p>
+   * <p>A list of import snapshot task IDs.</p>
    * @public
    */
-  EnclaveOptions?: EnclaveOptions | undefined;
+  ImportTaskIds?: string[] | undefined;
 
   /**
-   * <p>Indicates whether the instance is optimized for Amazon EBS I/O.</p>
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call
+   *    with the returned <code>NextToken</code> value.</p>
    * @public
    */
-  EbsOptimized?: AttributeBooleanValue | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The ID of the instance.</p>
+   * <p>A token that indicates the next page of results.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>Details about the import snapshot task.</p>
+ * @public
+ */
+export interface SnapshotTaskDetail {
   /**
-   * <p>Indicates whether an instance stops or terminates when you initiate shutdown from the
-   *             instance (using the operating system command for system shutdown).</p>
+   * <p>The description of the disk image being imported.</p>
    * @public
    */
-  InstanceInitiatedShutdownBehavior?: AttributeValue | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The instance type.</p>
+   * <p>The size of the disk in the snapshot, in GiB.</p>
    * @public
    */
-  InstanceType?: AttributeValue | undefined;
+  DiskImageSize?: number | undefined;
 
   /**
-   * <p>The kernel ID.</p>
+   * <p>Indicates whether the snapshot is encrypted.</p>
    * @public
    */
-  KernelId?: AttributeValue | undefined;
+  Encrypted?: boolean | undefined;
 
   /**
-   * <p>A list of product codes.</p>
+   * <p>The format of the disk image from which the snapshot is created.</p>
    * @public
    */
-  ProductCodes?: ProductCode[] | undefined;
+  Format?: string | undefined;
 
   /**
-   * <p>The RAM disk ID.</p>
+   * <p>The identifier for the KMS key that was used to create the encrypted snapshot.</p>
    * @public
    */
-  RamdiskId?: AttributeValue | undefined;
+  KmsKeyId?: string | undefined;
 
   /**
-   * <p>The device name of the root device volume (for example,
-   *             <code>/dev/sda1</code>).</p>
+   * <p>The percentage of completion for the import snapshot task.</p>
    * @public
    */
-  RootDeviceName?: AttributeValue | undefined;
+  Progress?: string | undefined;
 
   /**
-   * <p>Enable or disable source/destination checks, which ensure that the instance is either
-   *             the source or the destination of any traffic that it receives. If the value is
-   *                 <code>true</code>, source/destination checks are enabled; otherwise, they are
-   *             disabled. The default value is <code>true</code>. You must disable source/destination
-   *             checks if the instance runs services such as network address translation, routing, or
-   *             firewalls.</p>
+   * <p>The snapshot ID of the disk being imported.</p>
    * @public
    */
-  SourceDestCheck?: AttributeBooleanValue | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface
-   *             is enabled.</p>
+   * <p>A brief status for the import snapshot task.</p>
    * @public
    */
-  SriovNetSupport?: AttributeValue | undefined;
+  Status?: string | undefined;
 
   /**
-   * <p>The user data.</p>
+   * <p>A detailed status message for the import snapshot task.</p>
    * @public
    */
-  UserData?: AttributeValue | undefined;
+  StatusMessage?: string | undefined;
 
   /**
-   * <p>To enable the instance for Amazon Web Services Stop Protection, set this parameter to
-   *                 <code>true</code>; otherwise, set it to <code>false</code>.</p>
+   * <p>The URL of the disk image from which the snapshot is created.</p>
    * @public
    */
-  DisableApiStop?: AttributeBooleanValue | undefined;
+  Url?: string | undefined;
 
   /**
-   * <p>The security groups associated with the instance.</p>
+   * <p>The Amazon S3 bucket for the disk image.</p>
    * @public
    */
-  Groups?: GroupIdentifier[] | undefined;
+  UserBucket?: UserBucketDetails | undefined;
 }
 
 /**
+ * <p>Describes an import snapshot task.</p>
  * @public
  */
-export interface DescribeInstanceConnectEndpointsRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface ImportSnapshotTask {
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>A description of the import snapshot task.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The ID of the import snapshot task.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ImportTaskId?: string | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>instance-connect-endpoint-id</code> - The ID of the EC2 Instance Connect Endpoint.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the EC2 Instance Connect Endpoint (<code>create-in-progress</code> | <code>create-complete</code> | <code>create-failed</code> |
-   *                     <code>delete-in-progress</code> | <code>delete-complete</code> | <code>delete-failed</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>subnet-id</code> - The ID of the subnet in which the EC2 Instance
-   *                     Connect Endpoint was created.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-value</code> - The value of a tag assigned to the resource. Use this filter to find all resources
-   *                     that have a tag with a specific value, regardless of tag key.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC in which the EC2 Instance Connect
-   *                     Endpoint was created.</p>
-   *             </li>
-   *          </ul>
+   * <p>Describes an import snapshot task.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  SnapshotTaskDetail?: SnapshotTaskDetail | undefined;
 
   /**
-   * <p>One or more EC2 Instance Connect Endpoint IDs.</p>
+   * <p>The tags for the import snapshot task.</p>
    * @public
    */
-  InstanceConnectEndpointIds?: string[] | undefined;
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeInstanceConnectEndpointsResult {
+export interface DescribeImportSnapshotTasksResult {
   /**
-   * <p>Information about the EC2 Instance Connect Endpoints.</p>
+   * <p>A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the
+   *    previous 7 days.</p>
    * @public
    */
-  InstanceConnectEndpoints?: Ec2InstanceConnectEndpoint[] | undefined;
+  ImportSnapshotTasks?: ImportSnapshotTask[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results
+   *    to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -1779,8 +1820,36 @@ export interface DescribeInstanceConnectEndpointsResult {
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeInstanceCreditSpecificationsRequest {
+export const InstanceAttributeName = {
+  blockDeviceMapping: "blockDeviceMapping",
+  disableApiStop: "disableApiStop",
+  disableApiTermination: "disableApiTermination",
+  ebsOptimized: "ebsOptimized",
+  enaSupport: "enaSupport",
+  enclaveOptions: "enclaveOptions",
+  groupSet: "groupSet",
+  instanceInitiatedShutdownBehavior: "instanceInitiatedShutdownBehavior",
+  instanceType: "instanceType",
+  kernel: "kernel",
+  productCodes: "productCodes",
+  ramdisk: "ramdisk",
+  rootDeviceName: "rootDeviceName",
+  sourceDestCheck: "sourceDestCheck",
+  sriovNetSupport: "sriovNetSupport",
+  userData: "userData",
+} as const;
+
+/**
+ * @public
+ */
+export type InstanceAttributeName = (typeof InstanceAttributeName)[keyof typeof InstanceAttributeName];
+
+/**
+ * @public
+ */
+export interface DescribeInstanceAttributeRequest {
   /**
    * <p>Checks whether you have the required permissions for the operation, without actually making the
    *   request, and provides an error response. If you have the required permissions, the error response is
@@ -1790,513 +1859,404 @@ export interface DescribeInstanceCreditSpecificationsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The ID of the instance.</p>
-   *             </li>
-   *          </ul>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>The instance IDs.</p>
-   *          <p>Default: Describes all your instances.</p>
-   *          <p>Constraints: Maximum 1000 explicitly specified instance IDs.</p>
+   * <p>The instance attribute.</p>
+   *          <p>Note: The <code>enaSupport</code> attribute is not supported at this time.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  Attribute: InstanceAttributeName | undefined;
+}
 
+/**
+ * <p>Describes a parameter used to set up an EBS volume in a block device mapping.</p>
+ * @public
+ */
+export interface EbsInstanceBlockDevice {
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>You cannot specify this parameter and the instance IDs
-   *             parameter in the same call.</p>
+   * <p>The time stamp when the attachment initiated.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  AttachTime?: Date | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>Indicates whether the volume is deleted on instance termination.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  DeleteOnTermination?: boolean | undefined;
 
-/**
- * <p>Describes the credit option for CPU usage of a burstable performance instance. </p>
- * @public
- */
-export interface InstanceCreditSpecification {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The attachment state.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  Status?: AttachmentStatus | undefined;
 
   /**
-   * <p>The credit option for CPU usage of the instance.</p>
-   *          <p>Valid values: <code>standard</code> | <code>unlimited</code>
-   *          </p>
+   * <p>The ID of the EBS volume.</p>
    * @public
    */
-  CpuCredits?: string | undefined;
+  VolumeId?: string | undefined;
+
+  /**
+   * <p>The ARN of the Amazon ECS or Fargate task
+   *             to which the volume is attached.</p>
+   * @public
+   */
+  AssociatedResource?: string | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the volume.</p>
+   *          <p>This parameter is returned only for volumes that are attached to
+   *             Fargate tasks.</p>
+   * @public
+   */
+  VolumeOwnerId?: string | undefined;
+
+  /**
+   * <p>The entity that manages the EBS volume.</p>
+   * @public
+   */
+  Operator?: OperatorResponse | undefined;
 }
 
 /**
+ * <p>Describes a block device mapping.</p>
  * @public
  */
-export interface DescribeInstanceCreditSpecificationsResult {
+export interface InstanceBlockDeviceMapping {
   /**
-   * <p>Information about the credit option for CPU usage of an instance.</p>
+   * <p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>
    * @public
    */
-  InstanceCreditSpecifications?: InstanceCreditSpecification[] | undefined;
+  DeviceName?: string | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>Parameters used to automatically set up EBS volumes when the instance is
+   *             launched.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Ebs?: EbsInstanceBlockDevice | undefined;
 }
 
 /**
+ * <p>Describes a value for a resource attribute that is a Boolean value.</p>
  * @public
  */
-export interface DescribeInstanceEventNotificationAttributesRequest {
+export interface AttributeBooleanValue {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The attribute value. The valid values are <code>true</code> or <code>false</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Value?: boolean | undefined;
 }
 
 /**
+ * <p>Indicates whether the instance is enabled for Amazon Web Services Nitro
+ *             Enclaves.</p>
  * @public
  */
-export interface DescribeInstanceEventNotificationAttributesResult {
+export interface EnclaveOptions {
   /**
-   * <p>Information about the registered tag keys.</p>
+   * <p>If this parameter is set to <code>true</code>, the instance is enabled for Amazon Web Services Nitro Enclaves; otherwise, it is not enabled for Amazon Web Services Nitro
+   *             Enclaves.</p>
    * @public
    */
-  InstanceTagAttribute?: InstanceTagNotificationAttribute | undefined;
+  Enabled?: boolean | undefined;
 }
 
 /**
- * <p>Describe instance event windows by InstanceEventWindow.</p>
+ * <p>Describes an instance attribute.</p>
  * @public
  */
-export interface DescribeInstanceEventWindowsRequest {
+export interface InstanceAttribute {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The block device mapping of the instance.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  BlockDeviceMappings?: InstanceBlockDeviceMapping[] | undefined;
 
   /**
-   * <p>The IDs of the event windows.</p>
+   * <p>If the value is <code>true</code>, you can't terminate the instance through the Amazon
+   *             EC2 console, CLI, or API; otherwise, you can.</p>
    * @public
    */
-  InstanceEventWindowIds?: string[] | undefined;
+  DisableApiTermination?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>dedicated-host-id</code> - The event windows associated with the specified
-   *             Dedicated Host ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event-window-name</code> - The event windows associated with the specified
-   *             names. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The event windows associated with the specified instance
-   *                ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-tag</code> - The event windows associated with the specified tag and
-   *                value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-tag-key</code> - The event windows associated with the specified tag
-   *                key, regardless of the value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-tag-value</code> - The event windows associated with the specified tag
-   *                value, regardless of the key.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the
-   *                event window. Use the tag key in the filter name and the tag value as the filter
-   *                value. For example, to find all resources that have a tag with the key
-   *                   <code>Owner</code> and the value <code>CMX</code>, specify <code>tag:Owner</code>
-   *                for the filter name and <code>CMX</code> for the filter value. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the event window. Use this filter
-   *                to find all event windows that have a tag with a specific key, regardless of the tag
-   *                value. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-value</code> - The value of a tag assigned to the event window. Use this
-   *                filter to find all event windows that have a tag with a specific value, regardless of
-   *                the tag key. </p>
-   *             </li>
-   *          </ul>
+   * <p>Indicates whether enhanced networking with ENA is enabled.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  EnaSupport?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining
-   *          results, make another call with the returned <code>NextToken</code> value. This value can
-   *          be between 20 and 500. You cannot specify this parameter and the event window IDs parameter
-   *          in the same call.</p>
+   * <p>To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to
+   *                 <code>true</code>; otherwise, set it to <code>false</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  EnclaveOptions?: EnclaveOptions | undefined;
 
   /**
-   * <p>The token to request the next page of results.</p>
+   * <p>Indicates whether the instance is optimized for Amazon EBS I/O.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  EbsOptimized?: AttributeBooleanValue | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceEventWindowsResult {
   /**
-   * <p>Information about the event windows.</p>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  InstanceEventWindows?: InstanceEventWindow[] | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return. </p>
+   * <p>Indicates whether an instance stops or terminates when you initiate shutdown from the
+   *             instance (using the operating system command for system shutdown).</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  InstanceInitiatedShutdownBehavior?: AttributeValue | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceImageMetadataRequest {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The name of the Availability Zone (for example,
-   *             <code>us-west-2a</code>) or Local Zone (for example, <code>us-west-2-lax-1b</code>) of
-   *           the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The ID of the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-state-name</code> - The state of the instance (<code>pending</code> |
-   *             <code>running</code> | <code>shutting-down</code> | <code>terminated</code> |
-   *             <code>stopping</code> | <code>stopped</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The type of instance (for example,
-   *           <code>t3.micro</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch-time</code> - The time when the instance was launched, in the ISO 8601
-   *           format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,
-   *             <code>2023-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for
-   *           example, <code>2023-09-29T*</code>, which matches an entire day. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>zone-id</code> - The ID of the Availability Zone (for example,
-   *             <code>usw2-az2</code>) or Local Zone (for example, <code>usw2-lax1-az1</code>) of the
-   *           instance.</p>
-   *             </li>
-   *          </ul>
+   * <p>The instance type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  InstanceType?: AttributeValue | undefined;
 
   /**
-   * <p>The instance IDs.</p>
-   *          <p>If you don't specify an instance ID or filters, the output includes information for all
-   *       instances.</p>
+   * <p>The kernel ID.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  KernelId?: AttributeValue | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>Default: 1000</p>
+   * <p>A list of product codes.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ProductCodes?: ProductCode[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The RAM disk ID.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  RamdiskId?: AttributeValue | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The device name of the root device volume (for example,
+   *             <code>/dev/sda1</code>).</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  RootDeviceName?: AttributeValue | undefined;
 
-/**
- * <p>Information about the AMI.</p>
- * @public
- */
-export interface ImageMetadata {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>Enable or disable source/destination checks, which ensure that the instance is either
+   *             the source or the destination of any traffic that it receives. If the value is
+   *                 <code>true</code>, source/destination checks are enabled; otherwise, they are
+   *             disabled. The default value is <code>true</code>. You must disable source/destination
+   *             checks if the instance runs services such as network address translation, routing, or
+   *             firewalls.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  SourceDestCheck?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The name of the AMI.</p>
+   * <p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface
+   *             is enabled.</p>
    * @public
    */
-  Name?: string | undefined;
+  SriovNetSupport?: AttributeValue | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the AMI.</p>
+   * <p>The user data.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  UserData?: AttributeValue | undefined;
 
   /**
-   * <p>The current state of the AMI. If the state is <code>available</code>, the AMI
-   *       is successfully registered and can be used to launch an instance.</p>
+   * <p>To enable the instance for Amazon Web Services Stop Protection, set this parameter to
+   *                 <code>true</code>; otherwise, set it to <code>false</code>.</p>
    * @public
    */
-  State?: ImageState | undefined;
+  DisableApiStop?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The alias of the AMI owner.</p>
-   *          <p>Valid values: <code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>
-   *          </p>
+   * <p>The security groups associated with the instance.</p>
    * @public
    */
-  ImageOwnerAlias?: string | undefined;
+  Groups?: GroupIdentifier[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceConnectEndpointsRequest {
   /**
-   * <p>The date and time the AMI was created.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  CreationDate?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The deprecation date and time of the AMI, in UTC, in the following format:
-   *         <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  DeprecationTime?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Indicates whether the AMI has public launch permissions. A value of <code>true</code>
-   *       means this AMI has public launch permissions, while <code>false</code> means it has only
-   *       implicit (AMI owner) or explicit (shared with your account) launch permissions.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  IsPublic?: boolean | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceStateName = {
-  pending: "pending",
-  running: "running",
-  shutting_down: "shutting-down",
-  stopped: "stopped",
-  stopping: "stopping",
-  terminated: "terminated",
-} as const;
-
-/**
- * @public
- */
-export type InstanceStateName = (typeof InstanceStateName)[keyof typeof InstanceStateName];
+  NextToken?: string | undefined;
 
-/**
- * <p>Describes the current state of an instance.</p>
- * @public
- */
-export interface InstanceState {
   /**
-   * <p>The state of the instance as a 16-bit unsigned integer. </p>
-   *          <p>The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values
-   *             between 256 and 65,535. These numerical values are used for internal purposes and should
-   *             be ignored.</p>
-   *          <p>The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values
-   *             between 0 and 255. </p>
-   *          <p>The valid values for instance-state-code will all be in the range of the low byte and
-   *             they are:</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>0</code> : <code>pending</code>
-   *                </p>
+   *                   <code>instance-connect-endpoint-id</code> - The ID of the EC2 Instance Connect Endpoint.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>16</code> : <code>running</code>
-   *                </p>
+   *                   <code>state</code> - The state of the EC2 Instance Connect Endpoint (<code>create-in-progress</code> | <code>create-complete</code> | <code>create-failed</code> |
+   *                     <code>delete-in-progress</code> | <code>delete-complete</code> | <code>delete-failed</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>32</code> : <code>shutting-down</code>
-   *                </p>
+   *                   <code>subnet-id</code> - The ID of the subnet in which the EC2 Instance
+   *                     Connect Endpoint was created.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>48</code> : <code>terminated</code>
-   *                </p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>64</code> : <code>stopping</code>
-   *                </p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>80</code> : <code>stopped</code>
-   *                </p>
+   *                   <code>tag-value</code> - The value of a tag assigned to the resource. Use this filter to find all resources
+   *                     that have a tag with a specific value, regardless of tag key.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC in which the EC2 Instance Connect
+   *                     Endpoint was created.</p>
    *             </li>
    *          </ul>
-   *          <p>You can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in
-   *             decimal.</p>
    * @public
    */
-  Code?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The current state of the instance.</p>
+   * <p>One or more EC2 Instance Connect Endpoint IDs.</p>
    * @public
    */
-  Name?: InstanceStateName | undefined;
+  InstanceConnectEndpointIds?: string[] | undefined;
 }
 
 /**
- * <p>Information about the instance and the AMI used to launch the instance.</p>
  * @public
  */
-export interface InstanceImageMetadata {
-  /**
-   * <p>The ID of the instance.</p>
-   * @public
-   */
-  InstanceId?: string | undefined;
-
+export interface DescribeInstanceConnectEndpointsResult {
   /**
-   * <p>The instance type.</p>
+   * <p>Information about the EC2 Instance Connect Endpoints.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  InstanceConnectEndpoints?: Ec2InstanceConnectEndpoint[] | undefined;
 
   /**
-   * <p>The time the instance was launched.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  LaunchTime?: Date | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceCreditSpecificationsRequest {
   /**
-   * <p>The Availability Zone or Local Zone of the instance.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the Availability Zone or Local Zone of the instance.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>instance-id</code> - The ID of the instance.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  ZoneId?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The current state of the instance.</p>
+   * <p>The instance IDs.</p>
+   *          <p>Default: Describes all your instances.</p>
+   *          <p>Constraints: Maximum 1000 explicitly specified instance IDs.</p>
    * @public
    */
-  State?: InstanceState | undefined;
+  InstanceIds?: string[] | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the instance.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>You cannot specify this parameter and the instance IDs
+   *             parameter in the same call.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Any tags assigned to the instance.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>Describes the credit option for CPU usage of a burstable performance instance. </p>
+ * @public
+ */
+export interface InstanceCreditSpecification {
   /**
-   * <p>Information about the AMI used to launch the instance.</p>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  ImageMetadata?: ImageMetadata | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>The entity that manages the instance.</p>
+   * <p>The credit option for CPU usage of the instance.</p>
+   *          <p>Valid values: <code>standard</code> | <code>unlimited</code>
+   *          </p>
    * @public
    */
-  Operator?: OperatorResponse | undefined;
+  CpuCredits?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeInstanceImageMetadataResult {
+export interface DescribeInstanceCreditSpecificationsResult {
   /**
-   * <p>Information about the instance and the AMI used to launch the instance.</p>
+   * <p>Information about the credit option for CPU usage of an instance.</p>
    * @public
    */
-  InstanceImageMetadata?: InstanceImageMetadata[] | undefined;
+  InstanceCreditSpecifications?: InstanceCreditSpecification[] | undefined;
 
   /**
    * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
@@ -2309,128 +2269,571 @@ export interface DescribeInstanceImageMetadataResult {
 /**
  * @public
  */
-export interface DescribeInstancesRequest {
+export interface DescribeInstanceEventNotificationAttributesRequest {
   /**
-   * <p>The instance IDs.</p>
-   *          <p>Default: Describes all your instances.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceEventNotificationAttributesResult {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Information about the registered tag keys.</p>
+   * @public
+   */
+  InstanceTagAttribute?: InstanceTagNotificationAttribute | undefined;
+}
+
+/**
+ * <p>Describe instance event windows by InstanceEventWindow.</p>
+ * @public
+ */
+export interface DescribeInstanceEventWindowsRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>The IDs of the event windows.</p>
+   * @public
+   */
+  InstanceEventWindowIds?: string[] | undefined;
+
+  /**
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>affinity</code> - The affinity setting for an instance running on a
-   *                     Dedicated Host (<code>default</code> | <code>host</code>).</p>
+   *                   <code>dedicated-host-id</code> - The event windows associated with the specified
+   *             Dedicated Host ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>architecture</code> - The instance architecture (<code>i386</code> |
-   *                         <code>x86_64</code> | <code>arm64</code>).</p>
+   *                   <code>event-window-name</code> - The event windows associated with the specified
+   *             names. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
+   *                   <code>instance-id</code> - The event windows associated with the specified instance
+   *                ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>block-device-mapping.attach-time</code> - The attach time for an EBS
-   *                     volume mapped to the instance, for example,
-   *                         <code>2022-09-15T17:15:20.000Z</code>.</p>
+   *                   <code>instance-tag</code> - The event windows associated with the specified tag and
+   *                value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>block-device-mapping.delete-on-termination</code> - A Boolean that
-   *                     indicates whether the EBS volume is deleted on instance termination.</p>
+   *                   <code>instance-tag-key</code> - The event windows associated with the specified tag
+   *                key, regardless of the value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>block-device-mapping.device-name</code> - The device name specified in
-   *                     the block device mapping (for example, <code>/dev/sdh</code> or
-   *                         <code>xvdh</code>).</p>
+   *                   <code>instance-tag-value</code> - The event windows associated with the specified tag
+   *                value, regardless of the key.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>block-device-mapping.status</code> - The status for the EBS volume
-   *                         (<code>attaching</code> | <code>attached</code> | <code>detaching</code> |
-   *                         <code>detached</code>).</p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the
+   *                event window. Use the tag key in the filter name and the tag value as the filter
+   *                value. For example, to find all resources that have a tag with the key
+   *                   <code>Owner</code> and the value <code>CMX</code>, specify <code>tag:Owner</code>
+   *                for the filter name and <code>CMX</code> for the filter value. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>block-device-mapping.volume-id</code> - The volume ID of the EBS
-   *                     volume.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the event window. Use this filter
+   *                to find all event windows that have a tag with a specific key, regardless of the tag
+   *                value. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>boot-mode</code> - The boot mode that was specified by the AMI
-   *                         (<code>legacy-bios</code> | <code>uefi</code> |
-   *                     <code>uefi-preferred</code>).</p>
+   *                   <code>tag-value</code> - The value of a tag assigned to the event window. Use this
+   *                filter to find all event windows that have a tag with a specific value, regardless of
+   *                the tag key. </p>
    *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining
+   *          results, make another call with the returned <code>NextToken</code> value. This value can
+   *          be between 20 and 500. You cannot specify this parameter and the event window IDs parameter
+   *          in the same call.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token to request the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstanceEventWindowsResult {
+  /**
+   * <p>Information about the event windows.</p>
+   * @public
+   */
+  InstanceEventWindows?: InstanceEventWindow[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return. </p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstanceImageMetadataRequest {
+  /**
+   * <p>The filters.</p>
+   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>capacity-reservation-id</code> - The ID of the Capacity Reservation into which the
-   *                     instance was launched.</p>
+   *                   <code>availability-zone</code> - The name of the Availability Zone (for example,
+   *             <code>us-west-2a</code>) or Local Zone (for example, <code>us-west-2-lax-1b</code>) of
+   *           the instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>capacity-reservation-specification.capacity-reservation-preference</code>
-   *                     - The instance's Capacity Reservation preference (<code>open</code> | <code>none</code>).</p>
+   *                   <code>instance-id</code> - The ID of the instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id</code>
-   *                     - The ID of the targeted Capacity Reservation.</p>
+   *                   <code>instance-state-name</code> - The state of the instance (<code>pending</code> |
+   *             <code>running</code> | <code>shutting-down</code> | <code>terminated</code> |
+   *             <code>stopping</code> | <code>stopped</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn</code>
-   *                     - The ARN of the targeted Capacity Reservation group.</p>
+   *                   <code>instance-type</code> - The type of instance (for example,
+   *           <code>t3.micro</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>client-token</code> - The idempotency token you provided when you
-   *                     launched the instance.</p>
+   *                   <code>launch-time</code> - The time when the instance was launched, in the ISO 8601
+   *           format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,
+   *             <code>2023-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for
+   *           example, <code>2023-09-29T*</code>, which matches an entire day. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>current-instance-boot-mode</code> - The boot mode that is used to launch
-   *                     the instance at launch or start (<code>legacy-bios</code> |
-   *                     <code>uefi</code>).</p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>dns-name</code> - The public DNS name of the instance.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>ebs-optimized</code> - A Boolean that indicates whether the instance is
-   *                     optimized for Amazon EBS I/O.</p>
+   *                   <code>zone-id</code> - The ID of the Availability Zone (for example,
+   *             <code>usw2-az2</code>) or Local Zone (for example, <code>usw2-lax1-az1</code>) of the
+   *           instance.</p>
    *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The instance IDs.</p>
+   *          <p>If you don't specify an instance ID or filters, the output includes information for all
+   *       instances.</p>
+   * @public
+   */
+  InstanceIds?: string[] | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>Default: 1000</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
+
+/**
+ * <p>Information about the AMI.</p>
+ * @public
+ */
+export interface ImageMetadata {
+  /**
+   * <p>The ID of the AMI.</p>
+   * @public
+   */
+  ImageId?: string | undefined;
+
+  /**
+   * <p>The name of the AMI.</p>
+   * @public
+   */
+  Name?: string | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the AMI.</p>
+   * @public
+   */
+  OwnerId?: string | undefined;
+
+  /**
+   * <p>The current state of the AMI. If the state is <code>available</code>, the AMI is
+   *       successfully registered and can be used to launch an instance.</p>
+   * @public
+   */
+  State?: ImageState | undefined;
+
+  /**
+   * <p>The alias of the AMI owner.</p>
+   *          <p>Valid values: <code>amazon</code> | <code>aws-backup-vault</code> |
+   *         <code>aws-marketplace</code>
+   *          </p>
+   * @public
+   */
+  ImageOwnerAlias?: string | undefined;
+
+  /**
+   * <p>The date and time the AMI was created.</p>
+   * @public
+   */
+  CreationDate?: string | undefined;
+
+  /**
+   * <p>The deprecation date and time of the AMI, in UTC, in the following format:
+   *         <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.</p>
+   * @public
+   */
+  DeprecationTime?: string | undefined;
+
+  /**
+   * <p>Indicates whether the AMI has public launch permissions. A value of <code>true</code>
+   *       means this AMI has public launch permissions, while <code>false</code> means it has only
+   *       implicit (AMI owner) or explicit (shared with your account) launch permissions.</p>
+   * @public
+   */
+  IsPublic?: boolean | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const InstanceStateName = {
+  pending: "pending",
+  running: "running",
+  shutting_down: "shutting-down",
+  stopped: "stopped",
+  stopping: "stopping",
+  terminated: "terminated",
+} as const;
+
+/**
+ * @public
+ */
+export type InstanceStateName = (typeof InstanceStateName)[keyof typeof InstanceStateName];
+
+/**
+ * <p>Describes the current state of an instance.</p>
+ * @public
+ */
+export interface InstanceState {
+  /**
+   * <p>The state of the instance as a 16-bit unsigned integer. </p>
+   *          <p>The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values
+   *             between 256 and 65,535. These numerical values are used for internal purposes and should
+   *             be ignored.</p>
+   *          <p>The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values
+   *             between 0 and 255. </p>
+   *          <p>The valid values for instance-state-code will all be in the range of the low byte and
+   *             they are:</p>
+   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>ena-support</code> - A Boolean that indicates whether the instance is
-   *                     enabled for enhanced networking with ENA.</p>
+   *                   <code>0</code> : <code>pending</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>enclave-options.enabled</code> - A Boolean that indicates whether the
-   *                     instance is enabled for Amazon Web Services Nitro Enclaves.</p>
+   *                   <code>16</code> : <code>running</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>hibernation-options.configured</code> - A Boolean that indicates whether
-   *                     the instance is enabled for hibernation. A value of <code>true</code> means that
-   *                     the instance is enabled for hibernation.</p>
+   *                   <code>32</code> : <code>shutting-down</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>48</code> : <code>terminated</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>64</code> : <code>stopping</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>80</code> : <code>stopped</code>
+   *                </p>
+   *             </li>
+   *          </ul>
+   *          <p>You can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in
+   *             decimal.</p>
+   * @public
+   */
+  Code?: number | undefined;
+
+  /**
+   * <p>The current state of the instance.</p>
+   * @public
+   */
+  Name?: InstanceStateName | undefined;
+}
+
+/**
+ * <p>Information about the instance and the AMI used to launch the instance.</p>
+ * @public
+ */
+export interface InstanceImageMetadata {
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
+
+  /**
+   * <p>The instance type.</p>
+   * @public
+   */
+  InstanceType?: _InstanceType | undefined;
+
+  /**
+   * <p>The time the instance was launched.</p>
+   * @public
+   */
+  LaunchTime?: Date | undefined;
+
+  /**
+   * <p>The Availability Zone or Local Zone of the instance.</p>
+   * @public
+   */
+  AvailabilityZone?: string | undefined;
+
+  /**
+   * <p>The ID of the Availability Zone or Local Zone of the instance.</p>
+   * @public
+   */
+  ZoneId?: string | undefined;
+
+  /**
+   * <p>The current state of the instance.</p>
+   * @public
+   */
+  State?: InstanceState | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the instance.</p>
+   * @public
+   */
+  OwnerId?: string | undefined;
+
+  /**
+   * <p>Any tags assigned to the instance.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
+
+  /**
+   * <p>Information about the AMI used to launch the instance.</p>
+   * @public
+   */
+  ImageMetadata?: ImageMetadata | undefined;
+
+  /**
+   * <p>The entity that manages the instance.</p>
+   * @public
+   */
+  Operator?: OperatorResponse | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstanceImageMetadataResult {
+  /**
+   * <p>Information about the instance and the AMI used to launch the instance.</p>
+   * @public
+   */
+  InstanceImageMetadata?: InstanceImageMetadata[] | undefined;
+
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstancesRequest {
+  /**
+   * <p>The instance IDs.</p>
+   *          <p>Default: Describes all your instances.</p>
+   * @public
+   */
+  InstanceIds?: string[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>affinity</code> - The affinity setting for an instance running on a
+   *                     Dedicated Host (<code>default</code> | <code>host</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>architecture</code> - The instance architecture (<code>i386</code> |
+   *                         <code>x86_64</code> | <code>arm64</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.attach-time</code> - The attach time for an EBS
+   *                     volume mapped to the instance, for example,
+   *                         <code>2022-09-15T17:15:20.000Z</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.delete-on-termination</code> - A Boolean that
+   *                     indicates whether the EBS volume is deleted on instance termination.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.device-name</code> - The device name specified in
+   *                     the block device mapping (for example, <code>/dev/sdh</code> or
+   *                         <code>xvdh</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.status</code> - The status for the EBS volume
+   *                         (<code>attaching</code> | <code>attached</code> | <code>detaching</code> |
+   *                         <code>detached</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>block-device-mapping.volume-id</code> - The volume ID of the EBS
+   *                     volume.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>boot-mode</code> - The boot mode that was specified by the AMI
+   *                         (<code>legacy-bios</code> | <code>uefi</code> |
+   *                     <code>uefi-preferred</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>capacity-reservation-id</code> - The ID of the Capacity Reservation into which the
+   *                     instance was launched.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>capacity-reservation-specification.capacity-reservation-preference</code>
+   *                     - The instance's Capacity Reservation preference (<code>open</code> | <code>none</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id</code>
+   *                     - The ID of the targeted Capacity Reservation.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn</code>
+   *                     - The ARN of the targeted Capacity Reservation group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>client-token</code> - The idempotency token you provided when you
+   *                     launched the instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>current-instance-boot-mode</code> - The boot mode that is used to launch
+   *                     the instance at launch or start (<code>legacy-bios</code> |
+   *                     <code>uefi</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>dns-name</code> - The public DNS name of the instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-optimized</code> - A Boolean that indicates whether the instance is
+   *                     optimized for Amazon EBS I/O.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ena-support</code> - A Boolean that indicates whether the instance is
+   *                     enabled for enhanced networking with ENA.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>enclave-options.enabled</code> - A Boolean that indicates whether the
+   *                     instance is enabled for Amazon Web Services Nitro Enclaves.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>hibernation-options.configured</code> - A Boolean that indicates whether
+   *                     the instance is enabled for hibernation. A value of <code>true</code> means that
+   *                     the instance is enabled for hibernation.</p>
    *             </li>
    *             <li>
    *                <p>
@@ -3002,2194 +3405,1364 @@ export interface DescribeInstancesRequest {
    *                <p>
    *                   <code>virtualization-type</code> - The virtualization type of the instance
    *                         (<code>paravirtual</code> | <code>hvm</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC that the instance is running in.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>You cannot specify this parameter and the instance IDs parameter in the same request.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-}
-
-/**
- * <p>Describes the instance's Capacity Reservation targeting preferences. The action returns the
- *                 <code>capacityReservationPreference</code> response element if the instance is
- *             configured to run in On-Demand capacity, or if it is configured in run in any
- *                 <code>open</code> Capacity Reservation that has matching attributes (instance type, platform,
- *             Availability Zone). The action returns the <code>capacityReservationTarget</code>
- *             response element if the instance explicily targets a specific Capacity Reservation or Capacity Reservation group.</p>
- * @public
- */
-export interface CapacityReservationSpecificationResponse {
-  /**
-   * <p>Describes the instance's Capacity Reservation preferences. Possible preferences include:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that
-   *                     has matching attributes (instance type, platform, Availability Zone).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>none</code> - The instance avoids running in a Capacity Reservation even if one is
-   *                     available. The instance runs in On-Demand capacity.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  CapacityReservationPreference?: CapacityReservationPreference | undefined;
-
-  /**
-   * <p>Information about the targeted Capacity Reservation or Capacity Reservation group.</p>
-   * @public
-   */
-  CapacityReservationTarget?: CapacityReservationTargetResponse | undefined;
-}
-
-/**
- * <p>The CPU options for the instance.</p>
- * @public
- */
-export interface CpuOptions {
-  /**
-   * <p>The number of CPU cores for the instance.</p>
-   * @public
-   */
-  CoreCount?: number | undefined;
-
-  /**
-   * <p>The number of threads per CPU core.</p>
-   * @public
-   */
-  ThreadsPerCore?: number | undefined;
-
-  /**
-   * <p>Indicates whether the instance is enabled for AMD SEV-SNP. For more information, see
-   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html">AMD SEV-SNP</a>.</p>
-   * @public
-   */
-  AmdSevSnp?: AmdSevSnpSpecification | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceBootModeValues = {
-  legacy_bios: "legacy-bios",
-  uefi: "uefi",
-} as const;
-
-/**
- * @public
- */
-export type InstanceBootModeValues = (typeof InstanceBootModeValues)[keyof typeof InstanceBootModeValues];
-
-/**
- * <note>
- *             <p>Amazon Elastic Graphics reached end of life on January 8, 2024.</p>
- *          </note>
- *          <p>Describes the association between an instance and an Elastic Graphics accelerator.</p>
- * @public
- */
-export interface ElasticGpuAssociation {
-  /**
-   * <p>The ID of the Elastic Graphics accelerator.</p>
-   * @public
-   */
-  ElasticGpuId?: string | undefined;
-
-  /**
-   * <p>The ID of the association.</p>
-   * @public
-   */
-  ElasticGpuAssociationId?: string | undefined;
-
-  /**
-   * <p>The state of the association between the instance and the
-   *             Elastic Graphics accelerator.</p>
-   * @public
-   */
-  ElasticGpuAssociationState?: string | undefined;
-
-  /**
-   * <p>The time the Elastic Graphics accelerator was associated with the instance.</p>
-   * @public
-   */
-  ElasticGpuAssociationTime?: string | undefined;
-}
-
-/**
- * <note>
- *             <p>Amazon Elastic Inference is no longer available.</p>
- *          </note>
- *          <p>
- *             Describes the association between an instance and an elastic inference accelerator.
- *         </p>
- * @public
- */
-export interface ElasticInferenceAcceleratorAssociation {
-  /**
-   * <p>
-   *             The Amazon Resource Name (ARN) of the elastic inference accelerator.
-   *         </p>
-   * @public
-   */
-  ElasticInferenceAcceleratorArn?: string | undefined;
-
-  /**
-   * <p>
-   *             The ID of the association.
-   *         </p>
-   * @public
-   */
-  ElasticInferenceAcceleratorAssociationId?: string | undefined;
-
-  /**
-   * <p>
-   *             The state of the elastic inference accelerator.
-   *         </p>
-   * @public
-   */
-  ElasticInferenceAcceleratorAssociationState?: string | undefined;
-
-  /**
-   * <p>
-   *             The time at which the elastic inference accelerator is associated with an instance.
-   *         </p>
-   * @public
-   */
-  ElasticInferenceAcceleratorAssociationTime?: Date | undefined;
-}
-
-/**
- * <p>Indicates whether your instance is configured for hibernation. This parameter is valid
- *             only if the instance meets the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html">hibernation
- *                 prerequisites</a>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html">Hibernate your Amazon EC2
- *                 instance</a> in the <i>Amazon EC2 User Guide</i>.</p>
- * @public
- */
-export interface HibernationOptions {
-  /**
-   * <p>If <code>true</code>, your instance is enabled for hibernation; otherwise, it is not
-   *             enabled for hibernation.</p>
-   * @public
-   */
-  Configured?: boolean | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceLifecycleType = {
-  capacity_block: "capacity-block",
-  scheduled: "scheduled",
-  spot: "spot",
-} as const;
-
-/**
- * @public
- */
-export type InstanceLifecycleType = (typeof InstanceLifecycleType)[keyof typeof InstanceLifecycleType];
-
-/**
- * <p>Describes a license configuration.</p>
- * @public
- */
-export interface LicenseConfiguration {
-  /**
-   * <p>The Amazon Resource Name (ARN) of the license configuration.</p>
-   * @public
-   */
-  LicenseConfigurationArn?: string | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceAutoRecoveryState = {
-  default: "default",
-  disabled: "disabled",
-} as const;
-
-/**
- * @public
- */
-export type InstanceAutoRecoveryState = (typeof InstanceAutoRecoveryState)[keyof typeof InstanceAutoRecoveryState];
-
-/**
- * <p>The maintenance options for the instance.</p>
- * @public
- */
-export interface InstanceMaintenanceOptions {
-  /**
-   * <p>Provides information on the current automatic recovery behavior of your
-   *             instance.</p>
-   * @public
-   */
-  AutoRecovery?: InstanceAutoRecoveryState | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceMetadataEndpointState = {
-  disabled: "disabled",
-  enabled: "enabled",
-} as const;
-
-/**
- * @public
- */
-export type InstanceMetadataEndpointState =
-  (typeof InstanceMetadataEndpointState)[keyof typeof InstanceMetadataEndpointState];
-
-/**
- * @public
- * @enum
- */
-export const InstanceMetadataProtocolState = {
-  disabled: "disabled",
-  enabled: "enabled",
-} as const;
-
-/**
- * @public
- */
-export type InstanceMetadataProtocolState =
-  (typeof InstanceMetadataProtocolState)[keyof typeof InstanceMetadataProtocolState];
-
-/**
- * @public
- * @enum
- */
-export const HttpTokensState = {
-  optional: "optional",
-  required: "required",
-} as const;
-
-/**
- * @public
- */
-export type HttpTokensState = (typeof HttpTokensState)[keyof typeof HttpTokensState];
-
-/**
- * @public
- * @enum
- */
-export const InstanceMetadataTagsState = {
-  disabled: "disabled",
-  enabled: "enabled",
-} as const;
-
-/**
- * @public
- */
-export type InstanceMetadataTagsState = (typeof InstanceMetadataTagsState)[keyof typeof InstanceMetadataTagsState];
-
-/**
- * @public
- * @enum
- */
-export const InstanceMetadataOptionsState = {
-  applied: "applied",
-  pending: "pending",
-} as const;
-
-/**
- * @public
- */
-export type InstanceMetadataOptionsState =
-  (typeof InstanceMetadataOptionsState)[keyof typeof InstanceMetadataOptionsState];
-
-/**
- * <p>The metadata options for the instance.</p>
- * @public
- */
-export interface InstanceMetadataOptionsResponse {
-  /**
-   * <p>The state of the metadata option changes.</p>
-   *          <p>
-   *             <code>pending</code> - The metadata options are being updated and the instance is not
-   *             ready to process metadata traffic with the new selection.</p>
-   *          <p>
-   *             <code>applied</code> - The metadata options have been successfully applied on the
-   *             instance.</p>
-   * @public
-   */
-  State?: InstanceMetadataOptionsState | undefined;
-
-  /**
-   * <p>Indicates whether IMDSv2 is required.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>optional</code> - IMDSv2 is optional, which means that you can use
-   *                     either IMDSv2 or IMDSv1.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>required</code> - IMDSv2 is required, which means that IMDSv1 is
-   *                     disabled, and you must use IMDSv2.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  HttpTokens?: HttpTokensState | undefined;
-
-  /**
-   * <p>The maximum number of hops that the metadata token can travel.</p>
-   *          <p>Possible values: Integers from <code>1</code> to <code>64</code>
-   *          </p>
-   * @public
-   */
-  HttpPutResponseHopLimit?: number | undefined;
-
-  /**
-   * <p>Indicates whether the HTTP metadata endpoint on your instances is enabled or
-   *             disabled.</p>
-   *          <p>If the value is <code>disabled</code>, you cannot access your instance
-   *             metadata.</p>
-   * @public
-   */
-  HttpEndpoint?: InstanceMetadataEndpointState | undefined;
-
-  /**
-   * <p>Indicates whether the IPv6 endpoint for the instance metadata service is enabled or
-   *             disabled.</p>
-   *          <p>Default: <code>disabled</code>
-   *          </p>
-   * @public
-   */
-  HttpProtocolIpv6?: InstanceMetadataProtocolState | undefined;
-
-  /**
-   * <p>Indicates whether access to instance tags from the instance metadata is enabled or
-   *             disabled. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS">Work with
-   *                 instance tags using the instance metadata</a>.</p>
-   * @public
-   */
-  InstanceMetadataTags?: InstanceMetadataTagsState | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const MonitoringState = {
-  disabled: "disabled",
-  disabling: "disabling",
-  enabled: "enabled",
-  pending: "pending",
-} as const;
-
-/**
- * @public
- */
-export type MonitoringState = (typeof MonitoringState)[keyof typeof MonitoringState];
-
-/**
- * <p>Describes the monitoring of an instance.</p>
- * @public
- */
-export interface Monitoring {
-  /**
-   * <p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is
-   *             enabled.</p>
-   * @public
-   */
-  State?: MonitoringState | undefined;
-}
-
-/**
- * <p>Describes association information for an Elastic IP address (IPv4).</p>
- * @public
- */
-export interface InstanceNetworkInterfaceAssociation {
-  /**
-   * <p>The carrier IP address associated with the network interface.</p>
-   * @public
-   */
-  CarrierIp?: string | undefined;
-
-  /**
-   * <p>The customer-owned IP address associated with the network interface.</p>
-   * @public
-   */
-  CustomerOwnedIp?: string | undefined;
-
-  /**
-   * <p>The ID of the owner of the Elastic IP address.</p>
-   * @public
-   */
-  IpOwnerId?: string | undefined;
-
-  /**
-   * <p>The public DNS name.</p>
-   * @public
-   */
-  PublicDnsName?: string | undefined;
-
-  /**
-   * <p>The public IP address or Elastic IP address bound to the network interface.</p>
-   * @public
-   */
-  PublicIp?: string | undefined;
-}
-
-/**
- * <p>ENA Express is compatible with both TCP and UDP transport protocols. When it's enabled, TCP traffic
- * 			automatically uses it. However, some UDP-based applications are designed to handle network packets that are
- * 			out of order, without a need for retransmission, such as live video broadcasting or other near-real-time
- * 			applications. For UDP traffic, you can specify whether to use ENA Express, based on your application
- * 			environment needs.</p>
- * @public
- */
-export interface InstanceAttachmentEnaSrdUdpSpecification {
-  /**
-   * <p>Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting,
-   * 			you must first enable ENA Express.</p>
-   * @public
-   */
-  EnaSrdUdpEnabled?: boolean | undefined;
-}
-
-/**
- * <p>ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology to increase the
- * 			maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances.
- * 			With ENA Express, you can communicate between two EC2 instances in the same subnet within the same
- * 			account, or in different accounts. Both sending and receiving instances must have ENA Express enabled.</p>
- *          <p>To improve the reliability of network packet delivery, ENA Express reorders network packets on the
- * 			receiving end by default. However, some UDP-based applications are designed to handle network packets
- * 			that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express
- * 			is enabled, you can specify whether UDP network traffic uses it.</p>
- * @public
- */
-export interface InstanceAttachmentEnaSrdSpecification {
-  /**
-   * <p>Indicates whether ENA Express is enabled for the network interface.</p>
-   * @public
-   */
-  EnaSrdEnabled?: boolean | undefined;
-
-  /**
-   * <p>Configures ENA Express for UDP network traffic.</p>
-   * @public
-   */
-  EnaSrdUdpSpecification?: InstanceAttachmentEnaSrdUdpSpecification | undefined;
-}
-
-/**
- * <p>Describes a network interface attachment.</p>
- * @public
- */
-export interface InstanceNetworkInterfaceAttachment {
-  /**
-   * <p>The time stamp when the attachment initiated.</p>
-   * @public
-   */
-  AttachTime?: Date | undefined;
-
-  /**
-   * <p>The ID of the network interface attachment.</p>
-   * @public
-   */
-  AttachmentId?: string | undefined;
-
-  /**
-   * <p>Indicates whether the network interface is deleted when the instance is terminated.</p>
-   * @public
-   */
-  DeleteOnTermination?: boolean | undefined;
-
-  /**
-   * <p>The index of the device on the instance for the network interface attachment.</p>
-   * @public
-   */
-  DeviceIndex?: number | undefined;
-
-  /**
-   * <p>The attachment state.</p>
-   * @public
-   */
-  Status?: AttachmentStatus | undefined;
-
-  /**
-   * <p>The index of the network card.</p>
-   * @public
-   */
-  NetworkCardIndex?: number | undefined;
-
-  /**
-   * <p>Contains the ENA Express settings for the network interface that's attached
-   * 			to the instance.</p>
-   * @public
-   */
-  EnaSrdSpecification?: InstanceAttachmentEnaSrdSpecification | undefined;
-}
-
-/**
- * <p>A security group connection tracking specification response that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
- * @public
- */
-export interface ConnectionTrackingSpecificationResponse {
-  /**
-   * <p>Timeout (in seconds) for idle TCP
-   * 						connections in an established state. Min: 60 seconds. Max: 432000 seconds (5
-   * 						days). Default: 432000 seconds. Recommended: Less than 432000 seconds.</p>
-   * @public
-   */
-  TcpEstablishedTimeout?: number | undefined;
-
-  /**
-   * <p>Timeout (in seconds) for idle UDP
-   * 						flows classified as streams which have seen more than one request-response
-   * 						transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180
-   * 						seconds.</p>
-   * @public
-   */
-  UdpStreamTimeout?: number | undefined;
-
-  /**
-   * <p>Timeout (in seconds) for idle UDP flows that
-   * 						have seen traffic only in a single direction or a single request-response
-   * 						transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.</p>
-   * @public
-   */
-  UdpTimeout?: number | undefined;
-}
-
-/**
- * <p>Information about an IPv4 prefix.</p>
- * @public
- */
-export interface InstanceIpv4Prefix {
-  /**
-   * <p>One or more IPv4 prefixes assigned to the network interface.</p>
-   * @public
-   */
-  Ipv4Prefix?: string | undefined;
-}
-
-/**
- * <p>Information about an IPv6 prefix.</p>
- * @public
- */
-export interface InstanceIpv6Prefix {
-  /**
-   * <p>One or more IPv6 prefixes assigned to the network interface.</p>
-   * @public
-   */
-  Ipv6Prefix?: string | undefined;
-}
-
-/**
- * <p>Describes a private IPv4 address.</p>
- * @public
- */
-export interface InstancePrivateIpAddress {
-  /**
-   * <p>The association information for an Elastic IP address for the network interface.</p>
-   * @public
-   */
-  Association?: InstanceNetworkInterfaceAssociation | undefined;
-
-  /**
-   * <p>Indicates whether this IPv4 address is the primary private IP address of the network interface.</p>
-   * @public
-   */
-  Primary?: boolean | undefined;
-
-  /**
-   * <p>The private IPv4 DNS name.</p>
-   * @public
-   */
-  PrivateDnsName?: string | undefined;
-
-  /**
-   * <p>The private IPv4 address of the network interface.</p>
-   * @public
-   */
-  PrivateIpAddress?: string | undefined;
-}
-
-/**
- * <p>Describes a network interface.</p>
- * @public
- */
-export interface InstanceNetworkInterface {
-  /**
-   * <p>The association information for an Elastic IPv4 associated with the network
-   *             interface.</p>
-   * @public
-   */
-  Association?: InstanceNetworkInterfaceAssociation | undefined;
-
-  /**
-   * <p>The network interface attachment.</p>
-   * @public
-   */
-  Attachment?: InstanceNetworkInterfaceAttachment | undefined;
-
-  /**
-   * <p>The description.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
-  /**
-   * <p>The security groups.</p>
-   * @public
-   */
-  Groups?: GroupIdentifier[] | undefined;
-
-  /**
-   * <p>The IPv6 addresses associated with the network interface.</p>
-   * @public
-   */
-  Ipv6Addresses?: InstanceIpv6Address[] | undefined;
-
-  /**
-   * <p>The MAC address.</p>
-   * @public
-   */
-  MacAddress?: string | undefined;
-
-  /**
-   * <p>The ID of the network interface.</p>
-   * @public
-   */
-  NetworkInterfaceId?: string | undefined;
-
-  /**
-   * <p>The ID of the Amazon Web Services account that created the network interface.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
-
-  /**
-   * <p>The private DNS name.</p>
-   * @public
-   */
-  PrivateDnsName?: string | undefined;
-
-  /**
-   * <p>The IPv4 address of the network interface within the subnet.</p>
-   * @public
-   */
-  PrivateIpAddress?: string | undefined;
-
-  /**
-   * <p>The private IPv4 addresses associated with the network interface.</p>
-   * @public
-   */
-  PrivateIpAddresses?: InstancePrivateIpAddress[] | undefined;
-
-  /**
-   * <p>Indicates whether source/destination checking is enabled.</p>
-   * @public
-   */
-  SourceDestCheck?: boolean | undefined;
-
-  /**
-   * <p>The status of the network interface.</p>
-   * @public
-   */
-  Status?: NetworkInterfaceStatus | undefined;
-
-  /**
-   * <p>The ID of the subnet.</p>
-   * @public
-   */
-  SubnetId?: string | undefined;
-
-  /**
-   * <p>The ID of the VPC.</p>
-   * @public
-   */
-  VpcId?: string | undefined;
-
-  /**
-   * <p>The type of network interface.</p>
-   *          <p>Valid values: <code>interface</code> | <code>efa</code> | <code>efa-only</code> | <code>trunk</code>
-   *          </p>
-   * @public
-   */
-  InterfaceType?: string | undefined;
-
-  /**
-   * <p>The IPv4 delegated prefixes that are assigned to the network interface.</p>
-   * @public
-   */
-  Ipv4Prefixes?: InstanceIpv4Prefix[] | undefined;
-
-  /**
-   * <p>The IPv6 delegated prefixes that are assigned to the network interface.</p>
-   * @public
-   */
-  Ipv6Prefixes?: InstanceIpv6Prefix[] | undefined;
-
-  /**
-   * <p>A security group connection tracking configuration that enables you to set the timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  ConnectionTrackingConfiguration?: ConnectionTrackingSpecificationResponse | undefined;
-
-  /**
-   * <p>The entity that manages the network interface.</p>
-   * @public
-   */
-  Operator?: OperatorResponse | undefined;
-}
-
-/**
- * <p>Describes the options for instance hostnames.</p>
- * @public
- */
-export interface PrivateDnsNameOptionsResponse {
-  /**
-   * <p>The type of hostname to assign to an instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC that the instance is running in.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  HostnameType?: HostnameType | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A
-   *             records.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  EnableResourceNameDnsARecord?: boolean | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA
-   *             records.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>You cannot specify this parameter and the instance IDs parameter in the same request.</p>
    * @public
    */
-  EnableResourceNameDnsAAAARecord?: boolean | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
- * <p>Describes an instance.</p>
+ * <p>Describes the instance's Capacity Reservation targeting preferences. The action returns the
+ *                 <code>capacityReservationPreference</code> response element if the instance is
+ *             configured to run in On-Demand capacity, or if it is configured in run in any
+ *                 <code>open</code> Capacity Reservation that has matching attributes (instance type, platform,
+ *             Availability Zone). The action returns the <code>capacityReservationTarget</code>
+ *             response element if the instance explicily targets a specific Capacity Reservation or Capacity Reservation group.</p>
  * @public
  */
-export interface Instance {
+export interface CapacityReservationSpecificationResponse {
   /**
-   * <p>The architecture of the image.</p>
+   * <p>Describes the instance's Capacity Reservation preferences. Possible preferences include:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that
+   *                     has matching attributes (instance type, platform, Availability Zone).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>none</code> - The instance avoids running in a Capacity Reservation even if one is
+   *                     available. The instance runs in On-Demand capacity.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Architecture?: ArchitectureValues | undefined;
+  CapacityReservationPreference?: CapacityReservationPreference | undefined;
 
   /**
-   * <p>Any block device mapping entries for the instance.</p>
+   * <p>Information about the targeted Capacity Reservation or Capacity Reservation group.</p>
    * @public
    */
-  BlockDeviceMappings?: InstanceBlockDeviceMapping[] | undefined;
+  CapacityReservationTarget?: CapacityReservationTargetResponse | undefined;
+}
 
+/**
+ * <p>The CPU options for the instance.</p>
+ * @public
+ */
+export interface CpuOptions {
   /**
-   * <p>The idempotency token you provided when you launched the instance, if
-   *             applicable.</p>
+   * <p>The number of CPU cores for the instance.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  CoreCount?: number | undefined;
 
   /**
-   * <p>Indicates whether the instance is optimized for Amazon EBS I/O. This optimization
-   *             provides dedicated throughput to Amazon EBS and an optimized configuration stack to
-   *             provide optimal I/O performance. This optimization isn't available with all instance
-   *             types. Additional usage charges apply when using an EBS Optimized instance.</p>
+   * <p>The number of threads per CPU core.</p>
    * @public
    */
-  EbsOptimized?: boolean | undefined;
+  ThreadsPerCore?: number | undefined;
 
   /**
-   * <p>Specifies whether enhanced networking with ENA is enabled.</p>
+   * <p>Indicates whether the instance is enabled for AMD SEV-SNP. For more information, see
+   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html">AMD SEV-SNP</a>.</p>
    * @public
    */
-  EnaSupport?: boolean | undefined;
+  AmdSevSnp?: AmdSevSnpSpecification | undefined;
+}
 
-  /**
-   * <p>The hypervisor type of the instance. The value <code>xen</code> is used for both Xen
-   *             and Nitro hypervisors.</p>
-   * @public
-   */
-  Hypervisor?: HypervisorType | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceBootModeValues = {
+  legacy_bios: "legacy-bios",
+  uefi: "uefi",
+} as const;
 
-  /**
-   * <p>The IAM instance profile associated with the instance, if
-   *             applicable.</p>
-   * @public
-   */
-  IamInstanceProfile?: IamInstanceProfile | undefined;
+/**
+ * @public
+ */
+export type InstanceBootModeValues = (typeof InstanceBootModeValues)[keyof typeof InstanceBootModeValues];
 
+/**
+ * <note>
+ *             <p>Amazon Elastic Graphics reached end of life on January 8, 2024.</p>
+ *          </note>
+ *          <p>Describes the association between an instance and an Elastic Graphics accelerator.</p>
+ * @public
+ */
+export interface ElasticGpuAssociation {
   /**
-   * <p>Indicates whether this is a Spot Instance or a Scheduled Instance.</p>
+   * <p>The ID of the Elastic Graphics accelerator.</p>
    * @public
    */
-  InstanceLifecycle?: InstanceLifecycleType | undefined;
+  ElasticGpuId?: string | undefined;
 
   /**
-   * <p>Deprecated.</p>
-   *          <note>
-   *             <p>Amazon Elastic Graphics reached end of life on January 8, 2024.</p>
-   *          </note>
+   * <p>The ID of the association.</p>
    * @public
    */
-  ElasticGpuAssociations?: ElasticGpuAssociation[] | undefined;
+  ElasticGpuAssociationId?: string | undefined;
 
   /**
-   * <p>Deprecated</p>
-   *          <note>
-   *             <p>Amazon Elastic Inference is no longer available.</p>
-   *          </note>
+   * <p>The state of the association between the instance and the
+   *             Elastic Graphics accelerator.</p>
    * @public
    */
-  ElasticInferenceAcceleratorAssociations?: ElasticInferenceAcceleratorAssociation[] | undefined;
+  ElasticGpuAssociationState?: string | undefined;
 
   /**
-   * <p>The network interfaces for the instance.</p>
+   * <p>The time the Elastic Graphics accelerator was associated with the instance.</p>
    * @public
    */
-  NetworkInterfaces?: InstanceNetworkInterface[] | undefined;
+  ElasticGpuAssociationTime?: string | undefined;
+}
 
+/**
+ * <note>
+ *             <p>Amazon Elastic Inference is no longer available.</p>
+ *          </note>
+ *          <p>
+ *             Describes the association between an instance and an elastic inference accelerator.
+ *         </p>
+ * @public
+ */
+export interface ElasticInferenceAcceleratorAssociation {
   /**
-   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * <p>
+   *             The Amazon Resource Name (ARN) of the elastic inference accelerator.
+   *         </p>
    * @public
    */
-  OutpostArn?: string | undefined;
+  ElasticInferenceAcceleratorArn?: string | undefined;
 
   /**
-   * <p>The device name of the root device volume (for example,
-   *             <code>/dev/sda1</code>).</p>
+   * <p>
+   *             The ID of the association.
+   *         </p>
    * @public
    */
-  RootDeviceName?: string | undefined;
+  ElasticInferenceAcceleratorAssociationId?: string | undefined;
 
   /**
-   * <p>The root device type used by the AMI. The AMI can use an EBS volume or an instance
-   *             store volume.</p>
+   * <p>
+   *             The state of the elastic inference accelerator.
+   *         </p>
    * @public
    */
-  RootDeviceType?: DeviceType | undefined;
+  ElasticInferenceAcceleratorAssociationState?: string | undefined;
 
   /**
-   * <p>The security groups for the instance.</p>
+   * <p>
+   *             The time at which the elastic inference accelerator is associated with an instance.
+   *         </p>
    * @public
    */
-  SecurityGroups?: GroupIdentifier[] | undefined;
+  ElasticInferenceAcceleratorAssociationTime?: Date | undefined;
+}
 
+/**
+ * <p>Indicates whether your instance is configured for hibernation. This parameter is valid
+ *             only if the instance meets the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html">hibernation
+ *                 prerequisites</a>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html">Hibernate your Amazon EC2
+ *                 instance</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ * @public
+ */
+export interface HibernationOptions {
   /**
-   * <p>Indicates whether source/destination checking is enabled.</p>
+   * <p>If <code>true</code>, your instance is enabled for hibernation; otherwise, it is not
+   *             enabled for hibernation.</p>
    * @public
    */
-  SourceDestCheck?: boolean | undefined;
+  Configured?: boolean | undefined;
+}
 
-  /**
-   * <p>If the request is a Spot Instance request, the ID of the request.</p>
-   * @public
-   */
-  SpotInstanceRequestId?: string | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceLifecycleType = {
+  capacity_block: "capacity-block",
+  scheduled: "scheduled",
+  spot: "spot",
+} as const;
 
-  /**
-   * <p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface
-   *             is enabled.</p>
-   * @public
-   */
-  SriovNetSupport?: string | undefined;
+/**
+ * @public
+ */
+export type InstanceLifecycleType = (typeof InstanceLifecycleType)[keyof typeof InstanceLifecycleType];
 
+/**
+ * <p>Describes a license configuration.</p>
+ * @public
+ */
+export interface LicenseConfiguration {
   /**
-   * <p>The reason for the most recent state transition.</p>
+   * <p>The Amazon Resource Name (ARN) of the license configuration.</p>
    * @public
    */
-  StateReason?: StateReason | undefined;
+  LicenseConfigurationArn?: string | undefined;
+}
 
-  /**
-   * <p>Any tags assigned to the instance.</p>
-   * @public
-   */
-  Tags?: Tag[] | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceAutoRecoveryState = {
+  default: "default",
+  disabled: "disabled",
+} as const;
 
-  /**
-   * <p>The virtualization type of the instance.</p>
-   * @public
-   */
-  VirtualizationType?: VirtualizationType | undefined;
+/**
+ * @public
+ */
+export type InstanceAutoRecoveryState = (typeof InstanceAutoRecoveryState)[keyof typeof InstanceAutoRecoveryState];
 
+/**
+ * <p>The maintenance options for the instance.</p>
+ * @public
+ */
+export interface InstanceMaintenanceOptions {
   /**
-   * <p>The CPU options for the instance.</p>
+   * <p>Provides information on the current automatic recovery behavior of your
+   *             instance.</p>
    * @public
    */
-  CpuOptions?: CpuOptions | undefined;
+  AutoRecovery?: InstanceAutoRecoveryState | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const InstanceMetadataEndpointState = {
+  disabled: "disabled",
+  enabled: "enabled",
+} as const;
 
-  /**
-   * <p>The ID of the Capacity Reservation.</p>
-   * @public
-   */
-  CapacityReservationId?: string | undefined;
+/**
+ * @public
+ */
+export type InstanceMetadataEndpointState =
+  (typeof InstanceMetadataEndpointState)[keyof typeof InstanceMetadataEndpointState];
 
-  /**
-   * <p>Information about the Capacity Reservation targeting option.</p>
-   * @public
-   */
-  CapacityReservationSpecification?: CapacityReservationSpecificationResponse | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceMetadataProtocolState = {
+  disabled: "disabled",
+  enabled: "enabled",
+} as const;
 
-  /**
-   * <p>Indicates whether the instance is enabled for hibernation.</p>
-   * @public
-   */
-  HibernationOptions?: HibernationOptions | undefined;
+/**
+ * @public
+ */
+export type InstanceMetadataProtocolState =
+  (typeof InstanceMetadataProtocolState)[keyof typeof InstanceMetadataProtocolState];
 
-  /**
-   * <p>The license configurations for the instance.</p>
-   * @public
-   */
-  Licenses?: LicenseConfiguration[] | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const HttpTokensState = {
+  optional: "optional",
+  required: "required",
+} as const;
 
-  /**
-   * <p>The metadata options for the instance.</p>
-   * @public
-   */
-  MetadataOptions?: InstanceMetadataOptionsResponse | undefined;
+/**
+ * @public
+ */
+export type HttpTokensState = (typeof HttpTokensState)[keyof typeof HttpTokensState];
 
-  /**
-   * <p>Indicates whether the instance is enabled for Amazon Web Services Nitro
-   *             Enclaves.</p>
-   * @public
-   */
-  EnclaveOptions?: EnclaveOptions | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceMetadataTagsState = {
+  disabled: "disabled",
+  enabled: "enabled",
+} as const;
 
-  /**
-   * <p>The boot mode that was specified by the AMI. If the value is <code>uefi-preferred</code>,
-   *             the AMI supports both UEFI and Legacy BIOS. The <code>currentInstanceBootMode</code> parameter
-   *             is the boot mode that is used to boot the instance at launch or start.</p>
-   *          <note>
-   *             <p>The operating system contained in the AMI must be configured to support the specified boot mode.</p>
-   *          </note>
-   *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  BootMode?: BootModeValues | undefined;
+/**
+ * @public
+ */
+export type InstanceMetadataTagsState = (typeof InstanceMetadataTagsState)[keyof typeof InstanceMetadataTagsState];
 
-  /**
-   * <p>The platform details value for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html">AMI
-   *                 billing information fields</a> in the
-   *             <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  PlatformDetails?: string | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceMetadataOptionsState = {
+  applied: "applied",
+  pending: "pending",
+} as const;
 
-  /**
-   * <p>The usage operation value for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html">AMI
-   *                 billing information fields</a> in the
-   *             <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  UsageOperation?: string | undefined;
+/**
+ * @public
+ */
+export type InstanceMetadataOptionsState =
+  (typeof InstanceMetadataOptionsState)[keyof typeof InstanceMetadataOptionsState];
 
+/**
+ * <p>The metadata options for the instance.</p>
+ * @public
+ */
+export interface InstanceMetadataOptionsResponse {
   /**
-   * <p>The time that the usage operation was last updated.</p>
+   * <p>The state of the metadata option changes.</p>
+   *          <p>
+   *             <code>pending</code> - The metadata options are being updated and the instance is not
+   *             ready to process metadata traffic with the new selection.</p>
+   *          <p>
+   *             <code>applied</code> - The metadata options have been successfully applied on the
+   *             instance.</p>
    * @public
    */
-  UsageOperationUpdateTime?: Date | undefined;
+  State?: InstanceMetadataOptionsState | undefined;
 
   /**
-   * <p>The options for the instance hostname.</p>
+   * <p>Indicates whether IMDSv2 is required.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>optional</code> - IMDSv2 is optional, which means that you can use
+   *                     either IMDSv2 or IMDSv1.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>required</code> - IMDSv2 is required, which means that IMDSv1 is
+   *                     disabled, and you must use IMDSv2.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  PrivateDnsNameOptions?: PrivateDnsNameOptionsResponse | undefined;
+  HttpTokens?: HttpTokensState | undefined;
 
   /**
-   * <p>The IPv6 address assigned to the instance.</p>
+   * <p>The maximum number of hops that the metadata token can travel.</p>
+   *          <p>Possible values: Integers from <code>1</code> to <code>64</code>
+   *          </p>
    * @public
    */
-  Ipv6Address?: string | undefined;
+  HttpPutResponseHopLimit?: number | undefined;
 
   /**
-   * <p>If the instance is configured for NitroTPM support, the value is <code>v2.0</code>.
-   *             For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html">NitroTPM</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
+   * <p>Indicates whether the HTTP metadata endpoint on your instances is enabled or
+   *             disabled.</p>
+   *          <p>If the value is <code>disabled</code>, you cannot access your instance
+   *             metadata.</p>
    * @public
    */
-  TpmSupport?: string | undefined;
+  HttpEndpoint?: InstanceMetadataEndpointState | undefined;
 
   /**
-   * <p>Provides information on the recovery and maintenance options of your instance.</p>
+   * <p>Indicates whether the IPv6 endpoint for the instance metadata service is enabled or
+   *             disabled.</p>
+   *          <p>Default: <code>disabled</code>
+   *          </p>
    * @public
    */
-  MaintenanceOptions?: InstanceMaintenanceOptions | undefined;
+  HttpProtocolIpv6?: InstanceMetadataProtocolState | undefined;
 
   /**
-   * <p>The boot mode that is used to boot the instance at launch or start. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
-   *             <i>Amazon EC2 User Guide</i>.</p>
+   * <p>Indicates whether access to instance tags from the instance metadata is enabled or
+   *             disabled. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS">Work with
+   *                 instance tags using the instance metadata</a>.</p>
    * @public
    */
-  CurrentInstanceBootMode?: InstanceBootModeValues | undefined;
+  InstanceMetadataTags?: InstanceMetadataTagsState | undefined;
+}
 
-  /**
-   * <p>The entity that manages the instance.</p>
-   * @public
-   */
-  Operator?: OperatorResponse | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const MonitoringState = {
+  disabled: "disabled",
+  disabling: "disabling",
+  enabled: "enabled",
+  pending: "pending",
+} as const;
 
-  /**
-   * <p>The ID of the instance.</p>
-   * @public
-   */
-  InstanceId?: string | undefined;
+/**
+ * @public
+ */
+export type MonitoringState = (typeof MonitoringState)[keyof typeof MonitoringState];
 
+/**
+ * <p>Describes the monitoring of an instance.</p>
+ * @public
+ */
+export interface Monitoring {
   /**
-   * <p>The ID of the AMI used to launch the instance.</p>
+   * <p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is
+   *             enabled.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  State?: MonitoringState | undefined;
+}
 
+/**
+ * <p>Describes association information for an Elastic IP address (IPv4).</p>
+ * @public
+ */
+export interface InstanceNetworkInterfaceAssociation {
   /**
-   * <p>The current state of the instance.</p>
+   * <p>The carrier IP address associated with the network interface.</p>
    * @public
    */
-  State?: InstanceState | undefined;
+  CarrierIp?: string | undefined;
 
   /**
-   * <p>[IPv4 only] The private DNS hostname name assigned to the instance. This DNS hostname
-   *             can only be used inside the Amazon EC2 network. This name is not available until the
-   *             instance enters the <code>running</code> state. </p>
-   *          <p>The Amazon-provided DNS server resolves Amazon-provided private DNS
-   *             hostnames if you've enabled DNS resolution and DNS hostnames in your VPC. If you are not
-   *             using the Amazon-provided DNS server in your VPC, your custom domain name servers must
-   *             resolve the hostname as appropriate.</p>
+   * <p>The customer-owned IP address associated with the network interface.</p>
    * @public
    */
-  PrivateDnsName?: string | undefined;
+  CustomerOwnedIp?: string | undefined;
 
   /**
-   * <p>[IPv4 only] The public DNS name assigned to the instance. This name is not available
-   *             until the instance enters the <code>running</code> state. This name is only
-   *             available if you've enabled DNS hostnames for your VPC.</p>
+   * <p>The ID of the owner of the Elastic IP address.</p>
    * @public
    */
-  PublicDnsName?: string | undefined;
+  IpOwnerId?: string | undefined;
 
   /**
-   * <p>The reason for the most recent state transition. This might be an empty string.</p>
+   * <p>The public DNS name.</p>
    * @public
    */
-  StateTransitionReason?: string | undefined;
+  PublicDnsName?: string | undefined;
 
   /**
-   * <p>The name of the key pair, if this instance was launched with an associated key
-   *             pair.</p>
+   * <p>The public IP address or Elastic IP address bound to the network interface.</p>
    * @public
    */
-  KeyName?: string | undefined;
+  PublicIp?: string | undefined;
+}
 
+/**
+ * <p>ENA Express is compatible with both TCP and UDP transport protocols. When it's enabled, TCP traffic
+ * 			automatically uses it. However, some UDP-based applications are designed to handle network packets that are
+ * 			out of order, without a need for retransmission, such as live video broadcasting or other near-real-time
+ * 			applications. For UDP traffic, you can specify whether to use ENA Express, based on your application
+ * 			environment needs.</p>
+ * @public
+ */
+export interface InstanceAttachmentEnaSrdUdpSpecification {
   /**
-   * <p>The AMI launch index, which can be used to find this instance in the launch
-   *             group.</p>
+   * <p>Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting,
+   * 			you must first enable ENA Express.</p>
    * @public
    */
-  AmiLaunchIndex?: number | undefined;
+  EnaSrdUdpEnabled?: boolean | undefined;
+}
 
+/**
+ * <p>ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology to increase the
+ * 			maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances.
+ * 			With ENA Express, you can communicate between two EC2 instances in the same subnet within the same
+ * 			account, or in different accounts. Both sending and receiving instances must have ENA Express enabled.</p>
+ *          <p>To improve the reliability of network packet delivery, ENA Express reorders network packets on the
+ * 			receiving end by default. However, some UDP-based applications are designed to handle network packets
+ * 			that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express
+ * 			is enabled, you can specify whether UDP network traffic uses it.</p>
+ * @public
+ */
+export interface InstanceAttachmentEnaSrdSpecification {
   /**
-   * <p>The product codes attached to this instance, if applicable.</p>
+   * <p>Indicates whether ENA Express is enabled for the network interface.</p>
    * @public
    */
-  ProductCodes?: ProductCode[] | undefined;
+  EnaSrdEnabled?: boolean | undefined;
 
   /**
-   * <p>The instance type.</p>
+   * <p>Configures ENA Express for UDP network traffic.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  EnaSrdUdpSpecification?: InstanceAttachmentEnaSrdUdpSpecification | undefined;
+}
 
+/**
+ * <p>Describes a network interface attachment.</p>
+ * @public
+ */
+export interface InstanceNetworkInterfaceAttachment {
   /**
-   * <p>The time that the instance was last launched. To determine the time that instance was first launched,
-   *             see the attachment time for the primary network interface.</p>
+   * <p>The time stamp when the attachment initiated.</p>
    * @public
    */
-  LaunchTime?: Date | undefined;
+  AttachTime?: Date | undefined;
 
   /**
-   * <p>The location where the instance launched, if applicable.</p>
+   * <p>The ID of the network interface attachment.</p>
    * @public
    */
-  Placement?: Placement | undefined;
+  AttachmentId?: string | undefined;
 
   /**
-   * <p>The kernel associated with this instance, if applicable.</p>
+   * <p>Indicates whether the network interface is deleted when the instance is terminated.</p>
    * @public
    */
-  KernelId?: string | undefined;
+  DeleteOnTermination?: boolean | undefined;
 
   /**
-   * <p>The RAM disk associated with this instance, if applicable.</p>
+   * <p>The index of the device on the instance for the network interface attachment.</p>
    * @public
    */
-  RamdiskId?: string | undefined;
+  DeviceIndex?: number | undefined;
 
   /**
-   * <p>The platform. This value is <code>windows</code> for Windows instances; otherwise, it is empty.</p>
+   * <p>The attachment state.</p>
    * @public
    */
-  Platform?: PlatformValues | undefined;
+  Status?: AttachmentStatus | undefined;
 
   /**
-   * <p>The monitoring for the instance.</p>
+   * <p>The index of the network card.</p>
    * @public
    */
-  Monitoring?: Monitoring | undefined;
+  NetworkCardIndex?: number | undefined;
 
   /**
-   * <p>The ID of the subnet in which the instance is running.</p>
+   * <p>Contains the ENA Express settings for the network interface that's attached
+   * 			to the instance.</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  EnaSrdSpecification?: InstanceAttachmentEnaSrdSpecification | undefined;
+}
 
+/**
+ * <p>A security group connection tracking specification response that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ * @public
+ */
+export interface ConnectionTrackingSpecificationResponse {
   /**
-   * <p>The ID of the VPC in which the instance is running.</p>
+   * <p>Timeout (in seconds) for idle TCP
+   * 						connections in an established state. Min: 60 seconds. Max: 432000 seconds (5
+   * 						days). Default: 432000 seconds. Recommended: Less than 432000 seconds.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  TcpEstablishedTimeout?: number | undefined;
 
   /**
-   * <p>The private IPv4 address assigned to the instance.</p>
+   * <p>Timeout (in seconds) for idle UDP
+   * 						flows classified as streams which have seen more than one request-response
+   * 						transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180
+   * 						seconds.</p>
    * @public
    */
-  PrivateIpAddress?: string | undefined;
+  UdpStreamTimeout?: number | undefined;
 
   /**
-   * <p>The public IPv4 address, or the Carrier IP address assigned to the instance, if
-   *             applicable.</p>
-   *          <p>A Carrier IP address only applies to an instance launched in a subnet associated with
-   *             a Wavelength Zone.</p>
+   * <p>Timeout (in seconds) for idle UDP flows that
+   * 						have seen traffic only in a single direction or a single request-response
+   * 						transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.</p>
    * @public
    */
-  PublicIpAddress?: string | undefined;
+  UdpTimeout?: number | undefined;
 }
 
 /**
- * <p>Describes a launch request for one or more instances, and includes owner, requester,
- *             and security group information that applies to all instances in the launch
- *             request.</p>
+ * <p>Information about an IPv4 prefix.</p>
  * @public
  */
-export interface Reservation {
-  /**
-   * <p>The ID of the reservation.</p>
-   * @public
-   */
-  ReservationId?: string | undefined;
-
+export interface InstanceIpv4Prefix {
   /**
-   * <p>The ID of the Amazon Web Services account that owns the reservation.</p>
+   * <p>One or more IPv4 prefixes assigned to the network interface.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  Ipv4Prefix?: string | undefined;
+}
 
+/**
+ * <p>Information about an IPv6 prefix.</p>
+ * @public
+ */
+export interface InstanceIpv6Prefix {
   /**
-   * <p>The ID of the requester that launched the instances on your behalf (for example,
-   *                 Amazon Web Services Management Console or Auto Scaling).</p>
+   * <p>One or more IPv6 prefixes assigned to the network interface.</p>
    * @public
    */
-  RequesterId?: string | undefined;
+  Ipv6Prefix?: string | undefined;
+}
 
+/**
+ * <p>Describes a private IPv4 address.</p>
+ * @public
+ */
+export interface InstancePrivateIpAddress {
   /**
-   * <p>Not supported.</p>
+   * <p>The association information for an Elastic IP address for the network interface.</p>
    * @public
    */
-  Groups?: GroupIdentifier[] | undefined;
+  Association?: InstanceNetworkInterfaceAssociation | undefined;
 
   /**
-   * <p>The instances.</p>
+   * <p>Indicates whether this IPv4 address is the primary private IP address of the network interface.</p>
    * @public
    */
-  Instances?: Instance[] | undefined;
-}
+  Primary?: boolean | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstancesResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The private IPv4 DNS name.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  PrivateDnsName?: string | undefined;
 
   /**
-   * <p>Information about the reservations.</p>
+   * <p>The private IPv4 address of the network interface.</p>
    * @public
    */
-  Reservations?: Reservation[] | undefined;
+  PrivateIpAddress?: string | undefined;
 }
 
 /**
+ * <p>Describes a network interface.</p>
  * @public
  */
-export interface DescribeInstanceStatusRequest {
+export interface InstanceNetworkInterface {
   /**
-   * <p>The instance IDs.</p>
-   *          <p>Default: Describes all your instances.</p>
-   *          <p>Constraints: Maximum 100 explicitly specified instance IDs.</p>
+   * <p>The association information for an Elastic IPv4 associated with the network
+   *             interface.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  Association?: InstanceNetworkInterfaceAssociation | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>You cannot specify this parameter and the instance IDs parameter in the same request.</p>
+   * <p>The network interface attachment.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Attachment?: InstanceNetworkInterfaceAttachment | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The description.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The security groups.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Groups?: GroupIdentifier[] | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.code</code> - The code for the scheduled event
-   *                         (<code>instance-reboot</code> | <code>system-reboot</code> |
-   *                         <code>system-maintenance</code> | <code>instance-retirement</code> |
-   *                         <code>instance-stop</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.description</code> - A description of the event.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.instance-event-id</code> - The ID of the event whose date and time
-   *                     you are modifying.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.not-after</code> - The latest end time for the scheduled event
-   *                     (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.not-before</code> - The earliest start time for the scheduled
-   *                     event (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.not-before-deadline</code> - The deadline for starting the event
-   *                     (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-state-code</code> - The code for the instance state, as a
-   *                     16-bit unsigned integer. The high byte is used for internal purposes and should
-   *                     be ignored. The low byte is set based on the state represented. The valid values
-   *                     are 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64
-   *                     (stopping), and 80 (stopped).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-state-name</code> - The state of the instance
-   *                         (<code>pending</code> | <code>running</code> | <code>shutting-down</code> |
-   *                         <code>terminated</code> | <code>stopping</code> |
-   *                     <code>stopped</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-status.reachability</code> - Filters on instance status where
-   *                     the name is <code>reachability</code> (<code>passed</code> | <code>failed</code>
-   *                     | <code>initializing</code> | <code>insufficient-data</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-status.status</code> - The status of the instance
-   *                         (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
-   *                         <code>insufficient-data</code> | <code>not-applicable</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>system-status.reachability</code> - Filters on system status where the
-   *                     name is <code>reachability</code> (<code>passed</code> | <code>failed</code> |
-   *                         <code>initializing</code> | <code>insufficient-data</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>system-status.status</code> - The system status of the instance
-   *                         (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
-   *                         <code>insufficient-data</code> | <code>not-applicable</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attached-ebs-status.status</code> - The status of the attached EBS volume
-   *                     for the instance (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
-   *                     <code>insufficient-data</code> | <code>not-applicable</code>).</p>
-   *             </li>
-   *          </ul>
+   * <p>The IPv6 addresses associated with the network interface.</p>
+   * @public
+   */
+  Ipv6Addresses?: InstanceIpv6Address[] | undefined;
+
+  /**
+   * <p>The MAC address.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  MacAddress?: string | undefined;
 
   /**
-   * <p>When <code>true</code>, includes the health status for all instances. When
-   *                 <code>false</code>, includes the health status for running instances only.</p>
-   *          <p>Default: <code>false</code>
-   *          </p>
+   * <p>The ID of the network interface.</p>
    * @public
    */
-  IncludeAllInstances?: boolean | undefined;
-}
+  NetworkInterfaceId?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const StatusName = {
-  reachability: "reachability",
-} as const;
+  /**
+   * <p>The ID of the Amazon Web Services account that created the network interface.</p>
+   * @public
+   */
+  OwnerId?: string | undefined;
 
-/**
- * @public
- */
-export type StatusName = (typeof StatusName)[keyof typeof StatusName];
+  /**
+   * <p>The private DNS name.</p>
+   * @public
+   */
+  PrivateDnsName?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const StatusType = {
-  failed: "failed",
-  initializing: "initializing",
-  insufficient_data: "insufficient-data",
-  passed: "passed",
-} as const;
+  /**
+   * <p>The IPv4 address of the network interface within the subnet.</p>
+   * @public
+   */
+  PrivateIpAddress?: string | undefined;
 
-/**
- * @public
- */
-export type StatusType = (typeof StatusType)[keyof typeof StatusType];
+  /**
+   * <p>The private IPv4 addresses associated with the network interface.</p>
+   * @public
+   */
+  PrivateIpAddresses?: InstancePrivateIpAddress[] | undefined;
 
-/**
- * <p>Describes the attached EBS status check for an instance.</p>
- * @public
- */
-export interface EbsStatusDetails {
   /**
-   * <p>The date and time when the attached EBS status check failed.</p>
+   * <p>Indicates whether source/destination checking is enabled.</p>
    * @public
    */
-  ImpairedSince?: Date | undefined;
+  SourceDestCheck?: boolean | undefined;
 
   /**
-   * <p>The name of the attached EBS status check.</p>
+   * <p>The status of the network interface.</p>
    * @public
    */
-  Name?: StatusName | undefined;
+  Status?: NetworkInterfaceStatus | undefined;
 
   /**
-   * <p>The result of the attached EBS status check.</p>
+   * <p>The ID of the subnet.</p>
    * @public
    */
-  Status?: StatusType | undefined;
-}
+  SubnetId?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const SummaryStatus = {
-  impaired: "impaired",
-  initializing: "initializing",
-  insufficient_data: "insufficient-data",
-  not_applicable: "not-applicable",
-  ok: "ok",
-} as const;
+  /**
+   * <p>The ID of the VPC.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
 
-/**
- * @public
- */
-export type SummaryStatus = (typeof SummaryStatus)[keyof typeof SummaryStatus];
+  /**
+   * <p>The type of network interface.</p>
+   *          <p>Valid values: <code>interface</code> | <code>efa</code> | <code>efa-only</code> | <code>trunk</code>
+   *          </p>
+   * @public
+   */
+  InterfaceType?: string | undefined;
 
-/**
- * <p>Provides a summary of the attached EBS volume status for an instance.</p>
- * @public
- */
-export interface EbsStatusSummary {
   /**
-   * <p>Details about the attached EBS status check for an instance.</p>
+   * <p>The IPv4 delegated prefixes that are assigned to the network interface.</p>
    * @public
    */
-  Details?: EbsStatusDetails[] | undefined;
+  Ipv4Prefixes?: InstanceIpv4Prefix[] | undefined;
 
   /**
-   * <p>The current status.</p>
+   * <p>The IPv6 delegated prefixes that are assigned to the network interface.</p>
    * @public
    */
-  Status?: SummaryStatus | undefined;
+  Ipv6Prefixes?: InstanceIpv6Prefix[] | undefined;
+
+  /**
+   * <p>A security group connection tracking configuration that enables you to set the timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * @public
+   */
+  ConnectionTrackingConfiguration?: ConnectionTrackingSpecificationResponse | undefined;
+
+  /**
+   * <p>The entity that manages the network interface.</p>
+   * @public
+   */
+  Operator?: OperatorResponse | undefined;
 }
 
 /**
+ * <p>Describes the options for instance hostnames.</p>
  * @public
- * @enum
  */
-export const EventCode = {
-  instance_reboot: "instance-reboot",
-  instance_retirement: "instance-retirement",
-  instance_stop: "instance-stop",
-  system_maintenance: "system-maintenance",
-  system_reboot: "system-reboot",
-} as const;
+export interface PrivateDnsNameOptionsResponse {
+  /**
+   * <p>The type of hostname to assign to an instance.</p>
+   * @public
+   */
+  HostnameType?: HostnameType | undefined;
 
-/**
- * @public
- */
-export type EventCode = (typeof EventCode)[keyof typeof EventCode];
+  /**
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A
+   *             records.</p>
+   * @public
+   */
+  EnableResourceNameDnsARecord?: boolean | undefined;
+
+  /**
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA
+   *             records.</p>
+   * @public
+   */
+  EnableResourceNameDnsAAAARecord?: boolean | undefined;
+}
 
 /**
- * <p>Describes a scheduled event for an instance.</p>
+ * <p>Describes an instance.</p>
  * @public
  */
-export interface InstanceStatusEvent {
+export interface Instance {
   /**
-   * <p>The ID of the event.</p>
+   * <p>The architecture of the image.</p>
    * @public
    */
-  InstanceEventId?: string | undefined;
+  Architecture?: ArchitectureValues | undefined;
 
   /**
-   * <p>The event code.</p>
+   * <p>Any block device mapping entries for the instance.</p>
    * @public
    */
-  Code?: EventCode | undefined;
+  BlockDeviceMappings?: InstanceBlockDeviceMapping[] | undefined;
 
   /**
-   * <p>A description of the event.</p>
-   *          <p>After a scheduled event is completed, it can still be described for up to a week. If
-   *             the event has been completed, this description starts with the following text:
-   *             [Completed].</p>
+   * <p>The idempotency token you provided when you launched the instance, if
+   *             applicable.</p>
    * @public
    */
-  Description?: string | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>The latest scheduled end time for the event.</p>
+   * <p>Indicates whether the instance is optimized for Amazon EBS I/O. This optimization
+   *             provides dedicated throughput to Amazon EBS and an optimized configuration stack to
+   *             provide optimal I/O performance. This optimization isn't available with all instance
+   *             types. Additional usage charges apply when using an EBS Optimized instance.</p>
    * @public
    */
-  NotAfter?: Date | undefined;
+  EbsOptimized?: boolean | undefined;
 
   /**
-   * <p>The earliest scheduled start time for the event.</p>
+   * <p>Specifies whether enhanced networking with ENA is enabled.</p>
    * @public
    */
-  NotBefore?: Date | undefined;
+  EnaSupport?: boolean | undefined;
 
   /**
-   * <p>The deadline for starting the event.</p>
+   * <p>The hypervisor type of the instance. The value <code>xen</code> is used for both Xen
+   *             and Nitro hypervisors.</p>
    * @public
    */
-  NotBeforeDeadline?: Date | undefined;
-}
+  Hypervisor?: HypervisorType | undefined;
 
-/**
- * <p>Describes the instance status.</p>
- * @public
- */
-export interface InstanceStatusDetails {
   /**
-   * <p>The time when a status check failed. For an instance that was launched and impaired,
-   *             this is the time when the instance was launched.</p>
+   * <p>The IAM instance profile associated with the instance, if
+   *             applicable.</p>
    * @public
    */
-  ImpairedSince?: Date | undefined;
+  IamInstanceProfile?: IamInstanceProfile | undefined;
 
   /**
-   * <p>The type of instance status.</p>
+   * <p>Indicates whether this is a Spot Instance or a Scheduled Instance.</p>
    * @public
    */
-  Name?: StatusName | undefined;
+  InstanceLifecycle?: InstanceLifecycleType | undefined;
 
   /**
-   * <p>The status.</p>
+   * <p>Deprecated.</p>
+   *          <note>
+   *             <p>Amazon Elastic Graphics reached end of life on January 8, 2024.</p>
+   *          </note>
    * @public
    */
-  Status?: StatusType | undefined;
-}
+  ElasticGpuAssociations?: ElasticGpuAssociation[] | undefined;
 
-/**
- * <p>Describes the status of an instance.</p>
- * @public
- */
-export interface InstanceStatusSummary {
   /**
-   * <p>The system instance health or application instance health.</p>
+   * <p>Deprecated</p>
+   *          <note>
+   *             <p>Amazon Elastic Inference is no longer available.</p>
+   *          </note>
    * @public
    */
-  Details?: InstanceStatusDetails[] | undefined;
+  ElasticInferenceAcceleratorAssociations?: ElasticInferenceAcceleratorAssociation[] | undefined;
 
   /**
-   * <p>The status.</p>
+   * <p>The network interfaces for the instance.</p>
    * @public
    */
-  Status?: SummaryStatus | undefined;
-}
+  NetworkInterfaces?: InstanceNetworkInterface[] | undefined;
+
+  /**
+   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * @public
+   */
+  OutpostArn?: string | undefined;
+
+  /**
+   * <p>The device name of the root device volume (for example,
+   *             <code>/dev/sda1</code>).</p>
+   * @public
+   */
+  RootDeviceName?: string | undefined;
 
-/**
- * <p>Describes the status of an instance.</p>
- * @public
- */
-export interface InstanceStatus {
   /**
-   * <p>The Availability Zone of the instance.</p>
+   * <p>The root device type used by the AMI. The AMI can use an EBS volume or an instance
+   *             store volume.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  RootDeviceType?: DeviceType | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * <p>The security groups for the instance.</p>
    * @public
    */
-  OutpostArn?: string | undefined;
+  SecurityGroups?: GroupIdentifier[] | undefined;
 
   /**
-   * <p>The entity that manages the instance.</p>
+   * <p>Indicates whether source/destination checking is enabled.</p>
    * @public
    */
-  Operator?: OperatorResponse | undefined;
+  SourceDestCheck?: boolean | undefined;
 
   /**
-   * <p>Any scheduled events associated with the instance.</p>
+   * <p>If the request is a Spot Instance request, the ID of the request.</p>
    * @public
    */
-  Events?: InstanceStatusEvent[] | undefined;
+  SpotInstanceRequestId?: string | undefined;
 
   /**
-   * <p>The ID of the instance.</p>
+   * <p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface
+   *             is enabled.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  SriovNetSupport?: string | undefined;
 
   /**
-   * <p>The intended state of the instance. <a>DescribeInstanceStatus</a> requires
-   *             that an instance be in the <code>running</code> state.</p>
+   * <p>The reason for the most recent state transition.</p>
    * @public
    */
-  InstanceState?: InstanceState | undefined;
+  StateReason?: StateReason | undefined;
 
   /**
-   * <p>Reports impaired functionality that stems from issues internal to the instance, such
-   *             as impaired reachability.</p>
+   * <p>Any tags assigned to the instance.</p>
    * @public
    */
-  InstanceStatus?: InstanceStatusSummary | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>Reports impaired functionality that stems from issues related to the systems that
-   *             support an instance, such as hardware failures and network connectivity problems.</p>
+   * <p>The virtualization type of the instance.</p>
    * @public
    */
-  SystemStatus?: InstanceStatusSummary | undefined;
+  VirtualizationType?: VirtualizationType | undefined;
 
   /**
-   * <p>Reports impaired functionality that stems from an attached Amazon EBS volume that is
-   *             unreachable and unable to complete I/O operations.</p>
+   * <p>The CPU options for the instance.</p>
    * @public
    */
-  AttachedEbsStatus?: EbsStatusSummary | undefined;
-}
+  CpuOptions?: CpuOptions | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceStatusResult {
   /**
-   * <p>Information about the status of the instances.</p>
+   * <p>The ID of the Capacity Reservation.</p>
    * @public
    */
-  InstanceStatuses?: InstanceStatus[] | undefined;
+  CapacityReservationId?: string | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>Information about the Capacity Reservation targeting option.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  CapacityReservationSpecification?: CapacityReservationSpecificationResponse | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceTopologyRequest {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Indicates whether the instance is enabled for hibernation.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  HibernationOptions?: HibernationOptions | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The license configurations for the instance.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Licenses?: LicenseConfiguration[] | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>You can't specify this parameter and the instance IDs parameter in the same request.</p>
-   *          <p>Default: <code>20</code>
-   *          </p>
+   * <p>The metadata options for the instance.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  MetadataOptions?: InstanceMetadataOptionsResponse | undefined;
 
   /**
-   * <p>The instance IDs.</p>
-   *          <p>Default: Describes all your instances.</p>
-   *          <p>Constraints: Maximum 100 explicitly specified instance IDs.</p>
+   * <p>Indicates whether the instance is enabled for Amazon Web Services Nitro
+   *             Enclaves.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  EnclaveOptions?: EnclaveOptions | undefined;
 
   /**
-   * <p>The name of the placement group that each instance is in.</p>
-   *          <p>Constraints: Maximum 100 explicitly specified placement group names.</p>
+   * <p>The boot mode that was specified by the AMI. If the value is <code>uefi-preferred</code>,
+   *             the AMI supports both UEFI and Legacy BIOS. The <code>currentInstanceBootMode</code> parameter
+   *             is the boot mode that is used to boot the instance at launch or start.</p>
+   *          <note>
+   *             <p>The operating system contained in the AMI must be configured to support the specified boot mode.</p>
+   *          </note>
+   *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
+   *                 <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  GroupNames?: string[] | undefined;
+  BootMode?: BootModeValues | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The name of the Availability Zone (for
-   *                     example, <code>us-west-2a</code>) or Local Zone (for example,
-   *                         <code>us-west-2-lax-1b</code>) that the instance is in.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type (for example,
-   *                         <code>p4d.24xlarge</code>) or instance family (for example,
-   *                         <code>p4d*</code>). You can use the <code>*</code> wildcard to match zero or
-   *                     more characters, or the <code>?</code> wildcard to match zero or one
-   *                     character.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>zone-id</code> - The ID of the Availability Zone (for example,
-   *                         <code>usw2-az2</code>) or Local Zone (for example,
-   *                         <code>usw2-lax1-az1</code>) that the instance is in.</p>
-   *             </li>
-   *          </ul>
+   * <p>The platform details value for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html">AMI
+   *                 billing information fields</a> in the
+   *             <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-}
+  PlatformDetails?: string | undefined;
 
-/**
- * <p>Information about the instance topology.</p>
- * @public
- */
-export interface InstanceTopology {
   /**
-   * <p>The instance ID.</p>
+   * <p>The usage operation value for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html">AMI
+   *                 billing information fields</a> in the
+   *             <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  UsageOperation?: string | undefined;
 
   /**
-   * <p>The instance type.</p>
+   * <p>The time that the usage operation was last updated.</p>
    * @public
    */
-  InstanceType?: string | undefined;
+  UsageOperationUpdateTime?: Date | undefined;
 
   /**
-   * <p>The name of the placement group that the instance is in.</p>
+   * <p>The options for the instance hostname.</p>
    * @public
    */
-  GroupName?: string | undefined;
+  PrivateDnsNameOptions?: PrivateDnsNameOptionsResponse | undefined;
 
   /**
-   * <p>The network nodes. The nodes are hashed based on your account. Instances from
-   *             different accounts running under the same server will return a different hashed list of
-   *             strings.</p>
+   * <p>The IPv6 address assigned to the instance.</p>
    * @public
    */
-  NetworkNodes?: string[] | undefined;
+  Ipv6Address?: string | undefined;
 
   /**
-   * <p>The name of the Availability Zone or Local Zone that the instance is in.</p>
+   * <p>If the instance is configured for NitroTPM support, the value is <code>v2.0</code>.
+   *             For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html">NitroTPM</a> in the
+   *                 <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  TpmSupport?: string | undefined;
 
   /**
-   * <p>The ID of the Availability Zone or Local Zone that the instance is in.</p>
+   * <p>Provides information on the recovery and maintenance options of your instance.</p>
    * @public
    */
-  ZoneId?: string | undefined;
-}
+  MaintenanceOptions?: InstanceMaintenanceOptions | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceTopologyResult {
   /**
-   * <p>Information about the topology of each instance.</p>
+   * <p>The boot mode that is used to boot the instance at launch or start. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
+   *             <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  Instances?: InstanceTopology[] | undefined;
+  CurrentInstanceBootMode?: InstanceBootModeValues | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The entity that manages the instance.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const LocationType = {
-  availability_zone: "availability-zone",
-  availability_zone_id: "availability-zone-id",
-  outpost: "outpost",
-  region: "region",
-} as const;
+  Operator?: OperatorResponse | undefined;
 
-/**
- * @public
- */
-export type LocationType = (typeof LocationType)[keyof typeof LocationType];
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceTypeOfferingsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *          and provides an error response. If you have the required permissions, the error response is
-   *          <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the AMI used to launch the instance.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  ImageId?: string | undefined;
 
   /**
-   * <p>The location type.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone. When you specify a location
-   *      filter, it must be an Availability Zone for the current Region.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone-id</code> - The AZ ID. When you specify a location filter, it must
-   *      be an AZ ID for the current Region.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>outpost</code> - The Outpost ARN. When you specify a location filter, it must be an
-   *      Outpost ARN for the current Region.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>region</code> - The current Region. If you specify a location filter, it must match
-   *      the current Region.</p>
-   *             </li>
-   *          </ul>
+   * <p>The current state of the instance.</p>
    * @public
    */
-  LocationType?: LocationType | undefined;
+  State?: InstanceState | undefined;
 
   /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type. For a list of possible values, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Instance.html">Instance</a>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>location</code> - The location. For a list of possible identifiers, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html">Regions and Zones</a>.</p>
-   *             </li>
-   *          </ul>
+   * <p>[IPv4 only] The private DNS hostname name assigned to the instance. This DNS hostname
+   *             can only be used inside the Amazon EC2 network. This name is not available until the
+   *             instance enters the <code>running</code> state. </p>
+   *          <p>The Amazon-provided DNS server resolves Amazon-provided private DNS
+   *             hostnames if you've enabled DNS resolution and DNS hostnames in your VPC. If you are not
+   *             using the Amazon-provided DNS server in your VPC, your custom domain name servers must
+   *             resolve the hostname as appropriate.</p>
+   * @public
+   */
+  PrivateDnsName?: string | undefined;
+
+  /**
+   * <p>[IPv4 only] The public DNS name assigned to the instance. This name is not available
+   *             until the instance enters the <code>running</code> state. This name is only
+   *             available if you've enabled DNS hostnames for your VPC.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  PublicDnsName?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The reason for the most recent state transition. This might be an empty string.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  StateTransitionReason?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The name of the key pair, if this instance was launched with an associated key
+   *             pair.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  KeyName?: string | undefined;
 
-/**
- * <p>The instance types offered.</p>
- * @public
- */
-export interface InstanceTypeOffering {
   /**
-   * <p>The instance type. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Instance types</a> in the <i>Amazon EC2
-   *     User Guide</i>.</p>
+   * <p>The AMI launch index, which can be used to find this instance in the launch
+   *             group.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  AmiLaunchIndex?: number | undefined;
 
   /**
-   * <p>The location type.</p>
+   * <p>The product codes attached to this instance, if applicable.</p>
    * @public
    */
-  LocationType?: LocationType | undefined;
+  ProductCodes?: ProductCode[] | undefined;
 
   /**
-   * <p>The identifier for the location. This depends on the location type. For example, if the
-   *    location type is <code>region</code>, the location is the Region code (for example,
-   *     <code>us-east-2</code>.)</p>
+   * <p>The instance type.</p>
    * @public
    */
-  Location?: string | undefined;
-}
+  InstanceType?: _InstanceType | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceTypeOfferingsResult {
   /**
-   * <p>The instance types offered in the location.</p>
+   * <p>The time that the instance was last launched. To determine the time that instance was first launched,
+   *             see the attachment time for the primary network interface.</p>
    * @public
    */
-  InstanceTypeOfferings?: InstanceTypeOffering[] | undefined;
+  LaunchTime?: Date | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The location where the instance launched, if applicable.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  Placement?: Placement | undefined;
 
-/**
- * @public
- */
-export interface DescribeInstanceTypesRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *          and provides an error response. If you have the required permissions, the error response is
-   *          <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The kernel associated with this instance, if applicable.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  KernelId?: string | undefined;
 
   /**
-   * <p>The instance types.</p>
+   * <p>The RAM disk associated with this instance, if applicable.</p>
    * @public
    */
-  InstanceTypes?: _InstanceType[] | undefined;
+  RamdiskId?: string | undefined;
 
   /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>auto-recovery-supported</code> - Indicates whether Amazon CloudWatch action
-   *      based recovery is supported  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>bare-metal</code> - Indicates whether it is a bare metal instance type
-   *       (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>burstable-performance-supported</code> - Indicates whether the instance type is a
-   *      burstable performance T instance type  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>current-generation</code> - Indicates whether this instance type is the latest
-   *      generation instance type of an instance family  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps</code> - The baseline
-   *      bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.baseline-iops</code> - The baseline input/output storage
-   *      operations per second for an EBS-optimized instance type.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.baseline-throughput-in-mbps</code> - The baseline
-   *      throughput performance for an EBS-optimized instance type, in MB/s.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.maximum-bandwidth-in-mbps</code> - The maximum bandwidth
-   *      performance for an EBS-optimized instance type, in Mbps.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.maximum-iops</code> - The maximum input/output storage
-   *      operations per second for an EBS-optimized instance type.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-info.maximum-throughput-in-mbps</code> - The maximum
-   *      throughput performance for an EBS-optimized instance type, in MB/s.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.ebs-optimized-support</code> - Indicates whether the instance type is
-   *      EBS-optimized (<code>supported</code> | <code>unsupported</code> |
-   *      <code>default</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.encryption-support</code> - Indicates whether EBS encryption is supported
-   *       (<code>supported</code> | <code>unsupported</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-info.nvme-support</code> - Indicates whether non-volatile memory express (NVMe)
-   *      is supported for EBS volumes (<code>required</code> | <code>supported</code> |
-   *       <code>unsupported</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>free-tier-eligible</code> - Indicates whether the instance type is eligible to use
-   *      in the free tier  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>hibernation-supported</code> - Indicates whether On-Demand hibernation is supported
-   *       (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>hypervisor</code> - The hypervisor (<code>nitro</code> | <code>xen</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.disk.count</code> - The number of local disks.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.disk.size-in-gb</code> - The storage size of each instance
-   *      storage disk, in GB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.disk.type</code> - The storage technology for the local
-   *      instance storage disks (<code>hdd</code> | <code>ssd</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.encryption-support</code> - Indicates whether data is
-   *      encrypted at rest (<code>required</code> | <code>supported</code> |
-   *      <code>unsupported</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.nvme-support</code> - Indicates whether non-volatile memory
-   *      express (NVMe) is supported for instance store (<code>required</code> | <code>supported</code>
-   *      | <code>unsupported</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-info.total-size-in-gb</code> - The total amount of storage
-   *      available from all local instance storage, in GB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-storage-supported</code> - Indicates whether the instance type has local
-   *      instance storage  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type (for example <code>c5.2xlarge</code> or
-   *      c5*).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>memory-info.size-in-mib</code> - The memory size.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.efa-info.maximum-efa-interfaces</code> - The maximum number of Elastic
-   *      Fabric Adapters (EFAs) per instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.efa-supported</code> - Indicates whether the instance type supports
-   *      Elastic Fabric Adapter (EFA)  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.ena-support</code> - Indicates whether Elastic Network Adapter (ENA) is
-   *      supported or required (<code>required</code> | <code>supported</code> |
-   *       <code>unsupported</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.encryption-in-transit-supported</code> - Indicates whether the instance
-   *      type automatically encrypts in-transit traffic between instances  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.ipv4-addresses-per-interface</code> - The maximum number of private
-   *      IPv4 addresses per network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.ipv6-addresses-per-interface</code> - The maximum number of private
-   *      IPv6 addresses per network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.ipv6-supported</code> - Indicates whether the instance type supports
-   *      IPv6  (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.maximum-network-cards</code> - The maximum number of network cards per
-   *      instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.maximum-network-interfaces</code> - The maximum number of network
-   *      interfaces per instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-info.network-performance</code> - The network performance (for example, "25
-   *      Gigabit").</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>nitro-enclaves-support</code> - Indicates whether Nitro Enclaves is supported
-   *       (<code>supported</code> | <code>unsupported</code>).</p>
-   *             </li>
+   * <p>The platform. This value is <code>windows</code> for Windows instances; otherwise, it is empty.</p>
+   * @public
+   */
+  Platform?: PlatformValues | undefined;
+
+  /**
+   * <p>The monitoring for the instance.</p>
+   * @public
+   */
+  Monitoring?: Monitoring | undefined;
+
+  /**
+   * <p>The ID of the subnet in which the instance is running.</p>
+   * @public
+   */
+  SubnetId?: string | undefined;
+
+  /**
+   * <p>The ID of the VPC in which the instance is running.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
+
+  /**
+   * <p>The private IPv4 address assigned to the instance.</p>
+   * @public
+   */
+  PrivateIpAddress?: string | undefined;
+
+  /**
+   * <p>The public IPv4 address, or the Carrier IP address assigned to the instance, if
+   *             applicable.</p>
+   *          <p>A Carrier IP address only applies to an instance launched in a subnet associated with
+   *             a Wavelength Zone.</p>
+   * @public
+   */
+  PublicIpAddress?: string | undefined;
+}
+
+/**
+ * <p>Describes a launch request for one or more instances, and includes owner, requester,
+ *             and security group information that applies to all instances in the launch
+ *             request.</p>
+ * @public
+ */
+export interface Reservation {
+  /**
+   * <p>The ID of the reservation.</p>
+   * @public
+   */
+  ReservationId?: string | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the reservation.</p>
+   * @public
+   */
+  OwnerId?: string | undefined;
+
+  /**
+   * <p>The ID of the requester that launched the instances on your behalf (for example,
+   *                 Amazon Web Services Management Console or Auto Scaling).</p>
+   * @public
+   */
+  RequesterId?: string | undefined;
+
+  /**
+   * <p>Not supported.</p>
+   * @public
+   */
+  Groups?: GroupIdentifier[] | undefined;
+
+  /**
+   * <p>The instances.</p>
+   * @public
+   */
+  Instances?: Instance[] | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstancesResult {
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>Information about the reservations.</p>
+   * @public
+   */
+  Reservations?: Reservation[] | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeInstanceStatusRequest {
+  /**
+   * <p>The instance IDs.</p>
+   *          <p>Default: Describes all your instances.</p>
+   *          <p>Constraints: Maximum 100 explicitly specified instance IDs.</p>
+   * @public
+   */
+  InstanceIds?: string[] | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>You cannot specify this parameter and the instance IDs parameter in the same request.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The filters.</p>
+   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>nitro-tpm-support</code> - Indicates whether NitroTPM is supported
-   *       (<code>supported</code> | <code>unsupported</code>).</p>
+   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>nitro-tpm-info.supported-versions</code> - The supported NitroTPM version
-   *       (<code>2.0</code>).</p>
+   *                   <code>event.code</code> - The code for the scheduled event
+   *                         (<code>instance-reboot</code> | <code>system-reboot</code> |
+   *                         <code>system-maintenance</code> | <code>instance-retirement</code> |
+   *                         <code>instance-stop</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>processor-info.supported-architecture</code> - The CPU architecture
-   *       (<code>arm64</code> | <code>i386</code> | <code>x86_64</code>).</p>
+   *                   <code>event.description</code> - A description of the event.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>processor-info.sustained-clock-speed-in-ghz</code> - The CPU clock speed, in
-   *      GHz.</p>
+   *                   <code>event.instance-event-id</code> - The ID of the event whose date and time
+   *                     you are modifying.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>processor-info.supported-features</code> - The supported CPU features
-   *       (<code>amd-sev-snp</code>).</p>
+   *                   <code>event.not-after</code> - The latest end time for the scheduled event
+   *                     (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>supported-boot-mode</code> - The boot mode (<code>legacy-bios</code> |
-   *       <code>uefi</code>).</p>
+   *                   <code>event.not-before</code> - The earliest start time for the scheduled
+   *                     event (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>supported-root-device-type</code> - The root device type (<code>ebs</code> |
-   *       <code>instance-store</code>).</p>
+   *                   <code>event.not-before-deadline</code> - The deadline for starting the event
+   *                     (for example, <code>2014-09-15T17:15:20.000Z</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>supported-usage-class</code> - The usage class (<code>on-demand</code> | <code>spot</code> |
-   *      <code>capacity-block</code>).</p>
+   *                   <code>instance-state-code</code> - The code for the instance state, as a
+   *                     16-bit unsigned integer. The high byte is used for internal purposes and should
+   *                     be ignored. The low byte is set based on the state represented. The valid values
+   *                     are 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64
+   *                     (stopping), and 80 (stopped).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>supported-virtualization-type</code> - The virtualization type (<code>hvm</code> |
-   *       <code>paravirtual</code>).</p>
+   *                   <code>instance-state-name</code> - The state of the instance
+   *                         (<code>pending</code> | <code>running</code> | <code>shutting-down</code> |
+   *                         <code>terminated</code> | <code>stopping</code> |
+   *                     <code>stopped</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vcpu-info.default-cores</code> - The default number of cores for the instance
-   *      type.</p>
+   *                   <code>instance-status.reachability</code> - Filters on instance status where
+   *                     the name is <code>reachability</code> (<code>passed</code> | <code>failed</code>
+   *                     | <code>initializing</code> | <code>insufficient-data</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vcpu-info.default-threads-per-core</code> - The default number of threads per core
-   *      for the instance type.</p>
+   *                   <code>instance-status.status</code> - The status of the instance
+   *                         (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
+   *                         <code>insufficient-data</code> | <code>not-applicable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vcpu-info.default-vcpus</code> - The default number of vCPUs for the instance
-   *      type.</p>
+   *                   <code>system-status.reachability</code> - Filters on system status where the
+   *                     name is <code>reachability</code> (<code>passed</code> | <code>failed</code> |
+   *                         <code>initializing</code> | <code>insufficient-data</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vcpu-info.valid-cores</code> - The number of cores that can be configured for the
-   *      instance type.</p>
+   *                   <code>system-status.status</code> - The system status of the instance
+   *                         (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
+   *                         <code>insufficient-data</code> | <code>not-applicable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vcpu-info.valid-threads-per-core</code> - The number of threads per core that can be
-   *      configured for the instance type. For example, "1" or "1,2".</p>
+   *                   <code>attached-ebs-status.status</code> - The status of the attached EBS volume
+   *                     for the instance (<code>ok</code> | <code>impaired</code> | <code>initializing</code> |
+   *                     <code>insufficient-data</code> | <code>not-applicable</code>).</p>
    *             </li>
    *          </ul>
    * @public
@@ -5197,787 +4770,929 @@ export interface DescribeInstanceTypesRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
-/**
- * <p>Describes the optimized EBS performance for supported instance types.</p>
- * @public
- */
-export interface EbsOptimizedInfo {
-  /**
-   * <p>The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
-   * @public
-   */
-  BaselineBandwidthInMbps?: number | undefined;
-
-  /**
-   * <p>The baseline throughput performance for an EBS-optimized instance type, in MB/s.</p>
-   * @public
-   */
-  BaselineThroughputInMBps?: number | undefined;
-
-  /**
-   * <p>The baseline input/output storage operations per seconds for an EBS-optimized instance
-   *    type.</p>
-   * @public
-   */
-  BaselineIops?: number | undefined;
-
-  /**
-   * <p>The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
-   * @public
-   */
-  MaximumBandwidthInMbps?: number | undefined;
-
-  /**
-   * <p>The maximum throughput performance for an EBS-optimized instance type, in MB/s.</p>
-   * @public
-   */
-  MaximumThroughputInMBps?: number | undefined;
-
-  /**
-   * <p>The maximum input/output storage operations per second for an EBS-optimized instance
-   *    type.</p>
+   * <p>When <code>true</code>, includes the health status for all instances. When
+   *                 <code>false</code>, includes the health status for running instances only.</p>
+   *          <p>Default: <code>false</code>
+   *          </p>
    * @public
    */
-  MaximumIops?: number | undefined;
+  IncludeAllInstances?: boolean | undefined;
 }
 
 /**
  * @public
  * @enum
  */
-export const EbsOptimizedSupport = {
-  default: "default",
-  supported: "supported",
-  unsupported: "unsupported",
-} as const;
-
-/**
- * @public
- */
-export type EbsOptimizedSupport = (typeof EbsOptimizedSupport)[keyof typeof EbsOptimizedSupport];
-
-/**
- * @public
- * @enum
- */
-export const EbsEncryptionSupport = {
-  supported: "supported",
-  unsupported: "unsupported",
+export const StatusName = {
+  reachability: "reachability",
 } as const;
 
 /**
  * @public
  */
-export type EbsEncryptionSupport = (typeof EbsEncryptionSupport)[keyof typeof EbsEncryptionSupport];
+export type StatusName = (typeof StatusName)[keyof typeof StatusName];
 
 /**
  * @public
  * @enum
  */
-export const EbsNvmeSupport = {
-  REQUIRED: "required",
-  SUPPORTED: "supported",
-  UNSUPPORTED: "unsupported",
+export const StatusType = {
+  failed: "failed",
+  initializing: "initializing",
+  insufficient_data: "insufficient-data",
+  passed: "passed",
 } as const;
 
 /**
  * @public
  */
-export type EbsNvmeSupport = (typeof EbsNvmeSupport)[keyof typeof EbsNvmeSupport];
+export type StatusType = (typeof StatusType)[keyof typeof StatusType];
 
 /**
- * <p>Describes the Amazon EBS features supported by the instance type.</p>
+ * <p>Describes the attached EBS status check for an instance.</p>
  * @public
  */
-export interface EbsInfo {
-  /**
-   * <p>Indicates whether the instance type is Amazon EBS-optimized. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html">Amazon EBS-optimized
-   *    instances</a> in <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  EbsOptimizedSupport?: EbsOptimizedSupport | undefined;
-
+export interface EbsStatusDetails {
   /**
-   * <p>Indicates whether Amazon EBS encryption is supported.</p>
+   * <p>The date and time when the attached EBS status check failed.</p>
    * @public
    */
-  EncryptionSupport?: EbsEncryptionSupport | undefined;
+  ImpairedSince?: Date | undefined;
 
   /**
-   * <p>Describes the optimized EBS performance for the instance type.</p>
+   * <p>The name of the attached EBS status check.</p>
    * @public
    */
-  EbsOptimizedInfo?: EbsOptimizedInfo | undefined;
+  Name?: StatusName | undefined;
 
   /**
-   * <p>Indicates whether non-volatile memory express (NVMe) is supported.</p>
+   * <p>The result of the attached EBS status check.</p>
    * @public
    */
-  NvmeSupport?: EbsNvmeSupport | undefined;
+  Status?: StatusType | undefined;
 }
 
 /**
- * <p>Describes the memory for the FPGA accelerator for the instance type.</p>
  * @public
+ * @enum
  */
-export interface FpgaDeviceMemoryInfo {
-  /**
-   * <p>The size of the memory available to the FPGA accelerator, in MiB.</p>
-   * @public
-   */
-  SizeInMiB?: number | undefined;
-}
+export const SummaryStatus = {
+  impaired: "impaired",
+  initializing: "initializing",
+  insufficient_data: "insufficient-data",
+  not_applicable: "not-applicable",
+  ok: "ok",
+} as const;
 
 /**
- * <p>Describes the FPGA accelerator for the instance type.</p>
  * @public
  */
-export interface FpgaDeviceInfo {
-  /**
-   * <p>The name of the FPGA accelerator.</p>
-   * @public
-   */
-  Name?: string | undefined;
-
-  /**
-   * <p>The manufacturer of the FPGA accelerator.</p>
-   * @public
-   */
-  Manufacturer?: string | undefined;
-
-  /**
-   * <p>The count of FPGA accelerators for the instance type.</p>
-   * @public
-   */
-  Count?: number | undefined;
-
-  /**
-   * <p>Describes the memory for the FPGA accelerator for the instance type.</p>
-   * @public
-   */
-  MemoryInfo?: FpgaDeviceMemoryInfo | undefined;
-}
+export type SummaryStatus = (typeof SummaryStatus)[keyof typeof SummaryStatus];
 
 /**
- * <p>Describes the FPGAs for the instance type.</p>
+ * <p>Provides a summary of the attached EBS volume status for an instance.</p>
  * @public
  */
-export interface FpgaInfo {
+export interface EbsStatusSummary {
   /**
-   * <p>Describes the FPGAs for the instance type.</p>
+   * <p>Details about the attached EBS status check for an instance.</p>
    * @public
    */
-  Fpgas?: FpgaDeviceInfo[] | undefined;
+  Details?: EbsStatusDetails[] | undefined;
 
   /**
-   * <p>The total memory of all FPGA accelerators for the instance type.</p>
+   * <p>The current status.</p>
    * @public
    */
-  TotalFpgaMemoryInMiB?: number | undefined;
+  Status?: SummaryStatus | undefined;
 }
 
 /**
- * <p>Describes the memory available to the GPU accelerator.</p>
  * @public
+ * @enum
  */
-export interface GpuDeviceMemoryInfo {
-  /**
-   * <p>The size of the memory available to the GPU accelerator, in MiB.</p>
-   * @public
-   */
-  SizeInMiB?: number | undefined;
-}
+export const EventCode = {
+  instance_reboot: "instance-reboot",
+  instance_retirement: "instance-retirement",
+  instance_stop: "instance-stop",
+  system_maintenance: "system-maintenance",
+  system_reboot: "system-reboot",
+} as const;
 
 /**
- * <p>Describes the GPU accelerators for the instance type.</p>
  * @public
  */
-export interface GpuDeviceInfo {
-  /**
-   * <p>The name of the GPU accelerator.</p>
-   * @public
-   */
-  Name?: string | undefined;
+export type EventCode = (typeof EventCode)[keyof typeof EventCode];
 
+/**
+ * <p>Describes a scheduled event for an instance.</p>
+ * @public
+ */
+export interface InstanceStatusEvent {
   /**
-   * <p>The manufacturer of the GPU accelerator.</p>
+   * <p>The ID of the event.</p>
    * @public
    */
-  Manufacturer?: string | undefined;
+  InstanceEventId?: string | undefined;
 
   /**
-   * <p>The number of GPUs for the instance type.</p>
+   * <p>The event code.</p>
    * @public
    */
-  Count?: number | undefined;
+  Code?: EventCode | undefined;
 
   /**
-   * <p>Describes the memory available to the GPU accelerator.</p>
+   * <p>A description of the event.</p>
+   *          <p>After a scheduled event is completed, it can still be described for up to a week. If
+   *             the event has been completed, this description starts with the following text:
+   *             [Completed].</p>
    * @public
    */
-  MemoryInfo?: GpuDeviceMemoryInfo | undefined;
-}
+  Description?: string | undefined;
 
-/**
- * <p>Describes the GPU accelerators for the instance type.</p>
- * @public
- */
-export interface GpuInfo {
   /**
-   * <p>Describes the GPU accelerators for the instance type.</p>
+   * <p>The latest scheduled end time for the event.</p>
    * @public
    */
-  Gpus?: GpuDeviceInfo[] | undefined;
+  NotAfter?: Date | undefined;
 
   /**
-   * <p>The total size of the memory for the GPU accelerators for the instance type, in MiB.</p>
+   * <p>The earliest scheduled start time for the event.</p>
    * @public
    */
-  TotalGpuMemoryInMiB?: number | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceTypeHypervisor = {
-  NITRO: "nitro",
-  XEN: "xen",
-} as const;
-
-/**
- * @public
- */
-export type InstanceTypeHypervisor = (typeof InstanceTypeHypervisor)[keyof typeof InstanceTypeHypervisor];
+  NotBefore?: Date | undefined;
 
-/**
- * <note>
- *             <p>Amazon Elastic Inference is no longer available.</p>
- *          </note>
- *          <p>Describes the memory available to the inference accelerator.</p>
- * @public
- */
-export interface InferenceDeviceMemoryInfo {
   /**
-   * <p>The size of the memory available to the inference accelerator, in MiB.</p>
+   * <p>The deadline for starting the event.</p>
    * @public
    */
-  SizeInMiB?: number | undefined;
+  NotBeforeDeadline?: Date | undefined;
 }
 
 /**
- * <note>
- *             <p>Amazon Elastic Inference is no longer available.</p>
- *          </note>
- *          <p>Describes the Inference accelerators for the instance type.</p>
+ * <p>Describes the instance status.</p>
  * @public
  */
-export interface InferenceDeviceInfo {
-  /**
-   * <p>The number of Inference accelerators for the instance type.</p>
-   * @public
-   */
-  Count?: number | undefined;
-
+export interface InstanceStatusDetails {
   /**
-   * <p>The name of the Inference accelerator.</p>
+   * <p>The time when a status check failed. For an instance that was launched and impaired,
+   *             this is the time when the instance was launched.</p>
    * @public
    */
-  Name?: string | undefined;
+  ImpairedSince?: Date | undefined;
 
   /**
-   * <p>The manufacturer of the Inference accelerator.</p>
+   * <p>The type of instance status.</p>
    * @public
    */
-  Manufacturer?: string | undefined;
+  Name?: StatusName | undefined;
 
   /**
-   * <p>Describes the memory available to the inference accelerator.</p>
+   * <p>The status.</p>
    * @public
    */
-  MemoryInfo?: InferenceDeviceMemoryInfo | undefined;
+  Status?: StatusType | undefined;
 }
 
 /**
- * <note>
- *             <p>Amazon Elastic Inference is no longer available.</p>
- *          </note>
- *          <p>Describes the Inference accelerators for the instance type.</p>
+ * <p>Describes the status of an instance.</p>
  * @public
  */
-export interface InferenceAcceleratorInfo {
-  /**
-   * <p>Describes the Inference accelerators for the instance type.</p>
-   * @public
-   */
-  Accelerators?: InferenceDeviceInfo[] | undefined;
-
+export interface InstanceStatusSummary {
   /**
-   * <p>The total size of the memory for the inference accelerators for the instance type, in
-   *    MiB.</p>
+   * <p>The system instance health or application instance health.</p>
    * @public
    */
-  TotalInferenceMemoryInMiB?: number | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const DiskType = {
-  hdd: "hdd",
-  ssd: "ssd",
-} as const;
-
-/**
- * @public
- */
-export type DiskType = (typeof DiskType)[keyof typeof DiskType];
+  Details?: InstanceStatusDetails[] | undefined;
+
+  /**
+   * <p>The status.</p>
+   * @public
+   */
+  Status?: SummaryStatus | undefined;
+}
 
 /**
- * <p>Describes a disk.</p>
+ * <p>Describes the status of an instance.</p>
  * @public
  */
-export interface DiskInfo {
+export interface InstanceStatus {
   /**
-   * <p>The size of the disk in GB.</p>
+   * <p>The Availability Zone of the instance.</p>
    * @public
    */
-  SizeInGB?: number | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The number of disks with this configuration.</p>
+   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
    * @public
    */
-  Count?: number | undefined;
+  OutpostArn?: string | undefined;
 
   /**
-   * <p>The type of disk.</p>
+   * <p>The entity that manages the instance.</p>
    * @public
    */
-  Type?: DiskType | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const InstanceStorageEncryptionSupport = {
-  required: "required",
-  unsupported: "unsupported",
-} as const;
-
-/**
- * @public
- */
-export type InstanceStorageEncryptionSupport =
-  (typeof InstanceStorageEncryptionSupport)[keyof typeof InstanceStorageEncryptionSupport];
+  Operator?: OperatorResponse | undefined;
 
-/**
- * @public
- * @enum
- */
-export const EphemeralNvmeSupport = {
-  REQUIRED: "required",
-  SUPPORTED: "supported",
-  UNSUPPORTED: "unsupported",
-} as const;
+  /**
+   * <p>Any scheduled events associated with the instance.</p>
+   * @public
+   */
+  Events?: InstanceStatusEvent[] | undefined;
 
-/**
- * @public
- */
-export type EphemeralNvmeSupport = (typeof EphemeralNvmeSupport)[keyof typeof EphemeralNvmeSupport];
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
 
-/**
- * <p>Describes the instance store features that are supported by the instance type.</p>
- * @public
- */
-export interface InstanceStorageInfo {
   /**
-   * <p>The total size of the disks, in GB.</p>
+   * <p>The intended state of the instance. <a>DescribeInstanceStatus</a> requires
+   *             that an instance be in the <code>running</code> state.</p>
    * @public
    */
-  TotalSizeInGB?: number | undefined;
+  InstanceState?: InstanceState | undefined;
 
   /**
-   * <p>Describes the disks that are available for the instance type.</p>
+   * <p>Reports impaired functionality that stems from issues internal to the instance, such
+   *             as impaired reachability.</p>
    * @public
    */
-  Disks?: DiskInfo[] | undefined;
+  InstanceStatus?: InstanceStatusSummary | undefined;
 
   /**
-   * <p>Indicates whether non-volatile memory express (NVMe) is supported.</p>
+   * <p>Reports impaired functionality that stems from issues related to the systems that
+   *             support an instance, such as hardware failures and network connectivity problems.</p>
    * @public
    */
-  NvmeSupport?: EphemeralNvmeSupport | undefined;
+  SystemStatus?: InstanceStatusSummary | undefined;
 
   /**
-   * <p>Indicates whether data is encrypted at rest.</p>
+   * <p>Reports impaired functionality that stems from an attached Amazon EBS volume that is
+   *             unreachable and unable to complete I/O operations.</p>
    * @public
    */
-  EncryptionSupport?: InstanceStorageEncryptionSupport | undefined;
+  AttachedEbsStatus?: EbsStatusSummary | undefined;
 }
 
 /**
- * <p>Describes the memory available to the media accelerator.</p>
  * @public
  */
-export interface MediaDeviceMemoryInfo {
+export interface DescribeInstanceStatusResult {
   /**
-   * <p>The size of the memory available to each media accelerator, in MiB.</p>
+   * <p>Information about the status of the instances.</p>
    * @public
    */
-  SizeInMiB?: number | undefined;
+  InstanceStatuses?: InstanceStatus[] | undefined;
+
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes the media accelerators for the instance type.</p>
  * @public
  */
-export interface MediaDeviceInfo {
+export interface DescribeInstanceTopologyRequest {
   /**
-   * <p>The number of media accelerators for the instance type.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Count?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The name of the media accelerator.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Name?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The manufacturer of the media accelerator.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>You can't specify this parameter and the instance IDs parameter in the same request.</p>
+   *          <p>Default: <code>20</code>
+   *          </p>
    * @public
    */
-  Manufacturer?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Describes the memory available to the media accelerator.</p>
+   * <p>The instance IDs.</p>
+   *          <p>Default: Describes all your instances.</p>
+   *          <p>Constraints: Maximum 100 explicitly specified instance IDs.</p>
    * @public
    */
-  MemoryInfo?: MediaDeviceMemoryInfo | undefined;
-}
+  InstanceIds?: string[] | undefined;
 
-/**
- * <p>Describes the media accelerators for the instance type.</p>
- * @public
- */
-export interface MediaAcceleratorInfo {
   /**
-   * <p>Describes the media accelerators for the instance type.</p>
+   * <p>The name of the placement group that each instance is in.</p>
+   *          <p>Constraints: Maximum 100 explicitly specified placement group names.</p>
    * @public
    */
-  Accelerators?: MediaDeviceInfo[] | undefined;
+  GroupNames?: string[] | undefined;
 
   /**
-   * <p>The total size of the memory for the media accelerators for the instance type, in
-   *    MiB.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The name of the Availability Zone (for
+   *                     example, <code>us-west-2a</code>) or Local Zone (for example,
+   *                         <code>us-west-2-lax-1b</code>) that the instance is in.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type (for example,
+   *                         <code>p4d.24xlarge</code>) or instance family (for example,
+   *                         <code>p4d*</code>). You can use the <code>*</code> wildcard to match zero or
+   *                     more characters, or the <code>?</code> wildcard to match zero or one
+   *                     character.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>zone-id</code> - The ID of the Availability Zone (for example,
+   *                         <code>usw2-az2</code>) or Local Zone (for example,
+   *                         <code>usw2-lax1-az1</code>) that the instance is in.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  TotalMediaMemoryInMiB?: number | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
- * <p>Describes the memory for the instance type.</p>
+ * <p>Information about the instance topology.</p>
  * @public
  */
-export interface MemoryInfo {
+export interface InstanceTopology {
   /**
-   * <p>The size of the memory, in MiB.</p>
+   * <p>The instance ID.</p>
    * @public
    */
-  SizeInMiB?: number | undefined;
-}
+  InstanceId?: string | undefined;
 
-/**
- * <p>Describes the Elastic Fabric Adapters for the instance type.</p>
- * @public
- */
-export interface EfaInfo {
   /**
-   * <p>The maximum number of Elastic Fabric Adapters for the instance type.</p>
+   * <p>The instance type.</p>
    * @public
    */
-  MaximumEfaInterfaces?: number | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const EnaSupport = {
-  required: "required",
-  supported: "supported",
-  unsupported: "unsupported",
-} as const;
+  InstanceType?: string | undefined;
 
-/**
- * @public
- */
-export type EnaSupport = (typeof EnaSupport)[keyof typeof EnaSupport];
+  /**
+   * <p>The name of the placement group that the instance is in.</p>
+   * @public
+   */
+  GroupName?: string | undefined;
 
-/**
- * <p>Describes the network card support of the instance type.</p>
- * @public
- */
-export interface NetworkCardInfo {
   /**
-   * <p>The index of the network card.</p>
+   * <p>The network nodes. The nodes are hashed based on your account. Instances from
+   *             different accounts running under the same server will return a different hashed list of
+   *             strings.</p>
    * @public
    */
-  NetworkCardIndex?: number | undefined;
+  NetworkNodes?: string[] | undefined;
 
   /**
-   * <p>The network performance of the network card.</p>
+   * <p>The name of the Availability Zone or Local Zone that the instance is in.</p>
    * @public
    */
-  NetworkPerformance?: string | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The maximum number of network interfaces for the network card.</p>
+   * <p>The ID of the Availability Zone or Local Zone that the instance is in.</p>
    * @public
    */
-  MaximumNetworkInterfaces?: number | undefined;
+  ZoneId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceTopologyResult {
   /**
-   * <p>The baseline network performance of the network card, in Gbps.</p>
+   * <p>Information about the topology of each instance.</p>
    * @public
    */
-  BaselineBandwidthInGbps?: number | undefined;
+  Instances?: InstanceTopology[] | undefined;
 
   /**
-   * <p>The peak (burst) network performance of the network card, in Gbps.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  PeakBandwidthInGbps?: number | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes the networking features of the instance type.</p>
  * @public
+ * @enum
  */
-export interface NetworkInfo {
-  /**
-   * <p>The network performance.</p>
-   * @public
-   */
-  NetworkPerformance?: string | undefined;
+export const LocationType = {
+  availability_zone: "availability-zone",
+  availability_zone_id: "availability-zone-id",
+  outpost: "outpost",
+  region: "region",
+} as const;
+
+/**
+ * @public
+ */
+export type LocationType = (typeof LocationType)[keyof typeof LocationType];
 
+/**
+ * @public
+ */
+export interface DescribeInstanceTypeOfferingsRequest {
   /**
-   * <p>The maximum number of network interfaces for the instance type.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *          and provides an error response. If you have the required permissions, the error response is
+   *          <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaximumNetworkInterfaces?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The maximum number of physical network cards that can be allocated to the instance.</p>
+   * <p>The location type.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone. When you specify a location
+   *      filter, it must be an Availability Zone for the current Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone-id</code> - The AZ ID. When you specify a location filter, it must
+   *      be an AZ ID for the current Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>outpost</code> - The Outpost ARN. When you specify a location filter, it must be an
+   *      Outpost ARN for the current Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>region</code> - The current Region. If you specify a location filter, it must match
+   *      the current Region.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  MaximumNetworkCards?: number | undefined;
+  LocationType?: LocationType | undefined;
 
   /**
-   * <p>The index of the default network card, starting at 0.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type. For a list of possible values, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Instance.html">Instance</a>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>location</code> - The location. For a list of possible identifiers, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html">Regions and Zones</a>.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DefaultNetworkCardIndex?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>Describes the network cards for the instance type.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  NetworkCards?: NetworkCardInfo[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The maximum number of IPv4 addresses per network interface.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Ipv4AddressesPerInterface?: number | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>The instance types offered.</p>
+ * @public
+ */
+export interface InstanceTypeOffering {
   /**
-   * <p>The maximum number of IPv6 addresses per network interface.</p>
+   * <p>The instance type. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Instance types</a> in the <i>Amazon EC2
+   *     User Guide</i>.</p>
    * @public
    */
-  Ipv6AddressesPerInterface?: number | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>Indicates whether IPv6 is supported.</p>
+   * <p>The location type.</p>
    * @public
    */
-  Ipv6Supported?: boolean | undefined;
+  LocationType?: LocationType | undefined;
 
   /**
-   * <p>Indicates whether Elastic Network Adapter (ENA) is supported.</p>
+   * <p>The identifier for the location. This depends on the location type. For example, if the
+   *    location type is <code>region</code>, the location is the Region code (for example,
+   *     <code>us-east-2</code>.)</p>
    * @public
    */
-  EnaSupport?: EnaSupport | undefined;
+  Location?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceTypeOfferingsResult {
   /**
-   * <p>Indicates whether Elastic Fabric Adapter (EFA) is supported.</p>
+   * <p>The instance types offered in the location.</p>
    * @public
    */
-  EfaSupported?: boolean | undefined;
+  InstanceTypeOfferings?: InstanceTypeOffering[] | undefined;
 
   /**
-   * <p>Describes the Elastic Fabric Adapters for the instance type.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  EfaInfo?: EfaInfo | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeInstanceTypesRequest {
   /**
-   * <p>Indicates whether the instance type automatically encrypts in-transit traffic between
-   *    instances.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *          and provides an error response. If you have the required permissions, the error response is
+   *          <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  EncryptionInTransitSupported?: boolean | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Indicates whether the instance type supports ENA Express. ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream
-   *    and minimize tail latency of network traffic between EC2 instances.</p>
+   * <p>The instance types.</p>
    * @public
    */
-  EnaSrdSupported?: boolean | undefined;
-}
+  InstanceTypes?: _InstanceType[] | undefined;
 
-/**
- * <p>Describes the cores available to the neuron accelerator.</p>
- * @public
- */
-export interface NeuronDeviceCoreInfo {
   /**
-   * <p>The number of cores available to the neuron accelerator.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>auto-recovery-supported</code> - Indicates whether Amazon CloudWatch action
+   *      based recovery is supported  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>bare-metal</code> - Indicates whether it is a bare metal instance type
+   *       (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>burstable-performance-supported</code> - Indicates whether the instance type is a
+   *      burstable performance T instance type  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>current-generation</code> - Indicates whether this instance type is the latest
+   *      generation instance type of an instance family  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps</code> - The baseline
+   *      bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.baseline-iops</code> - The baseline input/output storage
+   *      operations per second for an EBS-optimized instance type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.baseline-throughput-in-mbps</code> - The baseline
+   *      throughput performance for an EBS-optimized instance type, in MB/s.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.maximum-bandwidth-in-mbps</code> - The maximum bandwidth
+   *      performance for an EBS-optimized instance type, in Mbps.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.maximum-iops</code> - The maximum input/output storage
+   *      operations per second for an EBS-optimized instance type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-info.maximum-throughput-in-mbps</code> - The maximum
+   *      throughput performance for an EBS-optimized instance type, in MB/s.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.ebs-optimized-support</code> - Indicates whether the instance type is
+   *      EBS-optimized (<code>supported</code> | <code>unsupported</code> |
+   *      <code>default</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.encryption-support</code> - Indicates whether EBS encryption is supported
+   *       (<code>supported</code> | <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-info.nvme-support</code> - Indicates whether non-volatile memory express (NVMe)
+   *      is supported for EBS volumes (<code>required</code> | <code>supported</code> |
+   *       <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>free-tier-eligible</code> - Indicates whether the instance type is eligible to use
+   *      in the free tier  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>hibernation-supported</code> - Indicates whether On-Demand hibernation is supported
+   *       (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>hypervisor</code> - The hypervisor (<code>nitro</code> | <code>xen</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.disk.count</code> - The number of local disks.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.disk.size-in-gb</code> - The storage size of each instance
+   *      storage disk, in GB.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.disk.type</code> - The storage technology for the local
+   *      instance storage disks (<code>hdd</code> | <code>ssd</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.encryption-support</code> - Indicates whether data is
+   *      encrypted at rest (<code>required</code> | <code>supported</code> |
+   *      <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.nvme-support</code> - Indicates whether non-volatile memory
+   *      express (NVMe) is supported for instance store (<code>required</code> | <code>supported</code>
+   *      | <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-info.total-size-in-gb</code> - The total amount of storage
+   *      available from all local instance storage, in GB.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-storage-supported</code> - Indicates whether the instance type has local
+   *      instance storage  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type (for example <code>c5.2xlarge</code> or
+   *      c5*).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>memory-info.size-in-mib</code> - The memory size.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.efa-info.maximum-efa-interfaces</code> - The maximum number of Elastic
+   *      Fabric Adapters (EFAs) per instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.efa-supported</code> - Indicates whether the instance type supports
+   *      Elastic Fabric Adapter (EFA)  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.ena-support</code> - Indicates whether Elastic Network Adapter (ENA) is
+   *      supported or required (<code>required</code> | <code>supported</code> |
+   *       <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.encryption-in-transit-supported</code> - Indicates whether the instance
+   *      type automatically encrypts in-transit traffic between instances  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.ipv4-addresses-per-interface</code> - The maximum number of private
+   *      IPv4 addresses per network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.ipv6-addresses-per-interface</code> - The maximum number of private
+   *      IPv6 addresses per network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.ipv6-supported</code> - Indicates whether the instance type supports
+   *      IPv6  (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.maximum-network-cards</code> - The maximum number of network cards per
+   *      instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.maximum-network-interfaces</code> - The maximum number of network
+   *      interfaces per instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-info.network-performance</code> - The network performance (for example, "25
+   *      Gigabit").</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>nitro-enclaves-support</code> - Indicates whether Nitro Enclaves is supported
+   *       (<code>supported</code> | <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>nitro-tpm-support</code> - Indicates whether NitroTPM is supported
+   *       (<code>supported</code> | <code>unsupported</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>nitro-tpm-info.supported-versions</code> - The supported NitroTPM version
+   *       (<code>2.0</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>processor-info.supported-architecture</code> - The CPU architecture
+   *       (<code>arm64</code> | <code>i386</code> | <code>x86_64</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>processor-info.sustained-clock-speed-in-ghz</code> - The CPU clock speed, in
+   *      GHz.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>processor-info.supported-features</code> - The supported CPU features
+   *       (<code>amd-sev-snp</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>supported-boot-mode</code> - The boot mode (<code>legacy-bios</code> |
+   *       <code>uefi</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>supported-root-device-type</code> - The root device type (<code>ebs</code> |
+   *       <code>instance-store</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>supported-usage-class</code> - The usage class (<code>on-demand</code> | <code>spot</code> |
+   *      <code>capacity-block</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>supported-virtualization-type</code> - The virtualization type (<code>hvm</code> |
+   *       <code>paravirtual</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vcpu-info.default-cores</code> - The default number of cores for the instance
+   *      type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vcpu-info.default-threads-per-core</code> - The default number of threads per core
+   *      for the instance type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vcpu-info.default-vcpus</code> - The default number of vCPUs for the instance
+   *      type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vcpu-info.valid-cores</code> - The number of cores that can be configured for the
+   *      instance type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vcpu-info.valid-threads-per-core</code> - The number of threads per core that can be
+   *      configured for the instance type. For example, "1" or "1,2".</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Count?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The version of the neuron accelerator.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  Version?: number | undefined;
-}
+  MaxResults?: number | undefined;
 
-/**
- * <p>Describes the memory available to the neuron accelerator.</p>
- * @public
- */
-export interface NeuronDeviceMemoryInfo {
   /**
-   * <p>The size of the memory available to the neuron accelerator, in MiB.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  SizeInMiB?: number | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes the neuron accelerators for the instance type.</p>
+ * <p>Describes the optimized EBS performance for supported instance types.</p>
  * @public
  */
-export interface NeuronDeviceInfo {
+export interface EbsOptimizedInfo {
   /**
-   * <p>The number of neuron accelerators for the instance type.</p>
+   * <p>The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
    * @public
    */
-  Count?: number | undefined;
+  BaselineBandwidthInMbps?: number | undefined;
 
   /**
-   * <p>The name of the neuron accelerator.</p>
+   * <p>The baseline throughput performance for an EBS-optimized instance type, in MB/s.</p>
    * @public
    */
-  Name?: string | undefined;
+  BaselineThroughputInMBps?: number | undefined;
 
   /**
-   * <p>Describes the cores available to each neuron accelerator.</p>
+   * <p>The baseline input/output storage operations per seconds for an EBS-optimized instance
+   *    type.</p>
    * @public
    */
-  CoreInfo?: NeuronDeviceCoreInfo | undefined;
+  BaselineIops?: number | undefined;
 
   /**
-   * <p>Describes the memory available to each neuron accelerator.</p>
+   * <p>The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.</p>
    * @public
    */
-  MemoryInfo?: NeuronDeviceMemoryInfo | undefined;
-}
+  MaximumBandwidthInMbps?: number | undefined;
 
-/**
- * <p>Describes the neuron accelerators for the instance type.</p>
- * @public
- */
-export interface NeuronInfo {
   /**
-   * <p>Describes the neuron accelerators for the instance type.</p>
+   * <p>The maximum throughput performance for an EBS-optimized instance type, in MB/s.</p>
    * @public
    */
-  NeuronDevices?: NeuronDeviceInfo[] | undefined;
+  MaximumThroughputInMBps?: number | undefined;
 
   /**
-   * <p>The total size of the memory for the neuron accelerators for the instance type, in
-   *    MiB.</p>
+   * <p>The maximum input/output storage operations per second for an EBS-optimized instance
+   *    type.</p>
    * @public
    */
-  TotalNeuronDeviceMemoryInMiB?: number | undefined;
+  MaximumIops?: number | undefined;
 }
 
 /**
  * @public
  * @enum
  */
-export const NitroEnclavesSupport = {
-  SUPPORTED: "supported",
-  UNSUPPORTED: "unsupported",
+export const EbsOptimizedSupport = {
+  default: "default",
+  supported: "supported",
+  unsupported: "unsupported",
 } as const;
 
 /**
  * @public
  */
-export type NitroEnclavesSupport = (typeof NitroEnclavesSupport)[keyof typeof NitroEnclavesSupport];
-
-/**
- * <p>Describes the supported NitroTPM versions for the instance type.</p>
- * @public
- */
-export interface NitroTpmInfo {
-  /**
-   * <p>Indicates the supported NitroTPM versions.</p>
-   * @public
-   */
-  SupportedVersions?: string[] | undefined;
-}
+export type EbsOptimizedSupport = (typeof EbsOptimizedSupport)[keyof typeof EbsOptimizedSupport];
 
 /**
  * @public
  * @enum
  */
-export const NitroTpmSupport = {
-  SUPPORTED: "supported",
-  UNSUPPORTED: "unsupported",
+export const EbsEncryptionSupport = {
+  supported: "supported",
+  unsupported: "unsupported",
 } as const;
 
 /**
  * @public
  */
-export type NitroTpmSupport = (typeof NitroTpmSupport)[keyof typeof NitroTpmSupport];
+export type EbsEncryptionSupport = (typeof EbsEncryptionSupport)[keyof typeof EbsEncryptionSupport];
 
 /**
  * @public
  * @enum
  */
-export const PhcSupport = {
+export const EbsNvmeSupport = {
+  REQUIRED: "required",
   SUPPORTED: "supported",
   UNSUPPORTED: "unsupported",
 } as const;
@@ -5985,990 +5700,1070 @@ export const PhcSupport = {
 /**
  * @public
  */
-export type PhcSupport = (typeof PhcSupport)[keyof typeof PhcSupport];
-
-/**
- * @public
- * @enum
- */
-export const PlacementGroupStrategy = {
-  cluster: "cluster",
-  partition: "partition",
-  spread: "spread",
-} as const;
-
-/**
- * @public
- */
-export type PlacementGroupStrategy = (typeof PlacementGroupStrategy)[keyof typeof PlacementGroupStrategy];
+export type EbsNvmeSupport = (typeof EbsNvmeSupport)[keyof typeof EbsNvmeSupport];
 
 /**
- * <p>Describes the placement group support of the instance type.</p>
+ * <p>Describes the Amazon EBS features supported by the instance type.</p>
  * @public
  */
-export interface PlacementGroupInfo {
+export interface EbsInfo {
   /**
-   * <p>The supported placement group types.</p>
+   * <p>Indicates whether the instance type is Amazon EBS-optimized. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html">Amazon EBS-optimized
+   *    instances</a> in <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  SupportedStrategies?: PlacementGroupStrategy[] | undefined;
-}
+  EbsOptimizedSupport?: EbsOptimizedSupport | undefined;
 
-/**
- * @public
- * @enum
- */
-export const ArchitectureType = {
-  arm64: "arm64",
-  arm64_mac: "arm64_mac",
-  i386: "i386",
-  x86_64: "x86_64",
-  x86_64_mac: "x86_64_mac",
-} as const;
+  /**
+   * <p>Indicates whether Amazon EBS encryption is supported.</p>
+   * @public
+   */
+  EncryptionSupport?: EbsEncryptionSupport | undefined;
 
-/**
- * @public
- */
-export type ArchitectureType = (typeof ArchitectureType)[keyof typeof ArchitectureType];
+  /**
+   * <p>Describes the optimized EBS performance for the instance type.</p>
+   * @public
+   */
+  EbsOptimizedInfo?: EbsOptimizedInfo | undefined;
 
-/**
- * @public
- * @enum
- */
-export const SupportedAdditionalProcessorFeature = {
-  AMD_SEV_SNP: "amd-sev-snp",
-} as const;
+  /**
+   * <p>Indicates whether non-volatile memory express (NVMe) is supported.</p>
+   * @public
+   */
+  NvmeSupport?: EbsNvmeSupport | undefined;
+}
 
 /**
+ * <p>Describes the memory for the FPGA accelerator for the instance type.</p>
  * @public
  */
-export type SupportedAdditionalProcessorFeature =
-  (typeof SupportedAdditionalProcessorFeature)[keyof typeof SupportedAdditionalProcessorFeature];
+export interface FpgaDeviceMemoryInfo {
+  /**
+   * <p>The size of the memory available to the FPGA accelerator, in MiB.</p>
+   * @public
+   */
+  SizeInMiB?: number | undefined;
+}
 
 /**
- * <p>Describes the processor used by the instance type.</p>
+ * <p>Describes the FPGA accelerator for the instance type.</p>
  * @public
  */
-export interface ProcessorInfo {
+export interface FpgaDeviceInfo {
   /**
-   * <p>The architectures supported by the instance type.</p>
+   * <p>The name of the FPGA accelerator.</p>
    * @public
    */
-  SupportedArchitectures?: ArchitectureType[] | undefined;
+  Name?: string | undefined;
 
   /**
-   * <p>The speed of the processor, in GHz.</p>
+   * <p>The manufacturer of the FPGA accelerator.</p>
    * @public
    */
-  SustainedClockSpeedInGhz?: number | undefined;
+  Manufacturer?: string | undefined;
 
   /**
-   * <p>Indicates whether the instance type supports AMD SEV-SNP. If the request returns
-   *     <code>amd-sev-snp</code>, AMD SEV-SNP is supported. Otherwise, it is not supported. For more
-   *    information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html"> AMD
-   *     SEV-SNP</a>.</p>
+   * <p>The count of FPGA accelerators for the instance type.</p>
    * @public
    */
-  SupportedFeatures?: SupportedAdditionalProcessorFeature[] | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>The manufacturer of the processor.</p>
+   * <p>Describes the memory for the FPGA accelerator for the instance type.</p>
    * @public
    */
-  Manufacturer?: string | undefined;
+  MemoryInfo?: FpgaDeviceMemoryInfo | undefined;
 }
 
 /**
+ * <p>Describes the FPGAs for the instance type.</p>
  * @public
- * @enum
  */
-export const BootModeType = {
-  legacy_bios: "legacy-bios",
-  uefi: "uefi",
-} as const;
+export interface FpgaInfo {
+  /**
+   * <p>Describes the FPGAs for the instance type.</p>
+   * @public
+   */
+  Fpgas?: FpgaDeviceInfo[] | undefined;
+
+  /**
+   * <p>The total memory of all FPGA accelerators for the instance type.</p>
+   * @public
+   */
+  TotalFpgaMemoryInMiB?: number | undefined;
+}
 
 /**
+ * <p>Describes the memory available to the GPU accelerator.</p>
  * @public
  */
-export type BootModeType = (typeof BootModeType)[keyof typeof BootModeType];
+export interface GpuDeviceMemoryInfo {
+  /**
+   * <p>The size of the memory available to the GPU accelerator, in MiB.</p>
+   * @public
+   */
+  SizeInMiB?: number | undefined;
+}
 
 /**
+ * <p>Describes the GPU accelerators for the instance type.</p>
  * @public
- * @enum
  */
-export const RootDeviceType = {
-  ebs: "ebs",
-  instance_store: "instance-store",
-} as const;
+export interface GpuDeviceInfo {
+  /**
+   * <p>The name of the GPU accelerator.</p>
+   * @public
+   */
+  Name?: string | undefined;
+
+  /**
+   * <p>The manufacturer of the GPU accelerator.</p>
+   * @public
+   */
+  Manufacturer?: string | undefined;
+
+  /**
+   * <p>The number of GPUs for the instance type.</p>
+   * @public
+   */
+  Count?: number | undefined;
+
+  /**
+   * <p>Describes the memory available to the GPU accelerator.</p>
+   * @public
+   */
+  MemoryInfo?: GpuDeviceMemoryInfo | undefined;
+}
 
 /**
+ * <p>Describes the GPU accelerators for the instance type.</p>
  * @public
  */
-export type RootDeviceType = (typeof RootDeviceType)[keyof typeof RootDeviceType];
+export interface GpuInfo {
+  /**
+   * <p>Describes the GPU accelerators for the instance type.</p>
+   * @public
+   */
+  Gpus?: GpuDeviceInfo[] | undefined;
+
+  /**
+   * <p>The total size of the memory for the GPU accelerators for the instance type, in MiB.</p>
+   * @public
+   */
+  TotalGpuMemoryInMiB?: number | undefined;
+}
 
 /**
  * @public
  * @enum
  */
-export const UsageClassType = {
-  capacity_block: "capacity-block",
-  on_demand: "on-demand",
-  spot: "spot",
+export const InstanceTypeHypervisor = {
+  NITRO: "nitro",
+  XEN: "xen",
 } as const;
 
 /**
  * @public
  */
-export type UsageClassType = (typeof UsageClassType)[keyof typeof UsageClassType];
+export type InstanceTypeHypervisor = (typeof InstanceTypeHypervisor)[keyof typeof InstanceTypeHypervisor];
 
 /**
- * <p>Describes the vCPU configurations for the instance type.</p>
+ * <note>
+ *             <p>Amazon Elastic Inference is no longer available.</p>
+ *          </note>
+ *          <p>Describes the memory available to the inference accelerator.</p>
  * @public
  */
-export interface VCpuInfo {
+export interface InferenceDeviceMemoryInfo {
   /**
-   * <p>The default number of vCPUs for the instance type.</p>
+   * <p>The size of the memory available to the inference accelerator, in MiB.</p>
    * @public
    */
-  DefaultVCpus?: number | undefined;
+  SizeInMiB?: number | undefined;
+}
 
+/**
+ * <note>
+ *             <p>Amazon Elastic Inference is no longer available.</p>
+ *          </note>
+ *          <p>Describes the Inference accelerators for the instance type.</p>
+ * @public
+ */
+export interface InferenceDeviceInfo {
   /**
-   * <p>The default number of cores for the instance type.</p>
+   * <p>The number of Inference accelerators for the instance type.</p>
    * @public
    */
-  DefaultCores?: number | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>The default number of threads per core for the instance type.</p>
+   * <p>The name of the Inference accelerator.</p>
    * @public
    */
-  DefaultThreadsPerCore?: number | undefined;
+  Name?: string | undefined;
 
   /**
-   * <p>The valid number of cores that can be configured for the instance type.</p>
+   * <p>The manufacturer of the Inference accelerator.</p>
    * @public
    */
-  ValidCores?: number[] | undefined;
+  Manufacturer?: string | undefined;
 
   /**
-   * <p>The valid number of threads per core that can be configured for the instance type.</p>
+   * <p>Describes the memory available to the inference accelerator.</p>
    * @public
    */
-  ValidThreadsPerCore?: number[] | undefined;
+  MemoryInfo?: InferenceDeviceMemoryInfo | undefined;
 }
 
 /**
- * <p>Describes the instance type.</p>
+ * <note>
+ *             <p>Amazon Elastic Inference is no longer available.</p>
+ *          </note>
+ *          <p>Describes the Inference accelerators for the instance type.</p>
  * @public
  */
-export interface InstanceTypeInfo {
+export interface InferenceAcceleratorInfo {
   /**
-   * <p>The instance type. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Instance types</a> in the <i>Amazon EC2
-   *     User Guide</i>.</p>
+   * <p>Describes the Inference accelerators for the instance type.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  Accelerators?: InferenceDeviceInfo[] | undefined;
 
   /**
-   * <p>Indicates whether the instance type is current generation.</p>
+   * <p>The total size of the memory for the inference accelerators for the instance type, in
+   *    MiB.</p>
    * @public
    */
-  CurrentGeneration?: boolean | undefined;
+  TotalInferenceMemoryInMiB?: number | undefined;
+}
 
-  /**
-   * <p>Indicates whether the instance type is eligible for the free tier.</p>
-   * @public
-   */
-  FreeTierEligible?: boolean | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const DiskType = {
+  hdd: "hdd",
+  ssd: "ssd",
+} as const;
 
-  /**
-   * <p>Indicates whether the instance type is offered for spot, On-Demand, or Capacity Blocks.</p>
-   * @public
-   */
-  SupportedUsageClasses?: UsageClassType[] | undefined;
+/**
+ * @public
+ */
+export type DiskType = (typeof DiskType)[keyof typeof DiskType];
 
+/**
+ * <p>Describes a disk.</p>
+ * @public
+ */
+export interface DiskInfo {
   /**
-   * <p>The supported root device types.</p>
+   * <p>The size of the disk in GB.</p>
    * @public
    */
-  SupportedRootDeviceTypes?: RootDeviceType[] | undefined;
+  SizeInGB?: number | undefined;
 
   /**
-   * <p>The supported virtualization types.</p>
+   * <p>The number of disks with this configuration.</p>
    * @public
    */
-  SupportedVirtualizationTypes?: VirtualizationType[] | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>Indicates whether the instance is a bare metal instance type.</p>
+   * <p>The type of disk.</p>
    * @public
    */
-  BareMetal?: boolean | undefined;
+  Type?: DiskType | undefined;
+}
 
-  /**
-   * <p>The hypervisor for the instance type.</p>
-   * @public
-   */
-  Hypervisor?: InstanceTypeHypervisor | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const InstanceStorageEncryptionSupport = {
+  required: "required",
+  unsupported: "unsupported",
+} as const;
 
-  /**
-   * <p>Describes the processor.</p>
-   * @public
-   */
-  ProcessorInfo?: ProcessorInfo | undefined;
+/**
+ * @public
+ */
+export type InstanceStorageEncryptionSupport =
+  (typeof InstanceStorageEncryptionSupport)[keyof typeof InstanceStorageEncryptionSupport];
+
+/**
+ * @public
+ * @enum
+ */
+export const EphemeralNvmeSupport = {
+  REQUIRED: "required",
+  SUPPORTED: "supported",
+  UNSUPPORTED: "unsupported",
+} as const;
 
-  /**
-   * <p>Describes the vCPU configurations for the instance type.</p>
-   * @public
-   */
-  VCpuInfo?: VCpuInfo | undefined;
+/**
+ * @public
+ */
+export type EphemeralNvmeSupport = (typeof EphemeralNvmeSupport)[keyof typeof EphemeralNvmeSupport];
 
+/**
+ * <p>Describes the instance store features that are supported by the instance type.</p>
+ * @public
+ */
+export interface InstanceStorageInfo {
   /**
-   * <p>Describes the memory for the instance type.</p>
+   * <p>The total size of the disks, in GB.</p>
    * @public
    */
-  MemoryInfo?: MemoryInfo | undefined;
+  TotalSizeInGB?: number | undefined;
 
   /**
-   * <p>Indicates whether instance storage is supported.</p>
+   * <p>Describes the disks that are available for the instance type.</p>
    * @public
    */
-  InstanceStorageSupported?: boolean | undefined;
+  Disks?: DiskInfo[] | undefined;
 
   /**
-   * <p>Describes the instance storage for the instance type.</p>
+   * <p>Indicates whether non-volatile memory express (NVMe) is supported.</p>
    * @public
    */
-  InstanceStorageInfo?: InstanceStorageInfo | undefined;
+  NvmeSupport?: EphemeralNvmeSupport | undefined;
 
   /**
-   * <p>Describes the Amazon EBS settings for the instance type.</p>
+   * <p>Indicates whether data is encrypted at rest.</p>
    * @public
    */
-  EbsInfo?: EbsInfo | undefined;
+  EncryptionSupport?: InstanceStorageEncryptionSupport | undefined;
+}
 
+/**
+ * <p>Describes the memory available to the media accelerator.</p>
+ * @public
+ */
+export interface MediaDeviceMemoryInfo {
   /**
-   * <p>Describes the network settings for the instance type.</p>
+   * <p>The size of the memory available to each media accelerator, in MiB.</p>
    * @public
    */
-  NetworkInfo?: NetworkInfo | undefined;
+  SizeInMiB?: number | undefined;
+}
 
+/**
+ * <p>Describes the media accelerators for the instance type.</p>
+ * @public
+ */
+export interface MediaDeviceInfo {
   /**
-   * <p>Describes the GPU accelerator settings for the instance type.</p>
+   * <p>The number of media accelerators for the instance type.</p>
    * @public
    */
-  GpuInfo?: GpuInfo | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>Describes the FPGA accelerator settings for the instance type.</p>
+   * <p>The name of the media accelerator.</p>
    * @public
    */
-  FpgaInfo?: FpgaInfo | undefined;
+  Name?: string | undefined;
 
   /**
-   * <p>Describes the placement group settings for the instance type.</p>
+   * <p>The manufacturer of the media accelerator.</p>
    * @public
    */
-  PlacementGroupInfo?: PlacementGroupInfo | undefined;
+  Manufacturer?: string | undefined;
 
   /**
-   * <p>Describes the Inference accelerator settings for the instance type.</p>
+   * <p>Describes the memory available to the media accelerator.</p>
    * @public
    */
-  InferenceAcceleratorInfo?: InferenceAcceleratorInfo | undefined;
+  MemoryInfo?: MediaDeviceMemoryInfo | undefined;
+}
 
+/**
+ * <p>Describes the media accelerators for the instance type.</p>
+ * @public
+ */
+export interface MediaAcceleratorInfo {
   /**
-   * <p>Indicates whether On-Demand hibernation is supported.</p>
+   * <p>Describes the media accelerators for the instance type.</p>
    * @public
    */
-  HibernationSupported?: boolean | undefined;
+  Accelerators?: MediaDeviceInfo[] | undefined;
 
   /**
-   * <p>Indicates whether the instance type is a burstable performance T instance type. For more
-   *    information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html">Burstable performance
-   *     instances</a>.</p>
+   * <p>The total size of the memory for the media accelerators for the instance type, in
+   *    MiB.</p>
    * @public
    */
-  BurstablePerformanceSupported?: boolean | undefined;
+  TotalMediaMemoryInMiB?: number | undefined;
+}
 
+/**
+ * <p>Describes the memory for the instance type.</p>
+ * @public
+ */
+export interface MemoryInfo {
   /**
-   * <p>Indicates whether Dedicated Hosts are supported on the instance type.</p>
+   * <p>The size of the memory, in MiB.</p>
    * @public
    */
-  DedicatedHostsSupported?: boolean | undefined;
+  SizeInMiB?: number | undefined;
+}
 
+/**
+ * <p>Describes the Elastic Fabric Adapters for the instance type.</p>
+ * @public
+ */
+export interface EfaInfo {
   /**
-   * <p>Indicates whether Amazon CloudWatch action based recovery is supported.</p>
+   * <p>The maximum number of Elastic Fabric Adapters for the instance type.</p>
    * @public
    */
-  AutoRecoverySupported?: boolean | undefined;
+  MaximumEfaInterfaces?: number | undefined;
+}
 
-  /**
-   * <p>The supported boot modes. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the <i>Amazon EC2 User
-   *     Guide</i>.</p>
-   * @public
-   */
-  SupportedBootModes?: BootModeType[] | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const EnaSupport = {
+  required: "required",
+  supported: "supported",
+  unsupported: "unsupported",
+} as const;
 
-  /**
-   * <p>Indicates whether Nitro Enclaves is supported.</p>
-   * @public
-   */
-  NitroEnclavesSupport?: NitroEnclavesSupport | undefined;
+/**
+ * @public
+ */
+export type EnaSupport = (typeof EnaSupport)[keyof typeof EnaSupport];
 
+/**
+ * <p>Describes the network card support of the instance type.</p>
+ * @public
+ */
+export interface NetworkCardInfo {
   /**
-   * <p>Indicates whether NitroTPM is supported.</p>
+   * <p>The index of the network card.</p>
    * @public
    */
-  NitroTpmSupport?: NitroTpmSupport | undefined;
+  NetworkCardIndex?: number | undefined;
 
   /**
-   * <p>Describes the supported NitroTPM versions for the instance type.</p>
+   * <p>The network performance of the network card.</p>
    * @public
    */
-  NitroTpmInfo?: NitroTpmInfo | undefined;
+  NetworkPerformance?: string | undefined;
 
   /**
-   * <p>Describes the media accelerator settings for the instance type.</p>
+   * <p>The maximum number of network interfaces for the network card.</p>
    * @public
    */
-  MediaAcceleratorInfo?: MediaAcceleratorInfo | undefined;
+  MaximumNetworkInterfaces?: number | undefined;
 
   /**
-   * <p>Describes the Neuron accelerator settings for the instance type.</p>
+   * <p>The baseline network performance of the network card, in Gbps.</p>
    * @public
    */
-  NeuronInfo?: NeuronInfo | undefined;
+  BaselineBandwidthInGbps?: number | undefined;
 
   /**
-   * <p>Indicates whether a local Precision Time Protocol (PTP) hardware clock (PHC) is
-   *    supported.</p>
+   * <p>The peak (burst) network performance of the network card, in Gbps.</p>
    * @public
    */
-  PhcSupport?: PhcSupport | undefined;
+  PeakBandwidthInGbps?: number | undefined;
 }
 
 /**
+ * <p>Describes the networking features of the instance type.</p>
  * @public
  */
-export interface DescribeInstanceTypesResult {
+export interface NetworkInfo {
   /**
-   * <p>The instance type.</p>
+   * <p>The network performance.</p>
    * @public
    */
-  InstanceTypes?: InstanceTypeInfo[] | undefined;
+  NetworkPerformance?: string | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The maximum number of network interfaces for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  MaximumNetworkInterfaces?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeInternetGatewaysRequest {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The maximum number of physical network cards that can be allocated to the instance.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  MaximumNetworkCards?: number | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The index of the default network card, starting at 0.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  DefaultNetworkCardIndex?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Describes the network cards for the instance type.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NetworkCards?: NetworkCardInfo[] | undefined;
 
   /**
-   * <p>The IDs of the internet gateways.</p>
-   *          <p>Default: Describes all your internet gateways.</p>
+   * <p>The maximum number of IPv4 addresses per network interface.</p>
    * @public
    */
-  InternetGatewayIds?: string[] | undefined;
+  Ipv4AddressesPerInterface?: number | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.state</code> - The current state of the attachment between the gateway
-   *                     and the VPC (<code>available</code>). Present only if a VPC is attached.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>internet-gateway-id</code> - The ID of the Internet gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the internet gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>The maximum number of IPv6 addresses per network interface.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-}
+  Ipv6AddressesPerInterface?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeInternetGatewaysResult {
   /**
-   * <p>Information about the internet gateways.</p>
+   * <p>Indicates whether IPv6 is supported.</p>
    * @public
    */
-  InternetGateways?: InternetGateway[] | undefined;
+  Ipv6Supported?: boolean | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>Indicates whether Elastic Network Adapter (ENA) is supported.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  EnaSupport?: EnaSupport | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamByoasnRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Indicates whether Elastic Fabric Adapter (EFA) is supported.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  EfaSupported?: boolean | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>Describes the Elastic Fabric Adapters for the instance type.</p>
+   * @public
+   */
+  EfaInfo?: EfaInfo | undefined;
+
+  /**
+   * <p>Indicates whether the instance type automatically encrypts in-transit traffic between
+   *    instances.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  EncryptionInTransitSupported?: boolean | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>Indicates whether the instance type supports ENA Express. ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream
+   *    and minimize tail latency of network traffic between EC2 instances.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  EnaSrdSupported?: boolean | undefined;
 }
 
 /**
+ * <p>Describes the cores available to the neuron accelerator.</p>
  * @public
  */
-export interface DescribeIpamByoasnResult {
+export interface NeuronDeviceCoreInfo {
   /**
-   * <p>ASN and BYOIP CIDR associations.</p>
+   * <p>The number of cores available to the neuron accelerator.</p>
    * @public
    */
-  Byoasns?: Byoasn[] | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The version of the neuron accelerator.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Version?: number | undefined;
 }
 
 /**
+ * <p>Describes the memory available to the neuron accelerator.</p>
  * @public
  */
-export interface DescribeIpamExternalResourceVerificationTokensRequest {
+export interface NeuronDeviceMemoryInfo {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The size of the memory available to the neuron accelerator, in MiB.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SizeInMiB?: number | undefined;
+}
 
+/**
+ * <p>Describes the neuron accelerators for the instance type.</p>
+ * @public
+ */
+export interface NeuronDeviceInfo {
   /**
-   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
-   *          <p>Available filters:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>ipam-arn</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipam-external-resource-verification-token-arn</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipam-external-resource-verification-token-id</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipam-id</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipam-region</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>token-name</code>
-   *                </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>token-value</code>
-   *                </p>
-   *             </li>
-   *          </ul>
+   * <p>The number of neuron accelerators for the instance type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The name of the neuron accelerator.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Name?: string | undefined;
 
   /**
-   * <p>The maximum number of tokens to return in one page of results.</p>
+   * <p>Describes the cores available to each neuron accelerator.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  CoreInfo?: NeuronDeviceCoreInfo | undefined;
 
   /**
-   * <p>Verification token IDs.</p>
+   * <p>Describes the memory available to each neuron accelerator.</p>
    * @public
    */
-  IpamExternalResourceVerificationTokenIds?: string[] | undefined;
+  MemoryInfo?: NeuronDeviceMemoryInfo | undefined;
 }
 
 /**
+ * <p>Describes the neuron accelerators for the instance type.</p>
  * @public
  */
-export interface DescribeIpamExternalResourceVerificationTokensResult {
+export interface NeuronInfo {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Describes the neuron accelerators for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  NeuronDevices?: NeuronDeviceInfo[] | undefined;
 
   /**
-   * <p>Verification tokens.</p>
+   * <p>The total size of the memory for the neuron accelerators for the instance type, in
+   *    MiB.</p>
    * @public
    */
-  IpamExternalResourceVerificationTokens?: IpamExternalResourceVerificationToken[] | undefined;
+  TotalNeuronDeviceMemoryInMiB?: number | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeIpamPoolsRequest {
+export const NitroEnclavesSupport = {
+  SUPPORTED: "supported",
+  UNSUPPORTED: "unsupported",
+} as const;
+
+/**
+ * @public
+ */
+export type NitroEnclavesSupport = (typeof NitroEnclavesSupport)[keyof typeof NitroEnclavesSupport];
+
+/**
+ * <p>Describes the supported NitroTPM versions for the instance type.</p>
+ * @public
+ */
+export interface NitroTpmInfo {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Indicates the supported NitroTPM versions.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SupportedVersions?: string[] | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const NitroTpmSupport = {
+  SUPPORTED: "supported",
+  UNSUPPORTED: "unsupported",
+} as const;
+
+/**
+ * @public
+ */
+export type NitroTpmSupport = (typeof NitroTpmSupport)[keyof typeof NitroTpmSupport];
+
+/**
+ * @public
+ * @enum
+ */
+export const PhcSupport = {
+  SUPPORTED: "supported",
+  UNSUPPORTED: "unsupported",
+} as const;
+
+/**
+ * @public
+ */
+export type PhcSupport = (typeof PhcSupport)[keyof typeof PhcSupport];
+
+/**
+ * @public
+ * @enum
+ */
+export const PlacementGroupStrategy = {
+  cluster: "cluster",
+  partition: "partition",
+  spread: "spread",
+} as const;
+
+/**
+ * @public
+ */
+export type PlacementGroupStrategy = (typeof PlacementGroupStrategy)[keyof typeof PlacementGroupStrategy];
 
+/**
+ * <p>Describes the placement group support of the instance type.</p>
+ * @public
+ */
+export interface PlacementGroupInfo {
   /**
-   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
+   * <p>The supported placement group types.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  SupportedStrategies?: PlacementGroupStrategy[] | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const ArchitectureType = {
+  arm64: "arm64",
+  arm64_mac: "arm64_mac",
+  i386: "i386",
+  x86_64: "x86_64",
+  x86_64_mac: "x86_64_mac",
+} as const;
+
+/**
+ * @public
+ */
+export type ArchitectureType = (typeof ArchitectureType)[keyof typeof ArchitectureType];
+
+/**
+ * @public
+ * @enum
+ */
+export const SupportedAdditionalProcessorFeature = {
+  AMD_SEV_SNP: "amd-sev-snp",
+} as const;
+
+/**
+ * @public
+ */
+export type SupportedAdditionalProcessorFeature =
+  (typeof SupportedAdditionalProcessorFeature)[keyof typeof SupportedAdditionalProcessorFeature];
 
+/**
+ * <p>Describes the processor used by the instance type.</p>
+ * @public
+ */
+export interface ProcessorInfo {
   /**
-   * <p>The maximum number of results to return in the request.</p>
+   * <p>The architectures supported by the instance type.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  SupportedArchitectures?: ArchitectureType[] | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The speed of the processor, in GHz.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  SustainedClockSpeedInGhz?: number | undefined;
 
   /**
-   * <p>The IDs of the IPAM pools you would like information on.</p>
+   * <p>Indicates whether the instance type supports AMD SEV-SNP. If the request returns
+   *     <code>amd-sev-snp</code>, AMD SEV-SNP is supported. Otherwise, it is not supported. For more
+   *    information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html"> AMD
+   *     SEV-SNP</a>.</p>
    * @public
    */
-  IpamPoolIds?: string[] | undefined;
+  SupportedFeatures?: SupportedAdditionalProcessorFeature[] | undefined;
+
+  /**
+   * <p>The manufacturer of the processor.</p>
+   * @public
+   */
+  Manufacturer?: string | undefined;
 }
 
 /**
  * @public
+ * @enum
+ */
+export const BootModeType = {
+  legacy_bios: "legacy-bios",
+  uefi: "uefi",
+} as const;
+
+/**
+ * @public
+ */
+export type BootModeType = (typeof BootModeType)[keyof typeof BootModeType];
+
+/**
+ * @public
+ * @enum
  */
-export interface DescribeIpamPoolsResult {
-  /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
+export const RootDeviceType = {
+  ebs: "ebs",
+  instance_store: "instance-store",
+} as const;
 
-  /**
-   * <p>Information about the IPAM pools.</p>
-   * @public
-   */
-  IpamPools?: IpamPool[] | undefined;
-}
+/**
+ * @public
+ */
+export type RootDeviceType = (typeof RootDeviceType)[keyof typeof RootDeviceType];
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeIpamResourceDiscoveriesRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
+export const UsageClassType = {
+  capacity_block: "capacity-block",
+  on_demand: "on-demand",
+  spot: "spot",
+} as const;
 
-  /**
-   * <p>The IPAM resource discovery IDs.</p>
-   * @public
-   */
-  IpamResourceDiscoveryIds?: string[] | undefined;
+/**
+ * @public
+ */
+export type UsageClassType = (typeof UsageClassType)[keyof typeof UsageClassType];
 
+/**
+ * <p>Describes the vCPU configurations for the instance type.</p>
+ * @public
+ */
+export interface VCpuInfo {
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>The default number of vCPUs for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DefaultVCpus?: number | undefined;
 
   /**
-   * <p>The maximum number of resource discoveries to return in one page of results.</p>
+   * <p>The default number of cores for the instance type.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  DefaultCores?: number | undefined;
 
   /**
-   * <p>The resource discovery filters.</p>
+   * <p>The default number of threads per core for the instance type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-}
+  DefaultThreadsPerCore?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamResourceDiscoveriesResult {
   /**
-   * <p>The resource discoveries.</p>
+   * <p>The valid number of cores that can be configured for the instance type.</p>
    * @public
    */
-  IpamResourceDiscoveries?: IpamResourceDiscovery[] | undefined;
+  ValidCores?: number[] | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>The valid number of threads per core that can be configured for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ValidThreadsPerCore?: number[] | undefined;
 }
 
 /**
+ * <p>Describes the instance type.</p>
  * @public
  */
-export interface DescribeIpamResourceDiscoveryAssociationsRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface InstanceTypeInfo {
   /**
-   * <p>The resource discovery association IDs.</p>
+   * <p>The instance type. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Instance types</a> in the <i>Amazon EC2
+   *     User Guide</i>.</p>
    * @public
    */
-  IpamResourceDiscoveryAssociationIds?: string[] | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>Indicates whether the instance type is current generation.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  CurrentGeneration?: boolean | undefined;
 
   /**
-   * <p>The maximum number of resource discovery associations to return in one page of results.</p>
+   * <p>Indicates whether the instance type is eligible for the free tier.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  FreeTierEligible?: boolean | undefined;
 
   /**
-   * <p>The resource discovery association filters.</p>
+   * <p>Indicates whether the instance type is offered for spot, On-Demand, or Capacity Blocks.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-}
+  SupportedUsageClasses?: UsageClassType[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamResourceDiscoveryAssociationsResult {
   /**
-   * <p>The resource discovery associations.</p>
+   * <p>The supported root device types.</p>
    * @public
    */
-  IpamResourceDiscoveryAssociations?: IpamResourceDiscoveryAssociation[] | undefined;
+  SupportedRootDeviceTypes?: RootDeviceType[] | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>The supported virtualization types.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  SupportedVirtualizationTypes?: VirtualizationType[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamsRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Indicates whether the instance is a bare metal instance type.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  BareMetal?: boolean | undefined;
 
   /**
-   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
+   * <p>The hypervisor for the instance type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Hypervisor?: InstanceTypeHypervisor | undefined;
 
   /**
-   * <p>The maximum number of results to return in the request.</p>
+   * <p>Describes the processor.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ProcessorInfo?: ProcessorInfo | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>Describes the vCPU configurations for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VCpuInfo?: VCpuInfo | undefined;
 
   /**
-   * <p>The IDs of the IPAMs you want information on.</p>
+   * <p>Describes the memory for the instance type.</p>
    * @public
    */
-  IpamIds?: string[] | undefined;
-}
+  MemoryInfo?: MemoryInfo | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamsResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Indicates whether instance storage is supported.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InstanceStorageSupported?: boolean | undefined;
 
   /**
-   * <p>Information about the IPAMs.</p>
+   * <p>Describes the instance storage for the instance type.</p>
    * @public
    */
-  Ipams?: Ipam[] | undefined;
-}
+  InstanceStorageInfo?: InstanceStorageInfo | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamScopesRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Describes the Amazon EBS settings for the instance type.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  EbsInfo?: EbsInfo | undefined;
 
   /**
-   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
+   * <p>Describes the network settings for the instance type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  NetworkInfo?: NetworkInfo | undefined;
 
   /**
-   * <p>The maximum number of results to return in the request.</p>
+   * <p>Describes the GPU accelerator settings for the instance type.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  GpuInfo?: GpuInfo | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>Describes the FPGA accelerator settings for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  FpgaInfo?: FpgaInfo | undefined;
 
   /**
-   * <p>The IDs of the scopes you want information on.</p>
+   * <p>Describes the placement group settings for the instance type.</p>
    * @public
    */
-  IpamScopeIds?: string[] | undefined;
-}
+  PlacementGroupInfo?: PlacementGroupInfo | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpamScopesResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Describes the Inference accelerator settings for the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InferenceAcceleratorInfo?: InferenceAcceleratorInfo | undefined;
 
   /**
-   * <p>The scopes you want information on.</p>
+   * <p>Indicates whether On-Demand hibernation is supported.</p>
    * @public
    */
-  IpamScopes?: IpamScope[] | undefined;
-}
+  HibernationSupported?: boolean | undefined;
 
-/**
- * @public
- */
-export interface DescribeIpv6PoolsRequest {
   /**
-   * <p>The IDs of the IPv6 address pools.</p>
+   * <p>Indicates whether the instance type is a burstable performance T instance type. For more
+   *    information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html">Burstable performance
+   *     instances</a>.</p>
    * @public
    */
-  PoolIds?: string[] | undefined;
+  BurstablePerformanceSupported?: boolean | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>Indicates whether Dedicated Hosts are supported on the instance type.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DedicatedHostsSupported?: boolean | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>Indicates whether Amazon CloudWatch action based recovery is supported.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  AutoRecoverySupported?: boolean | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The supported boot modes. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the <i>Amazon EC2 User
+   *     Guide</i>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SupportedBootModes?: BootModeType[] | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>Indicates whether Nitro Enclaves is supported.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-}
+  NitroEnclavesSupport?: NitroEnclavesSupport | undefined;
 
-/**
- * <p>Describes a CIDR block for an address pool.</p>
- * @public
- */
-export interface PoolCidrBlock {
   /**
-   * <p>The CIDR block.</p>
+   * <p>Indicates whether NitroTPM is supported.</p>
    * @public
-   */
-  Cidr?: string | undefined;
-}
-
-/**
- * <p>Describes an IPv6 address pool.</p>
- * @public
- */
-export interface Ipv6Pool {
+   */
+  NitroTpmSupport?: NitroTpmSupport | undefined;
+
   /**
-   * <p>The ID of the address pool.</p>
+   * <p>Describes the supported NitroTPM versions for the instance type.</p>
    * @public
    */
-  PoolId?: string | undefined;
+  NitroTpmInfo?: NitroTpmInfo | undefined;
 
   /**
-   * <p>The description for the address pool.</p>
+   * <p>Describes the media accelerator settings for the instance type.</p>
    * @public
    */
-  Description?: string | undefined;
+  MediaAcceleratorInfo?: MediaAcceleratorInfo | undefined;
 
   /**
-   * <p>The CIDR blocks for the address pool.</p>
+   * <p>Describes the Neuron accelerator settings for the instance type.</p>
    * @public
    */
-  PoolCidrBlocks?: PoolCidrBlock[] | undefined;
+  NeuronInfo?: NeuronInfo | undefined;
 
   /**
-   * <p>Any tags for the address pool.</p>
+   * <p>Indicates whether a local Precision Time Protocol (PTP) hardware clock (PHC) is
+   *    supported.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  PhcSupport?: PhcSupport | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeIpv6PoolsResult {
+export interface DescribeInstanceTypesResult {
   /**
-   * <p>Information about the IPv6 address pools.</p>
+   * <p>The instance type.</p>
    * @public
    */
-  Ipv6Pools?: Ipv6Pool[] | undefined;
+  InstanceTypes?: InstanceTypeInfo[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -6977,27 +6772,20 @@ export interface DescribeIpv6PoolsResult {
 /**
  * @public
  */
-export interface DescribeKeyPairsRequest {
-  /**
-   * <p>The key pair names.</p>
-   *          <p>Default: Describes all of your key pairs.</p>
-   * @public
-   */
-  KeyNames?: string[] | undefined;
-
+export interface DescribeInternetGatewaysRequest {
   /**
-   * <p>The IDs of the key pairs.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  KeyPairIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>If <code>true</code>, the public key material is included in the response.</p>
-   *          <p>Default: <code>false</code>
-   *          </p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  IncludePublicKey?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -7007,30 +6795,42 @@ export interface DescribeKeyPairsRequest {
    */
   DryRun?: boolean | undefined;
 
+  /**
+   * <p>The IDs of the internet gateways.</p>
+   *          <p>Default: Describes all your internet gateways.</p>
+   * @public
+   */
+  InternetGatewayIds?: string[] | undefined;
+
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>key-pair-id</code> - The ID of the key pair.</p>
+   *                   <code>attachment.state</code> - The current state of the attachment between the gateway
+   *                     and the VPC (<code>available</code>). Present only if a VPC is attached.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>fingerprint</code> - The fingerprint of the key pair.</p>
+   *                   <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>key-name</code> - The name of the key pair.</p>
+   *                   <code>internet-gateway-id</code> - The ID of the Internet gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the internet gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
    *          </ul>
    * @public
    */
@@ -7038,132 +6838,125 @@ export interface DescribeKeyPairsRequest {
 }
 
 /**
- * <p>Describes a key pair.</p>
  * @public
  */
-export interface KeyPairInfo {
-  /**
-   * <p>The ID of the key pair.</p>
-   * @public
-   */
-  KeyPairId?: string | undefined;
-
-  /**
-   * <p>The type of key pair.</p>
-   * @public
-   */
-  KeyType?: KeyType | undefined;
-
+export interface DescribeInternetGatewaysResult {
   /**
-   * <p>Any tags applied to the key pair.</p>
+   * <p>Information about the internet gateways.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  InternetGateways?: InternetGateway[] | undefined;
 
   /**
-   * <p>The public key material.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  PublicKey?: string | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeIpamByoasnRequest {
   /**
-   * <p>If you used Amazon EC2 to create the key pair, this is the date and time when the key
-   *             was created, in <a href="https://www.iso.org/iso-8601-date-and-time-format.html">ISO
-   *                 8601 date-time format</a>, in the UTC time zone.</p>
-   *          <p>If you imported an existing key pair to Amazon EC2, this is the date and time the key
-   *             was imported, in <a href="https://www.iso.org/iso-8601-date-and-time-format.html">ISO
-   *                 8601 date-time format</a>, in the UTC time zone.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  CreateTime?: Date | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The name of the key pair.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  KeyName?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>If you used <a>CreateKeyPair</a> to create the key pair:</p>
-   *          <ul>
-   *             <li>
-   *                <p>For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.</p>
-   *             </li>
-   *             <li>
-   *                <p>For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which
-   *                    is the default for OpenSSH, starting with <a href="http://www.openssh.com/txt/release-6.8">OpenSSH 6.8</a>.</p>
-   *             </li>
-   *          </ul>
-   *          <p>If you used <a>ImportKeyPair</a> to provide Amazon Web Services the public key:</p>
-   *          <ul>
-   *             <li>
-   *                <p>For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC4716.</p>
-   *             </li>
-   *             <li>
-   *                <p>For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256
-   *                     digest, which is the default for OpenSSH, starting with <a href="http://www.openssh.com/txt/release-6.8">OpenSSH 6.8</a>.</p>
-   *             </li>
-   *          </ul>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  KeyFingerprint?: string | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeKeyPairsResult {
+export interface DescribeIpamByoasnResult {
   /**
-   * <p>Information about the key pairs.</p>
+   * <p>ASN and BYOIP CIDR associations.</p>
    * @public
    */
-  KeyPairs?: KeyPairInfo[] | undefined;
+  Byoasns?: Byoasn[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLaunchTemplatesRequest {
+export interface DescribeIpamExternalResourceVerificationTokensRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more launch template IDs.</p>
-   * @public
-   */
-  LaunchTemplateIds?: string[] | undefined;
-
-  /**
-   * <p>One or more launch template names.</p>
-   * @public
-   */
-  LaunchTemplateNames?: string[] | undefined;
-
-  /**
-   * <p>One or more filters.</p>
+   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
+   *          <p>Available filters:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>create-time</code> - The time the launch template was created.</p>
+   *                   <code>ipam-arn</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>launch-template-name</code> - The name of the launch template.</p>
+   *                   <code>ipam-external-resource-verification-token-arn</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>ipam-external-resource-verification-token-id</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>ipam-id</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipam-region</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>token-name</code>
+   *                </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>token-value</code>
+   *                </p>
    *             </li>
    *          </ul>
    * @public
@@ -7171,213 +6964,144 @@ export interface DescribeLaunchTemplatesRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The token to request the next page of results.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining
-   *             results, make another call with the returned <code>NextToken</code> value. This value
-   *             can be between 1 and 200.</p>
+   * <p>The maximum number of tokens to return in one page of results.</p>
    * @public
    */
   MaxResults?: number | undefined;
+
+  /**
+   * <p>Verification token IDs.</p>
+   * @public
+   */
+  IpamExternalResourceVerificationTokenIds?: string[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLaunchTemplatesResult {
+export interface DescribeIpamExternalResourceVerificationTokensResult {
   /**
-   * <p>Information about the launch templates.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  LaunchTemplates?: LaunchTemplate[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code>
-   *             when there are no more results to return.</p>
+   * <p>Verification tokens.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  IpamExternalResourceVerificationTokens?: IpamExternalResourceVerificationToken[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLaunchTemplateVersionsRequest {
+export interface DescribeIpamPoolsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return in the request.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The ID of the launch template.</p>
-   *          <p>To describe one or more versions of a specified launch template, you must specify
-   *             either the launch template ID or the launch template name, but not both.</p>
-   *          <p>To describe all the latest or default launch template versions in your account, you
-   *             must omit this parameter.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  LaunchTemplateId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The name of the launch template.</p>
-   *          <p>To describe one or more versions of a specified launch template, you must specify
-   *             either the launch template name or the launch template ID, but not both.</p>
-   *          <p>To describe all the latest or default launch template versions in your account, you
-   *             must omit this parameter.</p>
+   * <p>The IDs of the IPAM pools you would like information on.</p>
    * @public
    */
-  LaunchTemplateName?: string | undefined;
+  IpamPoolIds?: string[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeIpamPoolsResult {
   /**
-   * <p>One or more versions of the launch template. Valid values depend on whether you are
-   *             describing a specified launch template (by ID or name) or all launch templates in your
-   *             account.</p>
-   *          <p>To describe one or more versions of a specified launch template, valid values are
-   *                 <code>$Latest</code>, <code>$Default</code>, and numbers.</p>
-   *          <p>To describe all launch templates in your account that are defined as the latest
-   *             version, the valid value is <code>$Latest</code>. To describe all launch templates in
-   *             your account that are defined as the default version, the valid value is
-   *                 <code>$Default</code>. You can specify <code>$Latest</code> and
-   *                 <code>$Default</code> in the same request. You cannot specify numbers.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  Versions?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The version number after which to describe launch template versions.</p>
+   * <p>Information about the IPAM pools.</p>
    * @public
    */
-  MinVersion?: string | undefined;
+  IpamPools?: IpamPool[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeIpamResourceDiscoveriesRequest {
   /**
-   * <p>The version number up to which to describe launch template versions.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaxVersion?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The token to request the next page of results.</p>
+   * <p>The IPAM resource discovery IDs.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  IpamResourceDiscoveryIds?: string[] | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining
-   *             results, make another call with the returned <code>NextToken</code> value. This value
-   *             can be between 1 and 200.</p>
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>create-time</code> - The time the launch template version was
-   *                     created.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ebs-optimized</code> - A boolean that indicates whether the instance is
-   *                     optimized for Amazon EBS I/O.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>http-endpoint</code> - Indicates whether the HTTP metadata endpoint on
-   *                     your instances is enabled (<code>enabled</code> | <code>disabled</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>http-protocol-ipv4</code> - Indicates whether the IPv4 endpoint for the
-   *                     instance metadata service is enabled (<code>enabled</code> |
-   *                         <code>disabled</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>host-resource-group-arn</code> - The ARN of the host resource group in
-   *                     which to launch the instances.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>http-tokens</code> - The state of token usage for your instance metadata
-   *                     requests (<code>optional</code> | <code>required</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>iam-instance-profile</code> - The ARN of the IAM instance
-   *                     profile.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>image-id</code> - The ID of the AMI.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>is-default-version</code> - A boolean that indicates whether the launch
-   *                     template version is the default version.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>kernel-id</code> - The kernel ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>license-configuration-arn</code> - The ARN of the license
-   *                     configuration.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-card-index</code> - The index of the network card.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ram-disk-id</code> - The RAM disk ID.</p>
-   *             </li>
-   *          </ul>
+   * <p>The maximum number of resource discoveries to return in one page of results.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>If <code>true</code>, and if a Systems Manager parameter is specified for <code>ImageId</code>,
-   *             the AMI ID is displayed in the response for <code>imageId</code>.</p>
-   *          <p>If <code>false</code>, and if a Systems Manager parameter is specified for <code>ImageId</code>,
-   *             the parameter is displayed in the response for <code>imageId</code>.</p>
-   *          <p> For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id">Use a Systems
-   *             Manager parameter instead of an AMI ID</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   *          <p>Default: <code>false</code>
-   *          </p>
+   * <p>The resource discovery filters.</p>
    * @public
    */
-  ResolveAlias?: boolean | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLaunchTemplateVersionsResult {
+export interface DescribeIpamResourceDiscoveriesResult {
   /**
-   * <p>Information about the launch template versions.</p>
+   * <p>The resource discoveries.</p>
    * @public
    */
-  LaunchTemplateVersions?: LaunchTemplateVersion[] | undefined;
+  IpamResourceDiscoveries?: IpamResourceDiscovery[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code>
-   *             when there are no more results to return.</p>
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -7386,80 +7110,52 @@ export interface DescribeLaunchTemplateVersionsResult {
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTablesRequest {
+export interface DescribeIpamResourceDiscoveryAssociationsRequest {
   /**
-   * <p>The IDs of the local gateway route tables.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LocalGatewayRouteTableIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the
-   *                local gateway route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-id</code> - The ID of a local gateway route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the local gateway route table.</p>
-   *             </li>
-   *          </ul>
+   * <p>The resource discovery association IDs.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  IpamResourceDiscoveryAssociationIds?: string[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The maximum number of resource discovery associations to return in one page of results.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The resource discovery association filters.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTablesResult {
+export interface DescribeIpamResourceDiscoveryAssociationsResult {
   /**
-   * <p>Information about the local gateway route tables.</p>
+   * <p>The resource discovery associations.</p>
    * @public
    */
-  LocalGatewayRouteTables?: LocalGatewayRouteTable[] | undefined;
+  IpamResourceDiscoveryAssociations?: IpamResourceDiscoveryAssociation[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -7468,54 +7164,23 @@ export interface DescribeLocalGatewayRouteTablesResult {
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest {
+export interface DescribeIpamsRequest {
   /**
-   * <p>The IDs of the associations.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the local
-   *                gateway route table for the virtual interface group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-virtual-interface-group-association-id</code> - The ID of the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-virtual-interface-group-id</code> - The ID of the virtual interface group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual
-   *                interface group association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the association.</p>
-   *             </li>
-   *          </ul>
+   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The maximum number of results to return in the request.</p>
    * @public
    */
   MaxResults?: number | undefined;
@@ -7527,84 +7192,49 @@ export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations
   NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the IPAMs you want information on.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  IpamIds?: string[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult {
+export interface DescribeIpamsResult {
   /**
-   * <p>Information about the associations.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  LocalGatewayRouteTableVirtualInterfaceGroupAssociations?:
-    | LocalGatewayRouteTableVirtualInterfaceGroupAssociation[]
-    | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the IPAMs.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Ipams?: Ipam[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTableVpcAssociationsRequest {
+export interface DescribeIpamScopesRequest {
   /**
-   * <p>The IDs of the associations.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LocalGatewayRouteTableVpcAssociationIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the local
-   *                gateway route table for the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-route-table-vpc-association-id</code> - The ID of the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway route table
-   *                for the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC.</p>
-   *             </li>
-   *          </ul>
+   * <p>One or more filters for the request. For more information about filtering, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html">Filtering CLI output</a>.</p>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The maximum number of results to return in the request.</p>
    * @public
    */
   MaxResults?: number | undefined;
@@ -7616,64 +7246,44 @@ export interface DescribeLocalGatewayRouteTableVpcAssociationsRequest {
   NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the scopes you want information on.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  IpamScopeIds?: string[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewayRouteTableVpcAssociationsResult {
+export interface DescribeIpamScopesResult {
   /**
-   * <p>Information about the associations.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  LocalGatewayRouteTableVpcAssociations?: LocalGatewayRouteTableVpcAssociation[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The scopes you want information on.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  IpamScopes?: IpamScope[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewaysRequest {
+export interface DescribeIpv6PoolsRequest {
   /**
-   * <p>The IDs of the local gateways.</p>
+   * <p>The IDs of the IPv6 address pools.</p>
    * @public
    */
-  LocalGatewayIds?: string[] | undefined;
+  PoolIds?: string[] | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the association.</p>
-   *             </li>
-   *          </ul>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  NextToken?: string | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -7682,12 +7292,6 @@ export interface DescribeLocalGatewaysRequest {
    */
   MaxResults?: number | undefined;
 
-  /**
-   * <p>The token for the next page of results.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -7695,39 +7299,62 @@ export interface DescribeLocalGatewaysRequest {
    * @public
    */
   DryRun?: boolean | undefined;
+
+  /**
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 }
 
 /**
- * <p>Describes a local gateway.</p>
+ * <p>Describes a CIDR block for an address pool.</p>
  * @public
  */
-export interface LocalGateway {
+export interface PoolCidrBlock {
   /**
-   * <p>The ID of the local gateway.</p>
+   * <p>The CIDR block.</p>
    * @public
    */
-  LocalGatewayId?: string | undefined;
+  Cidr?: string | undefined;
+}
 
+/**
+ * <p>Describes an IPv6 address pool.</p>
+ * @public
+ */
+export interface Ipv6Pool {
   /**
-   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * <p>The ID of the address pool.</p>
    * @public
    */
-  OutpostArn?: string | undefined;
+  PoolId?: string | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the local gateway.</p>
+   * <p>The description for the address pool.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The state of the local gateway.</p>
+   * <p>The CIDR blocks for the address pool.</p>
    * @public
    */
-  State?: string | undefined;
+  PoolCidrBlocks?: PoolCidrBlock[] | undefined;
 
   /**
-   * <p>The tags assigned to the local gateway.</p>
+   * <p>Any tags for the address pool.</p>
    * @public
    */
   Tags?: Tag[] | undefined;
@@ -7736,12 +7363,12 @@ export interface LocalGateway {
 /**
  * @public
  */
-export interface DescribeLocalGatewaysResult {
+export interface DescribeIpv6PoolsResult {
   /**
-   * <p>Information about the local gateways.</p>
+   * <p>Information about the IPv6 address pools.</p>
    * @public
    */
-  LocalGateways?: LocalGateway[] | undefined;
+  Ipv6Pools?: Ipv6Pool[] | undefined;
 
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
@@ -7753,157 +7380,193 @@ export interface DescribeLocalGatewaysResult {
 /**
  * @public
  */
-export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest {
+export interface DescribeKeyPairsRequest {
   /**
-   * <p>The IDs of the virtual interface groups.</p>
+   * <p>The key pair names.</p>
+   *          <p>Default: Describes all of your key pairs.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceGroupIds?: string[] | undefined;
+  KeyNames?: string[] | undefined;
 
   /**
-   * <p>One or more filters.</p>
+   * <p>The IDs of the key pairs.</p>
+   * @public
+   */
+  KeyPairIds?: string[] | undefined;
+
+  /**
+   * <p>If <code>true</code>, the public key material is included in the response.</p>
+   *          <p>Default: <code>false</code>
+   *          </p>
+   * @public
+   */
+  IncludePublicKey?: boolean | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
+   *                   <code>key-pair-id</code> - The ID of the key pair.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>local-gateway-virtual-interface-group-id</code> - The ID of the virtual interface group.</p>
+   *                   <code>fingerprint</code> - The fingerprint of the key pair.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>local-gateway-virtual-interface-id</code> - The ID of the virtual interface.</p>
+   *                   <code>key-name</code> - The name of the key pair.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual interface group.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+}
 
+/**
+ * <p>Describes a key pair.</p>
+ * @public
+ */
+export interface KeyPairInfo {
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The ID of the key pair.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  KeyPairId?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The type of key pair.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  KeyType?: KeyType | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Any tags applied to the key pair.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  Tags?: Tag[] | undefined;
 
-/**
- * <p>Describes a local gateway virtual interface group.</p>
- * @public
- */
-export interface LocalGatewayVirtualInterfaceGroup {
   /**
-   * <p>The ID of the virtual interface group.</p>
+   * <p>The public key material.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceGroupId?: string | undefined;
+  PublicKey?: string | undefined;
 
   /**
-   * <p>The IDs of the virtual interfaces.</p>
+   * <p>If you used Amazon EC2 to create the key pair, this is the date and time when the key
+   *             was created, in <a href="https://www.iso.org/iso-8601-date-and-time-format.html">ISO
+   *                 8601 date-time format</a>, in the UTC time zone.</p>
+   *          <p>If you imported an existing key pair to Amazon EC2, this is the date and time the key
+   *             was imported, in <a href="https://www.iso.org/iso-8601-date-and-time-format.html">ISO
+   *                 8601 date-time format</a>, in the UTC time zone.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceIds?: string[] | undefined;
+  CreateTime?: Date | undefined;
 
   /**
-   * <p>The ID of the local gateway.</p>
+   * <p>The name of the key pair.</p>
    * @public
    */
-  LocalGatewayId?: string | undefined;
+  KeyName?: string | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the local gateway virtual interface group.</p>
+   * <p>If you used <a>CreateKeyPair</a> to create the key pair:</p>
+   *          <ul>
+   *             <li>
+   *                <p>For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.</p>
+   *             </li>
+   *             <li>
+   *                <p>For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which
+   *                    is the default for OpenSSH, starting with <a href="http://www.openssh.com/txt/release-6.8">OpenSSH 6.8</a>.</p>
+   *             </li>
+   *          </ul>
+   *          <p>If you used <a>ImportKeyPair</a> to provide Amazon Web Services the public key:</p>
+   *          <ul>
+   *             <li>
+   *                <p>For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC4716.</p>
+   *             </li>
+   *             <li>
+   *                <p>For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256
+   *                     digest, which is the default for OpenSSH, starting with <a href="http://www.openssh.com/txt/release-6.8">OpenSSH 6.8</a>.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  OwnerId?: string | undefined;
+  KeyFingerprint?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeKeyPairsResult {
   /**
-   * <p>The tags assigned to the virtual interface group.</p>
+   * <p>Information about the key pairs.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  KeyPairs?: KeyPairInfo[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLocalGatewayVirtualInterfaceGroupsResult {
+export interface DescribeLaunchTemplatesRequest {
   /**
-   * <p>The virtual interface groups.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceGroups?: LocalGatewayVirtualInterfaceGroup[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>One or more launch template IDs.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  LaunchTemplateIds?: string[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeLocalGatewayVirtualInterfacesRequest {
   /**
-   * <p>The IDs of the virtual interfaces.</p>
+   * <p>One or more launch template names.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceIds?: string[] | undefined;
+  LaunchTemplateNames?: string[] | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>local-address</code> - The local address.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-bgp-asn</code> - The Border Gateway Protocol (BGP) Autonomous System Number (ASN)
-   *                of the local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-id</code> - The ID of the local gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-gateway-virtual-interface-id</code> - The ID of the virtual interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual interface.</p>
+   *                   <code>create-time</code> - The time the launch template was created.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>peer-address</code> - The peer address.</p>
+   *                   <code>launch-template-name</code> - The name of the launch template.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>peer-bgp-asn</code> - The peer BGP ASN.</p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vlan</code> - The ID of the VLAN.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
    *          </ul>
    * @public
@@ -7911,269 +7574,295 @@ export interface DescribeLocalGatewayVirtualInterfacesRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token to request the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining
+   *             results, make another call with the returned <code>NextToken</code> value. This value
+   *             can be between 1 and 200.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
- * <p>Describes a local gateway virtual interface.</p>
  * @public
  */
-export interface LocalGatewayVirtualInterface {
-  /**
-   * <p>The ID of the virtual interface.</p>
-   * @public
-   */
-  LocalGatewayVirtualInterfaceId?: string | undefined;
-
+export interface DescribeLaunchTemplatesResult {
   /**
-   * <p>The ID of the local gateway.</p>
+   * <p>Information about the launch templates.</p>
    * @public
    */
-  LocalGatewayId?: string | undefined;
+  LaunchTemplates?: LaunchTemplate[] | undefined;
 
   /**
-   * <p>The ID of the VLAN.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code>
+   *             when there are no more results to return.</p>
    * @public
    */
-  Vlan?: number | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeLaunchTemplateVersionsRequest {
   /**
-   * <p>The local address.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LocalAddress?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The peer address.</p>
+   * <p>The ID of the launch template.</p>
+   *          <p>To describe one or more versions of a specified launch template, you must specify
+   *             either the launch template ID or the launch template name, but not both.</p>
+   *          <p>To describe all the latest or default launch template versions in your account, you
+   *             must omit this parameter.</p>
    * @public
    */
-  PeerAddress?: string | undefined;
+  LaunchTemplateId?: string | undefined;
 
   /**
-   * <p>The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local gateway.</p>
+   * <p>The name of the launch template.</p>
+   *          <p>To describe one or more versions of a specified launch template, you must specify
+   *             either the launch template name or the launch template ID, but not both.</p>
+   *          <p>To describe all the latest or default launch template versions in your account, you
+   *             must omit this parameter.</p>
    * @public
    */
-  LocalBgpAsn?: number | undefined;
+  LaunchTemplateName?: string | undefined;
 
   /**
-   * <p>The peer BGP ASN.</p>
+   * <p>One or more versions of the launch template. Valid values depend on whether you are
+   *             describing a specified launch template (by ID or name) or all launch templates in your
+   *             account.</p>
+   *          <p>To describe one or more versions of a specified launch template, valid values are
+   *                 <code>$Latest</code>, <code>$Default</code>, and numbers.</p>
+   *          <p>To describe all launch templates in your account that are defined as the latest
+   *             version, the valid value is <code>$Latest</code>. To describe all launch templates in
+   *             your account that are defined as the default version, the valid value is
+   *                 <code>$Default</code>. You can specify <code>$Latest</code> and
+   *                 <code>$Default</code> in the same request. You cannot specify numbers.</p>
    * @public
    */
-  PeerBgpAsn?: number | undefined;
+  Versions?: string[] | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the local gateway virtual interface.</p>
+   * <p>The version number after which to describe launch template versions.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  MinVersion?: string | undefined;
 
   /**
-   * <p>The tags assigned to the virtual interface.</p>
+   * <p>The version number up to which to describe launch template versions.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
-}
+  MaxVersion?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeLocalGatewayVirtualInterfacesResult {
   /**
-   * <p>Information about the virtual interfaces.</p>
+   * <p>The token to request the next page of results.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaces?: LocalGatewayVirtualInterface[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining
+   *             results, make another call with the returned <code>NextToken</code> value. This value
+   *             can be between 1 and 200.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  MaxResults?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeLockedSnapshotsRequest {
   /**
-   * <p>The filters.</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>lock-state</code> - The state of the snapshot lock (<code>compliance-cooloff</code> |
-   *           <code>governance</code> | <code>compliance</code> | <code>expired</code>).</p>
+   *                   <code>create-time</code> - The time the launch template version was
+   *                     created.</p>
    *             </li>
-   *          </ul>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *             <li>
+   *                <p>
+   *                   <code>ebs-optimized</code> - A boolean that indicates whether the instance is
+   *                     optimized for Amazon EBS I/O.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>http-endpoint</code> - Indicates whether the HTTP metadata endpoint on
+   *                     your instances is enabled (<code>enabled</code> | <code>disabled</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>http-protocol-ipv4</code> - Indicates whether the IPv4 endpoint for the
+   *                     instance metadata service is enabled (<code>enabled</code> |
+   *                         <code>disabled</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>host-resource-group-arn</code> - The ARN of the host resource group in
+   *                     which to launch the instances.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>http-tokens</code> - The state of token usage for your instance metadata
+   *                     requests (<code>optional</code> | <code>required</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>iam-instance-profile</code> - The ARN of the IAM instance
+   *                     profile.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>image-id</code> - The ID of the AMI.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>is-default-version</code> - A boolean that indicates whether the launch
+   *                     template version is the default version.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>kernel-id</code> - The kernel ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>license-configuration-arn</code> - The ARN of the license
+   *                     configuration.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-card-index</code> - The index of the network card.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ram-disk-id</code> - The RAM disk ID.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  MaxResults?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>If <code>true</code>, and if a Systems Manager parameter is specified for <code>ImageId</code>,
+   *             the AMI ID is displayed in the response for <code>imageId</code>.</p>
+   *          <p>If <code>false</code>, and if a Systems Manager parameter is specified for <code>ImageId</code>,
+   *             the parameter is displayed in the response for <code>imageId</code>.</p>
+   *          <p> For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id">Use a Systems
+   *             Manager parameter instead of an AMI ID</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *          <p>Default: <code>false</code>
+   *          </p>
    * @public
    */
-  NextToken?: string | undefined;
+  ResolveAlias?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeLaunchTemplateVersionsResult {
   /**
-   * <p>The IDs of the snapshots for which to view the lock status.</p>
+   * <p>Information about the launch template versions.</p>
    * @public
    */
-  SnapshotIds?: string[] | undefined;
+  LaunchTemplateVersions?: LaunchTemplateVersion[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code>
+   *             when there are no more results to return.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const LockState = {
-  compliance: "compliance",
-  compliance_cooloff: "compliance-cooloff",
-  expired: "expired",
-  governance: "governance",
-} as const;
-
-/**
- * @public
- */
-export type LockState = (typeof LockState)[keyof typeof LockState];
-
-/**
- * <p>Information about a locked snapshot.</p>
  * @public
  */
-export interface LockedSnapshotsInfo {
-  /**
-   * <p>The account ID of the Amazon Web Services account that owns the snapshot.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
-
+export interface DescribeLocalGatewayRouteTablesRequest {
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>The IDs of the local gateway route tables.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  LocalGatewayRouteTableIds?: string[] | undefined;
 
   /**
-   * <p>The state of the snapshot lock. Valid states include:</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>compliance-cooloff</code> - The snapshot has been locked in
-   *           compliance mode but it is still within the cooling-off period. The snapshot can't be
-   *           deleted, but it can be unlocked and the lock settings can be modified by users with
-   *           appropriate permissions.</p>
+   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>governance</code> - The snapshot is locked in governance mode. The
-   *           snapshot can't be deleted, but it can be unlocked and the lock settings can be
-   *           modified by users with appropriate permissions.</p>
+   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the
+   *                local gateway route table.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>compliance</code> - The snapshot is locked in compliance mode and the
-   *           cooling-off period has expired. The snapshot can't be unlocked or deleted. The lock
-   *           duration can only be increased by users with appropriate permissions.</p>
+   *                   <code>local-gateway-route-table-id</code> - The ID of a local gateway route table.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>expired</code> - The snapshot was locked in compliance or governance
-   *           mode but the lock duration has expired. The snapshot is not locked and can be deleted.</p>
+   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the local gateway route table.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  LockState?: LockState | undefined;
-
-  /**
-   * <p>The period of time for which the snapshot is locked, in days.</p>
-   * @public
-   */
-  LockDuration?: number | undefined;
-
-  /**
-   * <p>The compliance mode cooling-off period, in hours.</p>
-   * @public
-   */
-  CoolOffPeriod?: number | undefined;
-
-  /**
-   * <p>The date and time at which the compliance mode cooling-off period expires, in the UTC time zone
-   *       (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
-   * @public
-   */
-  CoolOffPeriodExpiresOn?: Date | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The date and time at which the snapshot was locked, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  LockCreatedOn?: Date | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The date and time at which the lock duration started, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
-   *          <p>If you lock a snapshot that is in the <code>pending</code> state, the lock duration
-   *       starts only once the snapshot enters the <code>completed</code> state.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  LockDurationStartTime?: Date | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The date and time at which the lock will expire, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LockExpiresOn?: Date | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeLockedSnapshotsResult {
+export interface DescribeLocalGatewayRouteTablesResult {
   /**
-   * <p>Information about the snapshots.</p>
+   * <p>Information about the local gateway route tables.</p>
    * @public
    */
-  Snapshots?: LockedSnapshotsInfo[] | undefined;
+  LocalGatewayRouteTables?: LocalGatewayRouteTable[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -8182,18 +7871,45 @@ export interface DescribeLockedSnapshotsResult {
 /**
  * @public
  */
-export interface DescribeMacHostsRequest {
+export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest {
   /**
-   * <p>The filters.</p>
+   * <p>The IDs of the associations.</p>
+   * @public
+   */
+  LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds?: string[] | undefined;
+
+  /**
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the EC2 Mac Dedicated Host.</p>
+   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>instance-type</code> - The instance type size that the EC2 Mac Dedicated Host is
-   *                         configured to support.</p>
+   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the local
+   *                gateway route table for the virtual interface group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>local-gateway-route-table-virtual-interface-group-association-id</code> - The ID of the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>local-gateway-route-table-virtual-interface-group-id</code> - The ID of the virtual interface group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual
+   *                interface group association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the association.</p>
    *             </li>
    *          </ul>
    * @public
@@ -8201,64 +7917,41 @@ export interface DescribeMacHostsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>
-   *             The IDs of the EC2 Mac Dedicated Hosts.
-   *         </p>
-   * @public
-   */
-  HostIds?: string[] | undefined;
-
-  /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
-}
-
-/**
- * <p>
- *             Information about the EC2 Mac Dedicated Host.
- *         </p>
- * @public
- */
-export interface MacHost {
-  /**
-   * <p>
-   *             The EC2 Mac Dedicated Host ID.
-   *         </p>
-   * @public
-   */
-  HostId?: string | undefined;
 
   /**
-   * <p>
-   *             The latest macOS versions that the EC2 Mac Dedicated Host can launch without being upgraded.
-   *         </p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MacOSLatestSupportedVersions?: string[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeMacHostsResult {
+export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult {
   /**
-   * <p>
-   *             Information about the EC2 Mac Dedicated Hosts.
-   *         </p>
+   * <p>Information about the associations.</p>
    * @public
    */
-  MacHosts?: MacHost[] | undefined;
+  LocalGatewayRouteTableVirtualInterfaceGroupAssociations?:
+    | LocalGatewayRouteTableVirtualInterfaceGroupAssociation[]
+    | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -8267,29 +7960,45 @@ export interface DescribeMacHostsResult {
 /**
  * @public
  */
-export interface DescribeManagedPrefixListsRequest {
+export interface DescribeLocalGatewayRouteTableVpcAssociationsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the associations.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  LocalGatewayRouteTableVpcAssociationIds?: string[] | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The ID of the prefix list owner.</p>
+   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>prefix-list-id</code> - The ID of the prefix list.</p>
+   *                   <code>local-gateway-route-table-arn</code> - The Amazon Resource Name (ARN) of the local
+   *                gateway route table for the association.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>prefix-list-name</code> - The name of the prefix list.</p>
+   *                   <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>local-gateway-route-table-vpc-association-id</code> - The ID of the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway route table
+   *                for the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC.</p>
    *             </li>
    *          </ul>
    * @public
@@ -8310,60 +8019,59 @@ export interface DescribeManagedPrefixListsRequest {
   NextToken?: string | undefined;
 
   /**
-   * <p>One or more prefix list IDs.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  PrefixListIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeManagedPrefixListsResult {
+export interface DescribeLocalGatewayRouteTableVpcAssociationsResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the associations.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  LocalGatewayRouteTableVpcAssociations?: LocalGatewayRouteTableVpcAssociation[] | undefined;
 
   /**
-   * <p>Information about the prefix lists.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  PrefixLists?: ManagedPrefixList[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeMovingAddressesRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>One or more Elastic IP addresses.</p>
-   * @public
-   */
-  PublicIps?: string[] | undefined;
-
+export interface DescribeLocalGatewaysRequest {
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The IDs of the local gateways.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  LocalGatewayIds?: string[] | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>moving-status</code> - The status of the Elastic IP address
-   *           (<code>MovingToVpc</code> | <code>RestoringToClassic</code>).</p>
+   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the association.</p>
    *             </li>
    *          </ul>
    * @public
@@ -8371,60 +8079,72 @@ export interface DescribeMovingAddressesRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining
-   *       results of the initial request can be seen by sending another request with the returned
-   *       <code>NextToken</code> value. This value can be between 5 and 1000; if
-   *       <code>MaxResults</code> is given a value outside of this range, an error is returned.</p>
-   *          <p>Default: If no value is provided, the default is 1000.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes a local gateway.</p>
  * @public
- * @enum
  */
-export const MoveStatus = {
-  movingToVpc: "movingToVpc",
-  restoringToClassic: "restoringToClassic",
-} as const;
+export interface LocalGateway {
+  /**
+   * <p>The ID of the local gateway.</p>
+   * @public
+   */
+  LocalGatewayId?: string | undefined;
 
-/**
- * @public
- */
-export type MoveStatus = (typeof MoveStatus)[keyof typeof MoveStatus];
+  /**
+   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * @public
+   */
+  OutpostArn?: string | undefined;
 
-/**
- * <note>
- *             <p>This action is deprecated.</p>
- *          </note>
- *          <p>Describes the status of a moving Elastic IP address.</p>
- * @public
- */
-export interface MovingAddressStatus {
   /**
-   * <p>The status of the Elastic IP address that's being moved or restored.</p>
+   * <p>The ID of the Amazon Web Services account that owns the local gateway.</p>
    * @public
    */
-  MoveStatus?: MoveStatus | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The Elastic IP address.</p>
+   * <p>The state of the local gateway.</p>
    * @public
    */
-  PublicIp?: string | undefined;
+  State?: string | undefined;
+
+  /**
+   * <p>The tags assigned to the local gateway.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeMovingAddressesResult {
+export interface DescribeLocalGatewaysResult {
   /**
-   * <p>The status for each Elastic IP address.</p>
+   * <p>Information about the local gateways.</p>
    * @public
    */
-  MovingAddressStatuses?: MovingAddressStatus[] | undefined;
+  LocalGateways?: LocalGateway[] | undefined;
 
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
@@ -8436,394 +8156,427 @@ export interface DescribeMovingAddressesResult {
 /**
  * @public
  */
-export interface DescribeNatGatewaysRequest {
+export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the virtual interface groups.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  LocalGatewayVirtualInterfaceGroupIds?: string[] | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>nat-gateway-id</code> - The ID of the NAT gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the NAT gateway (<code>pending</code> |
-   *               <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p>
+   *                   <code>local-gateway-id</code> - The ID of a local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>local-gateway-virtual-interface-group-id</code> - The ID of the virtual interface group.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>local-gateway-virtual-interface-id</code> - The ID of the virtual interface.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual interface group.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filter?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>The IDs of the NAT gateways.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  NatGatewayIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes a local gateway virtual interface group.</p>
  * @public
  */
-export interface DescribeNatGatewaysResult {
-  /**
-   * <p>Information about the NAT gateways.</p>
-   * @public
-   */
-  NatGateways?: NatGateway[] | undefined;
-
+export interface LocalGatewayVirtualInterfaceGroup {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The ID of the virtual interface group.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  LocalGatewayVirtualInterfaceGroupId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeNetworkAclsRequest {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The IDs of the virtual interfaces.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  LocalGatewayVirtualInterfaceIds?: string[] | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The ID of the local gateway.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  LocalGatewayId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the Amazon Web Services account that owns the local gateway virtual interface group.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The IDs of the network ACLs.</p>
+   * <p>The tags assigned to the virtual interface group.</p>
    * @public
    */
-  NetworkAclIds?: string[] | undefined;
+  Tags?: Tag[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeLocalGatewayVirtualInterfaceGroupsResult {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>association.association-id</code> - The ID of an association ID for the ACL.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.network-acl-id</code> - The ID of the network ACL involved in the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>default</code> - Indicates whether the ACL is the default network ACL for the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.cidr</code> - The IPv4 CIDR range specified in the entry.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.icmp.code</code> - The ICMP code specified in the entry, if any.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.icmp.type</code> - The ICMP type specified in the entry, if any.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.ipv6-cidr</code> - The IPv6 CIDR range specified in the entry.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.port-range.from</code> - The start of the port range specified in the entry. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.port-range.to</code> - The end of the port range specified in the entry. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>entry.protocol</code> - The protocol specified in the entry (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p>
-   *             </li>
+   * <p>The virtual interface groups.</p>
+   * @public
+   */
+  LocalGatewayVirtualInterfaceGroups?: LocalGatewayVirtualInterfaceGroup[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeLocalGatewayVirtualInterfacesRequest {
+  /**
+   * <p>The IDs of the virtual interfaces.</p>
+   * @public
+   */
+  LocalGatewayVirtualInterfaceIds?: string[] | undefined;
+
+  /**
+   * <p>One or more filters.</p>
+   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>entry.rule-action</code> - Allows or denies the matching traffic (<code>allow</code> | <code>deny</code>).</p>
+   *                   <code>local-address</code> - The local address.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>entry.egress</code> - A Boolean that indicates the type of rule. Specify <code>true</code>
-   * 		                for egress rules, or <code>false</code> for ingress rules.</p>
+   *                   <code>local-bgp-asn</code> - The Border Gateway Protocol (BGP) Autonomous System Number (ASN)
+   *                of the local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>entry.rule-number</code> - The number of an entry (in other words, rule) in
-   *                     the set of ACL entries.</p>
+   *                   <code>local-gateway-id</code> - The ID of the local gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>network-acl-id</code> - The ID of the network ACL.</p>
+   *                   <code>local-gateway-virtual-interface-id</code> - The ID of the virtual interface.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the network ACL.</p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the local gateway virtual interface.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>peer-address</code> - The peer address.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>peer-bgp-asn</code> - The peer BGP ASN.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC for the network ACL.</p>
+   *                   <code>vlan</code> - The ID of the VLAN.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
-}
 
-/**
- * @public
- */
-export interface DescribeNetworkAclsResult {
   /**
-   * <p>Information about the network ACLs.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  NetworkAcls?: NetworkAcl[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes a local gateway virtual interface.</p>
  * @public
  */
-export interface DescribeNetworkInsightsAccessScopeAnalysesRequest {
+export interface LocalGatewayVirtualInterface {
   /**
-   * <p>The IDs of the Network Access Scope analyses.</p>
+   * <p>The ID of the virtual interface.</p>
    * @public
    */
-  NetworkInsightsAccessScopeAnalysisIds?: string[] | undefined;
+  LocalGatewayVirtualInterfaceId?: string | undefined;
 
   /**
-   * <p>The ID of the Network Access Scope.</p>
+   * <p>The ID of the local gateway.</p>
    * @public
    */
-  NetworkInsightsAccessScopeId?: string | undefined;
+  LocalGatewayId?: string | undefined;
 
   /**
-   * <p>Filters the results based on the start time. The analysis must have started on or after this time.</p>
+   * <p>The ID of the VLAN.</p>
    * @public
    */
-  AnalysisStartTimeBegin?: Date | undefined;
+  Vlan?: number | undefined;
 
   /**
-   * <p>Filters the results based on the start time. The analysis must have started on or before this time.</p>
+   * <p>The local address.</p>
    * @public
    */
-  AnalysisStartTimeEnd?: Date | undefined;
+  LocalAddress?: string | undefined;
 
   /**
-   * <p>There are no supported filters.</p>
+   * <p>The peer address.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  PeerAddress?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local gateway.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  LocalBgpAsn?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The peer BGP ASN.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  PeerBgpAsn?: number | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The ID of the Amazon Web Services account that owns the local gateway virtual interface.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  OwnerId?: string | undefined;
+
+  /**
+   * <p>The tags assigned to the virtual interface.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const FindingsFound = {
-  false: "false",
-  true: "true",
-  unknown: "unknown",
-} as const;
+export interface DescribeLocalGatewayVirtualInterfacesResult {
+  /**
+   * <p>Information about the virtual interfaces.</p>
+   * @public
+   */
+  LocalGatewayVirtualInterfaces?: LocalGatewayVirtualInterface[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
 
 /**
  * @public
  */
-export type FindingsFound = (typeof FindingsFound)[keyof typeof FindingsFound];
+export interface DescribeLockedSnapshotsRequest {
+  /**
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>lock-state</code> - The state of the snapshot lock (<code>compliance-cooloff</code> |
+   *           <code>governance</code> | <code>compliance</code> | <code>expired</code>).</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>The IDs of the snapshots for which to view the lock status.</p>
+   * @public
+   */
+  SnapshotIds?: string[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
 
 /**
  * @public
  * @enum
  */
-export const AnalysisStatus = {
-  failed: "failed",
-  running: "running",
-  succeeded: "succeeded",
+export const LockState = {
+  compliance: "compliance",
+  compliance_cooloff: "compliance-cooloff",
+  expired: "expired",
+  governance: "governance",
 } as const;
 
 /**
  * @public
  */
-export type AnalysisStatus = (typeof AnalysisStatus)[keyof typeof AnalysisStatus];
+export type LockState = (typeof LockState)[keyof typeof LockState];
 
 /**
- * <p>Describes a Network Access Scope analysis.</p>
+ * <p>Information about a locked snapshot.</p>
  * @public
  */
-export interface NetworkInsightsAccessScopeAnalysis {
-  /**
-   * <p>The ID of the Network Access Scope analysis.</p>
-   * @public
-   */
-  NetworkInsightsAccessScopeAnalysisId?: string | undefined;
-
-  /**
-   * <p>The Amazon Resource Name (ARN) of the Network Access Scope analysis.</p>
-   * @public
-   */
-  NetworkInsightsAccessScopeAnalysisArn?: string | undefined;
-
+export interface LockedSnapshotsInfo {
   /**
-   * <p>The ID of the Network Access Scope.</p>
+   * <p>The account ID of the Amazon Web Services account that owns the snapshot.</p>
    * @public
    */
-  NetworkInsightsAccessScopeId?: string | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The status.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  Status?: AnalysisStatus | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>The status message.</p>
+   * <p>The state of the snapshot lock. Valid states include:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>compliance-cooloff</code> - The snapshot has been locked in
+   *           compliance mode but it is still within the cooling-off period. The snapshot can't be
+   *           deleted, but it can be unlocked and the lock settings can be modified by users with
+   *           appropriate permissions.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>governance</code> - The snapshot is locked in governance mode. The
+   *           snapshot can't be deleted, but it can be unlocked and the lock settings can be
+   *           modified by users with appropriate permissions.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>compliance</code> - The snapshot is locked in compliance mode and the
+   *           cooling-off period has expired. The snapshot can't be unlocked or deleted. The lock
+   *           duration can only be increased by users with appropriate permissions.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>expired</code> - The snapshot was locked in compliance or governance
+   *           mode but the lock duration has expired. The snapshot is not locked and can be deleted.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  StatusMessage?: string | undefined;
+  LockState?: LockState | undefined;
 
   /**
-   * <p>The warning message.</p>
+   * <p>The period of time for which the snapshot is locked, in days.</p>
    * @public
    */
-  WarningMessage?: string | undefined;
+  LockDuration?: number | undefined;
 
   /**
-   * <p>The analysis start date.</p>
+   * <p>The compliance mode cooling-off period, in hours.</p>
    * @public
    */
-  StartDate?: Date | undefined;
+  CoolOffPeriod?: number | undefined;
 
   /**
-   * <p>The analysis end date.</p>
+   * <p>The date and time at which the compliance mode cooling-off period expires, in the UTC time zone
+   *       (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
    * @public
    */
-  EndDate?: Date | undefined;
+  CoolOffPeriodExpiresOn?: Date | undefined;
 
   /**
-   * <p>Indicates whether there are findings.</p>
+   * <p>The date and time at which the snapshot was locked, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
    * @public
    */
-  FindingsFound?: FindingsFound | undefined;
+  LockCreatedOn?: Date | undefined;
 
   /**
-   * <p>The number of network interfaces analyzed.</p>
+   * <p>The date and time at which the lock duration started, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
+   *          <p>If you lock a snapshot that is in the <code>pending</code> state, the lock duration
+   *       starts only once the snapshot enters the <code>completed</code> state.</p>
    * @public
    */
-  AnalyzedEniCount?: number | undefined;
+  LockDurationStartTime?: Date | undefined;
 
   /**
-   * <p>The tags.</p>
+   * <p>The date and time at which the lock will expire, in the UTC time zone (<code>YYYY-MM-DDThh:mm:ss.sssZ</code>).</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  LockExpiresOn?: Date | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeNetworkInsightsAccessScopeAnalysesResult {
+export interface DescribeLockedSnapshotsResult {
   /**
-   * <p>The Network Access Scope analyses.</p>
+   * <p>Information about the snapshots.</p>
    * @public
    */
-  NetworkInsightsAccessScopeAnalyses?: NetworkInsightsAccessScopeAnalysis[] | undefined;
+  Snapshots?: LockedSnapshotsInfo[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -8832,94 +8585,114 @@ export interface DescribeNetworkInsightsAccessScopeAnalysesResult {
 /**
  * @public
  */
-export interface DescribeNetworkInsightsAccessScopesRequest {
-  /**
-   * <p>The IDs of the Network Access Scopes.</p>
-   * @public
-   */
-  NetworkInsightsAccessScopeIds?: string[] | undefined;
-
+export interface DescribeMacHostsRequest {
   /**
-   * <p>There are no supported filters.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone of the EC2 Mac Dedicated Host.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instance-type</code> - The instance type size that the EC2 Mac Dedicated Host is
+   *                         configured to support.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>
+   *             The IDs of the EC2 Mac Dedicated Hosts.
+   *         </p>
    * @public
    */
-  MaxResults?: number | undefined;
+  HostIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token to use to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <p>
+ *             Information about the EC2 Mac Dedicated Host.
+ *         </p>
  * @public
  */
-export interface DescribeNetworkInsightsAccessScopesResult {
+export interface MacHost {
   /**
-   * <p>The Network Access Scopes.</p>
+   * <p>
+   *             The EC2 Mac Dedicated Host ID.
+   *         </p>
    * @public
    */
-  NetworkInsightsAccessScopes?: NetworkInsightsAccessScope[] | undefined;
+  HostId?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>
+   *             The latest macOS versions that the EC2 Mac Dedicated Host can launch without being upgraded.
+   *         </p>
    * @public
    */
-  NextToken?: string | undefined;
+  MacOSLatestSupportedVersions?: string[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeNetworkInsightsAnalysesRequest {
-  /**
-   * <p>The ID of the network insights analyses. You must specify either analysis IDs or a path ID.</p>
-   * @public
-   */
-  NetworkInsightsAnalysisIds?: string[] | undefined;
-
+export interface DescribeMacHostsResult {
   /**
-   * <p>The ID of the path. You must specify either a path ID or analysis IDs.</p>
+   * <p>
+   *             Information about the EC2 Mac Dedicated Hosts.
+   *         </p>
    * @public
    */
-  NetworkInsightsPathId?: string | undefined;
+  MacHosts?: MacHost[] | undefined;
 
   /**
-   * <p>The time when the network insights analyses started.</p>
+   * <p>The token to use to retrieve the next page of results.</p>
    * @public
    */
-  AnalysisStartTime?: Date | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeManagedPrefixListsRequest {
   /**
-   * <p>The time when the network insights analyses ended.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AnalysisEndTime?: Date | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters. The following are the possible values:</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
-   *                <p>path-found - A Boolean value that indicates whether a feasible path is found.</p>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the prefix list owner.</p>
    *             </li>
    *             <li>
-   *                <p>status - The status of the analysis (running | succeeded | failed).</p>
+   *                <p>
+   *                   <code>prefix-list-id</code> - The ID of the prefix list.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>prefix-list-name</code> - The name of the prefix list.</p>
    *             </li>
    *          </ul>
    * @public
@@ -8928,140 +8701,220 @@ export interface DescribeNetworkInsightsAnalysesRequest {
 
   /**
    * <p>The maximum number of results to return with a single call.
-   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>One or more prefix list IDs.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  PrefixListIds?: string[] | undefined;
 }
 
 /**
- * <p>Describes a network insights analysis.</p>
  * @public
  */
-export interface NetworkInsightsAnalysis {
+export interface DescribeManagedPrefixListsResult {
   /**
-   * <p>The ID of the network insights analysis.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  NetworkInsightsAnalysisId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of the network insights analysis.</p>
+   * <p>Information about the prefix lists.</p>
    * @public
    */
-  NetworkInsightsAnalysisArn?: string | undefined;
+  PrefixLists?: ManagedPrefixList[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeMovingAddressesRequest {
   /**
-   * <p>The ID of the path.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NetworkInsightsPathId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The member accounts that contain resources that the path can traverse.</p>
+   * <p>One or more Elastic IP addresses.</p>
    * @public
    */
-  AdditionalAccounts?: string[] | undefined;
+  PublicIps?: string[] | undefined;
 
   /**
-   * <p>The Amazon Resource Names (ARN) of the resources that the path must traverse.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  FilterInArns?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The time the analysis started.</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>moving-status</code> - The status of the Elastic IP address
+   *           (<code>MovingToVpc</code> | <code>RestoringToClassic</code>).</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  StartDate?: Date | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The status of the network insights analysis.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining
+   *       results of the initial request can be seen by sending another request with the returned
+   *       <code>NextToken</code> value. This value can be between 5 and 1000; if
+   *       <code>MaxResults</code> is given a value outside of this range, an error is returned.</p>
+   *          <p>Default: If no value is provided, the default is 1000.</p>
    * @public
    */
-  Status?: AnalysisStatus | undefined;
+  MaxResults?: number | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const MoveStatus = {
+  movingToVpc: "movingToVpc",
+  restoringToClassic: "restoringToClassic",
+} as const;
+
+/**
+ * @public
+ */
+export type MoveStatus = (typeof MoveStatus)[keyof typeof MoveStatus];
 
+/**
+ * <note>
+ *             <p>This action is deprecated.</p>
+ *          </note>
+ *          <p>Describes the status of a moving Elastic IP address.</p>
+ * @public
+ */
+export interface MovingAddressStatus {
   /**
-   * <p>The status message, if the status is <code>failed</code>.</p>
+   * <p>The status of the Elastic IP address that's being moved or restored.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  MoveStatus?: MoveStatus | undefined;
 
   /**
-   * <p>The warning message.</p>
+   * <p>The Elastic IP address.</p>
    * @public
    */
-  WarningMessage?: string | undefined;
+  PublicIp?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeMovingAddressesResult {
   /**
-   * <p>Indicates whether the destination is reachable from the source.</p>
+   * <p>The status for each Elastic IP address.</p>
    * @public
    */
-  NetworkPathFound?: boolean | undefined;
+  MovingAddressStatuses?: MovingAddressStatus[] | undefined;
 
   /**
-   * <p>The components in the path from source to destination.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  ForwardPathComponents?: PathComponent[] | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeNatGatewaysRequest {
   /**
-   * <p>The components in the path from destination to source.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  ReturnPathComponents?: PathComponent[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The explanations. For more information, see <a href="https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html">Reachability Analyzer explanation codes</a>.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>nat-gateway-id</code> - The ID of the NAT gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the NAT gateway (<code>pending</code> |
+   *               <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Explanations?: Explanation[] | undefined;
+  Filter?: Filter[] | undefined;
 
   /**
-   * <p>Potential intermediate components.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  AlternatePathHints?: AlternatePathHint[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Potential intermediate accounts.</p>
+   * <p>The IDs of the NAT gateways.</p>
    * @public
    */
-  SuggestedAccounts?: string[] | undefined;
+  NatGatewayIds?: string[] | undefined;
 
   /**
-   * <p>The tags.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeNetworkInsightsAnalysesResult {
+export interface DescribeNatGatewaysResult {
   /**
-   * <p>Information about the network insights analyses.</p>
+   * <p>Information about the NAT gateways.</p>
    * @public
    */
-  NetworkInsightsAnalyses?: NetworkInsightsAnalysis[] | undefined;
+  NatGateways?: NatGateway[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -9070,53 +8923,173 @@ export interface DescribeNetworkInsightsAnalysesResult {
 /**
  * @public
  */
-export interface DescribeNetworkInsightsPathsRequest {
+export interface DescribeNetworkAclsRequest {
   /**
-   * <p>The IDs of the paths.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  NetworkInsightsPathIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The filters. The following are the possible values:</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The IDs of the network ACLs.</p>
+   * @public
+   */
+  NetworkAclIds?: string[] | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
-   *                <p>destination - The ID of the resource.</p>
+   *                <p>
+   *                   <code>association.association-id</code> - The ID of an association ID for the ACL.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-source.source-address - The source IPv4 address at the source.</p>
+   *                <p>
+   *                   <code>association.network-acl-id</code> - The ID of the network ACL involved in the association.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-source.source-port-range - The source port range at the source.</p>
+   *                <p>
+   *                   <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-source.destination-address - The destination IPv4 address at the source.</p>
+   *                <p>
+   *                   <code>default</code> - Indicates whether the ACL is the default network ACL for the VPC.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-source.destination-port-range - The destination port range at the source.</p>
+   *                <p>
+   *                   <code>entry.cidr</code> - The IPv4 CIDR range specified in the entry.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-destination.source-address - The source IPv4 address at the destination.</p>
+   *                <p>
+   *                   <code>entry.icmp.code</code> - The ICMP code specified in the entry, if any.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-destination.source-port-range - The source port range at the destination.</p>
+   *                <p>
+   *                   <code>entry.icmp.type</code> - The ICMP type specified in the entry, if any.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-destination.destination-address - The destination IPv4 address at the destination.</p>
+   *                <p>
+   *                   <code>entry.ipv6-cidr</code> - The IPv6 CIDR range specified in the entry.</p>
    *             </li>
    *             <li>
-   *                <p>filter-at-destination.destination-port-range - The destination port range at the destination.</p>
+   *                <p>
+   *                   <code>entry.port-range.from</code> - The start of the port range specified in the entry. </p>
    *             </li>
    *             <li>
-   *                <p>protocol - The protocol.</p>
+   *                <p>
+   *                   <code>entry.port-range.to</code> - The end of the port range specified in the entry. </p>
    *             </li>
    *             <li>
-   *                <p>source - The ID of the resource.</p>
+   *                <p>
+   *                   <code>entry.protocol</code> - The protocol specified in the entry (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>entry.rule-action</code> - Allows or denies the matching traffic (<code>allow</code> | <code>deny</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>entry.egress</code> - A Boolean that indicates the type of rule. Specify <code>true</code>
+   * 		                for egress rules, or <code>false</code> for ingress rules.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>entry.rule-number</code> - The number of an entry (in other words, rule) in
+   *                     the set of ACL entries.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-acl-id</code> - The ID of the network ACL.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the network ACL.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC for the network ACL.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeNetworkAclsResult {
+  /**
+   * <p>Information about the network ACLs.</p>
+   * @public
+   */
+  NetworkAcls?: NetworkAcl[] | undefined;
+
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeNetworkInsightsAccessScopeAnalysesRequest {
+  /**
+   * <p>The IDs of the Network Access Scope analyses.</p>
+   * @public
+   */
+  NetworkInsightsAccessScopeAnalysisIds?: string[] | undefined;
+
+  /**
+   * <p>The ID of the Network Access Scope.</p>
+   * @public
+   */
+  NetworkInsightsAccessScopeId?: string | undefined;
+
+  /**
+   * <p>Filters the results based on the start time. The analysis must have started on or after this time.</p>
+   * @public
+   */
+  AnalysisStartTimeBegin?: Date | undefined;
+
+  /**
+   * <p>Filters the results based on the start time. The analysis must have started on or before this time.</p>
+   * @public
+   */
+  AnalysisStartTimeEnd?: Date | undefined;
+
+  /**
+   * <p>There are no supported filters.</p>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -9142,402 +9115,173 @@ export interface DescribeNetworkInsightsPathsRequest {
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeNetworkInsightsPathsResult {
-  /**
-   * <p>Information about the paths.</p>
-   * @public
-   */
-  NetworkInsightsPaths?: NetworkInsightsPath[] | undefined;
+export const FindingsFound = {
+  false: "false",
+  true: "true",
+  unknown: "unknown",
+} as const;
 
-  /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
+/**
+ * @public
+ */
+export type FindingsFound = (typeof FindingsFound)[keyof typeof FindingsFound];
 
 /**
  * @public
  * @enum
  */
-export const NetworkInterfaceAttribute = {
-  associatePublicIpAddress: "associatePublicIpAddress",
-  attachment: "attachment",
-  description: "description",
-  groupSet: "groupSet",
-  sourceDestCheck: "sourceDestCheck",
+export const AnalysisStatus = {
+  failed: "failed",
+  running: "running",
+  succeeded: "succeeded",
 } as const;
 
 /**
  * @public
  */
-export type NetworkInterfaceAttribute = (typeof NetworkInterfaceAttribute)[keyof typeof NetworkInterfaceAttribute];
+export type AnalysisStatus = (typeof AnalysisStatus)[keyof typeof AnalysisStatus];
 
 /**
- * <p>Contains the parameters for DescribeNetworkInterfaceAttribute.</p>
+ * <p>Describes a Network Access Scope analysis.</p>
  * @public
  */
-export interface DescribeNetworkInterfaceAttributeRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the network interface.</p>
-   * @public
-   */
-  NetworkInterfaceId: string | undefined;
-
+export interface NetworkInsightsAccessScopeAnalysis {
   /**
-   * <p>The attribute of the network interface. This parameter is required.</p>
+   * <p>The ID of the Network Access Scope analysis.</p>
    * @public
    */
-  Attribute?: NetworkInterfaceAttribute | undefined;
-}
+  NetworkInsightsAccessScopeAnalysisId?: string | undefined;
 
-/**
- * <p>Contains the output of DescribeNetworkInterfaceAttribute.</p>
- * @public
- */
-export interface DescribeNetworkInterfaceAttributeResult {
   /**
-   * <p>The attachment (if any) of the network interface.</p>
+   * <p>The Amazon Resource Name (ARN) of the Network Access Scope analysis.</p>
    * @public
    */
-  Attachment?: NetworkInterfaceAttachment | undefined;
+  NetworkInsightsAccessScopeAnalysisArn?: string | undefined;
 
   /**
-   * <p>The description of the network interface.</p>
+   * <p>The ID of the Network Access Scope.</p>
    * @public
    */
-  Description?: AttributeValue | undefined;
+  NetworkInsightsAccessScopeId?: string | undefined;
 
   /**
-   * <p>The security groups associated with the network interface.</p>
+   * <p>The status.</p>
    * @public
    */
-  Groups?: GroupIdentifier[] | undefined;
+  Status?: AnalysisStatus | undefined;
 
   /**
-   * <p>The ID of the network interface.</p>
+   * <p>The status message.</p>
    * @public
    */
-  NetworkInterfaceId?: string | undefined;
+  StatusMessage?: string | undefined;
 
   /**
-   * <p>Indicates whether source/destination checking is enabled.</p>
+   * <p>The warning message.</p>
    * @public
    */
-  SourceDestCheck?: AttributeBooleanValue | undefined;
+  WarningMessage?: string | undefined;
 
   /**
-   * <p>Indicates whether to assign a public IPv4 address to a network interface.
-   *             This option can be enabled for any network interface but will only apply to the primary network interface (eth0).</p>
+   * <p>The analysis start date.</p>
    * @public
    */
-  AssociatePublicIpAddress?: boolean | undefined;
-}
+  StartDate?: Date | undefined;
 
-/**
- * <p>Contains the parameters for DescribeNetworkInterfacePermissions.</p>
- * @public
- */
-export interface DescribeNetworkInterfacePermissionsRequest {
   /**
-   * <p>The network interface permission IDs.</p>
+   * <p>The analysis end date.</p>
    * @public
    */
-  NetworkInterfacePermissionIds?: string[] | undefined;
+  EndDate?: Date | undefined;
 
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-permission.network-interface-permission-id</code> - The ID of the
-   * 				permission.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-permission.network-interface-id</code> - The ID of
-   * 					the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-permission.aws-account-id</code> - The Amazon Web Services account ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-permission.aws-service</code> - The Amazon Web Services service.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-permission.permission</code> - The type of
-   * 					permission (<code>INSTANCE-ATTACH</code> |
-   * 					<code>EIP-ASSOCIATE</code>).</p>
-   *             </li>
-   *          </ul>
+   * <p>Indicates whether there are findings.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  FindingsFound?: FindingsFound | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   * 		    Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The number of network interfaces analyzed.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  AnalyzedEniCount?: number | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of items,
-   * 			make another request with the token returned in the output. If this parameter is not specified,
-   * 			up to 50 results are returned by default. For more information, see
-   * 			<a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The tags.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Tags?: Tag[] | undefined;
 }
 
 /**
- * <p>Contains the output for DescribeNetworkInterfacePermissions.</p>
  * @public
  */
-export interface DescribeNetworkInterfacePermissionsResult {
+export interface DescribeNetworkInsightsAccessScopeAnalysesResult {
   /**
-   * <p>The network interface permissions.</p>
+   * <p>The Network Access Scope analyses.</p>
    * @public
    */
-  NetworkInterfacePermissions?: NetworkInterfacePermission[] | undefined;
+  NetworkInsightsAccessScopeAnalyses?: NetworkInsightsAccessScopeAnalysis[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items.
-   * 		  This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeNetworkInterfaces.</p>
  * @public
  */
-export interface DescribeNetworkInterfacesRequest {
-  /**
-   * <p>The token returned from a previous paginated request.
-   * 		    Pagination continues from the end of the items returned by the previous request.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
+export interface DescribeNetworkInsightsAccessScopesRequest {
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of items,
-   * 		    make another request with the token returned in the output. You cannot specify this
-   * 		    parameter and the network interface IDs parameter in the same request. For more information,
-   * 		    see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The IDs of the Network Access Scopes.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NetworkInsightsAccessScopeIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>There are no supported filters.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The network interface IDs.</p>
-   *          <p>Default: Describes all your network interfaces.</p>
+   * <p>The maximum number of results to return with a single call.
+   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  NetworkInterfaceIds?: string[] | undefined;
+  MaxResults?: number | undefined;
 
-  /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>association.allocation-id</code> - The allocation ID returned when you
-   * 		                allocated the Elastic IP address (IPv4) for your network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.association-id</code> - The association ID returned when the
-   * 		                network interface was associated with an IPv4 address.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>addresses.association.owner-id</code> - The owner ID of the addresses associated with the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>addresses.association.public-ip</code> - The association ID returned when
-   * 		                the network interface was associated with the Elastic IP address
-   * 		                (IPv4).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>addresses.primary</code> - Whether the private IPv4 address is the primary
-   *                     IP address associated with the network interface. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>addresses.private-ip-address</code> - The private IPv4 addresses
-   * 		                associated with the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.ip-owner-id</code> - The owner of the Elastic IP address
-   *                     (IPv4) associated with the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.public-ip</code> - The address of the Elastic IP address
-   *                     (IPv4) bound to the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.public-dns-name</code> - The public DNS name for the network
-   *                     interface (IPv4).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.attach-time</code> - The time that the network interface was attached to an instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.attachment-id</code> - The ID of the interface attachment.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.delete-on-termination</code> - Indicates whether the attachment is deleted when an instance is terminated.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.device-index</code> - The device index to which the network interface is attached.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>description</code> - The description of the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>group-id</code> - The ID of a security group associated with the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipv6-addresses.ipv6-address</code> - An IPv6 address associated with
-   *                     the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>interface-type</code> - The type of network interface (<code>api_gateway_managed</code> |
-   * 		               <code>aws_codestar_connections_managed</code> | <code>branch</code> | <code>ec2_instance_connect_endpoint</code> |
-   * 		               <code>efa</code> | <code>efa-only</code> | <code>efs</code> | <code>gateway_load_balancer</code> |
-   * 		               <code>gateway_load_balancer_endpoint</code> | <code>global_accelerator_managed</code> |  <code>interface</code> |
-   * 		               <code>iot_rules_managed</code> | <code>lambda</code> | <code>load_balancer</code> | <code>nat_gateway</code> |
-   * 		               <code>network_load_balancer</code> | <code>quicksight</code> |  <code>transit_gateway</code> | <code>trunk</code> |
-   * 		               <code>vpc_endpoint</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>mac-address</code> - The MAC address of the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-id</code> - The ID of the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The Amazon Web Services account ID of the network interface owner.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>private-dns-name</code> - The private DNS name of the network interface (IPv4).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>private-ip-address</code> - The private IPv4 address or addresses of the
-   *                     network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>requester-id</code> - The alias or Amazon Web Services account ID of the principal or service that created the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>requester-managed</code> - Indicates whether the network interface is being managed by an Amazon Web Services
-   * 		               service (for example, Amazon Web Services Management Console, Auto Scaling, and so on).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>source-dest-check</code> - Indicates whether the network interface performs source/destination checking.
-   * 		            A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled.
-   * 		            The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status</code> - The status of the network interface. If the network interface is not attached to an instance, the status is <code>available</code>;
-   * 		            if a network interface is attached to an instance the status is <code>in-use</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>subnet-id</code> - The ID of the subnet for the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC for the network interface.</p>
-   *             </li>
-   *          </ul>
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeNetworkInterfacesResult {
+export interface DescribeNetworkInsightsAccessScopesResult {
   /**
-   * <p>Information about the network interfaces.</p>
+   * <p>The Network Access Scopes.</p>
    * @public
    */
-  NetworkInterfaces?: NetworkInterface[] | undefined;
+  NetworkInsightsAccessScopes?: NetworkInsightsAccessScope[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items.
-   * 		    This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -9546,116 +9290,231 @@ export interface DescribeNetworkInterfacesResult {
 /**
  * @public
  */
-export interface DescribePlacementGroupsRequest {
+export interface DescribeNetworkInsightsAnalysesRequest {
   /**
-   * <p>The IDs of the placement groups.</p>
+   * <p>The ID of the network insights analyses. You must specify either analysis IDs or a path ID.</p>
    * @public
    */
-  GroupIds?: string[] | undefined;
+  NetworkInsightsAnalysisIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the path. You must specify either a path ID or analysis IDs.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NetworkInsightsPathId?: string | undefined;
 
   /**
-   * <p>The names of the placement groups.</p>
-   *          <p>Constraints:</p>
-   *          <ul>
-   *             <li>
-   *                <p>You can specify a name only if the placement group is owned by your
-   *                     account.</p>
-   *             </li>
-   *             <li>
-   *                <p>If a placement group is <i>shared</i> with your account,
-   *                     specifying the name results in an error. You must use the <code>GroupId</code>
-   *                     parameter instead.</p>
-   *             </li>
-   *          </ul>
+   * <p>The time when the network insights analyses started.</p>
    * @public
    */
-  GroupNames?: string[] | undefined;
+  AnalysisStartTime?: Date | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>The time when the network insights analyses ended.</p>
+   * @public
+   */
+  AnalysisEndTime?: Date | undefined;
+
+  /**
+   * <p>The filters. The following are the possible values:</p>
    *          <ul>
    *             <li>
-   *                <p>
-   *                   <code>group-name</code> - The name of the placement group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>group-arn</code> - The Amazon Resource Name (ARN) of the placement
-   *                     group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>spread-level</code> - The spread level for the placement group
-   *                         (<code>host</code> | <code>rack</code>). </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the placement group (<code>pending</code> |
-   *                         <code>available</code> | <code>deleting</code> |
-   *                     <code>deleted</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>strategy</code> - The strategy of the placement group
-   *                         (<code>cluster</code> | <code>spread</code> |
-   *                     <code>partition</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                <p>path-found - A Boolean value that indicates whether a feasible path is found.</p>
    *             </li>
    *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p>
+   *                <p>status - The status of the analysis (running | succeeded | failed).</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return with a single call.
+   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
+ * <p>Describes a network insights analysis.</p>
  * @public
  */
-export interface DescribePlacementGroupsResult {
+export interface NetworkInsightsAnalysis {
   /**
-   * <p>Information about the placement groups.</p>
+   * <p>The ID of the network insights analysis.</p>
    * @public
    */
-  PlacementGroups?: PlacementGroup[] | undefined;
+  NetworkInsightsAnalysisId?: string | undefined;
+
+  /**
+   * <p>The Amazon Resource Name (ARN) of the network insights analysis.</p>
+   * @public
+   */
+  NetworkInsightsAnalysisArn?: string | undefined;
+
+  /**
+   * <p>The ID of the path.</p>
+   * @public
+   */
+  NetworkInsightsPathId?: string | undefined;
+
+  /**
+   * <p>The member accounts that contain resources that the path can traverse.</p>
+   * @public
+   */
+  AdditionalAccounts?: string[] | undefined;
+
+  /**
+   * <p>The Amazon Resource Names (ARN) of the resources that the path must traverse.</p>
+   * @public
+   */
+  FilterInArns?: string[] | undefined;
+
+  /**
+   * <p>The time the analysis started.</p>
+   * @public
+   */
+  StartDate?: Date | undefined;
+
+  /**
+   * <p>The status of the network insights analysis.</p>
+   * @public
+   */
+  Status?: AnalysisStatus | undefined;
+
+  /**
+   * <p>The status message, if the status is <code>failed</code>.</p>
+   * @public
+   */
+  StatusMessage?: string | undefined;
+
+  /**
+   * <p>The warning message.</p>
+   * @public
+   */
+  WarningMessage?: string | undefined;
+
+  /**
+   * <p>Indicates whether the destination is reachable from the source.</p>
+   * @public
+   */
+  NetworkPathFound?: boolean | undefined;
+
+  /**
+   * <p>The components in the path from source to destination.</p>
+   * @public
+   */
+  ForwardPathComponents?: PathComponent[] | undefined;
+
+  /**
+   * <p>The components in the path from destination to source.</p>
+   * @public
+   */
+  ReturnPathComponents?: PathComponent[] | undefined;
+
+  /**
+   * <p>The explanations. For more information, see <a href="https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html">Reachability Analyzer explanation codes</a>.</p>
+   * @public
+   */
+  Explanations?: Explanation[] | undefined;
+
+  /**
+   * <p>Potential intermediate components.</p>
+   * @public
+   */
+  AlternatePathHints?: AlternatePathHint[] | undefined;
+
+  /**
+   * <p>Potential intermediate accounts.</p>
+   * @public
+   */
+  SuggestedAccounts?: string[] | undefined;
+
+  /**
+   * <p>The tags.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribePrefixListsRequest {
+export interface DescribeNetworkInsightsAnalysesResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Information about the network insights analyses.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NetworkInsightsAnalyses?: NetworkInsightsAnalysis[] | undefined;
 
   /**
-   * <p>One or more filters.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeNetworkInsightsPathsRequest {
+  /**
+   * <p>The IDs of the paths.</p>
+   * @public
+   */
+  NetworkInsightsPathIds?: string[] | undefined;
+
+  /**
+   * <p>The filters. The following are the possible values:</p>
    *          <ul>
    *             <li>
-   *                <p>
-   *                   <code>prefix-list-id</code>: The ID of a prefix list.</p>
+   *                <p>destination - The ID of the resource.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-source.source-address - The source IPv4 address at the source.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-source.source-port-range - The source port range at the source.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-source.destination-address - The destination IPv4 address at the source.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-source.destination-port-range - The destination port range at the source.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-destination.source-address - The source IPv4 address at the destination.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-destination.source-port-range - The source port range at the destination.</p>
+   *             </li>
+   *             <li>
+   *                <p>filter-at-destination.destination-address - The destination IPv4 address at the destination.</p>
    *             </li>
    *             <li>
-   *                <p>
-   *                   <code>prefix-list-name</code>: The name of a prefix list.</p>
+   *                <p>filter-at-destination.destination-port-range - The destination port range at the destination.</p>
+   *             </li>
+   *             <li>
+   *                <p>protocol - The protocol.</p>
+   *             </li>
+   *             <li>
+   *                <p>source - The ID of the resource.</p>
    *             </li>
    *          </ul>
    * @public
@@ -9664,173 +9523,394 @@ export interface DescribePrefixListsRequest {
 
   /**
    * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
   /**
    * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeNetworkInsightsPathsResult {
   /**
-   * <p>One or more prefix list IDs.</p>
+   * <p>Information about the paths.</p>
    * @public
    */
-  PrefixListIds?: string[] | undefined;
+  NetworkInsightsPaths?: NetworkInsightsPath[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes prefixes for Amazon Web Services services.</p>
  * @public
+ * @enum
  */
-export interface PrefixList {
+export const NetworkInterfaceAttribute = {
+  associatePublicIpAddress: "associatePublicIpAddress",
+  attachment: "attachment",
+  description: "description",
+  groupSet: "groupSet",
+  sourceDestCheck: "sourceDestCheck",
+} as const;
+
+/**
+ * @public
+ */
+export type NetworkInterfaceAttribute = (typeof NetworkInterfaceAttribute)[keyof typeof NetworkInterfaceAttribute];
+
+/**
+ * <p>Contains the parameters for DescribeNetworkInterfaceAttribute.</p>
+ * @public
+ */
+export interface DescribeNetworkInterfaceAttributeRequest {
   /**
-   * <p>The IP address range of the Amazon Web Services service.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Cidrs?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the prefix.</p>
+   * <p>The ID of the network interface.</p>
    * @public
    */
-  PrefixListId?: string | undefined;
+  NetworkInterfaceId: string | undefined;
 
   /**
-   * <p>The name of the prefix.</p>
+   * <p>The attribute of the network interface. This parameter is required.</p>
    * @public
    */
-  PrefixListName?: string | undefined;
+  Attribute?: NetworkInterfaceAttribute | undefined;
 }
 
 /**
+ * <p>Contains the output of DescribeNetworkInterfaceAttribute.</p>
  * @public
  */
-export interface DescribePrefixListsResult {
+export interface DescribeNetworkInterfaceAttributeResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The attachment (if any) of the network interface.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Attachment?: NetworkInterfaceAttachment | undefined;
 
   /**
-   * <p>All available prefix lists.</p>
+   * <p>The description of the network interface.</p>
    * @public
    */
-  PrefixLists?: PrefixList[] | undefined;
-}
+  Description?: AttributeValue | undefined;
 
-/**
- * @public
- */
-export interface DescribePrincipalIdFormatRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The security groups associated with the network interface.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Groups?: GroupIdentifier[] | undefined;
 
   /**
-   * <p>The type of resource: <code>bundle</code> |
-   *             <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
-   *             <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
-   *             <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
-   *             <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
-   *             <code>network-acl</code> | <code>network-acl-association</code> |
-   *             <code>network-interface</code> | <code>network-interface-attachment</code> |
-   *             <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
-   *             <code>route-table-association</code> | <code>security-group</code> |
-   *             <code>snapshot</code> | <code>subnet</code> |
-   *             <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
-   *             | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
-   *             <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
-   *          </p>
+   * <p>The ID of the network interface.</p>
    * @public
    */
-  Resources?: string[] | undefined;
+  NetworkInterfaceId?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining
-   *             results, make another call with the returned NextToken value. </p>
+   * <p>Indicates whether source/destination checking is enabled.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  SourceDestCheck?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The token to request the next page of results.</p>
+   * <p>Indicates whether to assign a public IPv4 address to a network interface.
+   *             This option can be enabled for any network interface but will only apply to the primary network interface (eth0).</p>
    * @public
    */
-  NextToken?: string | undefined;
+  AssociatePublicIpAddress?: boolean | undefined;
 }
 
 /**
- * <p>PrincipalIdFormat description</p>
+ * <p>Contains the parameters for DescribeNetworkInterfacePermissions.</p>
  * @public
  */
-export interface PrincipalIdFormat {
+export interface DescribeNetworkInterfacePermissionsRequest {
   /**
-   * <p>PrincipalIdFormatARN description</p>
+   * <p>The network interface permission IDs.</p>
    * @public
    */
-  Arn?: string | undefined;
+  NetworkInterfacePermissionIds?: string[] | undefined;
 
   /**
-   * <p>PrincipalIdFormatStatuses description</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-permission.network-interface-permission-id</code> - The ID of the
+   * 				permission.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-permission.network-interface-id</code> - The ID of
+   * 					the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-permission.aws-account-id</code> - The Amazon Web Services account ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-permission.aws-service</code> - The Amazon Web Services service.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-permission.permission</code> - The type of
+   * 					permission (<code>INSTANCE-ATTACH</code> |
+   * 					<code>EIP-ASSOCIATE</code>).</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Statuses?: IdFormat[] | undefined;
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request.
+   * 		    Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request. To get the next page of items,
+   * 			make another request with the token returned in the output. If this parameter is not specified,
+   * 			up to 50 results are returned by default. For more information, see
+   * 			<a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
 }
 
 /**
+ * <p>Contains the output for DescribeNetworkInterfacePermissions.</p>
  * @public
  */
-export interface DescribePrincipalIdFormatResult {
+export interface DescribeNetworkInterfacePermissionsResult {
   /**
-   * <p>Information about the ID format settings for the ARN.</p>
+   * <p>The network interface permissions.</p>
    * @public
    */
-  Principals?: PrincipalIdFormat[] | undefined;
+  NetworkInterfacePermissions?: NetworkInterfacePermission[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is null when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items.
+   * 		  This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DescribeNetworkInterfaces.</p>
  * @public
  */
-export interface DescribePublicIpv4PoolsRequest {
+export interface DescribeNetworkInterfacesRequest {
   /**
-   * <p>The IDs of the address pools.</p>
+   * <p>The token returned from a previous paginated request.
+   * 		    Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  PoolIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The maximum number of items to return for this request. To get the next page of items,
+   * 		    make another request with the token returned in the output. You cannot specify this
+   * 		    parameter and the network interface IDs parameter in the same request. For more information,
+   * 		    see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The network interface IDs.</p>
+   *          <p>Default: Describes all your network interfaces.</p>
+   * @public
+   */
+  NetworkInterfaceIds?: string[] | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
+   *                   <code>association.allocation-id</code> - The allocation ID returned when you
+   * 		                allocated the Elastic IP address (IPv4) for your network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.association-id</code> - The association ID returned when the
+   * 		                network interface was associated with an IPv4 address.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>addresses.association.owner-id</code> - The owner ID of the addresses associated with the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>addresses.association.public-ip</code> - The association ID returned when
+   * 		                the network interface was associated with the Elastic IP address
+   * 		                (IPv4).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>addresses.primary</code> - Whether the private IPv4 address is the primary
+   *                     IP address associated with the network interface. </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>addresses.private-ip-address</code> - The private IPv4 addresses
+   * 		                associated with the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.ip-owner-id</code> - The owner of the Elastic IP address
+   *                     (IPv4) associated with the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.public-ip</code> - The address of the Elastic IP address
+   *                     (IPv4) bound to the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.public-dns-name</code> - The public DNS name for the network
+   *                     interface (IPv4).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.attach-time</code> - The time that the network interface was attached to an instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.attachment-id</code> - The ID of the interface attachment.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.delete-on-termination</code> - Indicates whether the attachment is deleted when an instance is terminated.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.device-index</code> - The device index to which the network interface is attached.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone of the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>description</code> - The description of the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>group-id</code> - The ID of a security group associated with the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-addresses.ipv6-address</code> - An IPv6 address associated with
+   *                     the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>interface-type</code> - The type of network interface (<code>api_gateway_managed</code> |
+   * 		               <code>aws_codestar_connections_managed</code> | <code>branch</code> | <code>ec2_instance_connect_endpoint</code> |
+   * 		               <code>efa</code> | <code>efa-only</code> | <code>efs</code> | <code>gateway_load_balancer</code> |
+   * 		               <code>gateway_load_balancer_endpoint</code> | <code>global_accelerator_managed</code> |  <code>interface</code> |
+   * 		               <code>iot_rules_managed</code> | <code>lambda</code> | <code>load_balancer</code> | <code>nat_gateway</code> |
+   * 		               <code>network_load_balancer</code> | <code>quicksight</code> |  <code>transit_gateway</code> | <code>trunk</code> |
+   * 		               <code>vpc_endpoint</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>mac-address</code> - The MAC address of the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface-id</code> - The ID of the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The Amazon Web Services account ID of the network interface owner.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>private-dns-name</code> - The private DNS name of the network interface (IPv4).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>private-ip-address</code> - The private IPv4 address or addresses of the
+   *                     network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>requester-id</code> - The alias or Amazon Web Services account ID of the principal or service that created the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>requester-managed</code> - Indicates whether the network interface is being managed by an Amazon Web Services
+   * 		               service (for example, Amazon Web Services Management Console, Auto Scaling, and so on).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>source-dest-check</code> - Indicates whether the network interface performs source/destination checking.
+   * 		            A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled.
+   * 		            The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC. </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code> - The status of the network interface. If the network interface is not attached to an instance, the status is <code>available</code>;
+   * 		            if a network interface is attached to an instance the status is <code>in-use</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>subnet-id</code> - The ID of the subnet for the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
    *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
@@ -9838,6 +9918,10 @@ export interface DescribePublicIpv4PoolsRequest {
    *                <p>
    *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC for the network interface.</p>
+   *             </li>
    *          </ul>
    * @public
    */
@@ -9845,118 +9929,118 @@ export interface DescribePublicIpv4PoolsRequest {
 }
 
 /**
- * <p>Describes an address range of an IPv4 address pool.</p>
  * @public
  */
-export interface PublicIpv4PoolRange {
-  /**
-   * <p>The first IP address in the range.</p>
-   * @public
-   */
-  FirstAddress?: string | undefined;
-
-  /**
-   * <p>The last IP address in the range.</p>
-   * @public
-   */
-  LastAddress?: string | undefined;
-
+export interface DescribeNetworkInterfacesResult {
   /**
-   * <p>The number of addresses in the range.</p>
+   * <p>Information about the network interfaces.</p>
    * @public
    */
-  AddressCount?: number | undefined;
+  NetworkInterfaces?: NetworkInterface[] | undefined;
 
   /**
-   * <p>The number of available addresses in the range.</p>
+   * <p>The token to include in another request to get the next page of items.
+   * 		    This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  AvailableAddressCount?: number | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes an IPv4 address pool.</p>
  * @public
  */
-export interface PublicIpv4Pool {
-  /**
-   * <p>The ID of the address pool.</p>
-   * @public
-   */
-  PoolId?: string | undefined;
-
-  /**
-   * <p>A description of the address pool.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
-  /**
-   * <p>The address ranges.</p>
-   * @public
-   */
-  PoolAddressRanges?: PublicIpv4PoolRange[] | undefined;
-
+export interface DescribePlacementGroupsRequest {
   /**
-   * <p>The total number of addresses.</p>
+   * <p>The IDs of the placement groups.</p>
    * @public
    */
-  TotalAddressCount?: number | undefined;
+  GroupIds?: string[] | undefined;
 
   /**
-   * <p>The total number of available addresses.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TotalAvailableAddressCount?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The name of the location from which the address pool is advertised.
-   *             A network border group is a unique set of Availability Zones or Local Zones
-   *             from where Amazon Web Services advertises public IP addresses.</p>
+   * <p>The names of the placement groups.</p>
+   *          <p>Constraints:</p>
+   *          <ul>
+   *             <li>
+   *                <p>You can specify a name only if the placement group is owned by your
+   *                     account.</p>
+   *             </li>
+   *             <li>
+   *                <p>If a placement group is <i>shared</i> with your account,
+   *                     specifying the name results in an error. You must use the <code>GroupId</code>
+   *                     parameter instead.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  NetworkBorderGroup?: string | undefined;
+  GroupNames?: string[] | undefined;
 
   /**
-   * <p>Any tags for the address pool.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>group-name</code> - The name of the placement group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>group-arn</code> - The Amazon Resource Name (ARN) of the placement
+   *                     group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>spread-level</code> - The spread level for the placement group
+   *                         (<code>host</code> | <code>rack</code>). </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the placement group (<code>pending</code> |
+   *                         <code>available</code> | <code>deleting</code> |
+   *                     <code>deleted</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>strategy</code> - The strategy of the placement group
+   *                         (<code>cluster</code> | <code>spread</code> |
+   *                     <code>partition</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribePublicIpv4PoolsResult {
-  /**
-   * <p>Information about the address pools.</p>
-   * @public
-   */
-  PublicIpv4Pools?: PublicIpv4Pool[] | undefined;
-
+export interface DescribePlacementGroupsResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the placement groups.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  PlacementGroups?: PlacementGroup[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeRegionsRequest {
-  /**
-   * <p>The names of the Regions. You can specify any Regions, whether they are enabled and disabled for your account.</p>
-   * @public
-   */
-  RegionNames?: string[] | undefined;
-
-  /**
-   * <p>Indicates whether to display all Regions, including Regions that are disabled for your account.</p>
-   * @public
-   */
-  AllRegions?: boolean | undefined;
-
+export interface DescribePrefixListsRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -9966,100 +10050,86 @@ export interface DescribeRegionsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
-   *                <p>
-   *                   <code>endpoint</code> - The endpoint of the Region (for example, <code>ec2.us-east-1.amazonaws.com</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>opt-in-status</code> - The opt-in status of the Region (<code>opt-in-not-required</code> | <code>opted-in</code> |
-   *                  <code>not-opted-in</code>).</p>
+   *                <p>
+   *                   <code>prefix-list-id</code>: The ID of a prefix list.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>region-name</code> - The name of the Region (for example, <code>us-east-1</code>).</p>
+   *                   <code>prefix-list-name</code>: The name of a prefix list.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
-}
 
-/**
- * <p>Describes a Region.</p>
- * @public
- */
-export interface Region {
   /**
-   * <p>The Region opt-in status. The possible values are <code>opt-in-not-required</code>, <code>opted-in</code>, and
-   *         <code>not-opted-in</code>.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  OptInStatus?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The name of the Region.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  RegionName?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The Region service endpoint.</p>
+   * <p>One or more prefix list IDs.</p>
    * @public
    */
-  Endpoint?: string | undefined;
+  PrefixListIds?: string[] | undefined;
 }
 
 /**
+ * <p>Describes prefixes for Amazon Web Services services.</p>
  * @public
  */
-export interface DescribeRegionsResult {
+export interface PrefixList {
   /**
-   * <p>Information about the Regions.</p>
+   * <p>The IP address range of the Amazon Web Services service.</p>
    * @public
    */
-  Regions?: Region[] | undefined;
-}
+  Cidrs?: string[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeReplaceRootVolumeTasksRequest {
   /**
-   * <p>The ID of the root volume replacement task to view.</p>
+   * <p>The ID of the prefix.</p>
    * @public
    */
-  ReplaceRootVolumeTaskIds?: string[] | undefined;
+  PrefixListId?: string | undefined;
 
   /**
-   * <p>Filter to use:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The ID of the instance for which the root volume replacement task was created.</p>
-   *             </li>
-   *          </ul>
+   * <p>The name of the prefix.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  PrefixListName?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribePrefixListsResult {
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>All available prefix lists.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  PrefixLists?: PrefixList[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribePrincipalIdFormatRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -10067,903 +10137,984 @@ export interface DescribeReplaceRootVolumeTasksRequest {
    * @public
    */
   DryRun?: boolean | undefined;
-}
 
-/**
- * @public
- */
-export interface DescribeReplaceRootVolumeTasksResult {
   /**
-   * <p>Information about the root volume replacement task.</p>
+   * <p>The type of resource: <code>bundle</code> |
+   *             <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> |
+   *             <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> |
+   *             <code>export-task</code> | <code>flow-log</code> | <code>image</code> |
+   *             <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> |
+   *             <code>network-acl</code> | <code>network-acl-association</code> |
+   *             <code>network-interface</code> | <code>network-interface-attachment</code> |
+   *             <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> |
+   *             <code>route-table-association</code> | <code>security-group</code> |
+   *             <code>snapshot</code> | <code>subnet</code> |
+   *             <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code>
+   *             | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> |
+   *             <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>
+   *          </p>
    * @public
    */
-  ReplaceRootVolumeTasks?: ReplaceRootVolumeTask[] | undefined;
+  Resources?: string[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining
+   *             results, make another call with the returned NextToken value. </p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token to request the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <p>PrincipalIdFormat description</p>
  * @public
- * @enum
  */
-export const OfferingClassType = {
-  CONVERTIBLE: "convertible",
-  STANDARD: "standard",
-} as const;
+export interface PrincipalIdFormat {
+  /**
+   * <p>PrincipalIdFormatARN description</p>
+   * @public
+   */
+  Arn?: string | undefined;
 
-/**
- * @public
- */
-export type OfferingClassType = (typeof OfferingClassType)[keyof typeof OfferingClassType];
+  /**
+   * <p>PrincipalIdFormatStatuses description</p>
+   * @public
+   */
+  Statuses?: IdFormat[] | undefined;
+}
 
 /**
  * @public
- * @enum
  */
-export const OfferingTypeValues = {
-  All_Upfront: "All Upfront",
-  Heavy_Utilization: "Heavy Utilization",
-  Light_Utilization: "Light Utilization",
-  Medium_Utilization: "Medium Utilization",
-  No_Upfront: "No Upfront",
-  Partial_Upfront: "Partial Upfront",
-} as const;
+export interface DescribePrincipalIdFormatResult {
+  /**
+   * <p>Information about the ID format settings for the ARN.</p>
+   * @public
+   */
+  Principals?: PrincipalIdFormat[] | undefined;
 
-/**
- * @public
- */
-export type OfferingTypeValues = (typeof OfferingTypeValues)[keyof typeof OfferingTypeValues];
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is null when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
 
 /**
- * <p>Contains the parameters for DescribeReservedInstances.</p>
  * @public
  */
-export interface DescribeReservedInstancesRequest {
+export interface DescribePublicIpv4PoolsRequest {
   /**
-   * <p>Describes whether the Reserved Instance is Standard or Convertible.</p>
+   * <p>The IDs of the address pools.</p>
    * @public
    */
-  OfferingClass?: OfferingClassType | undefined;
+  PoolIds?: string[] | undefined;
 
   /**
-   * <p>One or more Reserved Instance IDs.</p>
-   *          <p>Default: Describes all your Reserved Instances, or only those otherwise specified.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  ReservedInstancesIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be used.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>duration</code> - The duration of the Reserved Instance (one year or three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>end</code> - The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>fixed-price</code> - The purchase price of the Reserved Instance (for example, 9800.0).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type that is covered by the reservation.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>scope</code> - The scope of the Reserved Instance (<code>Region</code> or <code>Availability Zone</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>product-description</code> - The Reserved Instance product platform description
-   *              (<code>Linux/UNIX</code> | <code>Linux with SQL Server Standard</code> |
-   *               <code>Linux with SQL Server Web</code> | <code>Linux with SQL Server Enterprise</code> |
-   *               <code>SUSE Linux</code> |
-   *               <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux with HA</code> |
-   *               <code>Windows</code> | <code>Windows with SQL Server Standard</code> |
-   *               <code>Windows with SQL Server Web</code> | <code>Windows with SQL Server Enterprise</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>start</code> - The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the Reserved Instance (<code>payment-pending</code> | <code>active</code> | <code>payment-failed</code> | <code>retired</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
    *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for example, 0.84).</p>
-   *             </li>
    *          </ul>
    * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API
-   * 			version, you only have access to the <code>Medium Utilization</code> Reserved Instance
-   * 			offering type.</p>
-   * @public
-   */
-  OfferingType?: OfferingTypeValues | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const RIProductDescription = {
-  Linux_UNIX: "Linux/UNIX",
-  Linux_UNIX_Amazon_VPC_: "Linux/UNIX (Amazon VPC)",
-  Windows: "Windows",
-  Windows_Amazon_VPC_: "Windows (Amazon VPC)",
-} as const;
-
-/**
- * @public
- */
-export type RIProductDescription = (typeof RIProductDescription)[keyof typeof RIProductDescription];
-
-/**
- * @public
- * @enum
- */
-export const RecurringChargeFrequency = {
-  Hourly: "Hourly",
-} as const;
+   */
+  Filters?: Filter[] | undefined;
+}
 
 /**
+ * <p>Describes an address range of an IPv4 address pool.</p>
  * @public
  */
-export type RecurringChargeFrequency = (typeof RecurringChargeFrequency)[keyof typeof RecurringChargeFrequency];
+export interface PublicIpv4PoolRange {
+  /**
+   * <p>The first IP address in the range.</p>
+   * @public
+   */
+  FirstAddress?: string | undefined;
 
-/**
- * <p>Describes a recurring charge.</p>
- * @public
- */
-export interface RecurringCharge {
   /**
-   * <p>The amount of the recurring charge.</p>
+   * <p>The last IP address in the range.</p>
    * @public
    */
-  Amount?: number | undefined;
+  LastAddress?: string | undefined;
 
   /**
-   * <p>The frequency of the recurring charge.</p>
+   * <p>The number of addresses in the range.</p>
    * @public
    */
-  Frequency?: RecurringChargeFrequency | undefined;
-}
+  AddressCount?: number | undefined;
 
-/**
- * @public
- * @enum
- */
-export const Scope = {
-  AVAILABILITY_ZONE: "Availability Zone",
-  REGIONAL: "Region",
-} as const;
+  /**
+   * <p>The number of available addresses in the range.</p>
+   * @public
+   */
+  AvailableAddressCount?: number | undefined;
+}
 
 /**
+ * <p>Describes an IPv4 address pool.</p>
  * @public
  */
-export type Scope = (typeof Scope)[keyof typeof Scope];
+export interface PublicIpv4Pool {
+  /**
+   * <p>The ID of the address pool.</p>
+   * @public
+   */
+  PoolId?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const ReservedInstanceState = {
-  active: "active",
-  payment_failed: "payment-failed",
-  payment_pending: "payment-pending",
-  queued: "queued",
-  queued_deleted: "queued-deleted",
-  retired: "retired",
-} as const;
+  /**
+   * <p>A description of the address pool.</p>
+   * @public
+   */
+  Description?: string | undefined;
 
-/**
- * @public
- */
-export type ReservedInstanceState = (typeof ReservedInstanceState)[keyof typeof ReservedInstanceState];
+  /**
+   * <p>The address ranges.</p>
+   * @public
+   */
+  PoolAddressRanges?: PublicIpv4PoolRange[] | undefined;
 
-/**
- * <p>Describes a Reserved Instance.</p>
- * @public
- */
-export interface ReservedInstances {
   /**
-   * <p>The currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes.
-   * 				At this time, the only supported currency is <code>USD</code>.</p>
+   * <p>The total number of addresses.</p>
    * @public
    */
-  CurrencyCode?: CurrencyCodeValues | undefined;
+  TotalAddressCount?: number | undefined;
 
   /**
-   * <p>The tenancy of the instance.</p>
+   * <p>The total number of available addresses.</p>
    * @public
    */
-  InstanceTenancy?: Tenancy | undefined;
+  TotalAvailableAddressCount?: number | undefined;
 
   /**
-   * <p>The offering class of the Reserved Instance.</p>
+   * <p>The name of the location from which the address pool is advertised.
+   *             A network border group is a unique set of Availability Zones or Local Zones
+   *             from where Amazon Web Services advertises public IP addresses.</p>
    * @public
    */
-  OfferingClass?: OfferingClassType | undefined;
+  NetworkBorderGroup?: string | undefined;
 
   /**
-   * <p>The Reserved Instance offering type.</p>
+   * <p>Any tags for the address pool.</p>
    * @public
    */
-  OfferingType?: OfferingTypeValues | undefined;
+  Tags?: Tag[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribePublicIpv4PoolsResult {
   /**
-   * <p>The recurring charge tag assigned to the resource.</p>
+   * <p>Information about the address pools.</p>
    * @public
    */
-  RecurringCharges?: RecurringCharge[] | undefined;
+  PublicIpv4Pools?: PublicIpv4Pool[] | undefined;
 
   /**
-   * <p>The scope of the Reserved Instance.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  Scope?: Scope | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeRegionsRequest {
   /**
-   * <p>Any tags assigned to the resource.</p>
+   * <p>The names of the Regions. You can specify any Regions, whether they are enabled and disabled for your account.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  RegionNames?: string[] | undefined;
 
   /**
-   * <p>The ID of the Reserved Instance.</p>
+   * <p>Indicates whether to display all Regions, including Regions that are disabled for your account.</p>
    * @public
    */
-  ReservedInstancesId?: string | undefined;
+  AllRegions?: boolean | undefined;
 
   /**
-   * <p>The instance type on which the Reserved Instance can be used.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The Availability Zone in which the Reserved Instance can be used.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>endpoint</code> - The endpoint of the Region (for example, <code>ec2.us-east-1.amazonaws.com</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>opt-in-status</code> - The opt-in status of the Region (<code>opt-in-not-required</code> | <code>opted-in</code> |
+   *                  <code>not-opted-in</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>region-name</code> - The name of the Region (for example, <code>us-east-1</code>).</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  Filters?: Filter[] | undefined;
+}
 
+/**
+ * <p>Describes a Region.</p>
+ * @public
+ */
+export interface Region {
   /**
-   * <p>The date and time the Reserved Instance started.</p>
+   * <p>The Region opt-in status. The possible values are <code>opt-in-not-required</code>, <code>opted-in</code>, and
+   *         <code>not-opted-in</code>.</p>
    * @public
    */
-  Start?: Date | undefined;
+  OptInStatus?: string | undefined;
 
   /**
-   * <p>The time when the Reserved Instance expires.</p>
+   * <p>The name of the Region.</p>
    * @public
    */
-  End?: Date | undefined;
+  RegionName?: string | undefined;
 
   /**
-   * <p>The duration of the Reserved Instance, in seconds.</p>
+   * <p>The Region service endpoint.</p>
    * @public
    */
-  Duration?: number | undefined;
+  Endpoint?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeRegionsResult {
   /**
-   * <p>The usage price of the Reserved Instance, per hour.</p>
+   * <p>Information about the Regions.</p>
    * @public
    */
-  UsagePrice?: number | undefined;
+  Regions?: Region[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeReplaceRootVolumeTasksRequest {
   /**
-   * <p>The purchase price of the Reserved Instance.</p>
+   * <p>The ID of the root volume replacement task to view.</p>
    * @public
    */
-  FixedPrice?: number | undefined;
+  ReplaceRootVolumeTaskIds?: string[] | undefined;
 
   /**
-   * <p>The number of reservations purchased.</p>
+   * <p>Filter to use:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>instance-id</code> - The ID of the instance for which the root volume replacement task was created.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  InstanceCount?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The Reserved Instance product platform description.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  ProductDescription?: RIProductDescription | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The state of the Reserved Instance purchase.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  State?: ReservedInstanceState | undefined;
-}
+  NextToken?: string | undefined;
 
-/**
- * <p>Contains the output for DescribeReservedInstances.</p>
- * @public
- */
-export interface DescribeReservedInstancesResult {
   /**
-   * <p>A list of Reserved Instances.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  ReservedInstances?: ReservedInstances[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeReservedInstancesListings.</p>
  * @public
  */
-export interface DescribeReservedInstancesListingsRequest {
+export interface DescribeReplaceRootVolumeTasksResult {
   /**
-   * <p>One or more Reserved Instance IDs.</p>
+   * <p>Information about the root volume replacement task.</p>
    * @public
    */
-  ReservedInstancesId?: string | undefined;
+  ReplaceRootVolumeTasks?: ReplaceRootVolumeTask[] | undefined;
 
   /**
-   * <p>One or more Reserved Instance listing IDs.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  ReservedInstancesListingId?: string | undefined;
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const OfferingClassType = {
+  CONVERTIBLE: "convertible",
+  STANDARD: "standard",
+} as const;
+
+/**
+ * @public
+ */
+export type OfferingClassType = (typeof OfferingClassType)[keyof typeof OfferingClassType];
+
+/**
+ * @public
+ * @enum
+ */
+export const OfferingTypeValues = {
+  All_Upfront: "All Upfront",
+  Heavy_Utilization: "Heavy Utilization",
+  Light_Utilization: "Light Utilization",
+  Medium_Utilization: "Medium Utilization",
+  No_Upfront: "No Upfront",
+  Partial_Upfront: "Partial Upfront",
+} as const;
 
-  /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instances.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>reserved-instances-listing-id</code> - The ID of the Reserved Instances listing.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status</code> - The status of the Reserved Instance listing (<code>pending</code> | <code>active</code> |
-   *            <code>cancelled</code> | <code>closed</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status-message</code> - The reason for the status.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-}
+/**
+ * @public
+ */
+export type OfferingTypeValues = (typeof OfferingTypeValues)[keyof typeof OfferingTypeValues];
 
 /**
- * <p>Contains the output of DescribeReservedInstancesListings.</p>
+ * <p>Contains the parameters for DescribeReservedInstances.</p>
  * @public
  */
-export interface DescribeReservedInstancesListingsResult {
+export interface DescribeReservedInstancesRequest {
   /**
-   * <p>Information about the Reserved Instance listing.</p>
+   * <p>Describes whether the Reserved Instance is Standard or Convertible.</p>
    * @public
    */
-  ReservedInstancesListings?: ReservedInstancesListing[] | undefined;
-}
+  OfferingClass?: OfferingClassType | undefined;
 
-/**
- * <p>Contains the parameters for DescribeReservedInstancesModifications.</p>
- * @public
- */
-export interface DescribeReservedInstancesModificationsRequest {
   /**
-   * <p>IDs for the submitted modification request.</p>
+   * <p>One or more Reserved Instance IDs.</p>
+   *          <p>Default: Describes all your Reserved Instances, or only those otherwise specified.</p>
    * @public
    */
-  ReservedInstancesModificationIds?: string[] | undefined;
+  ReservedInstancesIds?: string[] | undefined;
 
   /**
-   * <p>The token to retrieve the next page of results.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>client-token</code> - The idempotency token for the modification request.</p>
+   *                   <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be used.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>create-date</code> - The time when the modification request was created.</p>
+   *                   <code>duration</code> - The duration of the Reserved Instance (one year or three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>effective-date</code> - The time when the modification becomes effective.</p>
+   *                   <code>end</code> - The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>modification-result.reserved-instances-id</code> - The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is <code>fulfilled</code>.</p>
+   *                   <code>fixed-price</code> - The purchase price of the Reserved Instance (for example, 9800.0).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>modification-result.target-configuration.availability-zone</code> - The Availability Zone for the new Reserved Instances.</p>
+   *                   <code>instance-type</code> - The instance type that is covered by the reservation.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>modification-result.target-configuration.instance-count </code> - The number of new Reserved Instances.</p>
+   *                   <code>scope</code> - The scope of the Reserved Instance (<code>Region</code> or <code>Availability Zone</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>modification-result.target-configuration.instance-type</code> - The instance type of the new Reserved Instances.</p>
+   *                   <code>product-description</code> - The Reserved Instance product platform description
+   *              (<code>Linux/UNIX</code> | <code>Linux with SQL Server Standard</code> |
+   *               <code>Linux with SQL Server Web</code> | <code>Linux with SQL Server Enterprise</code> |
+   *               <code>SUSE Linux</code> |
+   *               <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux with HA</code> |
+   *               <code>Windows</code> | <code>Windows with SQL Server Standard</code> |
+   *               <code>Windows with SQL Server Web</code> | <code>Windows with SQL Server Enterprise</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instances modified.</p>
+   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>reserved-instances-modification-id</code> - The ID of the modification request.</p>
+   *                   <code>start</code> - The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status</code> - The status of the Reserved Instances modification request
-   *            (<code>processing</code> | <code>fulfilled</code> | <code>failed</code>).</p>
+   *                   <code>state</code> - The state of the Reserved Instance (<code>payment-pending</code> | <code>active</code> | <code>payment-failed</code> | <code>retired</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status-message</code> - The reason for the status.</p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>update-date</code> - The time when the modification request was last updated.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for example, 0.84).</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API
+   * 			version, you only have access to the <code>Medium Utilization</code> Reserved Instance
+   * 			offering type.</p>
+   * @public
+   */
+  OfferingType?: OfferingTypeValues | undefined;
 }
 
 /**
- * <p>Describes the configuration settings for the modified Reserved Instances.</p>
  * @public
+ * @enum
  */
-export interface ReservedInstancesConfiguration {
-  /**
-   * <p>The Availability Zone for the modified Reserved Instances.</p>
-   * @public
-   */
-  AvailabilityZone?: string | undefined;
+export const RIProductDescription = {
+  Linux_UNIX: "Linux/UNIX",
+  Linux_UNIX_Amazon_VPC_: "Linux/UNIX (Amazon VPC)",
+  Windows: "Windows",
+  Windows_Amazon_VPC_: "Windows (Amazon VPC)",
+} as const;
 
-  /**
-   * <p>The number of modified Reserved Instances.</p>
-   *          <note>
-   *             <p>This is a required field for a request.</p>
-   *          </note>
-   * @public
-   */
-  InstanceCount?: number | undefined;
+/**
+ * @public
+ */
+export type RIProductDescription = (typeof RIProductDescription)[keyof typeof RIProductDescription];
 
-  /**
-   * <p>The instance type for the modified Reserved Instances.</p>
-   * @public
-   */
-  InstanceType?: _InstanceType | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const RecurringChargeFrequency = {
+  Hourly: "Hourly",
+} as const;
+
+/**
+ * @public
+ */
+export type RecurringChargeFrequency = (typeof RecurringChargeFrequency)[keyof typeof RecurringChargeFrequency];
 
+/**
+ * <p>Describes a recurring charge.</p>
+ * @public
+ */
+export interface RecurringCharge {
   /**
-   * <p>The network platform of the modified Reserved Instances.</p>
+   * <p>The amount of the recurring charge.</p>
    * @public
    */
-  Platform?: string | undefined;
+  Amount?: number | undefined;
 
   /**
-   * <p>Whether the Reserved Instance is applied to instances in a Region or instances in a specific Availability Zone.</p>
+   * <p>The frequency of the recurring charge.</p>
    * @public
    */
-  Scope?: Scope | undefined;
+  Frequency?: RecurringChargeFrequency | undefined;
 }
 
 /**
- * <p>Describes the modification request/s.</p>
  * @public
+ * @enum
  */
-export interface ReservedInstancesModificationResult {
+export const Scope = {
+  AVAILABILITY_ZONE: "Availability Zone",
+  REGIONAL: "Region",
+} as const;
+
+/**
+ * @public
+ */
+export type Scope = (typeof Scope)[keyof typeof Scope];
+
+/**
+ * @public
+ * @enum
+ */
+export const ReservedInstanceState = {
+  active: "active",
+  payment_failed: "payment-failed",
+  payment_pending: "payment-pending",
+  queued: "queued",
+  queued_deleted: "queued-deleted",
+  retired: "retired",
+} as const;
+
+/**
+ * @public
+ */
+export type ReservedInstanceState = (typeof ReservedInstanceState)[keyof typeof ReservedInstanceState];
+
+/**
+ * <p>Describes a Reserved Instance.</p>
+ * @public
+ */
+export interface ReservedInstances {
   /**
-   * <p>The ID for the Reserved Instances that were created as part of the modification request. This field is only available when the modification is fulfilled.</p>
+   * <p>The currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes.
+   * 				At this time, the only supported currency is <code>USD</code>.</p>
    * @public
    */
-  ReservedInstancesId?: string | undefined;
+  CurrencyCode?: CurrencyCodeValues | undefined;
 
   /**
-   * <p>The target Reserved Instances configurations supplied as part of the modification request.</p>
+   * <p>The tenancy of the instance.</p>
    * @public
    */
-  TargetConfiguration?: ReservedInstancesConfiguration | undefined;
-}
+  InstanceTenancy?: Tenancy | undefined;
 
-/**
- * <p>Describes the ID of a Reserved Instance.</p>
- * @public
- */
-export interface ReservedInstancesId {
   /**
-   * <p>The ID of the Reserved Instance.</p>
+   * <p>The offering class of the Reserved Instance.</p>
    * @public
    */
-  ReservedInstancesId?: string | undefined;
-}
+  OfferingClass?: OfferingClassType | undefined;
 
-/**
- * <p>Describes a Reserved Instance modification.</p>
- * @public
- */
-export interface ReservedInstancesModification {
   /**
-   * <p>A unique, case-sensitive key supplied by the client to ensure that the request is idempotent.
-   * 			For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring
-   * 				Idempotency</a>.</p>
+   * <p>The Reserved Instance offering type.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  OfferingType?: OfferingTypeValues | undefined;
 
   /**
-   * <p>The time when the modification request was created.</p>
+   * <p>The recurring charge tag assigned to the resource.</p>
    * @public
    */
-  CreateDate?: Date | undefined;
+  RecurringCharges?: RecurringCharge[] | undefined;
 
   /**
-   * <p>The time for the modification to become effective.</p>
+   * <p>The scope of the Reserved Instance.</p>
    * @public
    */
-  EffectiveDate?: Date | undefined;
+  Scope?: Scope | undefined;
 
   /**
-   * <p>Contains target configurations along with their corresponding new Reserved Instance IDs.</p>
+   * <p>Any tags assigned to the resource.</p>
    * @public
    */
-  ModificationResults?: ReservedInstancesModificationResult[] | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The IDs of one or more Reserved Instances.</p>
+   * <p>The ID of the Reserved Instance.</p>
    * @public
    */
-  ReservedInstancesIds?: ReservedInstancesId[] | undefined;
+  ReservedInstancesId?: string | undefined;
 
   /**
-   * <p>A unique ID for the Reserved Instance modification.</p>
+   * <p>The instance type on which the Reserved Instance can be used.</p>
    * @public
    */
-  ReservedInstancesModificationId?: string | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>The status of the Reserved Instances modification request.</p>
+   * <p>The Availability Zone in which the Reserved Instance can be used.</p>
    * @public
    */
-  Status?: string | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The reason for the status.</p>
+   * <p>The date and time the Reserved Instance started.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  Start?: Date | undefined;
+
+  /**
+   * <p>The time when the Reserved Instance expires.</p>
+   * @public
+   */
+  End?: Date | undefined;
 
   /**
-   * <p>The time when the modification request was last updated.</p>
+   * <p>The duration of the Reserved Instance, in seconds.</p>
    * @public
    */
-  UpdateDate?: Date | undefined;
-}
+  Duration?: number | undefined;
 
-/**
- * <p>Contains the output of DescribeReservedInstancesModifications.</p>
- * @public
- */
-export interface DescribeReservedInstancesModificationsResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when
-   * 			there are no more results to return.</p>
+   * <p>The usage price of the Reserved Instance, per hour.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  UsagePrice?: number | undefined;
 
   /**
-   * <p>The Reserved Instance modification information.</p>
+   * <p>The purchase price of the Reserved Instance.</p>
    * @public
    */
-  ReservedInstancesModifications?: ReservedInstancesModification[] | undefined;
-}
+  FixedPrice?: number | undefined;
 
-/**
- * <p>Contains the parameters for DescribeReservedInstancesOfferings.</p>
- * @public
- */
-export interface DescribeReservedInstancesOfferingsRequest {
   /**
-   * <p>The Availability Zone in which the Reserved Instance can be used.</p>
+   * <p>The number of reservations purchased.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  InstanceCount?: number | undefined;
 
   /**
-   * <p>Include Reserved Instance Marketplace offerings in the response.</p>
+   * <p>The Reserved Instance product platform description.</p>
    * @public
    */
-  IncludeMarketplace?: boolean | undefined;
+  ProductDescription?: RIProductDescription | undefined;
 
   /**
-   * <p>The instance type that the reservation will cover (for example, <code>m1.small</code>).
-   *       For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Amazon EC2 instance types</a> in the
-   *         <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The state of the Reserved Instance purchase.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  State?: ReservedInstanceState | undefined;
+}
 
+/**
+ * <p>Contains the output for DescribeReservedInstances.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesResult {
   /**
-   * <p>The maximum duration (in seconds) to filter when searching for offerings.</p>
-   *          <p>Default: 94608000 (3 years)</p>
+   * <p>A list of Reserved Instances.</p>
    * @public
    */
-  MaxDuration?: number | undefined;
+  ReservedInstances?: ReservedInstances[] | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeReservedInstancesListings.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesListingsRequest {
   /**
-   * <p>The maximum number of instances to filter when searching for offerings.</p>
-   *          <p>Default: 20</p>
+   * <p>One or more Reserved Instance IDs.</p>
    * @public
    */
-  MaxInstanceCount?: number | undefined;
+  ReservedInstancesId?: string | undefined;
 
   /**
-   * <p>The minimum duration (in seconds) to filter when searching for offerings.</p>
-   *          <p>Default: 2592000 (1 month)</p>
+   * <p>One or more Reserved Instance listing IDs.</p>
    * @public
    */
-  MinDuration?: number | undefined;
+  ReservedInstancesListingId?: string | undefined;
 
   /**
-   * <p>The offering class of the Reserved Instance. Can be <code>standard</code> or <code>convertible</code>.</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instances.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>reserved-instances-listing-id</code> - The ID of the Reserved Instances listing.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code> - The status of the Reserved Instance listing (<code>pending</code> | <code>active</code> |
+   *            <code>cancelled</code> | <code>closed</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-message</code> - The reason for the status.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  OfferingClass?: OfferingClassType | undefined;
+  Filters?: Filter[] | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeReservedInstancesListings.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesListingsResult {
   /**
-   * <p>The Reserved Instance product platform description. Instances that include <code>(Amazon
-   *         VPC)</code> in the description are for use with Amazon VPC.</p>
+   * <p>Information about the Reserved Instance listing.</p>
    * @public
    */
-  ProductDescription?: RIProductDescription | undefined;
+  ReservedInstancesListings?: ReservedInstancesListing[] | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeReservedInstancesModifications.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesModificationsRequest {
   /**
-   * <p>One or more Reserved Instances offering IDs.</p>
+   * <p>IDs for the submitted modification request.</p>
    * @public
    */
-  ReservedInstancesOfferingIds?: string[] | undefined;
+  ReservedInstancesModificationIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The token to retrieve the next page of results.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 
   /**
    * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be
-   *           used.</p>
+   *                   <code>client-token</code> - The idempotency token for the modification request.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>duration</code> - The duration of the Reserved Instance (for example, one year or
-   *           three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p>
+   *                   <code>create-date</code> - The time when the modification request was created.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>fixed-price</code> - The purchase price of the Reserved Instance (for example,
-   *           9800.0).</p>
+   *                   <code>effective-date</code> - The time when the modification becomes effective.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>instance-type</code> - The instance type that is covered by the
-   *           reservation.</p>
+   *                   <code>modification-result.reserved-instances-id</code> - The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is <code>fulfilled</code>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>marketplace</code> - Set to <code>true</code> to show only Reserved Instance
-   *           Marketplace offerings. When this filter is not used, which is the default behavior, all
-   *           offerings from both Amazon Web Services and the Reserved Instance Marketplace are listed.</p>
+   *                   <code>modification-result.target-configuration.availability-zone</code> - The Availability Zone for the new Reserved Instances.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>product-description</code> - The Reserved Instance product platform description
-   *           (<code>Linux/UNIX</code> | <code>Linux with SQL Server Standard</code> |
-   *           <code>Linux with SQL Server Web</code> | <code>Linux with SQL Server Enterprise</code> |
-   *           <code>SUSE Linux</code> |
-   *           <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux with HA</code> |
-   *           <code>Windows</code> | <code>Windows with SQL Server Standard</code> |
-   *           <code>Windows with SQL Server Web</code> | <code>Windows with SQL Server Enterprise</code>).</p>
+   *                   <code>modification-result.target-configuration.instance-count </code> - The number of new Reserved Instances.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>reserved-instances-offering-id</code> - The Reserved Instances offering
-   *           ID.</p>
+   *                   <code>modification-result.target-configuration.instance-type</code> - The instance type of the new Reserved Instances.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>scope</code> - The scope of the Reserved Instance (<code>Availability Zone</code> or
-   *             <code>Region</code>).</p>
+   *                   <code>reserved-instances-id</code> - The ID of the Reserved Instances modified.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for
-   *           example, 0.84).</p>
+   *                   <code>reserved-instances-modification-id</code> - The ID of the modification request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code> - The status of the Reserved Instances modification request
+   *            (<code>processing</code> | <code>fulfilled</code> | <code>failed</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-message</code> - The reason for the status.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>update-date</code> - The time when the modification request was last updated.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
+}
 
+/**
+ * <p>Describes the configuration settings for the modified Reserved Instances.</p>
+ * @public
+ */
+export interface ReservedInstancesConfiguration {
   /**
-   * <p>The tenancy of the instances covered by the reservation. A Reserved Instance with a tenancy
-   *       of <code>dedicated</code> is applied to instances that run in a VPC on single-tenant hardware
-   *       (i.e., Dedicated Instances).</p>
-   *          <p>
-   *             <b>Important:</b> The <code>host</code> value cannot be used with this parameter. Use the <code>default</code> or <code>dedicated</code> values only.</p>
-   *          <p>Default: <code>default</code>
-   *          </p>
+   * <p>The Availability Zone for the modified Reserved Instances.</p>
    * @public
    */
-  InstanceTenancy?: Tenancy | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API
-   * 			version, you only have access to the <code>Medium Utilization</code> Reserved Instance
-   * 			offering type. </p>
+   * <p>The number of modified Reserved Instances.</p>
+   *          <note>
+   *             <p>This is a required field for a request.</p>
+   *          </note>
    * @public
    */
-  OfferingType?: OfferingTypeValues | undefined;
+  InstanceCount?: number | undefined;
 
   /**
-   * <p>The token to retrieve the next page of results.</p>
+   * <p>The instance type for the modified Reserved Instances.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining
-   * 			results of the initial request can be seen by sending another request with the returned
-   * 				<code>NextToken</code> value. The maximum is 100.</p>
-   *          <p>Default: 100</p>
+   * <p>The network platform of the modified Reserved Instances.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Platform?: string | undefined;
+
+  /**
+   * <p>Whether the Reserved Instance is applied to instances in a Region or instances in a specific Availability Zone.</p>
+   * @public
+   */
+  Scope?: Scope | undefined;
 }
 
 /**
- * <p>Describes a Reserved Instance offering.</p>
+ * <p>Describes the modification request/s.</p>
  * @public
  */
-export interface PricingDetail {
+export interface ReservedInstancesModificationResult {
   /**
-   * <p>The number of reservations available for the price.</p>
+   * <p>The ID for the Reserved Instances that were created as part of the modification request. This field is only available when the modification is fulfilled.</p>
    * @public
    */
-  Count?: number | undefined;
+  ReservedInstancesId?: string | undefined;
 
   /**
-   * <p>The price per instance.</p>
+   * <p>The target Reserved Instances configurations supplied as part of the modification request.</p>
    * @public
    */
-  Price?: number | undefined;
+  TargetConfiguration?: ReservedInstancesConfiguration | undefined;
 }
 
 /**
- * <p>Describes a Reserved Instance offering.</p>
+ * <p>Describes the ID of a Reserved Instance.</p>
  * @public
  */
-export interface ReservedInstancesOffering {
+export interface ReservedInstancesId {
   /**
-   * <p>The currency of the Reserved Instance offering you are purchasing. It's
-   * 				specified using ISO 4217 standard currency codes. At this time,
-   * 				the only supported currency is <code>USD</code>.</p>
+   * <p>The ID of the Reserved Instance.</p>
    * @public
    */
-  CurrencyCode?: CurrencyCodeValues | undefined;
+  ReservedInstancesId?: string | undefined;
+}
 
+/**
+ * <p>Describes a Reserved Instance modification.</p>
+ * @public
+ */
+export interface ReservedInstancesModification {
   /**
-   * <p>The tenancy of the instance.</p>
+   * <p>A unique, case-sensitive key supplied by the client to ensure that the request is idempotent.
+   * 			For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring
+   * 				Idempotency</a>.</p>
    * @public
    */
-  InstanceTenancy?: Tenancy | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>Indicates whether the offering is available through the Reserved Instance Marketplace (resale) or Amazon Web Services.
-   *         If it's a Reserved Instance Marketplace offering, this is <code>true</code>.</p>
+   * <p>The time when the modification request was created.</p>
    * @public
    */
-  Marketplace?: boolean | undefined;
+  CreateDate?: Date | undefined;
+
+  /**
+   * <p>The time for the modification to become effective.</p>
+   * @public
+   */
+  EffectiveDate?: Date | undefined;
+
+  /**
+   * <p>Contains target configurations along with their corresponding new Reserved Instance IDs.</p>
+   * @public
+   */
+  ModificationResults?: ReservedInstancesModificationResult[] | undefined;
 
   /**
-   * <p>If <code>convertible</code> it can be exchanged for Reserved Instances of
-   *       the same or higher monetary value, with different configurations. If <code>standard</code>, it is not
-   *       possible to perform an exchange.</p>
+   * <p>The IDs of one or more Reserved Instances.</p>
    * @public
    */
-  OfferingClass?: OfferingClassType | undefined;
+  ReservedInstancesIds?: ReservedInstancesId[] | undefined;
 
   /**
-   * <p>The Reserved Instance offering type.</p>
+   * <p>A unique ID for the Reserved Instance modification.</p>
    * @public
    */
-  OfferingType?: OfferingTypeValues | undefined;
+  ReservedInstancesModificationId?: string | undefined;
 
   /**
-   * <p>The pricing details of the Reserved Instance offering.</p>
+   * <p>The status of the Reserved Instances modification request.</p>
    * @public
    */
-  PricingDetails?: PricingDetail[] | undefined;
+  Status?: string | undefined;
 
   /**
-   * <p>The recurring charge tag assigned to the resource.</p>
+   * <p>The reason for the status.</p>
    * @public
    */
-  RecurringCharges?: RecurringCharge[] | undefined;
+  StatusMessage?: string | undefined;
 
   /**
-   * <p>Whether the Reserved Instance is applied to instances in a Region or an Availability Zone.</p>
+   * <p>The time when the modification request was last updated.</p>
    * @public
    */
-  Scope?: Scope | undefined;
+  UpdateDate?: Date | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeReservedInstancesModifications.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesModificationsResult {
   /**
-   * <p>The ID of the Reserved Instance offering. This is the offering ID used in <a>GetReservedInstancesExchangeQuote</a>
-   *      to confirm that an exchange can be made.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when
+   * 			there are no more results to return.</p>
    * @public
    */
-  ReservedInstancesOfferingId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The instance type on which the Reserved Instance can be used.</p>
+   * <p>The Reserved Instance modification information.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  ReservedInstancesModifications?: ReservedInstancesModification[] | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeReservedInstancesOfferings.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesOfferingsRequest {
   /**
    * <p>The Availability Zone in which the Reserved Instance can be used.</p>
    * @public
@@ -10971,506 +11122,527 @@ export interface ReservedInstancesOffering {
   AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The duration of the Reserved Instance, in seconds.</p>
+   * <p>Include Reserved Instance Marketplace offerings in the response.</p>
    * @public
    */
-  Duration?: number | undefined;
+  IncludeMarketplace?: boolean | undefined;
 
   /**
-   * <p>The usage price of the Reserved Instance, per hour.</p>
+   * <p>The instance type that the reservation will cover (for example, <code>m1.small</code>).
+   *       For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html">Amazon EC2 instance types</a> in the
+   *         <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  UsagePrice?: number | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>The purchase price of the Reserved Instance.</p>
+   * <p>The maximum duration (in seconds) to filter when searching for offerings.</p>
+   *          <p>Default: 94608000 (3 years)</p>
    * @public
    */
-  FixedPrice?: number | undefined;
+  MaxDuration?: number | undefined;
 
   /**
-   * <p>The Reserved Instance product platform description.</p>
+   * <p>The maximum number of instances to filter when searching for offerings.</p>
+   *          <p>Default: 20</p>
    * @public
    */
-  ProductDescription?: RIProductDescription | undefined;
-}
+  MaxInstanceCount?: number | undefined;
 
-/**
- * <p>Contains the output of DescribeReservedInstancesOfferings.</p>
- * @public
- */
-export interface DescribeReservedInstancesOfferingsResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when
-   * 			there are no more results to return.</p>
+   * <p>The minimum duration (in seconds) to filter when searching for offerings.</p>
+   *          <p>Default: 2592000 (1 month)</p>
    * @public
    */
-  NextToken?: string | undefined;
+  MinDuration?: number | undefined;
 
   /**
-   * <p>A list of Reserved Instances offerings.</p>
+   * <p>The offering class of the Reserved Instance. Can be <code>standard</code> or <code>convertible</code>.</p>
    * @public
    */
-  ReservedInstancesOfferings?: ReservedInstancesOffering[] | undefined;
-}
+  OfferingClass?: OfferingClassType | undefined;
 
-/**
- * @public
- */
-export interface DescribeRouteTablesRequest {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The Reserved Instance product platform description. Instances that include <code>(Amazon
+   *         VPC)</code> in the description are for use with Amazon VPC.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ProductDescription?: RIProductDescription | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>One or more Reserved Instances offering IDs.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ReservedInstancesOfferingIds?: string[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *        and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *        Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The IDs of the route tables.</p>
-   * @public
-   */
-  RouteTableIds?: string[] | undefined;
-
-  /**
-   * <p>The filters.</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>association.gateway-id</code> - The ID of the gateway involved in the
-   * 		                association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.route-table-association-id</code> - The ID of an association
-   *                     ID for the route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.route-table-id</code> - The ID of the route table involved in
-   *                     the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.subnet-id</code> - The ID of the subnet involved in the
-   *                     association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.main</code> - Indicates whether the route table is the main
-   *                     route table for the VPC (<code>true</code> | <code>false</code>). Route tables
-   *                     that do not have an association ID are not returned in the response.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route-table-id</code> - The ID of the route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.destination-cidr-block</code> - The IPv4 CIDR range specified in a
-   *                     route in the table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.destination-ipv6-cidr-block</code> - The IPv6 CIDR range specified in a route in the route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.destination-prefix-list-id</code> - The ID (prefix) of the Amazon Web Services
-   * 				      service specified in a route in the table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.egress-only-internet-gateway-id</code> - The ID of an
-   *                     egress-only Internet gateway specified in a route in the route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.gateway-id</code> - The ID of a gateway specified in a route in the table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.instance-id</code> - The ID of an instance specified in a route in the table.</p>
+   *                   <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be
+   *           used.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>route.nat-gateway-id</code> - The ID of a NAT gateway.</p>
+   *                   <code>duration</code> - The duration of the Reserved Instance (for example, one year or
+   *           three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>route.transit-gateway-id</code> - The ID of a transit gateway.</p>
+   *                   <code>fixed-price</code> - The purchase price of the Reserved Instance (for example,
+   *           9800.0).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>route.origin</code> - Describes how the route was created.
-   *                         <code>CreateRouteTable</code> indicates that the route was automatically
-   *                     created when the route table was created; <code>CreateRoute</code> indicates
-   *                     that the route was manually added to the route table;
-   *                         <code>EnableVgwRoutePropagation</code> indicates that the route was
-   *                     propagated by route propagation.</p>
+   *                   <code>instance-type</code> - The instance type that is covered by the
+   *           reservation.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>route.state</code> - The state of a route in the route table
-   *                         (<code>active</code> | <code>blackhole</code>). The blackhole state
-   *                     indicates that the route's target isn't available (for example, the specified
-   *                     gateway isn't attached to the VPC, the specified NAT instance has been
-   *                     terminated, and so on).</p>
+   *                   <code>marketplace</code> - Set to <code>true</code> to show only Reserved Instance
+   *           Marketplace offerings. When this filter is not used, which is the default behavior, all
+   *           offerings from both Amazon Web Services and the Reserved Instance Marketplace are listed.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>route.vpc-peering-connection-id</code> - The ID of a VPC peering
-   * 		                connection specified in a route in the table.</p>
+   *                   <code>product-description</code> - The Reserved Instance product platform description
+   *           (<code>Linux/UNIX</code> | <code>Linux with SQL Server Standard</code> |
+   *           <code>Linux with SQL Server Web</code> | <code>Linux with SQL Server Enterprise</code> |
+   *           <code>SUSE Linux</code> |
+   *           <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux with HA</code> |
+   *           <code>Windows</code> | <code>Windows with SQL Server Standard</code> |
+   *           <code>Windows with SQL Server Web</code> | <code>Windows with SQL Server Enterprise</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>reserved-instances-offering-id</code> - The Reserved Instances offering
+   *           ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>scope</code> - The scope of the Reserved Instance (<code>Availability Zone</code> or
+   *             <code>Region</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC for the route table.</p>
+   *                   <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for
+   *           example, 0.84).</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
-}
-
-/**
- * <p>Contains the output of DescribeRouteTables.</p>
- * @public
- */
-export interface DescribeRouteTablesResult {
-  /**
-   * <p>Information about the route tables.</p>
-   * @public
-   */
-  RouteTables?: RouteTable[] | undefined;
-
-  /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
-/**
- * <p>Describes the time period for a Scheduled Instance to start its first schedule. The time period must span less than one day.</p>
- * @public
- */
-export interface SlotDateTimeRangeRequest {
-  /**
-   * <p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>
-   * @public
-   */
-  EarliestTime: Date | undefined;
 
   /**
-   * <p>The latest date and time, in UTC, for the Scheduled Instance to start. This value must be later than or equal to the earliest date and at most three months in the future.</p>
+   * <p>The tenancy of the instances covered by the reservation. A Reserved Instance with a tenancy
+   *       of <code>dedicated</code> is applied to instances that run in a VPC on single-tenant hardware
+   *       (i.e., Dedicated Instances).</p>
+   *          <p>
+   *             <b>Important:</b> The <code>host</code> value cannot be used with this parameter. Use the <code>default</code> or <code>dedicated</code> values only.</p>
+   *          <p>Default: <code>default</code>
+   *          </p>
    * @public
-   */
-  LatestTime: Date | undefined;
-}
-
-/**
- * <p>Describes the recurring schedule for a Scheduled Instance.</p>
- * @public
- */
-export interface ScheduledInstanceRecurrenceRequest {
+   */
+  InstanceTenancy?: Tenancy | undefined;
+
   /**
-   * <p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>
+   * <p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API
+   * 			version, you only have access to the <code>Medium Utilization</code> Reserved Instance
+   * 			offering type. </p>
    * @public
    */
-  Frequency?: string | undefined;
+  OfferingType?: OfferingTypeValues | undefined;
 
   /**
-   * <p>The interval quantity. The interval unit depends on the value of <code>Frequency</code>. For example, every 2
-   *          weeks or every 2 months.</p>
+   * <p>The token to retrieve the next page of results.</p>
    * @public
    */
-  Interval?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday). You can't specify this value with a daily schedule. If the occurrence is relative to the end of the month, you can specify only a single day.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining
+   * 			results of the initial request can be seen by sending another request with the returned
+   * 				<code>NextToken</code> value. The maximum is 100.</p>
+   *          <p>Default: 100</p>
    * @public
    */
-  OccurrenceDays?: number[] | undefined;
+  MaxResults?: number | undefined;
+}
 
+/**
+ * <p>Describes a Reserved Instance offering.</p>
+ * @public
+ */
+export interface PricingDetail {
   /**
-   * <p>Indicates whether the occurrence is relative to the end of the specified week or month. You can't specify this value with a daily schedule.</p>
+   * <p>The number of reservations available for the price.</p>
    * @public
    */
-  OccurrenceRelativeToEnd?: boolean | undefined;
+  Count?: number | undefined;
 
   /**
-   * <p>The unit for <code>OccurrenceDays</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>).
-   *         This value is required for a monthly schedule.
-   *         You can't specify <code>DayOfWeek</code> with a weekly schedule.
-   *         You can't specify this value with a daily schedule.</p>
+   * <p>The price per instance.</p>
    * @public
    */
-  OccurrenceUnit?: string | undefined;
+  Price?: number | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeScheduledInstanceAvailability.</p>
+ * <p>Describes a Reserved Instance offering.</p>
  * @public
  */
-export interface DescribeScheduledInstanceAvailabilityRequest {
+export interface ReservedInstancesOffering {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The currency of the Reserved Instance offering you are purchasing. It's
+   * 				specified using ISO 4217 standard currency codes. At this time,
+   * 				the only supported currency is <code>USD</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  CurrencyCode?: CurrencyCodeValues | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone (for example, <code>us-west-2a</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The instance type (for example, <code>c4.large</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>platform</code> - The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
-   *             </li>
-   *          </ul>
+   * <p>The tenancy of the instance.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  InstanceTenancy?: Tenancy | undefined;
 
   /**
-   * <p>The time period for the first schedule to start.</p>
+   * <p>Indicates whether the offering is available through the Reserved Instance Marketplace (resale) or Amazon Web Services.
+   *         If it's a Reserved Instance Marketplace offering, this is <code>true</code>.</p>
    * @public
    */
-  FirstSlotStartTimeRange: SlotDateTimeRangeRequest | undefined;
+  Marketplace?: boolean | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call.
-   *          This value can be between 5 and 300. The default value is 300.
-   *          To retrieve the remaining results, make another call with the returned
-   *          <code>NextToken</code> value.</p>
+   * <p>If <code>convertible</code> it can be exchanged for Reserved Instances of
+   *       the same or higher monetary value, with different configurations. If <code>standard</code>, it is not
+   *       possible to perform an exchange.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  OfferingClass?: OfferingClassType | undefined;
 
   /**
-   * <p>The maximum available duration, in hours. This value must be greater than <code>MinSlotDurationInHours</code>
-   *          and less than 1,720.</p>
+   * <p>The Reserved Instance offering type.</p>
    * @public
    */
-  MaxSlotDurationInHours?: number | undefined;
+  OfferingType?: OfferingTypeValues | undefined;
 
   /**
-   * <p>The minimum available duration, in hours. The minimum required duration is 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.</p>
+   * <p>The pricing details of the Reserved Instance offering.</p>
    * @public
    */
-  MinSlotDurationInHours?: number | undefined;
+  PricingDetails?: PricingDetail[] | undefined;
 
   /**
-   * <p>The token for the next set of results.</p>
+   * <p>The recurring charge tag assigned to the resource.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  RecurringCharges?: RecurringCharge[] | undefined;
 
   /**
-   * <p>The schedule recurrence.</p>
+   * <p>Whether the Reserved Instance is applied to instances in a Region or an Availability Zone.</p>
    * @public
    */
-  Recurrence: ScheduledInstanceRecurrenceRequest | undefined;
-}
+  Scope?: Scope | undefined;
 
-/**
- * <p>Describes the recurring schedule for a Scheduled Instance.</p>
- * @public
- */
-export interface ScheduledInstanceRecurrence {
   /**
-   * <p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>
+   * <p>The ID of the Reserved Instance offering. This is the offering ID used in <a>GetReservedInstancesExchangeQuote</a>
+   *      to confirm that an exchange can be made.</p>
    * @public
    */
-  Frequency?: string | undefined;
+  ReservedInstancesOfferingId?: string | undefined;
 
   /**
-   * <p>The interval quantity. The interval unit depends on the value of <code>frequency</code>. For example, every 2
-   *          weeks or every 2 months.</p>
+   * <p>The instance type on which the Reserved Instance can be used.</p>
    * @public
    */
-  Interval?: number | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday).</p>
+   * <p>The Availability Zone in which the Reserved Instance can be used.</p>
    * @public
    */
-  OccurrenceDaySet?: number[] | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>Indicates whether the occurrence is relative to the end of the specified week or month.</p>
+   * <p>The duration of the Reserved Instance, in seconds.</p>
    * @public
    */
-  OccurrenceRelativeToEnd?: boolean | undefined;
+  Duration?: number | undefined;
 
   /**
-   * <p>The unit for <code>occurrenceDaySet</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>).</p>
+   * <p>The usage price of the Reserved Instance, per hour.</p>
    * @public
    */
-  OccurrenceUnit?: string | undefined;
-}
+  UsagePrice?: number | undefined;
 
-/**
- * <p>Describes a schedule that is available for your Scheduled Instances.</p>
- * @public
- */
-export interface ScheduledInstanceAvailability {
   /**
-   * <p>The Availability Zone.</p>
+   * <p>The purchase price of the Reserved Instance.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  FixedPrice?: number | undefined;
 
   /**
-   * <p>The number of available instances.</p>
+   * <p>The Reserved Instance product platform description.</p>
    * @public
    */
-  AvailableInstanceCount?: number | undefined;
+  ProductDescription?: RIProductDescription | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeReservedInstancesOfferings.</p>
+ * @public
+ */
+export interface DescribeReservedInstancesOfferingsResult {
   /**
-   * <p>The time period for the first schedule to start.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when
+   * 			there are no more results to return.</p>
    * @public
    */
-  FirstSlotStartTime?: Date | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The hourly price for a single instance.</p>
+   * <p>A list of Reserved Instances offerings.</p>
    * @public
    */
-  HourlyPrice?: string | undefined;
+  ReservedInstancesOfferings?: ReservedInstancesOffering[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeRouteTablesRequest {
   /**
-   * <p>The instance type. You can specify one of the C3, C4, M4, or R3 instance types.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  InstanceType?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The maximum term. The only possible value is 365 days.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  MaxTermDurationInDays?: number | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The minimum term. The only possible value is 365 days.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MinTermDurationInDays?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The network platform.</p>
+   * <p>The IDs of the route tables.</p>
    * @public
    */
-  NetworkPlatform?: string | undefined;
+  RouteTableIds?: string[] | undefined;
 
   /**
-   * <p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>association.gateway-id</code> - The ID of the gateway involved in the
+   * 		                association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.route-table-association-id</code> - The ID of an association
+   *                     ID for the route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.route-table-id</code> - The ID of the route table involved in
+   *                     the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.subnet-id</code> - The ID of the subnet involved in the
+   *                     association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.main</code> - Indicates whether the route table is the main
+   *                     route table for the VPC (<code>true</code> | <code>false</code>). Route tables
+   *                     that do not have an association ID are not returned in the response.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route-table-id</code> - The ID of the route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.destination-cidr-block</code> - The IPv4 CIDR range specified in a
+   *                     route in the table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.destination-ipv6-cidr-block</code> - The IPv6 CIDR range specified in a route in the route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.destination-prefix-list-id</code> - The ID (prefix) of the Amazon Web Services
+   * 				      service specified in a route in the table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.egress-only-internet-gateway-id</code> - The ID of an
+   *                     egress-only Internet gateway specified in a route in the route table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.gateway-id</code> - The ID of a gateway specified in a route in the table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.instance-id</code> - The ID of an instance specified in a route in the table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.nat-gateway-id</code> - The ID of a NAT gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.transit-gateway-id</code> - The ID of a transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.origin</code> - Describes how the route was created.
+   *                         <code>CreateRouteTable</code> indicates that the route was automatically
+   *                     created when the route table was created; <code>CreateRoute</code> indicates
+   *                     that the route was manually added to the route table;
+   *                         <code>EnableVgwRoutePropagation</code> indicates that the route was
+   *                     propagated by route propagation.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.state</code> - The state of a route in the route table
+   *                         (<code>active</code> | <code>blackhole</code>). The blackhole state
+   *                     indicates that the route's target isn't available (for example, the specified
+   *                     gateway isn't attached to the VPC, the specified NAT instance has been
+   *                     terminated, and so on).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.vpc-peering-connection-id</code> - The ID of a VPC peering
+   * 		                connection specified in a route in the table.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC for the route table.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Platform?: string | undefined;
+  Filters?: Filter[] | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeRouteTables.</p>
+ * @public
+ */
+export interface DescribeRouteTablesResult {
   /**
-   * <p>The purchase token. This token expires in two hours.</p>
+   * <p>Information about the route tables.</p>
    * @public
    */
-  PurchaseToken?: string | undefined;
+  RouteTables?: RouteTable[] | undefined;
 
   /**
-   * <p>The schedule recurrence.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  Recurrence?: ScheduledInstanceRecurrence | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>Describes the time period for a Scheduled Instance to start its first schedule. The time period must span less than one day.</p>
+ * @public
+ */
+export interface SlotDateTimeRangeRequest {
   /**
-   * <p>The number of hours in the schedule.</p>
+   * <p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>
    * @public
    */
-  SlotDurationInHours?: number | undefined;
+  EarliestTime: Date | undefined;
 
   /**
-   * <p>The total number of hours for a single instance for the entire term.</p>
+   * <p>The latest date and time, in UTC, for the Scheduled Instance to start. This value must be later than or equal to the earliest date and at most three months in the future.</p>
    * @public
    */
-  TotalScheduledInstanceHours?: number | undefined;
+  LatestTime: Date | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeScheduledInstanceAvailability.</p>
+ * <p>Describes the recurring schedule for a Scheduled Instance.</p>
  * @public
  */
-export interface DescribeScheduledInstanceAvailabilityResult {
+export interface ScheduledInstanceRecurrenceRequest {
   /**
-   * <p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Frequency?: string | undefined;
 
   /**
-   * <p>Information about the available Scheduled Instances.</p>
+   * <p>The interval quantity. The interval unit depends on the value of <code>Frequency</code>. For example, every 2
+   *          weeks or every 2 months.</p>
    * @public
    */
-  ScheduledInstanceAvailabilitySet?: ScheduledInstanceAvailability[] | undefined;
-}
+  Interval?: number | undefined;
 
-/**
- * <p>Describes the time period for a Scheduled Instance to start its first schedule.</p>
- * @public
- */
-export interface SlotStartTimeRangeRequest {
   /**
-   * <p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>
+   * <p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday). You can't specify this value with a daily schedule. If the occurrence is relative to the end of the month, you can specify only a single day.</p>
    * @public
    */
-  EarliestTime?: Date | undefined;
+  OccurrenceDays?: number[] | undefined;
 
   /**
-   * <p>The latest date and time, in UTC, for the Scheduled Instance to start.</p>
+   * <p>Indicates whether the occurrence is relative to the end of the specified week or month. You can't specify this value with a daily schedule.</p>
    * @public
    */
-  LatestTime?: Date | undefined;
+  OccurrenceRelativeToEnd?: boolean | undefined;
+
+  /**
+   * <p>The unit for <code>OccurrenceDays</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>).
+   *         This value is required for a monthly schedule.
+   *         You can't specify <code>DayOfWeek</code> with a weekly schedule.
+   *         You can't specify this value with a daily schedule.</p>
+   * @public
+   */
+  OccurrenceUnit?: string | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeScheduledInstances.</p>
+ * <p>Contains the parameters for DescribeScheduledInstanceAvailability.</p>
  * @public
  */
-export interface DescribeScheduledInstancesRequest {
+export interface DescribeScheduledInstanceAvailabilityRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -11499,322 +11671,209 @@ export interface DescribeScheduledInstancesRequest {
    */
   Filters?: Filter[] | undefined;
 
-  /**
-   * <p>The maximum number of results to return in a single call.
-   *          This value can be between 5 and 300. The default value is 100.
-   *          To retrieve the remaining results, make another call with the returned
-   *          <code>NextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token for the next set of results.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>The Scheduled Instance IDs.</p>
-   * @public
-   */
-  ScheduledInstanceIds?: string[] | undefined;
-
   /**
    * <p>The time period for the first schedule to start.</p>
    * @public
    */
-  SlotStartTimeRange?: SlotStartTimeRangeRequest | undefined;
-}
-
-/**
- * <p>Describes a Scheduled Instance.</p>
- * @public
- */
-export interface ScheduledInstance {
-  /**
-   * <p>The Availability Zone.</p>
-   * @public
-   */
-  AvailabilityZone?: string | undefined;
-
-  /**
-   * <p>The date when the Scheduled Instance was purchased.</p>
-   * @public
-   */
-  CreateDate?: Date | undefined;
-
-  /**
-   * <p>The hourly price for a single instance.</p>
-   * @public
-   */
-  HourlyPrice?: string | undefined;
-
-  /**
-   * <p>The number of instances.</p>
-   * @public
-   */
-  InstanceCount?: number | undefined;
-
-  /**
-   * <p>The instance type.</p>
-   * @public
-   */
-  InstanceType?: string | undefined;
+  FirstSlotStartTimeRange: SlotDateTimeRangeRequest | undefined;
 
   /**
-   * <p>The network platform.</p>
+   * <p>The maximum number of results to return in a single call.
+   *          This value can be between 5 and 300. The default value is 300.
+   *          To retrieve the remaining results, make another call with the returned
+   *          <code>NextToken</code> value.</p>
    * @public
    */
-  NetworkPlatform?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The time for the next schedule to start.</p>
+   * <p>The maximum available duration, in hours. This value must be greater than <code>MinSlotDurationInHours</code>
+   *          and less than 1,720.</p>
    * @public
    */
-  NextSlotStartTime?: Date | undefined;
+  MaxSlotDurationInHours?: number | undefined;
 
   /**
-   * <p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
+   * <p>The minimum available duration, in hours. The minimum required duration is 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.</p>
    * @public
    */
-  Platform?: string | undefined;
+  MinSlotDurationInHours?: number | undefined;
 
   /**
-   * <p>The time that the previous schedule ended or will end.</p>
+   * <p>The token for the next set of results.</p>
    * @public
    */
-  PreviousSlotEndTime?: Date | undefined;
+  NextToken?: string | undefined;
 
   /**
    * <p>The schedule recurrence.</p>
    * @public
    */
-  Recurrence?: ScheduledInstanceRecurrence | undefined;
-
-  /**
-   * <p>The Scheduled Instance ID.</p>
-   * @public
-   */
-  ScheduledInstanceId?: string | undefined;
-
-  /**
-   * <p>The number of hours in the schedule.</p>
-   * @public
-   */
-  SlotDurationInHours?: number | undefined;
+  Recurrence: ScheduledInstanceRecurrenceRequest | undefined;
+}
 
+/**
+ * <p>Describes the recurring schedule for a Scheduled Instance.</p>
+ * @public
+ */
+export interface ScheduledInstanceRecurrence {
   /**
-   * <p>The end date for the Scheduled Instance.</p>
+   * <p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>
    * @public
    */
-  TermEndDate?: Date | undefined;
+  Frequency?: string | undefined;
 
   /**
-   * <p>The start date for the Scheduled Instance.</p>
+   * <p>The interval quantity. The interval unit depends on the value of <code>frequency</code>. For example, every 2
+   *          weeks or every 2 months.</p>
    * @public
    */
-  TermStartDate?: Date | undefined;
+  Interval?: number | undefined;
 
   /**
-   * <p>The total number of hours for a single instance for the entire term.</p>
+   * <p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday).</p>
    * @public
    */
-  TotalScheduledInstanceHours?: number | undefined;
-}
+  OccurrenceDaySet?: number[] | undefined;
 
-/**
- * <p>Contains the output of DescribeScheduledInstances.</p>
- * @public
- */
-export interface DescribeScheduledInstancesResult {
   /**
-   * <p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Indicates whether the occurrence is relative to the end of the specified week or month.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  OccurrenceRelativeToEnd?: boolean | undefined;
 
   /**
-   * <p>Information about the Scheduled Instances.</p>
+   * <p>The unit for <code>occurrenceDaySet</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>).</p>
    * @public
    */
-  ScheduledInstanceSet?: ScheduledInstance[] | undefined;
+  OccurrenceUnit?: string | undefined;
 }
 
 /**
+ * <p>Describes a schedule that is available for your Scheduled Instances.</p>
  * @public
  */
-export interface DescribeSecurityGroupReferencesRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface ScheduledInstanceAvailability {
   /**
-   * <p>The IDs of the security groups in your account.</p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  GroupId: string[] | undefined;
-}
+  AvailabilityZone?: string | undefined;
 
-/**
- * <p>Describes a VPC with a security group that references your security group.</p>
- * @public
- */
-export interface SecurityGroupReference {
   /**
-   * <p>The ID of your security group.</p>
+   * <p>The number of available instances.</p>
    * @public
    */
-  GroupId?: string | undefined;
+  AvailableInstanceCount?: number | undefined;
 
   /**
-   * <p>The ID of the VPC with the referencing security group.</p>
+   * <p>The time period for the first schedule to start.</p>
    * @public
    */
-  ReferencingVpcId?: string | undefined;
+  FirstSlotStartTime?: Date | undefined;
 
   /**
-   * <p>The ID of the VPC peering connection (if applicable). For more information about security group referencing for peering connections, see
-   *           <a href="https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html">Update your security groups to reference peer security groups</a>
-   *           in the <i>VPC Peering Guide</i>.</p>
+   * <p>The hourly price for a single instance.</p>
    * @public
    */
-  VpcPeeringConnectionId?: string | undefined;
+  HourlyPrice?: string | undefined;
 
   /**
-   * <note>
-   *             <p>This parameter is in preview and may not be available for your account.</p>
-   *          </note>
-   *          <p>The ID of the transit gateway (if applicable).</p>
+   * <p>The instance type. You can specify one of the C3, C4, M4, or R3 instance types.</p>
    * @public
    */
-  TransitGatewayId?: string | undefined;
-}
+  InstanceType?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeSecurityGroupReferencesResult {
   /**
-   * <p>Information about the VPCs with the referencing security groups.</p>
+   * <p>The maximum term. The only possible value is 365 days.</p>
    * @public
    */
-  SecurityGroupReferenceSet?: SecurityGroupReference[] | undefined;
-}
+  MaxTermDurationInDays?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeSecurityGroupRulesRequest {
   /**
-   * <p>One or more filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>group-id</code> - The ID of the security group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>security-group-rule-id</code> - The ID of the security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *          </ul>
+   * <p>The minimum term. The only possible value is 365 days.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  MinTermDurationInDays?: number | undefined;
 
   /**
-   * <p>The IDs of the security group rules.</p>
+   * <p>The network platform.</p>
    * @public
    */
-  SecurityGroupRuleIds?: string[] | undefined;
+  NetworkPlatform?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Platform?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *             Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The purchase token. This token expires in two hours.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  PurchaseToken?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of
-   *             items, make another request with the token returned in the output. This value
-   *             can be between 5 and 1000. If this parameter is not specified, then all items are
-   *             returned. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The schedule recurrence.</p>
    * @public
    */
-  MaxResults?: number | undefined;
-}
+  Recurrence?: ScheduledInstanceRecurrence | undefined;
 
-/**
- * @public
- */
-export interface DescribeSecurityGroupRulesResult {
   /**
-   * <p>Information about security group rules.</p>
+   * <p>The number of hours in the schedule.</p>
    * @public
    */
-  SecurityGroupRules?: SecurityGroupRule[] | undefined;
+  SlotDurationInHours?: number | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *             This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The total number of hours for a single instance for the entire term.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  TotalScheduledInstanceHours?: number | undefined;
 }
 
 /**
+ * <p>Contains the output of DescribeScheduledInstanceAvailability.</p>
  * @public
  */
-export interface DescribeSecurityGroupsRequest {
+export interface DescribeScheduledInstanceAvailabilityResult {
   /**
-   * <p>The IDs of the security groups. Required for security groups in a nondefault VPC.</p>
-   *          <p>Default: Describes all of your security groups.</p>
+   * <p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  GroupIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>[Default VPC] The names of the security groups. You can specify either
-   * 			the security group name or the security group ID.</p>
-   *          <p>Default: Describes all of your security groups.</p>
+   * <p>Information about the available Scheduled Instances.</p>
    * @public
    */
-  GroupNames?: string[] | undefined;
+  ScheduledInstanceAvailabilitySet?: ScheduledInstanceAvailability[] | undefined;
+}
 
+/**
+ * <p>Describes the time period for a Scheduled Instance to start its first schedule.</p>
+ * @public
+ */
+export interface SlotStartTimeRangeRequest {
   /**
-   * <p>The token returned from a previous paginated request.
-   *             Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  EarliestTime?: Date | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of items,
-   *             make another request with the token returned in the output. This value can be between 5 and 1000.
-   *             If this parameter is not specified, then all items are returned. For more information, see
-   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The latest date and time, in UTC, for the Scheduled Instance to start.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  LatestTime?: Date | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeScheduledInstances.</p>
+ * @public
+ */
+export interface DescribeScheduledInstancesRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -11824,356 +11883,262 @@ export interface DescribeSecurityGroupsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.</p>
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>description</code> - The description of the security group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.cidr</code> - An IPv4 CIDR block for an outbound
-   *                     security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.from-port</code> - For an outbound rule, the
-   *                     start of port range for the TCP and UDP protocols, or an ICMP type
-   *                     number.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.group-id</code> - The ID of a security group
-   *                     that has been referenced in an outbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.group-name</code> - The name of a security group
-   *                     that is referenced in an outbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an
-   *                     outbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.prefix-list-id</code> - The ID of a prefix list to which a security group rule allows outbound access.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.protocol</code> - The IP protocol for an
-   *                     outbound security group rule (<code>tcp</code> | <code>udp</code> |
-   *                         <code>icmp</code>, a protocol number, or -1 for all protocols).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.to-port</code> - For an outbound rule, the end
-   *                     of port range for the TCP and UDP protocols, or an ICMP code.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>egress.ip-permission.user-id</code> - The ID of an Amazon Web Services account that
-   *                     has been referenced in an outbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>group-id</code> - The ID of the security group. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>group-name</code> - The name of the security group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.cidr</code> - An IPv4 CIDR block for an inbound security
-   *                     group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.from-port</code> - For an inbound rule, the start of port
-   *                     range for the TCP and UDP protocols, or an ICMP type number.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.group-id</code> - The ID of a security group that has been
-   *                     referenced in an inbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.group-name</code> - The name of a security group that is
-   *                     referenced in an inbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an inbound security
-   *                     group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.prefix-list-id</code> - The ID of a prefix list from which a security group rule allows inbound access.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.protocol</code> - The IP protocol for an inbound security
-   *                 group rule (<code>tcp</code> | <code>udp</code> | <code>icmp</code>, a
-   *                 protocol number, or -1 for all protocols).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.to-port</code> - For an inbound rule, the end of port range
-   *                     for the TCP and UDP protocols, or an ICMP code.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ip-permission.user-id</code> - The ID of an Amazon Web Services account that has been
-   *                     referenced in an inbound security group rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner of the security group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>availability-zone</code> - The Availability Zone (for example, <code>us-west-2a</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>instance-type</code> - The instance type (for example, <code>c4.large</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC specified when the security group was created.</p>
+   *                   <code>platform</code> - The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return in a single call.
+   *          This value can be between 5 and 300. The default value is 100.
+   *          To retrieve the remaining results, make another call with the returned
+   *          <code>NextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token for the next set of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>The Scheduled Instance IDs.</p>
+   * @public
+   */
+  ScheduledInstanceIds?: string[] | undefined;
+
+  /**
+   * <p>The time period for the first schedule to start.</p>
+   * @public
+   */
+  SlotStartTimeRange?: SlotStartTimeRangeRequest | undefined;
 }
 
 /**
- * <p>Describes a security group.</p>
+ * <p>Describes a Scheduled Instance.</p>
  * @public
  */
-export interface SecurityGroup {
+export interface ScheduledInstance {
   /**
-   * <p>The ID of the security group.</p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  GroupId?: string | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The outbound rules associated with the security group.</p>
+   * <p>The date when the Scheduled Instance was purchased.</p>
    * @public
    */
-  IpPermissionsEgress?: IpPermission[] | undefined;
+  CreateDate?: Date | undefined;
 
   /**
-   * <p>Any tags assigned to the security group.</p>
+   * <p>The hourly price for a single instance.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  HourlyPrice?: string | undefined;
 
   /**
-   * <p>The ID of the VPC for the security group.</p>
+   * <p>The number of instances.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  InstanceCount?: number | undefined;
 
   /**
-   * <p>The ARN of the security group.</p>
+   * <p>The instance type.</p>
    * @public
    */
-  SecurityGroupArn?: string | undefined;
+  InstanceType?: string | undefined;
 
   /**
-   * <p>The Amazon Web Services account ID of the owner of the security group.</p>
+   * <p>The network platform.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  NetworkPlatform?: string | undefined;
 
   /**
-   * <p>The name of the security group.</p>
+   * <p>The time for the next schedule to start.</p>
    * @public
    */
-  GroupName?: string | undefined;
+  NextSlotStartTime?: Date | undefined;
 
   /**
-   * <p>A description of the security group.</p>
+   * <p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>
    * @public
    */
-  Description?: string | undefined;
+  Platform?: string | undefined;
 
   /**
-   * <p>The inbound rules associated with the security group.</p>
+   * <p>The time that the previous schedule ended or will end.</p>
    * @public
    */
-  IpPermissions?: IpPermission[] | undefined;
-}
+  PreviousSlotEndTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface DescribeSecurityGroupsResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The schedule recurrence.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Recurrence?: ScheduledInstanceRecurrence | undefined;
 
   /**
-   * <p>Information about the security groups.</p>
+   * <p>The Scheduled Instance ID.</p>
    * @public
    */
-  SecurityGroups?: SecurityGroup[] | undefined;
-}
+  ScheduledInstanceId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeSecurityGroupVpcAssociationsRequest {
   /**
-   * <p>Security group VPC association filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>group-id</code>: The security group ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-id</code>: The ID of the associated VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-owner-id</code>: The account ID of the VPC owner.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code>: The state of the association.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code>: The key/value combination of a tag assigned to the resource. Use
-   *                     the tag key in the filter name and the tag value as the filter value. For
-   *                     example, to find all resources that have a tag with the key <code>Owner</code>
-   *                     and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter
-   *                     name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code>: The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>The number of hours in the schedule.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  SlotDurationInHours?: number | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The end date for the Scheduled Instance.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  TermEndDate?: Date | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The start date for the Scheduled Instance.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  TermStartDate?: Date | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The total number of hours for a single instance for the entire term.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TotalScheduledInstanceHours?: number | undefined;
 }
 
 /**
- * <p>A security group association with a VPC that you made with <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSecurityGroupVpc.html">AssociateSecurityGroupVpc</a>.</p>
+ * <p>Contains the output of DescribeScheduledInstances.</p>
  * @public
  */
-export interface SecurityGroupVpcAssociation {
-  /**
-   * <p>The association's security group ID.</p>
-   * @public
-   */
-  GroupId?: string | undefined;
-
+export interface DescribeScheduledInstancesResult {
   /**
-   * <p>The association's VPC ID.</p>
+   * <p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The Amazon Web Services account ID of the owner of the VPC.</p>
+   * <p>Information about the Scheduled Instances.</p>
    * @public
    */
-  VpcOwnerId?: string | undefined;
+  ScheduledInstanceSet?: ScheduledInstance[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeSecurityGroupReferencesRequest {
   /**
-   * <p>The association's state.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  State?: SecurityGroupVpcAssociationState | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The association's state reason.</p>
+   * <p>The IDs of the security groups in your account.</p>
    * @public
    */
-  StateReason?: string | undefined;
+  GroupId: string[] | undefined;
 }
 
 /**
+ * <p>Describes a VPC with a security group that references your security group.</p>
  * @public
  */
-export interface DescribeSecurityGroupVpcAssociationsResult {
+export interface SecurityGroupReference {
   /**
-   * <p>The security group VPC associations.</p>
+   * <p>The ID of your security group.</p>
    * @public
    */
-  SecurityGroupVpcAssociations?: SecurityGroupVpcAssociation[] | undefined;
+  GroupId?: string | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The ID of the VPC with the referencing security group.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  ReferencingVpcId?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const SnapshotAttributeName = {
-  createVolumePermission: "createVolumePermission",
-  productCodes: "productCodes",
-} as const;
+  /**
+   * <p>The ID of the VPC peering connection (if applicable). For more information about security group referencing for peering connections, see
+   *           <a href="https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html">Update your security groups to reference peer security groups</a>
+   *           in the <i>VPC Peering Guide</i>.</p>
+   * @public
+   */
+  VpcPeeringConnectionId?: string | undefined;
+
+  /**
+   * <note>
+   *             <p>This parameter is in preview and may not be available for your account.</p>
+   *          </note>
+   *          <p>The ID of the transit gateway (if applicable).</p>
+   * @public
+   */
+  TransitGatewayId?: string | undefined;
+}
 
 /**
  * @public
  */
-export type SnapshotAttributeName = (typeof SnapshotAttributeName)[keyof typeof SnapshotAttributeName];
+export interface DescribeSecurityGroupReferencesResult {
+  /**
+   * <p>Information about the VPCs with the referencing security groups.</p>
+   * @public
+   */
+  SecurityGroupReferenceSet?: SecurityGroupReference[] | undefined;
+}
 
 /**
  * @public
  */
-export interface DescribeSnapshotAttributeRequest {
+export interface DescribeSecurityGroupRulesRequest {
   /**
-   * <p>The snapshot attribute you would like to view.</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>group-id</code> - The ID of the security group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>security-group-rule-id</code> - The ID of the security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Attribute: SnapshotAttributeName | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The ID of the EBS snapshot.</p>
+   * <p>The IDs of the security group rules.</p>
    * @public
    */
-  SnapshotId: string | undefined;
+  SecurityGroupRuleIds?: string[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -12182,89 +12147,76 @@ export interface DescribeSnapshotAttributeRequest {
    * @public
    */
   DryRun?: boolean | undefined;
-}
 
-/**
- * <p>Describes the user or group to be added or removed from the list of create volume
- *       permissions for a volume.</p>
- * @public
- */
-export interface CreateVolumePermission {
   /**
-   * <p>The ID of the Amazon Web Services account to be added or removed.</p>
+   * <p>The token returned from a previous paginated request.
+   *             Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  UserId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The group to be added or removed. The possible value is <code>all</code>.</p>
+   * <p>The maximum number of items to return for this request. To get the next page of
+   *             items, make another request with the token returned in the output. This value
+   *             can be between 5 and 1000. If this parameter is not specified, then all items are
+   *             returned. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  Group?: PermissionGroup | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeSnapshotAttributeResult {
-  /**
-   * <p>The product codes.</p>
-   * @public
-   */
-  ProductCodes?: ProductCode[] | undefined;
-
+export interface DescribeSecurityGroupRulesResult {
   /**
-   * <p>The ID of the EBS snapshot.</p>
+   * <p>Information about security group rules.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  SecurityGroupRules?: SecurityGroupRule[] | undefined;
 
   /**
-   * <p>The users and groups that have the permissions for creating volumes from the
-   *       snapshot.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *             This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  CreateVolumePermissions?: CreateVolumePermission[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeSnapshotsRequest {
-  /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
+export interface DescribeSecurityGroupsRequest {
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The IDs of the security groups. Required for security groups in a nondefault VPC.</p>
+   *          <p>Default: Describes all of your security groups.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  GroupIds?: string[] | undefined;
 
   /**
-   * <p>Scopes the results to snapshots with the specified owners. You can specify a combination of
-   *       Amazon Web Services account IDs, <code>self</code>, and <code>amazon</code>.</p>
+   * <p>[Default VPC] The names of the security groups. You can specify either
+   * 			the security group name or the security group ID.</p>
+   *          <p>Default: Describes all of your security groups.</p>
    * @public
    */
-  OwnerIds?: string[] | undefined;
+  GroupNames?: string[] | undefined;
 
   /**
-   * <p>The IDs of the Amazon Web Services accounts that can create volumes from the snapshot.</p>
+   * <p>The token returned from a previous paginated request.
+   *             Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  RestorableByUserIds?: string[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The snapshot IDs.</p>
-   *          <p>Default: Describes the snapshots for which you have create volume permissions.</p>
+   * <p>The maximum number of items to return for this request. To get the next page of items,
+   *             make another request with the token returned in the output. This value can be between 5 and 1000.
+   *             If this parameter is not specified, then all items are returned. For more information, see
+   *             <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  SnapshotIds?: string[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -12275,68 +12227,127 @@ export interface DescribeSnapshotsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>description</code> - A description of the snapshot.</p>
+   *                   <code>description</code> - The description of the security group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress.ip-permission.cidr</code> - An IPv4 CIDR block for an outbound
+   *                     security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress.ip-permission.from-port</code> - For an outbound rule, the
+   *                     start of port range for the TCP and UDP protocols, or an ICMP type
+   *                     number.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress.ip-permission.group-id</code> - The ID of a security group
+   *                     that has been referenced in an outbound security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress.ip-permission.group-name</code> - The name of a security group
+   *                     that is referenced in an outbound security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress.ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an
+   *                     outbound security group rule.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>encrypted</code> - Indicates whether the snapshot is encrypted
-   *             (<code>true</code> | <code>false</code>)</p>
+   *                   <code>egress.ip-permission.prefix-list-id</code> - The ID of a prefix list to which a security group rule allows outbound access.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-alias</code> - The owner alias, from an Amazon-maintained list
-   *           (<code>amazon</code>).
-   *           This is not the user-configured Amazon Web Services account alias set using the IAM console.
-   *           We recommend that you use the related parameter instead of this filter.</p>
+   *                   <code>egress.ip-permission.protocol</code> - The IP protocol for an
+   *                     outbound security group rule (<code>tcp</code> | <code>udp</code> |
+   *                         <code>icmp</code>, a protocol number, or -1 for all protocols).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend that
-   *           you use the related parameter instead of this filter.</p>
+   *                   <code>egress.ip-permission.to-port</code> - For an outbound rule, the end
+   *                     of port range for the TCP and UDP protocols, or an ICMP code.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>progress</code> - The progress of the snapshot, as a percentage (for example,
-   *           80%).</p>
+   *                   <code>egress.ip-permission.user-id</code> - The ID of an Amazon Web Services account that
+   *                     has been referenced in an outbound security group rule.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>snapshot-id</code> - The snapshot ID.</p>
+   *                   <code>group-id</code> - The ID of the security group. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>start-time</code> - The time stamp when the snapshot was initiated.</p>
+   *                   <code>group-name</code> - The name of the security group.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status</code> - The status of the snapshot (<code>pending</code> |
-   *             <code>completed</code> | <code>error</code>).</p>
+   *                   <code>ip-permission.cidr</code> - An IPv4 CIDR block for an inbound security
+   *                     group rule.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>storage-tier</code> - The storage tier of the snapshot (<code>archive</code> |
-   *           <code>standard</code>).</p>
+   *                   <code>ip-permission.from-port</code> - For an inbound rule, the start of port
+   *                     range for the TCP and UDP protocols, or an ICMP type number.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>ip-permission.group-id</code> - The ID of a security group that has been
+   *                     referenced in an inbound security group rule.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>ip-permission.group-name</code> - The name of a security group that is
+   *                     referenced in an inbound security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an inbound security
+   *                     group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ip-permission.prefix-list-id</code> - The ID of a prefix list from which a security group rule allows inbound access.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ip-permission.protocol</code> - The IP protocol for an inbound security
+   *                 group rule (<code>tcp</code> | <code>udp</code> | <code>icmp</code>, a
+   *                 protocol number, or -1 for all protocols).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ip-permission.to-port</code> - For an inbound rule, the end of port range
+   *                     for the TCP and UDP protocols, or an ICMP code.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ip-permission.user-id</code> - The ID of an Amazon Web Services account that has been
+   *                     referenced in an inbound security group rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner of the security group.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>volume-id</code> - The ID of the volume the snapshot is for.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>volume-size</code> - The size of the volume, in GiB.</p>
+   *                   <code>vpc-id</code> - The ID of the VPC specified when the security group was created.</p>
    *             </li>
    *          </ul>
    * @public
@@ -12345,174 +12356,196 @@ export interface DescribeSnapshotsRequest {
 }
 
 /**
+ * <p>Describes a security group.</p>
  * @public
  */
-export interface DescribeSnapshotsResult {
+export interface SecurityGroup {
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The ID of the security group.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  GroupId?: string | undefined;
 
   /**
-   * <p>Information about the snapshots.</p>
+   * <p>The outbound rules associated with the security group.</p>
    * @public
    */
-  Snapshots?: Snapshot[] | undefined;
-}
+  IpPermissionsEgress?: IpPermission[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeSnapshotTierStatusRequest {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>snapshot-id</code> - The snapshot ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>volume-id</code> - The ID of the volume the snapshot is for.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>last-tiering-operation</code> - The state of the last archive or restore action. (<code>archival-in-progress</code> | <code>archival-completed</code> |
-   *           <code>archival-failed</code> | <code>permanent-restore-in-progress</code> | <code>permanent-restore-completed</code> | <code>permanent-restore-failed</code> |
-   * 		<code>temporary-restore-in-progress</code> | <code>temporary-restore-completed</code> | <code>temporary-restore-failed</code>)</p>
-   *             </li>
-   *          </ul>
+   * <p>Any tags assigned to the security group.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the VPC for the security group.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  VpcId?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The ARN of the security group.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  SecurityGroupArn?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The Amazon Web Services account ID of the owner of the security group.</p>
    * @public
    */
-  MaxResults?: number | undefined;
-}
+  OwnerId?: string | undefined;
 
-/**
- * @public
- * @enum
- */
-export const TieringOperationStatus = {
-  archival_completed: "archival-completed",
-  archival_failed: "archival-failed",
-  archival_in_progress: "archival-in-progress",
-  permanent_restore_completed: "permanent-restore-completed",
-  permanent_restore_failed: "permanent-restore-failed",
-  permanent_restore_in_progress: "permanent-restore-in-progress",
-  temporary_restore_completed: "temporary-restore-completed",
-  temporary_restore_failed: "temporary-restore-failed",
-  temporary_restore_in_progress: "temporary-restore-in-progress",
-} as const;
+  /**
+   * <p>The name of the security group.</p>
+   * @public
+   */
+  GroupName?: string | undefined;
 
-/**
- * @public
- */
-export type TieringOperationStatus = (typeof TieringOperationStatus)[keyof typeof TieringOperationStatus];
+  /**
+   * <p>A description of the security group.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>The inbound rules associated with the security group.</p>
+   * @public
+   */
+  IpPermissions?: IpPermission[] | undefined;
+}
 
 /**
- * <p>Provides information about a snapshot's storage tier.</p>
  * @public
  */
-export interface SnapshotTierStatus {
+export interface DescribeSecurityGroupsResult {
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The ID of the volume from which the snapshot was created.</p>
+   * <p>Information about the security groups.</p>
    * @public
    */
-  VolumeId?: string | undefined;
+  SecurityGroups?: SecurityGroup[] | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeSecurityGroupVpcAssociationsRequest {
+  /**
+   * <p>Security group VPC association filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>group-id</code>: The security group ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code>: The ID of the associated VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-owner-id</code>: The account ID of the VPC owner.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code>: The state of the association.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag:<key></code>: The key/value combination of a tag assigned to the resource. Use
+   *                     the tag key in the filter name and the tag value as the filter value. For
+   *                     example, to find all resources that have a tag with the key <code>Owner</code>
+   *                     and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter
+   *                     name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code>: The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The state of the snapshot.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Status?: SnapshotState | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the snapshot.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The tags that are assigned to the snapshot.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>A security group association with a VPC that you made with <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateSecurityGroupVpc.html">AssociateSecurityGroupVpc</a>.</p>
+ * @public
+ */
+export interface SecurityGroupVpcAssociation {
   /**
-   * <p>The storage tier in which the snapshot is stored. <code>standard</code> indicates
-   *       that the snapshot is stored in the standard snapshot storage tier and that it is ready
-   *       for use. <code>archive</code> indicates that the snapshot is currently archived and that
-   *       it must be restored before it can be used.</p>
+   * <p>The association's security group ID.</p>
    * @public
    */
-  StorageTier?: StorageTier | undefined;
+  GroupId?: string | undefined;
 
   /**
-   * <p>The date and time when the last archive or restore process was started.</p>
+   * <p>The association's VPC ID.</p>
    * @public
    */
-  LastTieringStartTime?: Date | undefined;
+  VpcId?: string | undefined;
 
   /**
-   * <p>The progress of the last archive or restore process, as a percentage.</p>
+   * <p>The Amazon Web Services account ID of the owner of the VPC.</p>
    * @public
    */
-  LastTieringProgress?: number | undefined;
+  VpcOwnerId?: string | undefined;
 
   /**
-   * <p>The status of the last archive or restore process.</p>
+   * <p>The association's state.</p>
    * @public
    */
-  LastTieringOperationStatus?: TieringOperationStatus | undefined;
+  State?: SecurityGroupVpcAssociationState | undefined;
 
   /**
-   * <p>A message describing the status of the last archive or restore process.</p>
+   * <p>The association's state reason.</p>
    * @public
    */
-  LastTieringOperationStatusDetail?: string | undefined;
+  StateReason?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeSecurityGroupVpcAssociationsResult {
   /**
-   * <p>The date and time when the last archive process was completed.</p>
+   * <p>The security group VPC associations.</p>
    * @public
    */
-  ArchivalCompleteTime?: Date | undefined;
+  SecurityGroupVpcAssociations?: SecurityGroupVpcAssociation[] | undefined;
 
   /**
-   * <p>Only for archived snapshots that are temporarily restored. Indicates the date and
-   *       time when a temporarily restored snapshot will be automatically re-archived.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  RestoreExpiryTime?: Date | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
diff --git a/clients/client-ec2/src/models/models_5.ts b/clients/client-ec2/src/models/models_5.ts
index 4031c5f0dacd..d0b19886bccf 100644
--- a/clients/client-ec2/src/models/models_5.ts
+++ b/clients/client-ec2/src/models/models_5.ts
@@ -10,7 +10,6 @@ import {
   AsnAssociation,
   AssociationStatus,
   BatchState,
-  CapacityReservationState,
   IamInstanceProfileAssociation,
   IamInstanceProfileSpecification,
   InstanceEventWindow,
@@ -71,9 +70,12 @@ import {
   ServiceConfiguration,
   ServiceConnectivityType,
   ServiceTypeDetail,
+  Snapshot,
+  SnapshotState,
   SpotDatafeedSubscription,
   SpotInstanceStateFault,
   State,
+  StorageTier,
   TrafficMirrorFilter,
   TrafficMirrorFilterRule,
   TrafficMirrorSession,
@@ -88,6 +90,7 @@ import {
   VerifiedAccessEndpoint,
   VerifiedAccessGroup,
   Volume,
+  VpcBlockPublicAccessExclusion,
   VpcEndpoint,
   VpnConnection,
   VpnConnectionFilterSensitiveLog,
@@ -104,302 +107,275 @@ import {
   FastSnapshotRestoreStateCode,
   Filter,
   MetricType,
-  PeriodType,
+  PermissionGroup,
   ProductCode,
   StatisticType,
 } from "./models_3";
 
-import { AttributeBooleanValue, RIProductDescription, SnapshotTierStatus } from "./models_4";
+import { AttributeBooleanValue, RIProductDescription } from "./models_4";
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeSnapshotTierStatusResult {
-  /**
-   * <p>Information about the snapshot's storage tier.</p>
-   * @public
-   */
-  SnapshotTierStatuses?: SnapshotTierStatus[] | undefined;
-
-  /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
+export const SnapshotAttributeName = {
+  createVolumePermission: "createVolumePermission",
+  productCodes: "productCodes",
+} as const;
 
 /**
- * <p>Contains the parameters for DescribeSpotDatafeedSubscription.</p>
  * @public
  */
-export interface DescribeSpotDatafeedSubscriptionRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *             <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-}
+export type SnapshotAttributeName = (typeof SnapshotAttributeName)[keyof typeof SnapshotAttributeName];
 
 /**
- * <p>Contains the output of DescribeSpotDatafeedSubscription.</p>
  * @public
  */
-export interface DescribeSpotDatafeedSubscriptionResult {
+export interface DescribeSnapshotAttributeRequest {
   /**
-   * <p>The Spot Instance data feed subscription.</p>
+   * <p>The snapshot attribute you would like to view.</p>
    * @public
    */
-  SpotDatafeedSubscription?: SpotDatafeedSubscription | undefined;
-}
+  Attribute: SnapshotAttributeName | undefined;
 
-/**
- * <p>Contains the parameters for DescribeSpotFleetInstances.</p>
- * @public
- */
-export interface DescribeSpotFleetInstancesRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the EBS snapshot.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SnapshotId: string | undefined;
 
   /**
-   * <p>The ID of the Spot Fleet request.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SpotFleetRequestId: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Describes the user or group to be added or removed from the list of create volume
+ *       permissions for a volume.</p>
+ * @public
+ */
+export interface CreateVolumePermission {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The ID of the Amazon Web Services account to be added or removed.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  UserId?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The group to be added or removed. The possible value is <code>all</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Group?: PermissionGroup | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeSpotFleetInstances.</p>
  * @public
  */
-export interface DescribeSpotFleetInstancesResponse {
+export interface DescribeSnapshotAttributeResult {
   /**
-   * <p>The running instances. This list is refreshed periodically and might be out of
-   *             date.</p>
+   * <p>The product codes.</p>
    * @public
    */
-  ActiveInstances?: ActiveInstance[] | undefined;
+  ProductCodes?: ProductCode[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The ID of the EBS snapshot.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>The ID of the Spot Fleet request.</p>
+   * <p>The users and groups that have the permissions for creating volumes from the
+   *       snapshot.</p>
    * @public
    */
-  SpotFleetRequestId?: string | undefined;
+  CreateVolumePermissions?: CreateVolumePermission[] | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const EventType = {
-  BATCH_CHANGE: "fleetRequestChange",
-  ERROR: "error",
-  INFORMATION: "information",
-  INSTANCE_CHANGE: "instanceChange",
-} as const;
-
-/**
- * @public
- */
-export type EventType = (typeof EventType)[keyof typeof EventType];
-
-/**
- * <p>Contains the parameters for DescribeSpotFleetRequestHistory.</p>
  * @public
  */
-export interface DescribeSpotFleetRequestHistoryRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface DescribeSnapshotsRequest {
   /**
-   * <p>The ID of the Spot Fleet request.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  SpotFleetRequestId: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The type of events to describe. By default, all events are described.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  EventType?: EventType | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The starting date and time for the events, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>Scopes the results to snapshots with the specified owners. You can specify a combination of
+   *       Amazon Web Services account IDs, <code>self</code>, and <code>amazon</code>.</p>
    * @public
    */
-  StartTime: Date | undefined;
+  OwnerIds?: string[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The IDs of the Amazon Web Services accounts that can create volumes from the snapshot.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  RestorableByUserIds?: string[] | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The snapshot IDs.</p>
+   *          <p>Default: Describes the snapshots for which you have create volume permissions.</p>
    * @public
    */
-  MaxResults?: number | undefined;
-}
+  SnapshotIds?: string[] | undefined;
 
-/**
- * <p>Describes an event in the history of the Spot Fleet request.</p>
- * @public
- */
-export interface HistoryRecord {
   /**
-   * <p>Information about the event.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  EventInformation?: EventInformation | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The event type.</p>
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>error</code> - An error with the Spot Fleet request.</p>
+   *                   <code>description</code> - A description of the snapshot.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>fleetRequestChange</code> - A change in the status or configuration of
-   *                     the Spot Fleet request.</p>
+   *                   <code>encrypted</code> - Indicates whether the snapshot is encrypted
+   *             (<code>true</code> | <code>false</code>)</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>instanceChange</code> - An instance was launched or terminated.</p>
+   *                   <code>owner-alias</code> - The owner alias, from an Amazon-maintained list
+   *           (<code>amazon</code>).
+   *           This is not the user-configured Amazon Web Services account alias set using the IAM console.
+   *           We recommend that you use the related parameter instead of this filter.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>Information</code> - An informational event.</p>
+   *                   <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend that
+   *           you use the related parameter instead of this filter.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>progress</code> - The progress of the snapshot, as a percentage (for example,
+   *           80%).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>snapshot-id</code> - The snapshot ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>start-time</code> - The time stamp when the snapshot was initiated.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code> - The status of the snapshot (<code>pending</code> |
+   *             <code>completed</code> | <code>error</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>storage-tier</code> - The storage tier of the snapshot (<code>archive</code> |
+   *           <code>standard</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-id</code> - The ID of the volume the snapshot is for.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-size</code> - The size of the volume, in GiB.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  EventType?: EventType | undefined;
-
-  /**
-   * <p>The date and time of the event, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
-   * @public
-   */
-  Timestamp?: Date | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeSpotFleetRequestHistory.</p>
  * @public
  */
-export interface DescribeSpotFleetRequestHistoryResponse {
-  /**
-   * <p>Information about the events in the history of the Spot Fleet request.</p>
-   * @public
-   */
-  HistoryRecords?: HistoryRecord[] | undefined;
-
-  /**
-   * <p>The last date and time for the events, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
-   *             All records up to this time were retrieved.</p>
-   *          <p>If <code>nextToken</code> indicates that there are more items, this value is not
-   *             present.</p>
-   * @public
-   */
-  LastEvaluatedTime?: Date | undefined;
-
+export interface DescribeSnapshotsResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The ID of the Spot Fleet request.</p>
-   * @public
-   */
-  SpotFleetRequestId?: string | undefined;
-
-  /**
-   * <p>The starting date and time for the events, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>Information about the snapshots.</p>
    * @public
    */
-  StartTime?: Date | undefined;
+  Snapshots?: Snapshot[] | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeSpotFleetRequests.</p>
  * @public
  */
-export interface DescribeSpotFleetRequestsRequest {
+export interface DescribeSnapshotTierStatusRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>snapshot-id</code> - The snapshot ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-id</code> - The ID of the volume the snapshot is for.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>last-tiering-operation</code> - The state of the last archive or restore action. (<code>archival-in-progress</code> | <code>archival-completed</code> |
+   *           <code>archival-failed</code> | <code>permanent-restore-in-progress</code> | <code>permanent-restore-completed</code> | <code>permanent-restore-failed</code> |
+   * 		<code>temporary-restore-in-progress</code> | <code>temporary-restore-completed</code> | <code>temporary-restore-failed</code>)</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The IDs of the Spot Fleet requests.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SpotFleetRequestIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
    * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
   MaxResults?: number | undefined;
@@ -409,1314 +385,661 @@ export interface DescribeSpotFleetRequestsRequest {
  * @public
  * @enum
  */
-export const ExcessCapacityTerminationPolicy = {
-  DEFAULT: "default",
-  NO_TERMINATION: "noTermination",
+export const TieringOperationStatus = {
+  archival_completed: "archival-completed",
+  archival_failed: "archival-failed",
+  archival_in_progress: "archival-in-progress",
+  permanent_restore_completed: "permanent-restore-completed",
+  permanent_restore_failed: "permanent-restore-failed",
+  permanent_restore_in_progress: "permanent-restore-in-progress",
+  temporary_restore_completed: "temporary-restore-completed",
+  temporary_restore_failed: "temporary-restore-failed",
+  temporary_restore_in_progress: "temporary-restore-in-progress",
 } as const;
 
 /**
  * @public
  */
-export type ExcessCapacityTerminationPolicy =
-  (typeof ExcessCapacityTerminationPolicy)[keyof typeof ExcessCapacityTerminationPolicy];
+export type TieringOperationStatus = (typeof TieringOperationStatus)[keyof typeof TieringOperationStatus];
 
 /**
- * <p>Describes whether monitoring is enabled.</p>
+ * <p>Provides information about a snapshot's storage tier.</p>
  * @public
  */
-export interface SpotFleetMonitoring {
+export interface SnapshotTierStatus {
   /**
-   * <p>Enables monitoring for the instance.</p>
-   *          <p>Default: <code>false</code>
-   *          </p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  Enabled?: boolean | undefined;
-}
-
-/**
- * <p>Describes a network interface.</p>
- * @public
- */
-export interface InstanceNetworkInterfaceSpecification {
-  /**
-   * <p>Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The
-   *             public IP address can only be assigned to a network interface for eth0, and can only be
-   *             assigned to a new network interface, not an existing one. You cannot specify more than one
-   *             network interface in the request. If launching into a default subnet, the default value is
-   *             <code>true</code>.</p>
-   *          <p>Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses
-   * associated with running instances and Elastic IP addresses. For more information, see the <i>Public IPv4 Address</i> tab on the <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing page</a>.</p>
-   * @public
-   */
-  AssociatePublicIpAddress?: boolean | undefined;
-
-  /**
-   * <p>If set to <code>true</code>, the interface is deleted when the instance is terminated. You can
-   *             specify <code>true</code> only if creating a new network interface when launching an
-   *             instance.</p>
-   * @public
-   */
-  DeleteOnTermination?: boolean | undefined;
-
-  /**
-   * <p>The description of the network interface. Applies only if creating a network interface when launching an instance.</p>
-   * @public
-   */
-  Description?: string | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>The position of the network interface in the attachment order.
-   *           A primary network interface has a device index of 0.</p>
-   *          <p>If you specify a network interface when launching an instance,
-   *           you must specify the device index.</p>
+   * <p>The ID of the volume from which the snapshot was created.</p>
    * @public
    */
-  DeviceIndex?: number | undefined;
+  VolumeId?: string | undefined;
 
   /**
-   * <p>The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.</p>
+   * <p>The state of the snapshot.</p>
    * @public
    */
-  Groups?: string[] | undefined;
+  Status?: SnapshotState | undefined;
 
   /**
-   * <p>A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses
-   *             the IPv6 addresses from the range of the subnet. You cannot specify this option and the
-   *             option to assign specific IPv6 addresses in the same request. You can specify this
-   *             option if you've specified a minimum number of instances to launch.</p>
+   * <p>The ID of the Amazon Web Services account that owns the snapshot.</p>
    * @public
    */
-  Ipv6AddressCount?: number | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The IPv6 addresses to assign to the network interface. You cannot specify
-   *             this option and the option to assign a number of IPv6 addresses in the same request. You
-   *             cannot specify this option if you've specified a minimum number of instances to
-   *             launch.</p>
+   * <p>The tags that are assigned to the snapshot.</p>
    * @public
    */
-  Ipv6Addresses?: InstanceIpv6Address[] | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The ID of the network interface.</p>
-   *          <p>If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.</p>
+   * <p>The storage tier in which the snapshot is stored. <code>standard</code> indicates
+   *       that the snapshot is stored in the standard snapshot storage tier and that it is ready
+   *       for use. <code>archive</code> indicates that the snapshot is currently archived and that
+   *       it must be restored before it can be used.</p>
    * @public
    */
-  NetworkInterfaceId?: string | undefined;
+  StorageTier?: StorageTier | undefined;
 
   /**
-   * <p>The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching
-   *         	more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
+   * <p>The date and time when the last archive or restore process was started.</p>
    * @public
    */
-  PrivateIpAddress?: string | undefined;
+  LastTieringStartTime?: Date | undefined;
 
   /**
-   * <p>The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're
-   *         	launching more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
+   * <p>The progress of the last archive or restore process, as a percentage.</p>
    * @public
    */
-  PrivateIpAddresses?: PrivateIpAddressSpecification[] | undefined;
+  LastTieringProgress?: number | undefined;
 
   /**
-   * <p>The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're
-   *         	launching more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
+   * <p>The status of the last archive or restore process.</p>
    * @public
    */
-  SecondaryPrivateIpAddressCount?: number | undefined;
+  LastTieringOperationStatus?: TieringOperationStatus | undefined;
 
   /**
-   * <p>The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.</p>
+   * <p>A message describing the status of the last archive or restore process.</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  LastTieringOperationStatusDetail?: string | undefined;
 
   /**
-   * <p>Indicates whether to assign a carrier IP address to the network interface.</p>
-   *          <p>You can only assign a carrier IP address to a network interface that is in a subnet in
-   *             a Wavelength Zone. For more information about carrier IP addresses, see <a href="https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip">Carrier IP address</a> in the <i>Amazon Web Services Wavelength Developer
-   *                 Guide</i>.</p>
+   * <p>The date and time when the last archive process was completed.</p>
    * @public
    */
-  AssociateCarrierIpAddress?: boolean | undefined;
+  ArchivalCompleteTime?: Date | undefined;
 
   /**
-   * <p>The type of network interface.</p>
-   *          <p>If you specify <code>efa-only</code>, do not assign any IP addresses to the network
-   * 	        interface. EFA-only network interfaces do not support IP addresses.</p>
-   *          <p>Valid values: <code>interface</code> | <code>efa</code> | <code>efa-only</code>
-   *          </p>
+   * <p>Only for archived snapshots that are temporarily restored. Indicates the date and
+   *       time when a temporarily restored snapshot will be automatically re-archived.</p>
    * @public
    */
-  InterfaceType?: string | undefined;
+  RestoreExpiryTime?: Date | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeSnapshotTierStatusResult {
   /**
-   * <p>The index of the network card. Some instance types support multiple network cards.
-   *             The primary network interface must be assigned to network card index 0.
-   *             The default is network card index 0.</p>
-   *          <p>If you are using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html">RequestSpotInstances</a> to create Spot Instances, omit this parameter because
-   *             you can’t specify the network card index when using this API. To specify the network
-   *             card index, use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a>.</p>
+   * <p>Information about the snapshot's storage tier.</p>
    * @public
    */
-  NetworkCardIndex?: number | undefined;
+  SnapshotTierStatuses?: SnapshotTierStatus[] | undefined;
 
   /**
-   * <p>The IPv4 delegated prefixes to be assigned to the network interface. You cannot
-   *             use this option if you use the <code>Ipv4PrefixCount</code> option.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  Ipv4Prefixes?: Ipv4PrefixSpecificationRequest[] | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeSpotDatafeedSubscription.</p>
+ * @public
+ */
+export interface DescribeSpotDatafeedSubscriptionRequest {
   /**
-   * <p>The number of IPv4 delegated prefixes to be automatically assigned to the network interface.
-   *             You cannot use this option if you use the <code>Ipv4Prefix</code> option.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *             <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Ipv4PrefixCount?: number | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeSpotDatafeedSubscription.</p>
+ * @public
+ */
+export interface DescribeSpotDatafeedSubscriptionResult {
   /**
-   * <p>The IPv6 delegated prefixes to be assigned to the network interface. You cannot
-   *             use this option if you use the <code>Ipv6PrefixCount</code> option.</p>
+   * <p>The Spot Instance data feed subscription.</p>
    * @public
    */
-  Ipv6Prefixes?: Ipv6PrefixSpecificationRequest[] | undefined;
+  SpotDatafeedSubscription?: SpotDatafeedSubscription | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeSpotFleetInstances.</p>
+ * @public
+ */
+export interface DescribeSpotFleetInstancesRequest {
   /**
-   * <p>The number of IPv6 delegated prefixes to be automatically assigned to the network interface.
-   *             You cannot use this option if you use the <code>Ipv6Prefix</code> option.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Ipv6PrefixCount?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a>.</p>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  PrimaryIpv6?: boolean | undefined;
+  SpotFleetRequestId: string | undefined;
 
   /**
-   * <p>Specifies the ENA Express settings for the network interface that's attached to
-   * 			the instance.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  EnaSrdSpecification?: EnaSrdSpecificationRequest | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>A security group connection tracking specification that enables you to set the timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
- * <p>Describes Spot Instance placement.</p>
+ * <p>Contains the output of DescribeSpotFleetInstances.</p>
  * @public
  */
-export interface SpotPlacement {
+export interface DescribeSpotFleetInstancesResponse {
   /**
-   * <p>The Availability Zone.</p>
-   *          <p>[Spot Fleet only] To specify multiple Availability Zones, separate them using commas;
-   *             for example, "us-west-2a, us-west-2b".</p>
+   * <p>The running instances. This list is refreshed periodically and might be out of
+   *             date.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  ActiveInstances?: ActiveInstance[] | undefined;
 
   /**
-   * <p>The name of the placement group.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  GroupName?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The tenancy of the instance (if the instance is running in a VPC). An instance with a
-   *             tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code>
-   *             tenancy is not supported for Spot Instances.</p>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  Tenancy?: Tenancy | undefined;
+  SpotFleetRequestId?: string | undefined;
 }
 
 /**
- * <p>The tags for a Spot Fleet resource.</p>
  * @public
+ * @enum
  */
-export interface SpotFleetTagSpecification {
-  /**
-   * <p>The type of resource. Currently, the only resource type that is supported is
-   *                 <code>instance</code>. To tag the Spot Fleet request on creation, use the
-   *                 <code>TagSpecifications</code> parameter in <code>
-   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html">SpotFleetRequestConfigData</a>
-   *             </code>.</p>
-   * @public
-   */
-  ResourceType?: ResourceType | undefined;
+export const EventType = {
+  BATCH_CHANGE: "fleetRequestChange",
+  ERROR: "error",
+  INFORMATION: "information",
+  INSTANCE_CHANGE: "instanceChange",
+} as const;
 
-  /**
-   * <p>The tags.</p>
-   * @public
-   */
-  Tags?: Tag[] | undefined;
-}
+/**
+ * @public
+ */
+export type EventType = (typeof EventType)[keyof typeof EventType];
 
 /**
- * <p>Describes the launch specification for one or more Spot Instances. If you include
- *           On-Demand capacity in your fleet request or want to specify an EFA network device, you
- *           can't use <code>SpotFleetLaunchSpecification</code>; you must use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html">LaunchTemplateConfig</a>.</p>
+ * <p>Contains the parameters for DescribeSpotFleetRequestHistory.</p>
  * @public
  */
-export interface SpotFleetLaunchSpecification {
+export interface DescribeSpotFleetRequestHistoryRequest {
   /**
-   * <p>Deprecated.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AddressingType?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more block devices that are mapped to the Spot Instances. You can't specify both
-   *             a snapshot ID and an encryption value. This is because only blank volumes can be
-   *             encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its
-   *             encryption status is used for the volume encryption status.</p>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
+  SpotFleetRequestId: string | undefined;
 
   /**
-   * <p>Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>
-   *          <p>Default: <code>false</code>
-   *          </p>
+   * <p>The type of events to describe. By default, all events are described.</p>
    * @public
    */
-  EbsOptimized?: boolean | undefined;
+  EventType?: EventType | undefined;
 
   /**
-   * <p>The IAM instance profile.</p>
+   * <p>The starting date and time for the events, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  IamInstanceProfile?: IamInstanceProfileSpecification | undefined;
+  StartTime: Date | undefined;
 
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The instance type.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  MaxResults?: number | undefined;
+}
 
+/**
+ * <p>Describes an event in the history of the Spot Fleet request.</p>
+ * @public
+ */
+export interface HistoryRecord {
   /**
-   * <p>The ID of the kernel.</p>
+   * <p>Information about the event.</p>
    * @public
    */
-  KernelId?: string | undefined;
+  EventInformation?: EventInformation | undefined;
 
   /**
-   * <p>The name of the key pair.</p>
-   * @public
+   * <p>The event type.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>error</code> - An error with the Spot Fleet request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>fleetRequestChange</code> - A change in the status or configuration of
+   *                     the Spot Fleet request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>instanceChange</code> - An instance was launched or terminated.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>Information</code> - An informational event.</p>
+   *             </li>
+   *          </ul>
+   * @public
    */
-  KeyName?: string | undefined;
+  EventType?: EventType | undefined;
 
   /**
-   * <p>Enable or disable monitoring for the instances.</p>
+   * <p>The date and time of the event, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  Monitoring?: SpotFleetMonitoring | undefined;
+  Timestamp?: Date | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeSpotFleetRequestHistory.</p>
+ * @public
+ */
+export interface DescribeSpotFleetRequestHistoryResponse {
   /**
-   * <p>The network interfaces.</p>
-   *          <note>
-   *             <p>
-   *                <code>SpotFleetLaunchSpecification</code> does not support Elastic Fabric Adapter (EFA).
-   *              You must use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html">LaunchTemplateConfig</a> instead.</p>
-   *          </note>
+   * <p>Information about the events in the history of the Spot Fleet request.</p>
    * @public
    */
-  NetworkInterfaces?: InstanceNetworkInterfaceSpecification[] | undefined;
+  HistoryRecords?: HistoryRecord[] | undefined;
 
   /**
-   * <p>The placement information.</p>
+   * <p>The last date and time for the events, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
+   *             All records up to this time were retrieved.</p>
+   *          <p>If <code>nextToken</code> indicates that there are more items, this value is not
+   *             present.</p>
    * @public
    */
-  Placement?: SpotPlacement | undefined;
+  LastEvaluatedTime?: Date | undefined;
 
   /**
-   * <p>The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel
-   *           requirements for information about whether you need to specify a RAM disk. To find kernel
-   *           requirements, refer to the Amazon Web Services Resource Center and search for the kernel ID.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  RamdiskId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to
-   *           increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
-   *          <important>
-   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
-   *          </important>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  SpotPrice?: string | undefined;
+  SpotFleetRequestId?: string | undefined;
 
   /**
-   * <p>The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate
-   *          them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".</p>
-   *          <p>If you specify a network interface, you must specify any subnets as part of the
-   *          network interface instead of using this parameter.</p>
+   * <p>The starting date and time for the events, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  StartTime?: Date | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeSpotFleetRequests.</p>
+ * @public
+ */
+export interface DescribeSpotFleetRequestsRequest {
   /**
-   * <p>The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  UserData?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The number of units provided by the specified instance type. These are the same units
-   *         that you chose to set the target capacity in terms of instances, or a performance
-   *         characteristic such as vCPUs, memory, or I/O.</p>
-   *          <p>If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the
-   *         number of instances to the next whole number. If this value is not specified, the default
-   *         is 1.</p>
-   *          <note>
-   *             <p>When specifying weights, the price used in the <code>lowestPrice</code> and
-   *            <code>priceCapacityOptimized</code> allocation strategies is per
-   *            <i>unit</i> hour (where the instance price is divided by the specified
-   *            weight). However, if all the specified weights are above the requested
-   *            <code>TargetCapacity</code>, resulting in only 1 instance being launched, the price
-   *            used is per <i>instance</i> hour.</p>
-   *          </note>
+   * <p>The IDs of the Spot Fleet requests.</p>
    * @public
    */
-  WeightedCapacity?: number | undefined;
+  SpotFleetRequestIds?: string[] | undefined;
 
   /**
-   * <p>The tags to apply during creation.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  TagSpecifications?: SpotFleetTagSpecification[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The attributes for the instance types. When you specify instance attributes, Amazon EC2 will
-   *          identify instance types with those attributes.</p>
-   *          <note>
-   *             <p>If you specify <code>InstanceRequirements</code>, you can't specify
-   *             <code>InstanceType</code>.</p>
-   *          </note>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  InstanceRequirements?: InstanceRequirements | undefined;
+  MaxResults?: number | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const ExcessCapacityTerminationPolicy = {
+  DEFAULT: "default",
+  NO_TERMINATION: "noTermination",
+} as const;
+
+/**
+ * @public
+ */
+export type ExcessCapacityTerminationPolicy =
+  (typeof ExcessCapacityTerminationPolicy)[keyof typeof ExcessCapacityTerminationPolicy];
 
+/**
+ * <p>Describes whether monitoring is enabled.</p>
+ * @public
+ */
+export interface SpotFleetMonitoring {
   /**
-   * <p>The security groups.</p>
-   *          <p>If you specify a network interface, you must specify any security groups as part of
-   *         the network interface instead of using this parameter.</p>
+   * <p>Enables monitoring for the instance.</p>
+   *          <p>Default: <code>false</code>
+   *          </p>
    * @public
    */
-  SecurityGroups?: GroupIdentifier[] | undefined;
+  Enabled?: boolean | undefined;
 }
 
 /**
- * <p>Describes overrides for a launch template.</p>
+ * <p>Describes a network interface.</p>
  * @public
  */
-export interface LaunchTemplateOverrides {
+export interface InstanceNetworkInterfaceSpecification {
   /**
-   * <p>The instance type.</p>
+   * <p>Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The
+   *             public IP address can only be assigned to a network interface for eth0, and can only be
+   *             assigned to a new network interface, not an existing one. You cannot specify more than one
+   *             network interface in the request. If launching into a default subnet, the default value is
+   *             <code>true</code>.</p>
+   *          <p>Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses
+   * associated with running instances and Elastic IP addresses. For more information, see the <i>Public IPv4 Address</i> tab on the <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing page</a>.</p>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  AssociatePublicIpAddress?: boolean | undefined;
 
   /**
-   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to
-   *          increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
-   *          <important>
-   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
-   *          </important>
+   * <p>If set to <code>true</code>, the interface is deleted when the instance is terminated. You can
+   *             specify <code>true</code> only if creating a new network interface when launching an
+   *             instance.</p>
    * @public
    */
-  SpotPrice?: string | undefined;
+  DeleteOnTermination?: boolean | undefined;
 
   /**
-   * <p>The ID of the subnet in which to launch the instances.</p>
+   * <p>The description of the network interface. Applies only if creating a network interface when launching an instance.</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The Availability Zone in which to launch the instances.</p>
+   * <p>The position of the network interface in the attachment order.
+   *           A primary network interface has a device index of 0.</p>
+   *          <p>If you specify a network interface when launching an instance,
+   *           you must specify the device index.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  DeviceIndex?: number | undefined;
 
   /**
-   * <p>The number of units provided by the specified instance type. These are the same units
-   *          that you chose to set the target capacity in terms of instances, or a performance
-   *          characteristic such as vCPUs, memory, or I/O.</p>
-   *          <p>If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the
-   *          number of instances to the next whole number. If this value is not specified, the default
-   *          is 1.</p>
-   *          <note>
-   *             <p>When specifying weights, the price used in the <code>lowestPrice</code> and
-   *             <code>priceCapacityOptimized</code> allocation strategies is per
-   *             <i>unit</i> hour (where the instance price is divided by the specified
-   *             weight). However, if all the specified weights are above the requested
-   *             <code>TargetCapacity</code>, resulting in only 1 instance being launched, the price
-   *             used is per <i>instance</i> hour.</p>
-   *          </note>
+   * <p>The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.</p>
    * @public
    */
-  WeightedCapacity?: number | undefined;
+  Groups?: string[] | undefined;
 
   /**
-   * <p>The priority for the launch template override. The highest priority is launched
-   *          first.</p>
-   *          <p>If <code>OnDemandAllocationStrategy</code> is set to <code>prioritized</code>, Spot Fleet
-   *          uses priority to determine which launch template override to use first in fulfilling
-   *          On-Demand capacity.</p>
-   *          <p>If the Spot <code>AllocationStrategy</code> is set to
-   *          <code>capacityOptimizedPrioritized</code>, Spot Fleet uses priority on a best-effort basis
-   *          to determine which launch template override to use in fulfilling Spot capacity, but
-   *          optimizes for capacity first.</p>
-   *          <p>Valid values are whole numbers starting at <code>0</code>. The lower the number, the
-   *          higher the priority. If no number is set, the launch template override has the lowest
-   *          priority. You can set the same priority for different launch template overrides.</p>
+   * <p>A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses
+   *             the IPv6 addresses from the range of the subnet. You cannot specify this option and the
+   *             option to assign specific IPv6 addresses in the same request. You can specify this
+   *             option if you've specified a minimum number of instances to launch.</p>
    * @public
    */
-  Priority?: number | undefined;
+  Ipv6AddressCount?: number | undefined;
 
   /**
-   * <p>The instance requirements. When you specify instance requirements, Amazon EC2 will identify
-   *          instance types with the provided requirements, and then use your On-Demand and Spot
-   *          allocation strategies to launch instances from these instance types, in the same way as
-   *          when you specify a list of instance types.</p>
-   *          <note>
-   *             <p>If you specify <code>InstanceRequirements</code>, you can't specify
-   *             <code>InstanceType</code>.</p>
-   *          </note>
+   * <p>The IPv6 addresses to assign to the network interface. You cannot specify
+   *             this option and the option to assign a number of IPv6 addresses in the same request. You
+   *             cannot specify this option if you've specified a minimum number of instances to
+   *             launch.</p>
    * @public
    */
-  InstanceRequirements?: InstanceRequirements | undefined;
-}
+  Ipv6Addresses?: InstanceIpv6Address[] | undefined;
 
-/**
- * <p>Describes a launch template and overrides.</p>
- * @public
- */
-export interface LaunchTemplateConfig {
   /**
-   * <p>The launch template to use. Make sure that the launch template does not contain the
-   *             <code>NetworkInterfaceId</code> parameter because you can't specify a network interface
-   *          ID in a Spot Fleet.</p>
+   * <p>The ID of the network interface.</p>
+   *          <p>If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.</p>
    * @public
    */
-  LaunchTemplateSpecification?: FleetLaunchTemplateSpecification | undefined;
+  NetworkInterfaceId?: string | undefined;
 
   /**
-   * <p>Any parameters that you specify override the same parameters in the launch
-   *          template.</p>
+   * <p>The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching
+   *         	more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
    * @public
    */
-  Overrides?: LaunchTemplateOverrides[] | undefined;
-}
+  PrivateIpAddress?: string | undefined;
 
-/**
- * <p>Describes a Classic Load Balancer.</p>
- * @public
- */
-export interface ClassicLoadBalancer {
-  /**
-   * <p>The name of the load balancer.</p>
-   * @public
-   */
-  Name?: string | undefined;
-}
-
-/**
- * <p>Describes the Classic Load Balancers to attach to a Spot Fleet. Spot Fleet registers
- *             the running Spot Instances with these Classic Load Balancers.</p>
- * @public
- */
-export interface ClassicLoadBalancersConfig {
-  /**
-   * <p>One or more Classic Load Balancers.</p>
-   * @public
-   */
-  ClassicLoadBalancers?: ClassicLoadBalancer[] | undefined;
-}
-
-/**
- * <p>Describes a load balancer target group.</p>
- * @public
- */
-export interface TargetGroup {
-  /**
-   * <p>The Amazon Resource Name (ARN) of the target group.</p>
-   * @public
-   */
-  Arn?: string | undefined;
-}
-
-/**
- * <p>Describes the target groups to attach to a Spot Fleet. Spot Fleet registers the
- *             running Spot Instances with these target groups.</p>
- * @public
- */
-export interface TargetGroupsConfig {
-  /**
-   * <p>One or more target groups.</p>
-   * @public
-   */
-  TargetGroups?: TargetGroup[] | undefined;
-}
-
-/**
- * <p>Describes the Classic Load Balancers and target groups to attach to a Spot Fleet
- *             request.</p>
- * @public
- */
-export interface LoadBalancersConfig {
-  /**
-   * <p>The Classic Load Balancers.</p>
-   * @public
-   */
-  ClassicLoadBalancersConfig?: ClassicLoadBalancersConfig | undefined;
-
-  /**
-   * <p>The target groups.</p>
-   * @public
-   */
-  TargetGroupsConfig?: TargetGroupsConfig | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const OnDemandAllocationStrategy = {
-  LOWEST_PRICE: "lowestPrice",
-  PRIORITIZED: "prioritized",
-} as const;
-
-/**
- * @public
- */
-export type OnDemandAllocationStrategy = (typeof OnDemandAllocationStrategy)[keyof typeof OnDemandAllocationStrategy];
-
-/**
- * @public
- * @enum
- */
-export const ReplacementStrategy = {
-  LAUNCH: "launch",
-  LAUNCH_BEFORE_TERMINATE: "launch-before-terminate",
-} as const;
-
-/**
- * @public
- */
-export type ReplacementStrategy = (typeof ReplacementStrategy)[keyof typeof ReplacementStrategy];
-
-/**
- * <p>The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your
- *             Spot Instance is at an elevated risk of being interrupted. For more information, see
- *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html">Capacity
- *                 rebalancing</a> in the <i>Amazon EC2 User Guide</i>.</p>
- * @public
- */
-export interface SpotCapacityRebalance {
-  /**
-   * <p>The replacement strategy to use. Only available for fleets of type
-   *             <code>maintain</code>.</p>
-   *          <p>
-   *             <code>launch</code> - Spot Fleet launches a new replacement Spot Instance when a
-   *             rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet
-   *             does not terminate the instances that receive a rebalance notification. You can
-   *             terminate the old instances, or you can leave them running. You are charged for all
-   *             instances while they are running. </p>
-   *          <p>
-   *             <code>launch-before-terminate</code> - Spot Fleet launches a new replacement Spot
-   *             Instance when a rebalance notification is emitted for an existing Spot Instance in the
-   *             fleet, and then, after a delay that you specify (in <code>TerminationDelay</code>),
-   *             terminates the instances that received a rebalance notification.</p>
-   * @public
-   */
-  ReplacementStrategy?: ReplacementStrategy | undefined;
-
-  /**
-   * <p>The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot
-   *             Instance after launching a new replacement Spot Instance.</p>
-   *          <p>Required when <code>ReplacementStrategy</code> is set to <code>launch-before-terminate</code>.</p>
-   *          <p>Not valid when <code>ReplacementStrategy</code> is set to <code>launch</code>.</p>
-   *          <p>Valid values: Minimum value of <code>120</code> seconds. Maximum value of <code>7200</code> seconds.</p>
-   * @public
-   */
-  TerminationDelay?: number | undefined;
-}
-
-/**
- * <p>The strategies for managing your Spot Instances that are at an elevated risk of being
- *             interrupted.</p>
- * @public
- */
-export interface SpotMaintenanceStrategies {
-  /**
-   * <p>The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your
-   *             Spot Instance is at an elevated risk of being interrupted. For more information, see
-   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html">Capacity
-   *                 rebalancing</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  CapacityRebalance?: SpotCapacityRebalance | undefined;
-}
-
-/**
- * <p>Describes the configuration of a Spot Fleet request.</p>
- * @public
- */
-export interface SpotFleetRequestConfigData {
-  /**
-   * <p>The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance
-   *             pools specified by the Spot Fleet launch configuration. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html">Allocation
-   *                 strategies for Spot Instances</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   *          <dl>
-   *             <dt>priceCapacityOptimized (recommended)</dt>
-   *             <dd>
-   *                <p>Spot Fleet identifies the pools with
-   *                    the highest capacity availability for the number of instances that are launching. This means
-   *                    that we will request Spot Instances from the pools that we believe have the lowest chance of interruption
-   *                    in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.</p>
-   *             </dd>
-   *             <dt>capacityOptimized</dt>
-   *             <dd>
-   *                <p>Spot Fleet identifies the pools with
-   *                    the highest capacity availability for the number of instances that are launching. This means
-   *                    that we will request Spot Instances from the pools that we believe have the lowest chance of interruption
-   *                    in the near term. To give certain
-   *           instance types a higher chance of launching first, use
-   *           <code>capacityOptimizedPrioritized</code>. Set a priority for each instance type by
-   *           using the <code>Priority</code> parameter for <code>LaunchTemplateOverrides</code>. You can
-   *           assign the same priority to different <code>LaunchTemplateOverrides</code>. EC2 implements
-   *           the priorities on a best-effort basis, but optimizes for capacity first.
-   *           <code>capacityOptimizedPrioritized</code> is supported only if your Spot Fleet uses a
-   *           launch template. Note that if the <code>OnDemandAllocationStrategy</code> is set to
-   *           <code>prioritized</code>, the same priority is applied when fulfilling On-Demand
-   *           capacity.</p>
-   *             </dd>
-   *             <dt>diversified</dt>
-   *             <dd>
-   *                <p>Spot Fleet requests instances from all of the Spot Instance pools that you
-   *           specify.</p>
-   *             </dd>
-   *             <dt>lowestPrice (not recommended)</dt>
-   *             <dd>
-   *                <important>
-   *                   <p>We don't recommend the <code>lowestPrice</code> allocation strategy because
-   *                      it has the highest risk of interruption for your Spot Instances.</p>
-   *                </important>
-   *                <p>Spot Fleet requests instances from the lowest priced Spot Instance pool that has available
-   *                   capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances
-   *                   come from the next lowest priced pool that has available capacity. If a pool runs
-   *                   out of capacity before fulfilling your desired capacity, Spot Fleet will continue to
-   *                   fulfill your request by drawing from the next lowest priced pool. To ensure that
-   *                   your desired capacity is met, you might receive Spot Instances from several pools. Because
-   *                   this strategy only considers instance price and not capacity availability, it
-   *                   might lead to high interruption rates.</p>
-   *             </dd>
-   *          </dl>
-   *          <p>Default: <code>lowestPrice</code>
-   *          </p>
-   * @public
-   */
-  AllocationStrategy?: AllocationStrategy | undefined;
-
-  /**
-   * <p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If
-   *             you specify <code>lowestPrice</code>, Spot Fleet uses price to determine the order, launching
-   *             the lowest price first. If you specify <code>prioritized</code>, Spot Fleet uses the priority
-   *             that you assign to each Spot Fleet launch template override, launching the highest priority
-   *             first. If you do not specify a value, Spot Fleet defaults to <code>lowestPrice</code>.</p>
-   * @public
-   */
-  OnDemandAllocationStrategy?: OnDemandAllocationStrategy | undefined;
-
-  /**
-   * <p>The strategies for managing your Spot Instances that are at an elevated risk of being
-   *             interrupted.</p>
-   * @public
-   */
-  SpotMaintenanceStrategies?: SpotMaintenanceStrategies | undefined;
-
-  /**
-   * <p>A unique, case-sensitive identifier that you provide to ensure the idempotency of your
-   *             listings. This helps to avoid duplicate listings. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
-   * @public
-   */
-  ClientToken?: string | undefined;
-
-  /**
-   * <p>Indicates whether running instances should be terminated if you decrease the
-   *             target capacity of the Spot Fleet request below the current size of the Spot Fleet.</p>
-   *          <p>Supported only for fleets of type <code>maintain</code>.</p>
-   * @public
-   */
-  ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | undefined;
-
-  /**
-   * <p>The number of units fulfilled by this request compared to the set target capacity. You
-   *             cannot set this value.</p>
-   * @public
-   */
-  FulfilledCapacity?: number | undefined;
-
-  /**
-   * <p>The number of On-Demand units fulfilled by this request compared to the set target
-   *             On-Demand capacity.</p>
-   * @public
-   */
-  OnDemandFulfilledCapacity?: number | undefined;
-
-  /**
-   * <p>The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role
-   *          that grants the Spot Fleet the permission to request, launch, terminate, and tag instances
-   *          on your behalf. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites">Spot
-   *             Fleet prerequisites</a> in the <i>Amazon EC2 User Guide</i>. Spot Fleet can
-   *          terminate Spot Instances on your behalf when you cancel its Spot Fleet request using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests">CancelSpotFleetRequests</a> or when the Spot Fleet request expires, if you set
-   *             <code>TerminateInstancesWithExpiration</code>.</p>
-   * @public
-   */
-  IamFleetRole: string | undefined;
-
-  /**
-   * <p>The launch specifications for the Spot Fleet request. If you specify
-   *                 <code>LaunchSpecifications</code>, you can't specify
-   *                 <code>LaunchTemplateConfigs</code>. If you include On-Demand capacity in your
-   *             request, you must use <code>LaunchTemplateConfigs</code>.</p>
-   *          <note>
-   *             <p>If an AMI specified in a launch specification is deregistered or disabled, no new
-   *             instances can be launched from the AMI. For fleets of type <code>maintain</code>, the
-   *             target capacity will not be maintained.</p>
-   *          </note>
-   * @public
-   */
-  LaunchSpecifications?: SpotFleetLaunchSpecification[] | undefined;
-
-  /**
-   * <p>The launch template and overrides. If you specify <code>LaunchTemplateConfigs</code>,
-   *             you can't specify <code>LaunchSpecifications</code>. If you include On-Demand capacity
-   *             in your request, you must use <code>LaunchTemplateConfigs</code>.</p>
-   * @public
-   */
-  LaunchTemplateConfigs?: LaunchTemplateConfig[] | undefined;
-
-  /**
-   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
-   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
-   *          <important>
-   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
-   *          </important>
-   * @public
-   */
-  SpotPrice?: string | undefined;
-
-  /**
-   * <p>The number of units to request for the Spot Fleet. You can choose to set the target
-   *             capacity in terms of instances or a performance characteristic that is important to your
-   *             application workload, such as vCPUs, memory, or I/O. If the request type is
-   *                 <code>maintain</code>, you can specify a target capacity of 0 and add capacity
-   *             later.</p>
-   * @public
-   */
-  TargetCapacity: number | undefined;
-
-  /**
-   * <p>The number of On-Demand units to request. You can choose to set the target capacity in
-   *             terms of instances or a performance characteristic that is important to your application
-   *             workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>,
-   *             you can specify a target capacity of 0 and add capacity later.</p>
-   * @public
-   */
-  OnDemandTargetCapacity?: number | undefined;
-
-  /**
-   * <p>The maximum amount per hour for On-Demand Instances that you're willing to pay. You
-   *             can use the <code>onDemandMaxTotalPrice</code> parameter, the
-   *                 <code>spotMaxTotalPrice</code> parameter, or both parameters to ensure that your
-   *             fleet cost does not exceed your budget. If you set a maximum price per hour for the
-   *             On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the
-   *             maximum amount you're willing to pay. When the maximum amount you're willing to pay is
-   *             reached, the fleet stops launching instances even if it hasn’t met the target
-   *             capacity.</p>
-   *          <note>
-   *             <p>If your fleet includes T instances that are configured as <code>unlimited</code>,
-   *             and if their average CPU usage exceeds the baseline utilization, you will incur a charge
-   *             for surplus credits. The <code>onDemandMaxTotalPrice</code> does not account for surplus
-   *             credits, and, if you use surplus credits, your final cost might be higher than what you
-   *             specified for <code>onDemandMaxTotalPrice</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits">Surplus credits can incur charges</a> in the
-   *                <i>Amazon EC2 User Guide</i>.</p>
-   *          </note>
-   * @public
-   */
-  OnDemandMaxTotalPrice?: string | undefined;
-
-  /**
-   * <p>The maximum amount per hour for Spot Instances that you're willing to pay. You can use
-   *          the <code>spotMaxTotalPrice</code> parameter, the <code>onDemandMaxTotalPrice</code>
-   *          parameter, or both parameters to ensure that your fleet cost does not exceed your budget.
-   *          If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will
-   *          launch instances until it reaches the maximum amount you're willing to pay. When the
-   *          maximum amount you're willing to pay is reached, the fleet stops launching instances even
-   *          if it hasn’t met the target capacity.</p>
-   *          <note>
-   *             <p>If your fleet includes T instances that are configured as <code>unlimited</code>,
-   *             and if their average CPU usage exceeds the baseline utilization, you will incur a charge
-   *             for surplus credits. The <code>spotMaxTotalPrice</code> does not account for surplus
-   *             credits, and, if you use surplus credits, your final cost might be higher than what you
-   *             specified for <code>spotMaxTotalPrice</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits">Surplus credits can incur charges</a> in the
-   *                <i>Amazon EC2 User Guide</i>.</p>
-   *          </note>
-   * @public
-   */
-  SpotMaxTotalPrice?: string | undefined;
-
-  /**
-   * <p>Indicates whether running Spot Instances are terminated when the Spot Fleet request
-   *             expires.</p>
-   * @public
-   */
-  TerminateInstancesWithExpiration?: boolean | undefined;
-
-  /**
-   * <p>The type of request. Indicates whether the Spot Fleet only requests the target
-   *             capacity or also attempts to maintain it. When this value is <code>request</code>, the
-   *             Spot Fleet only places the required requests. It does not attempt to replenish Spot
-   *             Instances if capacity is diminished, nor does it submit requests in alternative Spot
-   *             pools if capacity is not available. When this value is <code>maintain</code>, the Spot
-   *             Fleet maintains the target capacity. The Spot Fleet places the required requests to meet
-   *             capacity and automatically replenishes any interrupted instances. Default:
-   *                 <code>maintain</code>. <code>instant</code> is listed but is not used by Spot
-   *             Fleet.</p>
-   * @public
-   */
-  Type?: FleetType | undefined;
-
-  /**
-   * <p>The start date and time of the request, in UTC format
-   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
-   *             By default, Amazon EC2 starts fulfilling the request immediately.</p>
-   * @public
-   */
-  ValidFrom?: Date | undefined;
-
-  /**
-   * <p>The end date and time of the request, in UTC format
-   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
-   *             After the end date and time, no new Spot Instance requests are placed or able to fulfill
-   *             the request. If no value is specified, the Spot Fleet request remains until you cancel
-   *             it.</p>
-   * @public
-   */
-  ValidUntil?: Date | undefined;
-
-  /**
-   * <p>Indicates whether Spot Fleet should replace unhealthy instances.</p>
-   * @public
-   */
-  ReplaceUnhealthyInstances?: boolean | undefined;
-
-  /**
-   * <p>The behavior when a Spot Instance is interrupted. The default is
-   *                 <code>terminate</code>.</p>
-   * @public
-   */
-  InstanceInterruptionBehavior?: InstanceInterruptionBehavior | undefined;
-
-  /**
-   * <p>One or more Classic Load Balancers and target groups to attach to the Spot Fleet
-   *             request. Spot Fleet registers the running Spot Instances with the specified Classic Load
-   *             Balancers and target groups.</p>
-   *          <p>With Network Load Balancers, Spot Fleet cannot register instances that have the
-   *             following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2,
-   *             M3, and T1.</p>
-   * @public
-   */
-  LoadBalancersConfig?: LoadBalancersConfig | undefined;
-
-  /**
-   * <p>The number of Spot pools across which to allocate your target Spot capacity. Valid
-   *             only when Spot <b>AllocationStrategy</b> is set to
-   *                 <code>lowest-price</code>. Spot Fleet selects the cheapest Spot pools and evenly
-   *             allocates your target Spot capacity across the number of Spot pools that you
-   *             specify.</p>
-   *          <p>Note that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a
-   *             best effort basis. If a pool runs out of Spot capacity before fulfilling your target
-   *             capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest
-   *             pool. To ensure that your target capacity is met, you might receive Spot Instances from more than
-   *             the number of pools that you specified. Similarly, if most of the pools have no Spot
-   *             capacity, you might receive your full target capacity from fewer than the number of
-   *             pools that you specified.</p>
-   * @public
-   */
-  InstancePoolsToUseCount?: number | undefined;
-
-  /**
-   * <p>Reserved.</p>
-   * @public
-   */
-  Context?: string | undefined;
-
-  /**
-   * <p>The unit for the target capacity. You can specify this parameter only when
-   *          using attribute-based instance type selection.</p>
-   *          <p>Default: <code>units</code> (the number of instances)</p>
-   * @public
-   */
-  TargetCapacityUnitType?: TargetCapacityUnitType | undefined;
-
-  /**
-   * <p>The key-value pair for tagging the Spot Fleet request on creation. The value for
-   *                 <code>ResourceType</code> must be <code>spot-fleet-request</code>, otherwise the
-   *             Spot Fleet request fails. To tag instances at launch, specify the tags in the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template">launch
-   *                 template</a> (valid only if you use <code>LaunchTemplateConfigs</code>) or in
-   *             the <code>
-   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html">SpotFleetTagSpecification</a>
-   *             </code> (valid only if you use
-   *                 <code>LaunchSpecifications</code>). For information about tagging after launch, see
-   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources">Tag your resources</a>.</p>
-   * @public
-   */
-  TagSpecifications?: TagSpecification[] | undefined;
-}
-
-/**
- * <p>Describes a Spot Fleet request.</p>
- * @public
- */
-export interface SpotFleetRequestConfig {
-  /**
-   * <p>The progress of the Spot Fleet request.
-   *           If there is an error, the status is <code>error</code>.
-   *           After all requests are placed, the status is <code>pending_fulfillment</code>.
-   *           If the size of the fleet is equal to or greater than its target capacity, the status is <code>fulfilled</code>.
-   *           If the size of the fleet is decreased, the status is <code>pending_termination</code>
-   *           while Spot Instances are terminating.</p>
-   * @public
-   */
-  ActivityStatus?: ActivityStatus | undefined;
-
-  /**
-   * <p>The creation date and time of the request.</p>
-   * @public
-   */
-  CreateTime?: Date | undefined;
-
-  /**
-   * <p>The configuration of the Spot Fleet request.</p>
-   * @public
-   */
-  SpotFleetRequestConfig?: SpotFleetRequestConfigData | undefined;
-
-  /**
-   * <p>The ID of the Spot Fleet request.</p>
-   * @public
-   */
-  SpotFleetRequestId?: string | undefined;
-
-  /**
-   * <p>The state of the Spot Fleet request.</p>
-   * @public
-   */
-  SpotFleetRequestState?: BatchState | undefined;
-
-  /**
-   * <p>The tags for a Spot Fleet resource.</p>
-   * @public
-   */
-  Tags?: Tag[] | undefined;
-}
-
-/**
- * <p>Contains the output of DescribeSpotFleetRequests.</p>
- * @public
- */
-export interface DescribeSpotFleetRequestsResponse {
-  /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>Information about the configuration of your Spot Fleet.</p>
-   * @public
-   */
-  SpotFleetRequestConfigs?: SpotFleetRequestConfig[] | undefined;
-}
-
-/**
- * <p>Contains the parameters for DescribeSpotInstanceRequests.</p>
- * @public
- */
-export interface DescribeSpotInstanceRequestsRequest {
-  /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The IDs of the Spot Instance requests.</p>
-   * @public
-   */
-  SpotInstanceRequestIds?: string[] | undefined;
-
-  /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone-group</code> - The Availability Zone group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>create-time</code> - The time stamp when the Spot Instance request was
-   *                     created.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>fault-code</code> - The fault code related to the request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>fault-message</code> - The fault message related to the request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-id</code> - The ID of the instance that fulfilled the
-   *                     request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch-group</code> - The Spot Instance launch group.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.block-device-mapping.delete-on-termination</code> - Indicates
-   *                     whether the EBS volume is deleted on instance termination.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.block-device-mapping.device-name</code> - The device name for the
-   *                     volume in the block device mapping (for example, <code>/dev/sdh</code> or
-   *                         <code>xvdh</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.block-device-mapping.snapshot-id</code> - The ID of the snapshot
-   *                     for the EBS volume.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.block-device-mapping.volume-size</code> - The size of the EBS
-   *                     volume, in GiB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.block-device-mapping.volume-type</code> - The type of EBS volume:
-   *                     <code>gp2</code> or <code>gp3</code> for General Purpose SSD, <code>io1</code>
-   *                     or <code>io2</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput
-   *                     Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for
-   *                     Magnetic.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.group-id</code> - The ID of the security group for the
-   *                     instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.group-name</code> - The name of the security group for the
-   *                     instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.image-id</code> - The ID of the AMI.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.instance-type</code> - The type of instance (for example,
-   *                         <code>m3.medium</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.kernel-id</code> - The kernel ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.key-name</code> - The name of the key pair the instance launched
-   *                     with.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.monitoring-enabled</code> - Whether detailed monitoring is
-   *                     enabled for the Spot Instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launch.ramdisk-id</code> - The RAM disk ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>launched-availability-zone</code> - The Availability Zone in which the
-   *                     request is launched.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.addresses.primary</code> - Indicates whether the IP
-   *                     address is the primary private IP address.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.delete-on-termination</code> - Indicates whether the
-   *                     network interface is deleted when the instance is terminated.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.description</code> - A description of the network
-   *                     interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.device-index</code> - The index of the device for the
-   *                     network interface attachment on the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.group-id</code> - The ID of the security group
-   *                     associated with the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.network-interface-id</code> - The ID of the network
-   *                     interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.private-ip-address</code> - The primary private IP
-   *                     address of the network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface.subnet-id</code> - The ID of the subnet for the
-   *                     instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>product-description</code> - The product description associated with the
-   *                     instance (<code>Linux/UNIX</code> | <code>Windows</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>spot-instance-request-id</code> - The Spot Instance request ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>spot-price</code> - The maximum hourly price for any Spot Instance
-   *                     launched to fulfill the request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the Spot Instance request (<code>open</code>
-   *                     | <code>active</code> | <code>closed</code> | <code>cancelled</code> |
-   *                         <code>failed</code>). Spot request status information can help you track
-   *                     your Amazon EC2 Spot Instance requests. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html">Spot
-   *                         request status</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status-code</code> - The short code describing the most recent
-   *                     evaluation of your Spot Instance request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>status-message</code> - The message explaining the status of the Spot
-   *                     Instance request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>type</code> - The type of Spot Instance request (<code>one-time</code> |
-   *                         <code>persistent</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>valid-from</code> - The start date of the request.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>valid-until</code> - The end date of the request.</p>
-   *             </li>
-   *          </ul>
+  /**
+   * <p>The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're
+   *         	launching more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  PrivateIpAddresses?: PrivateIpAddressSpecification[] | undefined;
+
+  /**
+   * <p>The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're
+   *         	launching more than one instance in a <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a> request.</p>
+   * @public
+   */
+  SecondaryPrivateIpAddressCount?: number | undefined;
+
+  /**
+   * <p>The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.</p>
+   * @public
+   */
+  SubnetId?: string | undefined;
+
+  /**
+   * <p>Indicates whether to assign a carrier IP address to the network interface.</p>
+   *          <p>You can only assign a carrier IP address to a network interface that is in a subnet in
+   *             a Wavelength Zone. For more information about carrier IP addresses, see <a href="https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip">Carrier IP address</a> in the <i>Amazon Web Services Wavelength Developer
+   *                 Guide</i>.</p>
+   * @public
+   */
+  AssociateCarrierIpAddress?: boolean | undefined;
+
+  /**
+   * <p>The type of network interface.</p>
+   *          <p>If you specify <code>efa-only</code>, do not assign any IP addresses to the network
+   * 	        interface. EFA-only network interfaces do not support IP addresses.</p>
+   *          <p>Valid values: <code>interface</code> | <code>efa</code> | <code>efa-only</code>
+   *          </p>
+   * @public
+   */
+  InterfaceType?: string | undefined;
+
+  /**
+   * <p>The index of the network card. Some instance types support multiple network cards.
+   *             The primary network interface must be assigned to network card index 0.
+   *             The default is network card index 0.</p>
+   *          <p>If you are using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html">RequestSpotInstances</a> to create Spot Instances, omit this parameter because
+   *             you can’t specify the network card index when using this API. To specify the network
+   *             card index, use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a>.</p>
+   * @public
+   */
+  NetworkCardIndex?: number | undefined;
+
+  /**
+   * <p>The IPv4 delegated prefixes to be assigned to the network interface. You cannot
+   *             use this option if you use the <code>Ipv4PrefixCount</code> option.</p>
+   * @public
+   */
+  Ipv4Prefixes?: Ipv4PrefixSpecificationRequest[] | undefined;
+
+  /**
+   * <p>The number of IPv4 delegated prefixes to be automatically assigned to the network interface.
+   *             You cannot use this option if you use the <code>Ipv4Prefix</code> option.</p>
+   * @public
+   */
+  Ipv4PrefixCount?: number | undefined;
+
+  /**
+   * <p>The IPv6 delegated prefixes to be assigned to the network interface. You cannot
+   *             use this option if you use the <code>Ipv6PrefixCount</code> option.</p>
+   * @public
+   */
+  Ipv6Prefixes?: Ipv6PrefixSpecificationRequest[] | undefined;
+
+  /**
+   * <p>The number of IPv6 delegated prefixes to be automatically assigned to the network interface.
+   *             You cannot use this option if you use the <code>Ipv6Prefix</code> option.</p>
+   * @public
+   */
+  Ipv6PrefixCount?: number | undefined;
+
+  /**
+   * <p>The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html">RunInstances</a>.</p>
+   * @public
+   */
+  PrimaryIpv6?: boolean | undefined;
+
+  /**
+   * <p>Specifies the ENA Express settings for the network interface that's attached to
+   * 			the instance.</p>
+   * @public
+   */
+  EnaSrdSpecification?: EnaSrdSpecificationRequest | undefined;
+
+  /**
+   * <p>A security group connection tracking specification that enables you to set the timeout for connection tracking on an Elastic network interface. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts">Connection tracking timeouts</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * @public
+   */
+  ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined;
 }
 
 /**
- * <p>Describes the monitoring of an instance.</p>
+ * <p>Describes Spot Instance placement.</p>
  * @public
  */
-export interface RunInstancesMonitoringEnabled {
+export interface SpotPlacement {
   /**
-   * <p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is
-   *             enabled.</p>
+   * <p>The Availability Zone.</p>
+   *          <p>[Spot Fleet only] To specify multiple Availability Zones, separate them using commas;
+   *             for example, "us-west-2a, us-west-2b".</p>
    * @public
    */
-  Enabled: boolean | undefined;
+  AvailabilityZone?: string | undefined;
+
+  /**
+   * <p>The name of the placement group.</p>
+   * @public
+   */
+  GroupName?: string | undefined;
+
+  /**
+   * <p>The tenancy of the instance (if the instance is running in a VPC). An instance with a
+   *             tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code>
+   *             tenancy is not supported for Spot Instances.</p>
+   * @public
+   */
+  Tenancy?: Tenancy | undefined;
 }
 
 /**
- * <p>Describes the launch specification for an instance.</p>
+ * <p>The tags for a Spot Fleet resource.</p>
  * @public
  */
-export interface LaunchSpecification {
+export interface SpotFleetTagSpecification {
   /**
-   * <p>The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.</p>
+   * <p>The type of resource. Currently, the only resource type that is supported is
+   *                 <code>instance</code>. To tag the Spot Fleet request on creation, use the
+   *                 <code>TagSpecifications</code> parameter in <code>
+   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html">SpotFleetRequestConfigData</a>
+   *             </code>.</p>
    * @public
    */
-  UserData?: string | undefined;
+  ResourceType?: ResourceType | undefined;
+
+  /**
+   * <p>The tags.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
+}
 
+/**
+ * <p>Describes the launch specification for one or more Spot Instances. If you include
+ *           On-Demand capacity in your fleet request or want to specify an EFA network device, you
+ *           can't use <code>SpotFleetLaunchSpecification</code>; you must use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html">LaunchTemplateConfig</a>.</p>
+ * @public
+ */
+export interface SpotFleetLaunchSpecification {
   /**
    * <p>Deprecated.</p>
    * @public
@@ -1724,13 +1047,16 @@ export interface LaunchSpecification {
   AddressingType?: string | undefined;
 
   /**
-   * <p>The block device mapping entries.</p>
+   * <p>One or more block devices that are mapped to the Spot Instances. You can't specify both
+   *             a snapshot ID and an encryption value. This is because only blank volumes can be
+   *             encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its
+   *             encryption status is used for the volume encryption status.</p>
    * @public
    */
   BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
 
   /**
-   * <p>Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>
+   * <p>Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>
    *          <p>Default: <code>false</code>
    *          </p>
    * @public
@@ -1750,7 +1076,7 @@ export interface LaunchSpecification {
   ImageId?: string | undefined;
 
   /**
-   * <p>The instance type. Only one instance type can be specified.</p>
+   * <p>The instance type.</p>
    * @public
    */
   InstanceType?: _InstanceType | undefined;
@@ -1768,591 +1094,749 @@ export interface LaunchSpecification {
   KeyName?: string | undefined;
 
   /**
-   * <p>The network interfaces. If you specify a network interface, you must specify
-   *            subnet IDs and security group IDs using the network interface.</p>
+   * <p>Enable or disable monitoring for the instances.</p>
+   * @public
+   */
+  Monitoring?: SpotFleetMonitoring | undefined;
+
+  /**
+   * <p>The network interfaces.</p>
+   *          <note>
+   *             <p>
+   *                <code>SpotFleetLaunchSpecification</code> does not support Elastic Fabric Adapter (EFA).
+   *              You must use <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html">LaunchTemplateConfig</a> instead.</p>
+   *          </note>
    * @public
    */
   NetworkInterfaces?: InstanceNetworkInterfaceSpecification[] | undefined;
 
   /**
-   * <p>The placement information for the instance.</p>
+   * <p>The placement information.</p>
    * @public
    */
   Placement?: SpotPlacement | undefined;
 
   /**
-   * <p>The ID of the RAM disk.</p>
+   * <p>The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel
+   *           requirements for information about whether you need to specify a RAM disk. To find kernel
+   *           requirements, refer to the Amazon Web Services Resource Center and search for the kernel ID.</p>
    * @public
    */
   RamdiskId?: string | undefined;
 
   /**
-   * <p>The ID of the subnet in which to launch the instance.</p>
+   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to
+   *           increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+   *          <important>
+   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+   *          </important>
    * @public
    */
-  SubnetId?: string | undefined;
+  SpotPrice?: string | undefined;
 
   /**
-   * <p>The IDs of the security groups.</p>
+   * <p>The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate
+   *          them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".</p>
+   *          <p>If you specify a network interface, you must specify any subnets as part of the
+   *          network interface instead of using this parameter.</p>
    * @public
    */
-  SecurityGroups?: GroupIdentifier[] | undefined;
+  SubnetId?: string | undefined;
 
   /**
-   * <p>Describes the monitoring of an instance.</p>
+   * <p>The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.</p>
    * @public
    */
-  Monitoring?: RunInstancesMonitoringEnabled | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const SpotInstanceState = {
-  active: "active",
-  cancelled: "cancelled",
-  closed: "closed",
-  disabled: "disabled",
-  failed: "failed",
-  open: "open",
-} as const;
+  UserData?: string | undefined;
 
-/**
- * @public
- */
-export type SpotInstanceState = (typeof SpotInstanceState)[keyof typeof SpotInstanceState];
+  /**
+   * <p>The number of units provided by the specified instance type. These are the same units
+   *         that you chose to set the target capacity in terms of instances, or a performance
+   *         characteristic such as vCPUs, memory, or I/O.</p>
+   *          <p>If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the
+   *         number of instances to the next whole number. If this value is not specified, the default
+   *         is 1.</p>
+   *          <note>
+   *             <p>When specifying weights, the price used in the <code>lowestPrice</code> and
+   *            <code>priceCapacityOptimized</code> allocation strategies is per
+   *            <i>unit</i> hour (where the instance price is divided by the specified
+   *            weight). However, if all the specified weights are above the requested
+   *            <code>TargetCapacity</code>, resulting in only 1 instance being launched, the price
+   *            used is per <i>instance</i> hour.</p>
+   *          </note>
+   * @public
+   */
+  WeightedCapacity?: number | undefined;
 
-/**
- * <p>Describes the status of a Spot Instance request.</p>
- * @public
- */
-export interface SpotInstanceStatus {
   /**
-   * <p>The status code. For a list of status codes, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html#spot-instance-request-status-understand">Spot request status codes</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The tags to apply during creation.</p>
    * @public
    */
-  Code?: string | undefined;
+  TagSpecifications?: SpotFleetTagSpecification[] | undefined;
 
   /**
-   * <p>The description for the status code.</p>
+   * <p>The attributes for the instance types. When you specify instance attributes, Amazon EC2 will
+   *          identify instance types with those attributes.</p>
+   *          <note>
+   *             <p>If you specify <code>InstanceRequirements</code>, you can't specify
+   *             <code>InstanceType</code>.</p>
+   *          </note>
    * @public
    */
-  Message?: string | undefined;
+  InstanceRequirements?: InstanceRequirements | undefined;
 
   /**
-   * <p>The date and time of the most recent status update, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>The security groups.</p>
+   *          <p>If you specify a network interface, you must specify any security groups as part of
+   *         the network interface instead of using this parameter.</p>
    * @public
    */
-  UpdateTime?: Date | undefined;
+  SecurityGroups?: GroupIdentifier[] | undefined;
 }
 
 /**
- * <p>Describes a Spot Instance request.</p>
+ * <p>Describes overrides for a launch template.</p>
  * @public
  */
-export interface SpotInstanceRequest {
+export interface LaunchTemplateOverrides {
   /**
-   * <p>Deprecated.</p>
+   * <p>The instance type.</p>
    * @public
    */
-  ActualBlockHourlyPrice?: string | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>The Availability Zone group. If you specify the same Availability Zone group for all Spot Instance requests, all Spot Instances are launched in the same Availability Zone.</p>
+   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to
+   *          increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+   *          <important>
+   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+   *          </important>
    * @public
    */
-  AvailabilityZoneGroup?: string | undefined;
+  SpotPrice?: string | undefined;
 
   /**
-   * <p>Deprecated.</p>
+   * <p>The ID of the subnet in which to launch the instances.</p>
    * @public
    */
-  BlockDurationMinutes?: number | undefined;
+  SubnetId?: string | undefined;
 
   /**
-   * <p>The date and time when the Spot Instance request was created, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>The Availability Zone in which to launch the instances.</p>
    * @public
    */
-  CreateTime?: Date | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The fault codes for the Spot Instance request, if any.</p>
+   * <p>The number of units provided by the specified instance type. These are the same units
+   *          that you chose to set the target capacity in terms of instances, or a performance
+   *          characteristic such as vCPUs, memory, or I/O.</p>
+   *          <p>If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the
+   *          number of instances to the next whole number. If this value is not specified, the default
+   *          is 1.</p>
+   *          <note>
+   *             <p>When specifying weights, the price used in the <code>lowestPrice</code> and
+   *             <code>priceCapacityOptimized</code> allocation strategies is per
+   *             <i>unit</i> hour (where the instance price is divided by the specified
+   *             weight). However, if all the specified weights are above the requested
+   *             <code>TargetCapacity</code>, resulting in only 1 instance being launched, the price
+   *             used is per <i>instance</i> hour.</p>
+   *          </note>
    * @public
    */
-  Fault?: SpotInstanceStateFault | undefined;
+  WeightedCapacity?: number | undefined;
 
   /**
-   * <p>The instance ID, if an instance has been launched to fulfill the Spot Instance request.</p>
+   * <p>The priority for the launch template override. The highest priority is launched
+   *          first.</p>
+   *          <p>If <code>OnDemandAllocationStrategy</code> is set to <code>prioritized</code>, Spot Fleet
+   *          uses priority to determine which launch template override to use first in fulfilling
+   *          On-Demand capacity.</p>
+   *          <p>If the Spot <code>AllocationStrategy</code> is set to
+   *          <code>capacityOptimizedPrioritized</code>, Spot Fleet uses priority on a best-effort basis
+   *          to determine which launch template override to use in fulfilling Spot capacity, but
+   *          optimizes for capacity first.</p>
+   *          <p>Valid values are whole numbers starting at <code>0</code>. The lower the number, the
+   *          higher the priority. If no number is set, the launch template override has the lowest
+   *          priority. You can set the same priority for different launch template overrides.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  Priority?: number | undefined;
 
   /**
-   * <p>The instance launch group. Launch groups are Spot Instances that launch together and terminate together.</p>
+   * <p>The instance requirements. When you specify instance requirements, Amazon EC2 will identify
+   *          instance types with the provided requirements, and then use your On-Demand and Spot
+   *          allocation strategies to launch instances from these instance types, in the same way as
+   *          when you specify a list of instance types.</p>
+   *          <note>
+   *             <p>If you specify <code>InstanceRequirements</code>, you can't specify
+   *             <code>InstanceType</code>.</p>
+   *          </note>
    * @public
    */
-  LaunchGroup?: string | undefined;
+  InstanceRequirements?: InstanceRequirements | undefined;
+}
 
+/**
+ * <p>Describes a launch template and overrides.</p>
+ * @public
+ */
+export interface LaunchTemplateConfig {
   /**
-   * <p>Additional information for launching instances.</p>
+   * <p>The launch template to use. Make sure that the launch template does not contain the
+   *             <code>NetworkInterfaceId</code> parameter because you can't specify a network interface
+   *          ID in a Spot Fleet.</p>
    * @public
    */
-  LaunchSpecification?: LaunchSpecification | undefined;
+  LaunchTemplateSpecification?: FleetLaunchTemplateSpecification | undefined;
 
   /**
-   * <p>The Availability Zone in which the request is launched.</p>
+   * <p>Any parameters that you specify override the same parameters in the launch
+   *          template.</p>
    * @public
    */
-  LaunchedAvailabilityZone?: string | undefined;
+  Overrides?: LaunchTemplateOverrides[] | undefined;
+}
 
+/**
+ * <p>Describes a Classic Load Balancer.</p>
+ * @public
+ */
+export interface ClassicLoadBalancer {
   /**
-   * <p>The product description associated with the Spot Instance.</p>
+   * <p>The name of the load balancer.</p>
    * @public
    */
-  ProductDescription?: RIProductDescription | undefined;
+  Name?: string | undefined;
+}
 
+/**
+ * <p>Describes the Classic Load Balancers to attach to a Spot Fleet. Spot Fleet registers
+ *             the running Spot Instances with these Classic Load Balancers.</p>
+ * @public
+ */
+export interface ClassicLoadBalancersConfig {
   /**
-   * <p>The ID of the Spot Instance request.</p>
+   * <p>One or more Classic Load Balancers.</p>
    * @public
    */
-  SpotInstanceRequestId?: string | undefined;
+  ClassicLoadBalancers?: ClassicLoadBalancer[] | undefined;
+}
 
+/**
+ * <p>Describes a load balancer target group.</p>
+ * @public
+ */
+export interface TargetGroup {
   /**
-   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
-   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
-   *          <important>
-   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
-   *          </important>
+   * <p>The Amazon Resource Name (ARN) of the target group.</p>
    * @public
    */
-  SpotPrice?: string | undefined;
+  Arn?: string | undefined;
+}
 
+/**
+ * <p>Describes the target groups to attach to a Spot Fleet. Spot Fleet registers the
+ *             running Spot Instances with these target groups.</p>
+ * @public
+ */
+export interface TargetGroupsConfig {
   /**
-   * <p>The state of the Spot Instance request. Spot request status information helps track your Spot
-   *             Instance requests. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html">Spot request status</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
+   * <p>One or more target groups.</p>
    * @public
    */
-  State?: SpotInstanceState | undefined;
+  TargetGroups?: TargetGroup[] | undefined;
+}
 
+/**
+ * <p>Describes the Classic Load Balancers and target groups to attach to a Spot Fleet
+ *             request.</p>
+ * @public
+ */
+export interface LoadBalancersConfig {
   /**
-   * <p>The status code and status message describing the Spot Instance request.</p>
+   * <p>The Classic Load Balancers.</p>
    * @public
    */
-  Status?: SpotInstanceStatus | undefined;
+  ClassicLoadBalancersConfig?: ClassicLoadBalancersConfig | undefined;
 
   /**
-   * <p>Any tags assigned to the resource.</p>
+   * <p>The target groups.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  TargetGroupsConfig?: TargetGroupsConfig | undefined;
+}
 
-  /**
-   * <p>The Spot Instance request type.</p>
-   * @public
-   */
-  Type?: SpotInstanceType | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const OnDemandAllocationStrategy = {
+  LOWEST_PRICE: "lowestPrice",
+  PRIORITIZED: "prioritized",
+} as const;
 
-  /**
-   * <p>The start date of the request, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
-   *             The request becomes active at this date and time.</p>
-   * @public
-   */
-  ValidFrom?: Date | undefined;
+/**
+ * @public
+ */
+export type OnDemandAllocationStrategy = (typeof OnDemandAllocationStrategy)[keyof typeof OnDemandAllocationStrategy];
+
+/**
+ * @public
+ * @enum
+ */
+export const ReplacementStrategy = {
+  LAUNCH: "launch",
+  LAUNCH_BEFORE_TERMINATE: "launch-before-terminate",
+} as const;
+
+/**
+ * @public
+ */
+export type ReplacementStrategy = (typeof ReplacementStrategy)[keyof typeof ReplacementStrategy];
 
+/**
+ * <p>The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your
+ *             Spot Instance is at an elevated risk of being interrupted. For more information, see
+ *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html">Capacity
+ *                 rebalancing</a> in the <i>Amazon EC2 User Guide</i>.</p>
+ * @public
+ */
+export interface SpotCapacityRebalance {
   /**
-   * <p>The end date of the request, in UTC format
-   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
-   *          <ul>
-   *             <li>
-   *                <p>For a persistent request, the request remains active until the <code>validUntil</code> date
-   *                     and time is reached. Otherwise, the request remains active until you cancel it.
-   *                 </p>
-   *             </li>
-   *             <li>
-   *                <p>For a one-time request, the request remains active until all instances launch,
-   *                     the request is canceled, or the <code>validUntil</code> date and time is reached. By default, the
-   *                     request is valid for 7 days from the date the request was created.</p>
-   *             </li>
-   *          </ul>
+   * <p>The replacement strategy to use. Only available for fleets of type
+   *             <code>maintain</code>.</p>
+   *          <p>
+   *             <code>launch</code> - Spot Fleet launches a new replacement Spot Instance when a
+   *             rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet
+   *             does not terminate the instances that receive a rebalance notification. You can
+   *             terminate the old instances, or you can leave them running. You are charged for all
+   *             instances while they are running. </p>
+   *          <p>
+   *             <code>launch-before-terminate</code> - Spot Fleet launches a new replacement Spot
+   *             Instance when a rebalance notification is emitted for an existing Spot Instance in the
+   *             fleet, and then, after a delay that you specify (in <code>TerminationDelay</code>),
+   *             terminates the instances that received a rebalance notification.</p>
    * @public
    */
-  ValidUntil?: Date | undefined;
+  ReplacementStrategy?: ReplacementStrategy | undefined;
 
   /**
-   * <p>The behavior when a Spot Instance is interrupted.</p>
+   * <p>The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot
+   *             Instance after launching a new replacement Spot Instance.</p>
+   *          <p>Required when <code>ReplacementStrategy</code> is set to <code>launch-before-terminate</code>.</p>
+   *          <p>Not valid when <code>ReplacementStrategy</code> is set to <code>launch</code>.</p>
+   *          <p>Valid values: Minimum value of <code>120</code> seconds. Maximum value of <code>7200</code> seconds.</p>
    * @public
    */
-  InstanceInterruptionBehavior?: InstanceInterruptionBehavior | undefined;
+  TerminationDelay?: number | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeSpotInstanceRequests.</p>
+ * <p>The strategies for managing your Spot Instances that are at an elevated risk of being
+ *             interrupted.</p>
  * @public
  */
-export interface DescribeSpotInstanceRequestsResult {
-  /**
-   * <p>The Spot Instance requests.</p>
-   * @public
-   */
-  SpotInstanceRequests?: SpotInstanceRequest[] | undefined;
-
+export interface SpotMaintenanceStrategies {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your
+   *             Spot Instance is at an elevated risk of being interrupted. For more information, see
+   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html">Capacity
+   *                 rebalancing</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  CapacityRebalance?: SpotCapacityRebalance | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeSpotPriceHistory.</p>
+ * <p>Describes the configuration of a Spot Fleet request.</p>
  * @public
  */
-export interface DescribeSpotPriceHistoryRequest {
+export interface SpotFleetRequestConfigData {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *             <code>UnauthorizedOperation</code>.</p>
+   * <p>The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance
+   *             pools specified by the Spot Fleet launch configuration. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html">Allocation
+   *                 strategies for Spot Instances</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *          <dl>
+   *             <dt>priceCapacityOptimized (recommended)</dt>
+   *             <dd>
+   *                <p>Spot Fleet identifies the pools with
+   *                    the highest capacity availability for the number of instances that are launching. This means
+   *                    that we will request Spot Instances from the pools that we believe have the lowest chance of interruption
+   *                    in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.</p>
+   *             </dd>
+   *             <dt>capacityOptimized</dt>
+   *             <dd>
+   *                <p>Spot Fleet identifies the pools with
+   *                    the highest capacity availability for the number of instances that are launching. This means
+   *                    that we will request Spot Instances from the pools that we believe have the lowest chance of interruption
+   *                    in the near term. To give certain
+   *           instance types a higher chance of launching first, use
+   *           <code>capacityOptimizedPrioritized</code>. Set a priority for each instance type by
+   *           using the <code>Priority</code> parameter for <code>LaunchTemplateOverrides</code>. You can
+   *           assign the same priority to different <code>LaunchTemplateOverrides</code>. EC2 implements
+   *           the priorities on a best-effort basis, but optimizes for capacity first.
+   *           <code>capacityOptimizedPrioritized</code> is supported only if your Spot Fleet uses a
+   *           launch template. Note that if the <code>OnDemandAllocationStrategy</code> is set to
+   *           <code>prioritized</code>, the same priority is applied when fulfilling On-Demand
+   *           capacity.</p>
+   *             </dd>
+   *             <dt>diversified</dt>
+   *             <dd>
+   *                <p>Spot Fleet requests instances from all of the Spot Instance pools that you
+   *           specify.</p>
+   *             </dd>
+   *             <dt>lowestPrice (not recommended)</dt>
+   *             <dd>
+   *                <important>
+   *                   <p>We don't recommend the <code>lowestPrice</code> allocation strategy because
+   *                      it has the highest risk of interruption for your Spot Instances.</p>
+   *                </important>
+   *                <p>Spot Fleet requests instances from the lowest priced Spot Instance pool that has available
+   *                   capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances
+   *                   come from the next lowest priced pool that has available capacity. If a pool runs
+   *                   out of capacity before fulfilling your desired capacity, Spot Fleet will continue to
+   *                   fulfill your request by drawing from the next lowest priced pool. To ensure that
+   *                   your desired capacity is met, you might receive Spot Instances from several pools. Because
+   *                   this strategy only considers instance price and not capacity availability, it
+   *                   might lead to high interruption rates.</p>
+   *             </dd>
+   *          </dl>
+   *          <p>Default: <code>lowestPrice</code>
+   *          </p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  AllocationStrategy?: AllocationStrategy | undefined;
 
   /**
-   * <p>The date and time, up to the past 90 days, from which to start retrieving the price
-   *             history data, in UTC format (for example,
-   *             <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If
+   *             you specify <code>lowestPrice</code>, Spot Fleet uses price to determine the order, launching
+   *             the lowest price first. If you specify <code>prioritized</code>, Spot Fleet uses the priority
+   *             that you assign to each Spot Fleet launch template override, launching the highest priority
+   *             first. If you do not specify a value, Spot Fleet defaults to <code>lowestPrice</code>.</p>
    * @public
    */
-  StartTime?: Date | undefined;
+  OnDemandAllocationStrategy?: OnDemandAllocationStrategy | undefined;
 
   /**
-   * <p>The date and time, up to the current date, from which to stop retrieving the price
-   *             history data, in UTC format (for example,
-   *             <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>The strategies for managing your Spot Instances that are at an elevated risk of being
+   *             interrupted.</p>
    * @public
    */
-  EndTime?: Date | undefined;
+  SpotMaintenanceStrategies?: SpotMaintenanceStrategies | undefined;
 
   /**
-   * <p>Filters the results by the specified instance types.</p>
+   * <p>A unique, case-sensitive identifier that you provide to ensure the idempotency of your
+   *             listings. This helps to avoid duplicate listings. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
    * @public
    */
-  InstanceTypes?: _InstanceType[] | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>Filters the results by the specified basic product descriptions.</p>
+   * <p>Indicates whether running instances should be terminated if you decrease the
+   *             target capacity of the Spot Fleet request below the current size of the Spot Fleet.</p>
+   *          <p>Supported only for fleets of type <code>maintain</code>.</p>
    * @public
    */
-  ProductDescriptions?: string[] | undefined;
+  ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone for which prices should
-   *                     be returned.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>instance-type</code> - The type of instance (for example,
-   *                     <code>m3.medium</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>product-description</code> - The product description for the Spot price
-   *                     (<code>Linux/UNIX</code> | <code>Red Hat Enterprise Linux</code> |
-   *                     <code>SUSE Linux</code> | <code>Windows</code> | <code>Linux/UNIX (Amazon
-   *                         VPC)</code> | <code>Red Hat Enterprise Linux (Amazon VPC)</code> |
-   *                     <code>SUSE Linux (Amazon VPC)</code> | <code>Windows (Amazon
-   *                         VPC)</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>spot-price</code> - The Spot price. The value must match exactly (or use
-   *                     wildcards; greater than or less than comparison is not supported).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>timestamp</code> - The time stamp of the Spot price history, in UTC format
-   *                     (for example, <i>ddd MMM dd
-   *                         HH</i>:<i>mm</i>:<i>ss</i> UTC
-   *                         <i>YYYY</i>). You can use wildcards (<code>*</code> and
-   *                         <code>?</code>). Greater than or less than comparison is not
-   *                     supported.</p>
-   *             </li>
-   *          </ul>
+   * <p>The number of units fulfilled by this request compared to the set target capacity. You
+   *             cannot set this value.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  FulfilledCapacity?: number | undefined;
 
   /**
-   * <p>Filters the results by the specified Availability Zone.</p>
+   * <p>The number of On-Demand units fulfilled by this request compared to the set target
+   *             On-Demand capacity.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  OnDemandFulfilledCapacity?: number | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role
+   *          that grants the Spot Fleet the permission to request, launch, terminate, and tag instances
+   *          on your behalf. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites">Spot
+   *             Fleet prerequisites</a> in the <i>Amazon EC2 User Guide</i>. Spot Fleet can
+   *          terminate Spot Instances on your behalf when you cancel its Spot Fleet request using <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests">CancelSpotFleetRequests</a> or when the Spot Fleet request expires, if you set
+   *             <code>TerminateInstancesWithExpiration</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  IamFleetRole: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The launch specifications for the Spot Fleet request. If you specify
+   *                 <code>LaunchSpecifications</code>, you can't specify
+   *                 <code>LaunchTemplateConfigs</code>. If you include On-Demand capacity in your
+   *             request, you must use <code>LaunchTemplateConfigs</code>.</p>
+   *          <note>
+   *             <p>If an AMI specified in a launch specification is deregistered or disabled, no new
+   *             instances can be launched from the AMI. For fleets of type <code>maintain</code>, the
+   *             target capacity will not be maintained.</p>
+   *          </note>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  LaunchSpecifications?: SpotFleetLaunchSpecification[] | undefined;
 
-/**
- * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
- *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
- *          <important>
- *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
- *          </important>
- * @public
- */
-export interface SpotPrice {
   /**
-   * <p>The Availability Zone.</p>
+   * <p>The launch template and overrides. If you specify <code>LaunchTemplateConfigs</code>,
+   *             you can't specify <code>LaunchSpecifications</code>. If you include On-Demand capacity
+   *             in your request, you must use <code>LaunchTemplateConfigs</code>.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  LaunchTemplateConfigs?: LaunchTemplateConfig[] | undefined;
 
   /**
-   * <p>The instance type.</p>
+   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
+   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+   *          <important>
+   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+   *          </important>
    * @public
    */
-  InstanceType?: _InstanceType | undefined;
+  SpotPrice?: string | undefined;
 
   /**
-   * <p>A general description of the AMI.</p>
+   * <p>The number of units to request for the Spot Fleet. You can choose to set the target
+   *             capacity in terms of instances or a performance characteristic that is important to your
+   *             application workload, such as vCPUs, memory, or I/O. If the request type is
+   *                 <code>maintain</code>, you can specify a target capacity of 0 and add capacity
+   *             later.</p>
    * @public
    */
-  ProductDescription?: RIProductDescription | undefined;
+  TargetCapacity: number | undefined;
 
   /**
-   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
-   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
-   *          <important>
-   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
-   *          </important>
+   * <p>The number of On-Demand units to request. You can choose to set the target capacity in
+   *             terms of instances or a performance characteristic that is important to your application
+   *             workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>,
+   *             you can specify a target capacity of 0 and add capacity later.</p>
    * @public
    */
-  SpotPrice?: string | undefined;
+  OnDemandTargetCapacity?: number | undefined;
 
   /**
-   * <p>The date and time the request was created, in UTC format (for example,
-   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * <p>The maximum amount per hour for On-Demand Instances that you're willing to pay. You
+   *             can use the <code>onDemandMaxTotalPrice</code> parameter, the
+   *                 <code>spotMaxTotalPrice</code> parameter, or both parameters to ensure that your
+   *             fleet cost does not exceed your budget. If you set a maximum price per hour for the
+   *             On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the
+   *             maximum amount you're willing to pay. When the maximum amount you're willing to pay is
+   *             reached, the fleet stops launching instances even if it hasn’t met the target
+   *             capacity.</p>
+   *          <note>
+   *             <p>If your fleet includes T instances that are configured as <code>unlimited</code>,
+   *             and if their average CPU usage exceeds the baseline utilization, you will incur a charge
+   *             for surplus credits. The <code>onDemandMaxTotalPrice</code> does not account for surplus
+   *             credits, and, if you use surplus credits, your final cost might be higher than what you
+   *             specified for <code>onDemandMaxTotalPrice</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits">Surplus credits can incur charges</a> in the
+   *                <i>Amazon EC2 User Guide</i>.</p>
+   *          </note>
    * @public
    */
-  Timestamp?: Date | undefined;
-}
+  OnDemandMaxTotalPrice?: string | undefined;
 
-/**
- * <p>Contains the output of DescribeSpotPriceHistory.</p>
- * @public
- */
-export interface DescribeSpotPriceHistoryResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is
-   *             an empty string (<code>""</code>) or <code>null</code> when there are no more items to return.</p>
+   * <p>The maximum amount per hour for Spot Instances that you're willing to pay. You can use
+   *          the <code>spotMaxTotalPrice</code> parameter, the <code>onDemandMaxTotalPrice</code>
+   *          parameter, or both parameters to ensure that your fleet cost does not exceed your budget.
+   *          If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will
+   *          launch instances until it reaches the maximum amount you're willing to pay. When the
+   *          maximum amount you're willing to pay is reached, the fleet stops launching instances even
+   *          if it hasn’t met the target capacity.</p>
+   *          <note>
+   *             <p>If your fleet includes T instances that are configured as <code>unlimited</code>,
+   *             and if their average CPU usage exceeds the baseline utilization, you will incur a charge
+   *             for surplus credits. The <code>spotMaxTotalPrice</code> does not account for surplus
+   *             credits, and, if you use surplus credits, your final cost might be higher than what you
+   *             specified for <code>spotMaxTotalPrice</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits">Surplus credits can incur charges</a> in the
+   *                <i>Amazon EC2 User Guide</i>.</p>
+   *          </note>
    * @public
    */
-  NextToken?: string | undefined;
+  SpotMaxTotalPrice?: string | undefined;
 
   /**
-   * <p>The historical Spot prices.</p>
+   * <p>Indicates whether running Spot Instances are terminated when the Spot Fleet request
+   *             expires.</p>
    * @public
    */
-  SpotPriceHistory?: SpotPrice[] | undefined;
-}
+  TerminateInstancesWithExpiration?: boolean | undefined;
 
-/**
- * @public
- */
-export interface DescribeStaleSecurityGroupsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The type of request. Indicates whether the Spot Fleet only requests the target
+   *             capacity or also attempts to maintain it. When this value is <code>request</code>, the
+   *             Spot Fleet only places the required requests. It does not attempt to replenish Spot
+   *             Instances if capacity is diminished, nor does it submit requests in alternative Spot
+   *             pools if capacity is not available. When this value is <code>maintain</code>, the Spot
+   *             Fleet maintains the target capacity. The Spot Fleet places the required requests to meet
+   *             capacity and automatically replenishes any interrupted instances. Default:
+   *                 <code>maintain</code>. <code>instant</code> is listed but is not used by Spot
+   *             Fleet.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Type?: FleetType | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of items,
-   *           make another request with the token returned in the output. For more information,
-   *           see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The start date and time of the request, in UTC format
+   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
+   *             By default, Amazon EC2 starts fulfilling the request immediately.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ValidFrom?: Date | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The end date and time of the request, in UTC format
+   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
+   *             After the end date and time, no new Spot Instance requests are placed or able to fulfill
+   *             the request. If no value is specified, the Spot Fleet request remains until you cancel
+   *             it.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ValidUntil?: Date | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>Indicates whether Spot Fleet should replace unhealthy instances.</p>
    * @public
    */
-  VpcId: string | undefined;
-}
+  ReplaceUnhealthyInstances?: boolean | undefined;
 
-/**
- * <p>Describes a stale rule in a security group.</p>
- * @public
- */
-export interface StaleIpPermission {
   /**
-   * <p>If the protocol is TCP or UDP, this is the start of the port range.
-   *           If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).</p>
+   * <p>The behavior when a Spot Instance is interrupted. The default is
+   *                 <code>terminate</code>.</p>
    * @public
    */
-  FromPort?: number | undefined;
+  InstanceInterruptionBehavior?: InstanceInterruptionBehavior | undefined;
 
   /**
-   * <p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>, <code>icmpv6</code>) or number
-   *           (see <a href="http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml">Protocol Numbers)</a>.</p>
+   * <p>One or more Classic Load Balancers and target groups to attach to the Spot Fleet
+   *             request. Spot Fleet registers the running Spot Instances with the specified Classic Load
+   *             Balancers and target groups.</p>
+   *          <p>With Network Load Balancers, Spot Fleet cannot register instances that have the
+   *             following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2,
+   *             M3, and T1.</p>
    * @public
    */
-  IpProtocol?: string | undefined;
+  LoadBalancersConfig?: LoadBalancersConfig | undefined;
 
   /**
-   * <p>The IP ranges. Not applicable for stale security group rules.</p>
+   * <p>The number of Spot pools across which to allocate your target Spot capacity. Valid
+   *             only when Spot <b>AllocationStrategy</b> is set to
+   *                 <code>lowest-price</code>. Spot Fleet selects the cheapest Spot pools and evenly
+   *             allocates your target Spot capacity across the number of Spot pools that you
+   *             specify.</p>
+   *          <p>Note that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a
+   *             best effort basis. If a pool runs out of Spot capacity before fulfilling your target
+   *             capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest
+   *             pool. To ensure that your target capacity is met, you might receive Spot Instances from more than
+   *             the number of pools that you specified. Similarly, if most of the pools have no Spot
+   *             capacity, you might receive your full target capacity from fewer than the number of
+   *             pools that you specified.</p>
    * @public
    */
-  IpRanges?: string[] | undefined;
+  InstancePoolsToUseCount?: number | undefined;
 
   /**
-   * <p>The prefix list IDs. Not applicable for stale security group rules.</p>
+   * <p>Reserved.</p>
    * @public
    */
-  PrefixListIds?: string[] | undefined;
+  Context?: string | undefined;
 
   /**
-   * <p>If the protocol is TCP or UDP, this is the end of the port range.
-   *           If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes).</p>
+   * <p>The unit for the target capacity. You can specify this parameter only when
+   *          using attribute-based instance type selection.</p>
+   *          <p>Default: <code>units</code> (the number of instances)</p>
    * @public
    */
-  ToPort?: number | undefined;
+  TargetCapacityUnitType?: TargetCapacityUnitType | undefined;
 
   /**
-   * <p>The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.</p>
+   * <p>The key-value pair for tagging the Spot Fleet request on creation. The value for
+   *                 <code>ResourceType</code> must be <code>spot-fleet-request</code>, otherwise the
+   *             Spot Fleet request fails. To tag instances at launch, specify the tags in the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template">launch
+   *                 template</a> (valid only if you use <code>LaunchTemplateConfigs</code>) or in
+   *             the <code>
+   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html">SpotFleetTagSpecification</a>
+   *             </code> (valid only if you use
+   *                 <code>LaunchSpecifications</code>). For information about tagging after launch, see
+   *                 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources">Tag your resources</a>.</p>
    * @public
    */
-  UserIdGroupPairs?: UserIdGroupPair[] | undefined;
+  TagSpecifications?: TagSpecification[] | undefined;
 }
 
 /**
- * <p>Describes a stale security group (a security group that contains stale rules).</p>
+ * <p>Describes a Spot Fleet request.</p>
  * @public
  */
-export interface StaleSecurityGroup {
+export interface SpotFleetRequestConfig {
   /**
-   * <p>The description of the security group.</p>
+   * <p>The progress of the Spot Fleet request.
+   *           If there is an error, the status is <code>error</code>.
+   *           After all requests are placed, the status is <code>pending_fulfillment</code>.
+   *           If the size of the fleet is equal to or greater than its target capacity, the status is <code>fulfilled</code>.
+   *           If the size of the fleet is decreased, the status is <code>pending_termination</code>
+   *           while Spot Instances are terminating.</p>
    * @public
    */
-  Description?: string | undefined;
+  ActivityStatus?: ActivityStatus | undefined;
 
   /**
-   * <p>The ID of the security group.</p>
+   * <p>The creation date and time of the request.</p>
    * @public
    */
-  GroupId?: string | undefined;
+  CreateTime?: Date | undefined;
 
   /**
-   * <p>The name of the security group.</p>
+   * <p>The configuration of the Spot Fleet request.</p>
    * @public
    */
-  GroupName?: string | undefined;
+  SpotFleetRequestConfig?: SpotFleetRequestConfigData | undefined;
 
   /**
-   * <p>Information about the stale inbound rules in the security group.</p>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  StaleIpPermissions?: StaleIpPermission[] | undefined;
+  SpotFleetRequestId?: string | undefined;
 
   /**
-   * <p>Information about the stale outbound rules in the security group.</p>
+   * <p>The state of the Spot Fleet request.</p>
    * @public
    */
-  StaleIpPermissionsEgress?: StaleIpPermission[] | undefined;
+  SpotFleetRequestState?: BatchState | undefined;
 
   /**
-   * <p>The ID of the VPC for the security group.</p>
+   * <p>The tags for a Spot Fleet resource.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  Tags?: Tag[] | undefined;
 }
 
 /**
+ * <p>Contains the output of DescribeSpotFleetRequests.</p>
  * @public
  */
-export interface DescribeStaleSecurityGroupsResult {
+export interface DescribeSpotFleetRequestsResponse {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>Information about the stale security groups.</p>
+   * <p>Information about the configuration of your Spot Fleet.</p>
    * @public
    */
-  StaleSecurityGroupSet?: StaleSecurityGroup[] | undefined;
+  SpotFleetRequestConfigs?: SpotFleetRequestConfig[] | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DescribeSpotInstanceRequests.</p>
  * @public
  */
-export interface DescribeStoreImageTasksRequest {
-  /**
-   * <p>The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a request.</p>
-   * @public
-   */
-  ImageIds?: string[] | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>task-state</code> - Returns tasks in a certain state (<code>InProgress</code> |
-   *             <code>Completed</code> | <code>Failed</code>)</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>bucket</code> - Returns task information for tasks that targeted a specific
-   *           bucket. For the filter value, specify the bucket name.</p>
-   *             </li>
-   *          </ul>
-   *          <note>
-   *             <p>When you specify the <code>ImageIds</code> parameter, any filters that you specify are
-   *         ignored. To use the filters, you must remove the <code>ImageIds</code> parameter.</p>
-   *          </note>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
+export interface DescribeSpotInstanceRequestsRequest {
   /**
    * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
@@ -2363,209 +1847,200 @@ export interface DescribeStoreImageTasksRequest {
    * <p>The maximum number of items to return for this request.
    *          To get the next page of items, make another request with the token returned in the output.
    * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
-   *          <p>You cannot specify this parameter and the <code>ImageIds</code> parameter in the same
-   *       call.</p>
    * @public
    */
   MaxResults?: number | undefined;
-}
-
-/**
- * <p>The information about the AMI store task, including the progress of the task.</p>
- * @public
- */
-export interface StoreImageTaskResult {
-  /**
-   * <p>The ID of the AMI that is being stored.</p>
-   * @public
-   */
-  AmiId?: string | undefined;
-
-  /**
-   * <p>The time the task started.</p>
-   * @public
-   */
-  TaskStartTime?: Date | undefined;
-
-  /**
-   * <p>The name of the Amazon S3 bucket that contains the stored AMI object.</p>
-   * @public
-   */
-  Bucket?: string | undefined;
 
   /**
-   * <p>The name of the stored AMI object in the bucket.</p>
-   * @public
-   */
-  S3objectKey?: string | undefined;
-
-  /**
-   * <p>The progress of the task as a percentage.</p>
-   * @public
-   */
-  ProgressPercentage?: number | undefined;
-
-  /**
-   * <p>The state of the store task (<code>InProgress</code>, <code>Completed</code>, or
-   *         <code>Failed</code>).</p>
-   * @public
-   */
-  StoreTaskState?: string | undefined;
-
-  /**
-   * <p>If the tasks fails, the reason for the failure is returned. If the task succeeds,
-   *         <code>null</code> is returned.</p>
-   * @public
-   */
-  StoreTaskFailureReason?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeStoreImageTasksResult {
-  /**
-   * <p>The information about the AMI store tasks.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  StoreImageTaskResults?: StoreImageTaskResult[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The IDs of the Spot Instance requests.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  SpotInstanceRequestIds?: string[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeSubnetsRequest {
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone for the subnet. You can also use
-   *                     <code>availabilityZone</code> as the filter name.</p>
+   *                   <code>availability-zone-group</code> - The Availability Zone group.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>availability-zone-id</code> - The ID of the Availability Zone for the subnet.
-   *                     You can also use <code>availabilityZoneId</code> as the filter name.</p>
+   *                   <code>create-time</code> - The time stamp when the Spot Instance request was
+   *                     created.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>available-ip-address-count</code> - The number of IPv4 addresses in the
-   *                     subnet that are available.</p>
+   *                   <code>fault-code</code> - The fault code related to the request.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>cidr-block</code> - The IPv4 CIDR block of the subnet. The CIDR block
-   *                     you specify must exactly match the subnet's CIDR block for information to be
-   *                     returned for the subnet. You can also use <code>cidr</code> or
-   *                         <code>cidrBlock</code> as the filter names.</p>
+   *                   <code>fault-message</code> - The fault message related to the request.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>customer-owned-ipv4-pool</code> - The customer-owned IPv4 address pool
-   *                     associated with the subnet.</p>
+   *                   <code>instance-id</code> - The ID of the instance that fulfilled the
+   *                     request.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>default-for-az</code> - Indicates whether this is the default subnet for
-   *                     the Availability Zone (<code>true</code> | <code>false</code>). You can also use
-   *                         <code>defaultForAz</code> as the filter name.</p>
+   *                   <code>launch-group</code> - The Spot Instance launch group.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>enable-dns64</code> - Indicates whether DNS queries made to the
-   *                     Amazon-provided DNS Resolver in this subnet should return synthetic IPv6
-   *                     addresses for IPv4-only destinations.</p>
+   *                   <code>launch.block-device-mapping.delete-on-termination</code> - Indicates
+   *                     whether the EBS volume is deleted on instance termination.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>enable-lni-at-device-index</code> - Indicates the device position for
-   *                     local network interfaces in this subnet. For example, <code>1</code> indicates
-   *                     local network interfaces in this subnet are the secondary network interface
-   *                     (eth1). </p>
+   *                   <code>launch.block-device-mapping.device-name</code> - The device name for the
+   *                     volume in the block device mapping (for example, <code>/dev/sdh</code> or
+   *                         <code>xvdh</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR
-   *                     block associated with the subnet.</p>
+   *                   <code>launch.block-device-mapping.snapshot-id</code> - The ID of the snapshot
+   *                     for the EBS volume.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>ipv6-cidr-block-association.association-id</code> - An association ID
-   *                     for an IPv6 CIDR block associated with the subnet.</p>
+   *                   <code>launch.block-device-mapping.volume-size</code> - The size of the EBS
+   *                     volume, in GiB.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR
-   *                     block associated with the subnet.</p>
+   *                   <code>launch.block-device-mapping.volume-type</code> - The type of EBS volume:
+   *                     <code>gp2</code> or <code>gp3</code> for General Purpose SSD, <code>io1</code>
+   *                     or <code>io2</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput
+   *                     Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for
+   *                     Magnetic.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>ipv6-native</code> - Indicates whether this is an IPv6 only subnet
-   *                         (<code>true</code> | <code>false</code>).</p>
+   *                   <code>launch.group-id</code> - The ID of the security group for the
+   *                     instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>map-customer-owned-ip-on-launch</code> - Indicates whether a network
-   *                     interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives a customer-owned IPv4 address.</p>
+   *                   <code>launch.group-name</code> - The name of the security group for the
+   *                     instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>map-public-ip-on-launch</code> - Indicates whether instances launched in
-   *                     this subnet receive a public IPv4 address.</p>
+   *                   <code>launch.image-id</code> - The ID of the AMI.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
+   *                   <code>launch.instance-type</code> - The type of instance (for example,
+   *                         <code>m3.medium</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the
-   *                     subnet.</p>
+   *                   <code>launch.kernel-id</code> - The kernel ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>private-dns-name-options-on-launch.hostname-type</code> - The type of
-   *                     hostname to assign to instances in the subnet at launch. For IPv4-only and
-   *                     dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the
-   *                     instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6
-   *                     only subnets, an instance DNS name must be based on the instance ID
-   *                     (resource-name).</p>
+   *                   <code>launch.key-name</code> - The name of the key pair the instance launched
+   *                     with.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>private-dns-name-options-on-launch.enable-resource-name-dns-a-record</code>
-   *                     - Indicates whether to respond to DNS queries for instance hostnames with DNS A
-   *                     records.</p>
+   *                   <code>launch.monitoring-enabled</code> - Whether detailed monitoring is
+   *                     enabled for the Spot Instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record</code>
-   *                     - Indicates whether to respond to DNS queries for instance hostnames with DNS
-   *                     AAAA records.</p>
+   *                   <code>launch.ramdisk-id</code> - The RAM disk ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the subnet (<code>pending</code> | <code>available</code>).</p>
+   *                   <code>launched-availability-zone</code> - The Availability Zone in which the
+   *                     request is launched.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>subnet-arn</code> - The Amazon Resource Name (ARN) of the subnet.</p>
+   *                   <code>network-interface.addresses.primary</code> - Indicates whether the IP
+   *                     address is the primary private IP address.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>subnet-id</code> - The ID of the subnet.</p>
+   *                   <code>network-interface.delete-on-termination</code> - Indicates whether the
+   *                     network interface is deleted when the instance is terminated.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *                   <code>network-interface.description</code> - A description of the network
+   *                     interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface.device-index</code> - The index of the device for the
+   *                     network interface attachment on the instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface.group-id</code> - The ID of the security group
+   *                     associated with the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface.network-interface-id</code> - The ID of the network
+   *                     interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface.private-ip-address</code> - The primary private IP
+   *                     address of the network interface.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>network-interface.subnet-id</code> - The ID of the subnet for the
+   *                     instance.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>product-description</code> - The product description associated with the
+   *                     instance (<code>Linux/UNIX</code> | <code>Windows</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>spot-instance-request-id</code> - The Spot Instance request ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>spot-price</code> - The maximum hourly price for any Spot Instance
+   *                     launched to fulfill the request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the Spot Instance request (<code>open</code>
+   *                     | <code>active</code> | <code>closed</code> | <code>cancelled</code> |
+   *                         <code>failed</code>). Spot request status information can help you track
+   *                     your Amazon EC2 Spot Instance requests. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html">Spot
+   *                         request status</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-code</code> - The short code describing the most recent
+   *                     evaluation of your Spot Instance request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-message</code> - The message explaining the status of the Spot
+   *                     Instance request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
    *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
@@ -2574,387 +2049,415 @@ export interface DescribeSubnetsRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC for the subnet.</p>
+   *                   <code>type</code> - The type of Spot Instance request (<code>one-time</code> |
+   *                         <code>persistent</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>valid-from</code> - The start date of the request.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>valid-until</code> - The end date of the request.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
+}
+
+/**
+ * <p>Describes the monitoring of an instance.</p>
+ * @public
+ */
+export interface RunInstancesMonitoringEnabled {
+  /**
+   * <p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is
+   *             enabled.</p>
+   * @public
+   */
+  Enabled: boolean | undefined;
+}
+
+/**
+ * <p>Describes the launch specification for an instance.</p>
+ * @public
+ */
+export interface LaunchSpecification {
+  /**
+   * <p>The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.</p>
+   * @public
+   */
+  UserData?: string | undefined;
+
+  /**
+   * <p>Deprecated.</p>
+   * @public
+   */
+  AddressingType?: string | undefined;
+
+  /**
+   * <p>The block device mapping entries.</p>
+   * @public
+   */
+  BlockDeviceMappings?: BlockDeviceMapping[] | undefined;
+
+  /**
+   * <p>Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>
+   *          <p>Default: <code>false</code>
+   *          </p>
+   * @public
+   */
+  EbsOptimized?: boolean | undefined;
+
+  /**
+   * <p>The IAM instance profile.</p>
+   * @public
+   */
+  IamInstanceProfile?: IamInstanceProfileSpecification | undefined;
+
+  /**
+   * <p>The ID of the AMI.</p>
+   * @public
+   */
+  ImageId?: string | undefined;
+
+  /**
+   * <p>The instance type. Only one instance type can be specified.</p>
+   * @public
+   */
+  InstanceType?: _InstanceType | undefined;
+
+  /**
+   * <p>The ID of the kernel.</p>
+   * @public
+   */
+  KernelId?: string | undefined;
+
+  /**
+   * <p>The name of the key pair.</p>
+   * @public
+   */
+  KeyName?: string | undefined;
 
   /**
-   * <p>The IDs of the subnets.</p>
-   *          <p>Default: Describes all your subnets.</p>
+   * <p>The network interfaces. If you specify a network interface, you must specify
+   *            subnet IDs and security group IDs using the network interface.</p>
    * @public
    */
-  SubnetIds?: string[] | undefined;
+  NetworkInterfaces?: InstanceNetworkInterfaceSpecification[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The placement information for the instance.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Placement?: SpotPlacement | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The ID of the RAM disk.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  RamdiskId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the subnet in which to launch the instance.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  SubnetId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeSubnetsResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The IDs of the security groups.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  SecurityGroups?: GroupIdentifier[] | undefined;
 
   /**
-   * <p>Information about the subnets.</p>
+   * <p>Describes the monitoring of an instance.</p>
    * @public
    */
-  Subnets?: Subnet[] | undefined;
+  Monitoring?: RunInstancesMonitoringEnabled | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeTagsRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
+export const SpotInstanceState = {
+  active: "active",
+  cancelled: "cancelled",
+  closed: "closed",
+  disabled: "disabled",
+  failed: "failed",
+  open: "open",
+} as const;
+
+/**
+ * @public
+ */
+export type SpotInstanceState = (typeof SpotInstanceState)[keyof typeof SpotInstanceState];
 
+/**
+ * <p>Describes the status of a Spot Instance request.</p>
+ * @public
+ */
+export interface SpotInstanceStatus {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>key</code> - The tag key.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>resource-id</code> - The ID of the resource.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>resource-type</code> - The resource type. For a list of possible values, see
-   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TagSpecification.html">TagSpecification</a>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of the tag. For example,
-   *                 specify "tag:Owner" for the filter name and "TeamA" for the filter value to find
-   *                 resources with the tag "Owner=TeamA".</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>value</code> - The tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>The status code. For a list of status codes, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html#spot-instance-request-status-understand">Spot request status codes</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Code?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. This value can be between 5 and 1000.
-   *          To get the next page of items, make another request with the token returned in the output.
-   *          For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The description for the status code.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Message?: string | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *          Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The date and time of the most recent status update, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  NextToken?: string | undefined;
+  UpdateTime?: Date | undefined;
 }
 
 /**
- * <p>Describes a tag.</p>
+ * <p>Describes a Spot Instance request.</p>
  * @public
  */
-export interface TagDescription {
+export interface SpotInstanceRequest {
   /**
-   * <p>The tag key.</p>
+   * <p>Deprecated.</p>
    * @public
    */
-  Key?: string | undefined;
+  ActualBlockHourlyPrice?: string | undefined;
 
   /**
-   * <p>The ID of the resource.</p>
+   * <p>The Availability Zone group. If you specify the same Availability Zone group for all Spot Instance requests, all Spot Instances are launched in the same Availability Zone.</p>
    * @public
    */
-  ResourceId?: string | undefined;
+  AvailabilityZoneGroup?: string | undefined;
 
   /**
-   * <p>The resource type.</p>
+   * <p>Deprecated.</p>
    * @public
    */
-  ResourceType?: ResourceType | undefined;
+  BlockDurationMinutes?: number | undefined;
 
   /**
-   * <p>The tag value.</p>
+   * <p>The date and time when the Spot Instance request was created, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  Value?: string | undefined;
-}
+  CreateTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface DescribeTagsResult {
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *          This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The fault codes for the Spot Instance request, if any.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Fault?: SpotInstanceStateFault | undefined;
 
   /**
-   * <p>The tags.</p>
+   * <p>The instance ID, if an instance has been launched to fulfill the Spot Instance request.</p>
    * @public
    */
-  Tags?: TagDescription[] | undefined;
-}
+  InstanceId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeTrafficMirrorFilterRulesRequest {
   /**
-   * <p>Traffic filter rule IDs.</p>
+   * <p>The instance launch group. Launch groups are Spot Instances that launch together and terminate together.</p>
    * @public
    */
-  TrafficMirrorFilterRuleIds?: string[] | undefined;
+  LaunchGroup?: string | undefined;
 
   /**
-   * <p>Traffic filter ID.</p>
+   * <p>Additional information for launching instances.</p>
    * @public
    */
-  TrafficMirrorFilterId?: string | undefined;
+  LaunchSpecification?: LaunchSpecification | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The Availability Zone in which the request is launched.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  LaunchedAvailabilityZone?: string | undefined;
 
   /**
-   * <p>Traffic mirror filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>traffic-mirror-filter-rule-id</code>: The ID of the Traffic Mirror rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>traffic-mirror-filter-id</code>: The ID of the filter that this rule is associated with.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>rule-number</code>: The number of the Traffic Mirror rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>rule-action</code>: The action taken on the filtered traffic. Possible actions are <code>accept</code> and <code>reject</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>traffic-direction</code>: The traffic direction. Possible directions are <code>ingress</code> and <code>egress</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>protocol</code>: The protocol, for example UDP, assigned to the Traffic Mirror rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>source-cidr-block</code>: The source CIDR block assigned to the Traffic Mirror rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>destination-cidr-block</code>: The destination CIDR block assigned to the Traffic Mirror rule.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>description</code>: The description of the Traffic Mirror rule.</p>
-   *             </li>
-   *          </ul>
+   * <p>The product description associated with the Spot Instance.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  ProductDescription?: RIProductDescription | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The ID of the Spot Instance request.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  SpotInstanceRequestId?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
+   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+   *          <important>
+   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+   *          </important>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  SpotPrice?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeTrafficMirrorFilterRulesResult {
   /**
-   * <p>Traffic mirror rules.</p>
+   * <p>The state of the Spot Instance request. Spot request status information helps track your Spot
+   *             Instance requests. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-request-status.html">Spot request status</a> in the
+   *                 <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  TrafficMirrorFilterRules?: TrafficMirrorFilterRule[] | undefined;
+  State?: SpotInstanceState | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
+   * <p>The status code and status message describing the Spot Instance request.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  Status?: SpotInstanceStatus | undefined;
 
-/**
- * @public
- */
-export interface DescribeTrafficMirrorFiltersRequest {
   /**
-   * <p>The ID of the Traffic Mirror filter.</p>
+   * <p>Any tags assigned to the resource.</p>
    * @public
    */
-  TrafficMirrorFilterIds?: string[] | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The Spot Instance request type.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Type?: SpotInstanceType | undefined;
 
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>The start date of the request, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).
+   *             The request becomes active at this date and time.</p>
+   * @public
+   */
+  ValidFrom?: Date | undefined;
+
+  /**
+   * <p>The end date of the request, in UTC format
+   *                 (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    *          <ul>
    *             <li>
-   *                <p>
-   *                   <code>description</code>: The Traffic Mirror filter description.</p>
+   *                <p>For a persistent request, the request remains active until the <code>validUntil</code> date
+   *                     and time is reached. Otherwise, the request remains active until you cancel it.
+   *                 </p>
    *             </li>
    *             <li>
-   *                <p>
-   *                   <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p>
+   *                <p>For a one-time request, the request remains active until all instances launch,
+   *                     the request is canceled, or the <code>validUntil</code> date and time is reached. By default, the
+   *                     request is valid for 7 days from the date the request was created.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
+  ValidUntil?: Date | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The behavior when a Spot Instance is interrupted.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InstanceInterruptionBehavior?: InstanceInterruptionBehavior | undefined;
 }
 
 /**
+ * <p>Contains the output of DescribeSpotInstanceRequests.</p>
  * @public
  */
-export interface DescribeTrafficMirrorFiltersResult {
+export interface DescribeSpotInstanceRequestsResult {
   /**
-   * <p>Information about one or more Traffic Mirror filters.</p>
+   * <p>The Spot Instance requests.</p>
    * @public
    */
-  TrafficMirrorFilters?: TrafficMirrorFilter[] | undefined;
+  SpotInstanceRequests?: SpotInstanceRequest[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DescribeSpotPriceHistory.</p>
  * @public
  */
-export interface DescribeTrafficMirrorSessionsRequest {
+export interface DescribeSpotPriceHistoryRequest {
   /**
-   * <p>The ID of the Traffic Mirror session.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *             <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TrafficMirrorSessionIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The date and time, up to the past 90 days, from which to start retrieving the price
+   *             history data, in UTC format (for example,
+   *             <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  StartTime?: Date | undefined;
 
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>The date and time, up to the current date, from which to stop retrieving the price
+   *             history data, in UTC format (for example,
+   *             <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
+   * @public
+   */
+  EndTime?: Date | undefined;
+
+  /**
+   * <p>Filters the results by the specified instance types.</p>
+   * @public
+   */
+  InstanceTypes?: _InstanceType[] | undefined;
+
+  /**
+   * <p>Filters the results by the specified basic product descriptions.</p>
+   * @public
+   */
+  ProductDescriptions?: string[] | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>description</code>: The Traffic Mirror session description.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>packet-length</code>: The assigned number of packets to mirror. </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>session-number</code>: The assigned session number. </p>
+   *                   <code>availability-zone</code> - The Availability Zone for which prices should
+   *                     be returned.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p>
+   *                   <code>instance-type</code> - The type of instance (for example,
+   *                     <code>m3.medium</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>traffic-mirror-session-id</code>: The ID of the Traffic Mirror session.</p>
+   *                   <code>product-description</code> - The product description for the Spot price
+   *                     (<code>Linux/UNIX</code> | <code>Red Hat Enterprise Linux</code> |
+   *                     <code>SUSE Linux</code> | <code>Windows</code> | <code>Linux/UNIX (Amazon
+   *                         VPC)</code> | <code>Red Hat Enterprise Linux (Amazon VPC)</code> |
+   *                     <code>SUSE Linux (Amazon VPC)</code> | <code>Windows (Amazon
+   *                         VPC)</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p>
+   *                   <code>spot-price</code> - The Spot price. The value must match exactly (or use
+   *                     wildcards; greater than or less than comparison is not supported).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>virtual-network-id</code>: The virtual network ID of the Traffic Mirror session.</p>
+   *                   <code>timestamp</code> - The time stamp of the Spot price history, in UTC format
+   *                     (for example, <i>ddd MMM dd
+   *                         HH</i>:<i>mm</i>:<i>ss</i> UTC
+   *                         <i>YYYY</i>). You can use wildcards (<code>*</code> and
+   *                         <code>?</code>). Greater than or less than comparison is not
+   *                     supported.</p>
    *             </li>
    *          </ul>
    * @public
@@ -2962,359 +2465,348 @@ export interface DescribeTrafficMirrorSessionsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token for the next page of results.</p>
+   * <p>Filters the results by the specified Availability Zone.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  AvailabilityZone?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeTrafficMirrorSessionsResult {
   /**
-   * <p>Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  TrafficMirrorSessions?: TrafficMirrorSession[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
+ *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+ *          <important>
+ *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+ *          </important>
  * @public
  */
-export interface DescribeTrafficMirrorTargetsRequest {
+export interface SpotPrice {
   /**
-   * <p>The ID of the Traffic Mirror targets.</p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  TrafficMirrorTargetIds?: string[] | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The instance type.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  InstanceType?: _InstanceType | undefined;
 
   /**
-   * <p>One or more filters. The possible values are:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>description</code>: The Traffic Mirror target description.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>network-load-balancer-arn</code>: The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the session.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p>
-   *             </li>
-   *          </ul>
+   * <p>A general description of the AMI.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  ProductDescription?: RIProductDescription | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend
+   *             using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.</p>
+   *          <important>
+   *             <p>If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.</p>
+   *          </important>
    * @public
    */
-  MaxResults?: number | undefined;
+  SpotPrice?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The date and time the request was created, in UTC format (for example,
+   *                 <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Timestamp?: Date | undefined;
 }
 
 /**
+ * <p>Contains the output of DescribeSpotPriceHistory.</p>
  * @public
  */
-export interface DescribeTrafficMirrorTargetsResult {
+export interface DescribeSpotPriceHistoryResult {
   /**
-   * <p>Information about one or more Traffic Mirror targets.</p>
+   * <p>The token to include in another request to get the next page of items. This value is
+   *             an empty string (<code>""</code>) or <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  TrafficMirrorTargets?: TrafficMirrorTarget[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
+   * <p>The historical Spot prices.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  SpotPriceHistory?: SpotPrice[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayAttachmentsRequest {
-  /**
-   * <p>The IDs of the attachments.</p>
-   * @public
-   */
-  TransitGatewayAttachmentIds?: string[] | undefined;
-
-  /**
-   * <p>One or more filters. The possible values are:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>association.state</code> - The state of the association (<code>associating</code> | <code>associated</code> |
-   *                <code>disassociating</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>association.transit-gateway-route-table-id</code> - The ID of the route table for the transit gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>resource-id</code> - The ID of the resource.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>resource-owner-id</code> - The ID of the Amazon Web Services account that owns the resource.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>resource-type</code> - The resource type. Valid values are <code>vpc</code>
-   *                     | <code>vpn</code> | <code>direct-connect-gateway</code> | <code>peering</code>
-   *                     | <code>connect</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-owner-id</code> - The ID of the Amazon Web Services account that owns the transit gateway.</p>
-   *             </li>
-   *          </ul>
+export interface DescribeStaleSecurityGroupsRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The maximum number of items to return for this request. To get the next page of items,
+   *           make another request with the token returned in the output. For more information,
+   *           see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  VpcId: string | undefined;
 }
 
 /**
- * <p>Describes an association.</p>
+ * <p>Describes a stale rule in a security group.</p>
  * @public
  */
-export interface TransitGatewayAttachmentAssociation {
+export interface StaleIpPermission {
   /**
-   * <p>The ID of the route table for the transit gateway.</p>
+   * <p>If the protocol is TCP or UDP, this is the start of the port range.
+   *           If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).</p>
    * @public
    */
-  TransitGatewayRouteTableId?: string | undefined;
+  FromPort?: number | undefined;
 
   /**
-   * <p>The state of the association.</p>
+   * <p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>, <code>icmpv6</code>) or number
+   *           (see <a href="http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml">Protocol Numbers)</a>.</p>
    * @public
    */
-  State?: TransitGatewayAssociationState | undefined;
-}
+  IpProtocol?: string | undefined;
 
-/**
- * <p>Describes an attachment between a resource and a transit gateway.</p>
- * @public
- */
-export interface TransitGatewayAttachment {
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The IP ranges. Not applicable for stale security group rules.</p>
    * @public
    */
-  TransitGatewayAttachmentId?: string | undefined;
+  IpRanges?: string[] | undefined;
 
   /**
-   * <p>The ID of the transit gateway.</p>
+   * <p>The prefix list IDs. Not applicable for stale security group rules.</p>
    * @public
    */
-  TransitGatewayId?: string | undefined;
+  PrefixListIds?: string[] | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the transit gateway.</p>
+   * <p>If the protocol is TCP or UDP, this is the end of the port range.
+   *           If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes).</p>
    * @public
    */
-  TransitGatewayOwnerId?: string | undefined;
+  ToPort?: number | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the resource.</p>
+   * <p>The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.</p>
    * @public
    */
-  ResourceOwnerId?: string | undefined;
+  UserIdGroupPairs?: UserIdGroupPair[] | undefined;
+}
 
+/**
+ * <p>Describes a stale security group (a security group that contains stale rules).</p>
+ * @public
+ */
+export interface StaleSecurityGroup {
   /**
-   * <p>The resource type. Note that the <code>tgw-peering</code> resource type has been deprecated.</p>
+   * <p>The description of the security group.</p>
    * @public
    */
-  ResourceType?: TransitGatewayAttachmentResourceType | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The ID of the resource.</p>
+   * <p>The ID of the security group.</p>
    * @public
    */
-  ResourceId?: string | undefined;
+  GroupId?: string | undefined;
 
   /**
-   * <p>The attachment state. Note that the <code>initiating</code> state has been deprecated.</p>
+   * <p>The name of the security group.</p>
    * @public
    */
-  State?: TransitGatewayAttachmentState | undefined;
+  GroupName?: string | undefined;
 
   /**
-   * <p>The association.</p>
+   * <p>Information about the stale inbound rules in the security group.</p>
    * @public
    */
-  Association?: TransitGatewayAttachmentAssociation | undefined;
+  StaleIpPermissions?: StaleIpPermission[] | undefined;
 
   /**
-   * <p>The creation time.</p>
+   * <p>Information about the stale outbound rules in the security group.</p>
    * @public
    */
-  CreationTime?: Date | undefined;
+  StaleIpPermissionsEgress?: StaleIpPermission[] | undefined;
 
   /**
-   * <p>The tags for the attachment.</p>
+   * <p>The ID of the VPC for the security group.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  VpcId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayAttachmentsResult {
+export interface DescribeStaleSecurityGroupsResult {
   /**
-   * <p>Information about the attachments.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  TransitGatewayAttachments?: TransitGatewayAttachment[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the stale security groups.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  StaleSecurityGroupSet?: StaleSecurityGroup[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayConnectPeersRequest {
+export interface DescribeStoreImageTasksRequest {
   /**
-   * <p>The IDs of the Connect peers.</p>
+   * <p>The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a
+   *       request.</p>
    * @public
    */
-  TransitGatewayConnectPeerIds?: string[] | undefined;
+  ImageIds?: string[] | undefined;
 
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the Connect peer (<code>pending</code> |
-   *                         <code>available</code> | <code>deleting</code> |
-   *                     <code>deleted</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
+   *                   <code>task-state</code> - Returns tasks in a certain state (<code>InProgress</code> |
+   *             <code>Completed</code> | <code>Failed</code>)</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-connect-peer-id</code> - The ID of the Connect peer.</p>
+   *                   <code>bucket</code> - Returns task information for tasks that targeted a specific
+   *           bucket. For the filter value, specify the bucket name.</p>
    *             </li>
    *          </ul>
+   *          <note>
+   *             <p>When you specify the <code>ImageIds</code> parameter, any filters that you specify are
+   *         ignored. To use the filters, you must remove the <code>ImageIds</code> parameter.</p>
+   *          </note>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   *          <p>You cannot specify this parameter and the <code>ImageIds</code> parameter in the same
+   *       call.</p>
    * @public
    */
   MaxResults?: number | undefined;
+}
 
+/**
+ * <p>The information about the AMI store task, including the progress of the task.</p>
+ * @public
+ */
+export interface StoreImageTaskResult {
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The ID of the AMI that is being stored.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  AmiId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The time the task started.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TaskStartTime?: Date | undefined;
+
+  /**
+   * <p>The name of the Amazon S3 bucket that contains the stored AMI object.</p>
+   * @public
+   */
+  Bucket?: string | undefined;
+
+  /**
+   * <p>The name of the stored AMI object in the bucket.</p>
+   * @public
+   */
+  S3objectKey?: string | undefined;
+
+  /**
+   * <p>The progress of the task as a percentage.</p>
+   * @public
+   */
+  ProgressPercentage?: number | undefined;
+
+  /**
+   * <p>The state of the store task (<code>InProgress</code>, <code>Completed</code>, or
+   *         <code>Failed</code>).</p>
+   * @public
+   */
+  StoreTaskState?: string | undefined;
+
+  /**
+   * <p>If the tasks fails, the reason for the failure is returned. If the task succeeds,
+   *         <code>null</code> is returned.</p>
+   * @public
+   */
+  StoreTaskFailureReason?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayConnectPeersResult {
+export interface DescribeStoreImageTasksResult {
   /**
-   * <p>Information about the Connect peers.</p>
+   * <p>The information about the AMI store tasks.</p>
    * @public
    */
-  TransitGatewayConnectPeers?: TransitGatewayConnectPeer[] | undefined;
+  StoreImageTaskResults?: StoreImageTaskResult[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -3323,110 +2815,140 @@ export interface DescribeTransitGatewayConnectPeersResult {
 /**
  * @public
  */
-export interface DescribeTransitGatewayConnectsRequest {
-  /**
-   * <p>The IDs of the attachments.</p>
-   * @public
-   */
-  TransitGatewayAttachmentIds?: string[] | undefined;
-
+export interface DescribeSubnetsRequest {
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>options.protocol</code> - The tunnel protocol (<code>gre</code>).</p>
+   *                   <code>availability-zone</code> - The Availability Zone for the subnet. You can also use
+   *                     <code>availabilityZone</code> as the filter name.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone-id</code> - The ID of the Availability Zone for the subnet.
+   *                     You can also use <code>availabilityZoneId</code> as the filter name.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>available-ip-address-count</code> - The number of IPv4 addresses in the
+   *                     subnet that are available.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>cidr-block</code> - The IPv4 CIDR block of the subnet. The CIDR block
+   *                     you specify must exactly match the subnet's CIDR block for information to be
+   *                     returned for the subnet. You can also use <code>cidr</code> or
+   *                         <code>cidrBlock</code> as the filter names.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>customer-owned-ipv4-pool</code> - The customer-owned IPv4 address pool
+   *                     associated with the subnet.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>default-for-az</code> - Indicates whether this is the default subnet for
+   *                     the Availability Zone (<code>true</code> | <code>false</code>). You can also use
+   *                         <code>defaultForAz</code> as the filter name.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>enable-dns64</code> - Indicates whether DNS queries made to the
+   *                     Amazon-provided DNS Resolver in this subnet should return synthetic IPv6
+   *                     addresses for IPv4-only destinations.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>enable-lni-at-device-index</code> - Indicates the device position for
+   *                     local network interfaces in this subnet. For example, <code>1</code> indicates
+   *                     local network interfaces in this subnet are the secondary network interface
+   *                     (eth1). </p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR
+   *                     block associated with the subnet.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.association-id</code> - An association ID
+   *                     for an IPv6 CIDR block associated with the subnet.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the attachment (<code>initiating</code> |
-   *                         <code>initiatingRequest</code> | <code>pendingAcceptance</code> |
-   *                         <code>rollingBack</code> | <code>pending</code> | <code>available</code> |
-   *                         <code>modifying</code> | <code>deleting</code> | <code>deleted</code> |
-   *                         <code>failed</code> | <code>rejected</code> | <code>rejecting</code> |
-   *                         <code>failing</code>).</p>
+   *                   <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR
+   *                     block associated with the subnet.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-attachment-id</code> - The ID of the
-   *                     Connect attachment.</p>
+   *                   <code>ipv6-native</code> - Indicates whether this is an IPv6 only subnet
+   *                         (<code>true</code> | <code>false</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>map-customer-owned-ip-on-launch</code> - Indicates whether a network
+   *                     interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives a customer-owned IPv4 address.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transport-transit-gateway-attachment-id</code> - The ID of the transit gateway attachment from which the Connect attachment was created.</p>
+   *                   <code>map-public-ip-on-launch</code> - Indicates whether instances launched in
+   *                     this subnet receive a public IPv4 address.</p>
    *             </li>
-   *          </ul>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token for the next page of results.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeTransitGatewayConnectsResult {
-  /**
-   * <p>Information about the Connect attachments.</p>
-   * @public
-   */
-  TransitGatewayConnects?: TransitGatewayConnect[] | undefined;
-
-  /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
-   * @public
-   */
-  NextToken?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface DescribeTransitGatewayMulticastDomainsRequest {
-  /**
-   * <p>The ID of the transit gateway multicast domain.</p>
-   * @public
-   */
-  TransitGatewayMulticastDomainIds?: string[] | undefined;
-
-  /**
-   * <p>One or more filters. The possible values are:</p>
-   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the transit gateway multicast domain. Valid values are <code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>.</p>
+   *                   <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the
+   *                     subnet.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-multicast-domain-id</code> - The ID of the transit gateway multicast domain.</p>
+   *                   <code>private-dns-name-options-on-launch.hostname-type</code> - The type of
+   *                     hostname to assign to instances in the subnet at launch. For IPv4-only and
+   *                     dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the
+   *                     instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6
+   *                     only subnets, an instance DNS name must be based on the instance ID
+   *                     (resource-name).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>private-dns-name-options-on-launch.enable-resource-name-dns-a-record</code>
+   *                     - Indicates whether to respond to DNS queries for instance hostnames with DNS A
+   *                     records.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record</code>
+   *                     - Indicates whether to respond to DNS queries for instance hostnames with DNS
+   *                     AAAA records.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the subnet (<code>pending</code> | <code>available</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>subnet-arn</code> - The Amazon Resource Name (ARN) of the subnet.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>subnet-id</code> - The ID of the subnet.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC for the subnet.</p>
    *             </li>
    *          </ul>
    * @public
@@ -3434,18 +2956,26 @@ export interface DescribeTransitGatewayMulticastDomainsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The IDs of the subnets.</p>
+   *          <p>Default: Describes all your subnets.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  SubnetIds?: string[] | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
 
+  /**
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -3458,61 +2988,57 @@ export interface DescribeTransitGatewayMulticastDomainsRequest {
 /**
  * @public
  */
-export interface DescribeTransitGatewayMulticastDomainsResult {
+export interface DescribeSubnetsResult {
   /**
-   * <p>Information about the transit gateway multicast domains.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  TransitGatewayMulticastDomains?: TransitGatewayMulticastDomain[] | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the subnets.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Subnets?: Subnet[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayPeeringAttachmentsRequest {
+export interface DescribeTagsRequest {
   /**
-   * <p>One or more IDs of the transit gateway peering attachments.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TransitGatewayAttachmentIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-attachment-id</code> - The ID of the transit gateway attachment.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>local-owner-id</code> - The ID of your Amazon Web Services account.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>remote-owner-id</code> - The ID of the Amazon Web Services account in the remote Region that owns the transit gateway.</p>
+   *                   <code>key</code> - The tag key.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the peering attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p>
+   *                   <code>resource-id</code> - The ID of the resource.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>resource-type</code> - The resource type. For a list of possible values, see
+   *                <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TagSpecification.html">TagSpecification</a>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>tag</code>:<key> - The key/value combination of the tag. For example,
+   *                 specify "tag:Owner" for the filter name and "TeamA" for the filter value to find
+   *                 resources with the tag "Owner=TeamA".</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>value</code> - The tag value.</p>
    *             </li>
    *          </ul>
    * @public
@@ -3520,111 +3046,133 @@ export interface DescribeTransitGatewayPeeringAttachmentsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The maximum number of items to return for this request. This value can be between 5 and 1000.
+   *          To get the next page of items, make another request with the token returned in the output.
+   *          For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token returned from a previous paginated request.
+   *          Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes a tag.</p>
  * @public
  */
-export interface DescribeTransitGatewayPeeringAttachmentsResult {
-  /**
-   * <p>The transit gateway peering attachments.</p>
-   * @public
-   */
-  TransitGatewayPeeringAttachments?: TransitGatewayPeeringAttachment[] | undefined;
-
+export interface TagDescription {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The tag key.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  Key?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeTransitGatewayPolicyTablesRequest {
   /**
-   * <p>The IDs of the transit gateway policy tables.</p>
+   * <p>The ID of the resource.</p>
    * @public
    */
-  TransitGatewayPolicyTableIds?: string[] | undefined;
+  ResourceId?: string | undefined;
 
   /**
-   * <p>The filters associated with the transit gateway policy table.</p>
+   * <p>The resource type.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  ResourceType?: ResourceType | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The tag value.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Value?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeTagsResult {
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *          This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The tags.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Tags?: TagDescription[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayPolicyTablesResult {
+export interface DescribeTrafficMirrorFilterRulesRequest {
   /**
-   * <p>Describes the transit gateway policy tables.</p>
+   * <p>Traffic filter rule IDs.</p>
    * @public
    */
-  TransitGatewayPolicyTables?: TransitGatewayPolicyTable[] | undefined;
+  TrafficMirrorFilterRuleIds?: string[] | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>Traffic filter ID.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  TrafficMirrorFilterId?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeTransitGatewayRouteTableAnnouncementsRequest {
   /**
-   * <p>The IDs of the transit gateway route tables that are being advertised.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TransitGatewayRouteTableAnnouncementIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters associated with the transit gateway policy table.</p>
+   * <p>Traffic mirror filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>traffic-mirror-filter-rule-id</code>: The ID of the Traffic Mirror rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>traffic-mirror-filter-id</code>: The ID of the filter that this rule is associated with.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>rule-number</code>: The number of the Traffic Mirror rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>rule-action</code>: The action taken on the filtered traffic. Possible actions are <code>accept</code> and <code>reject</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>traffic-direction</code>: The traffic direction. Possible directions are <code>ingress</code> and <code>egress</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>protocol</code>: The protocol, for example UDP, assigned to the Traffic Mirror rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>source-cidr-block</code>: The source CIDR block assigned to the Traffic Mirror rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>destination-cidr-block</code>: The destination CIDR block assigned to the Traffic Mirror rule.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>description</code>: The description of the Traffic Mirror rule.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
@@ -3641,28 +3189,20 @@ export interface DescribeTransitGatewayRouteTableAnnouncementsRequest {
    * @public
    */
   NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayRouteTableAnnouncementsResult {
+export interface DescribeTrafficMirrorFilterRulesResult {
   /**
-   * <p>Describes the transit gateway route table announcement.</p>
+   * <p>Traffic mirror rules.</p>
    * @public
    */
-  TransitGatewayRouteTableAnnouncements?: TransitGatewayRouteTableAnnouncement[] | undefined;
+  TrafficMirrorFilterRules?: TrafficMirrorFilterRule[] | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -3671,37 +3211,31 @@ export interface DescribeTransitGatewayRouteTableAnnouncementsResult {
 /**
  * @public
  */
-export interface DescribeTransitGatewayRouteTablesRequest {
+export interface DescribeTrafficMirrorFiltersRequest {
   /**
-   * <p>The IDs of the transit gateway route tables.</p>
+   * <p>The ID of the Traffic Mirror filter.</p>
    * @public
    */
-  TransitGatewayRouteTableIds?: string[] | undefined;
+  TrafficMirrorFilterIds?: string[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 
   /**
    * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>default-association-route-table</code> - Indicates whether this is the default
-   *                 association route table for the transit gateway (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>default-propagation-route-table</code> - Indicates whether this is the default
-   *                propagation route table for the transit gateway (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the route table (<code>available</code> | <code>deleting</code> | <code>deleted</code> | <code>pending</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>description</code>: The Traffic Mirror filter description.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-route-table-id</code> - The ID of the transit gateway route table.</p>
+   *                   <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p>
    *             </li>
    *          </ul>
    * @public
@@ -3720,28 +3254,20 @@ export interface DescribeTransitGatewayRouteTablesRequest {
    * @public
    */
   NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayRouteTablesResult {
+export interface DescribeTrafficMirrorFiltersResult {
   /**
-   * <p>Information about the transit gateway route tables.</p>
+   * <p>Information about one or more Traffic Mirror filters.</p>
    * @public
    */
-  TransitGatewayRouteTables?: TransitGatewayRouteTable[] | undefined;
+  TrafficMirrorFilters?: TrafficMirrorFilter[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -3750,68 +3276,59 @@ export interface DescribeTransitGatewayRouteTablesResult {
 /**
  * @public
  */
-export interface DescribeTransitGatewaysRequest {
+export interface DescribeTrafficMirrorSessionsRequest {
   /**
-   * <p>The IDs of the transit gateways.</p>
+   * <p>The ID of the Traffic Mirror session.</p>
    * @public
    */
-  TransitGatewayIds?: string[] | undefined;
+  TrafficMirrorSessionIds?: string[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 
   /**
    * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>options.propagation-default-route-table-id</code> - The ID of the default propagation route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>options.amazon-side-asn</code> - The private ASN for the Amazon side of a BGP session.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>options.association-default-route-table-id</code> - The ID of the default association route table.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>options.auto-accept-shared-attachments</code> - Indicates whether there is automatic acceptance of attachment requests (<code>enable</code> | <code>disable</code>).</p>
+   *                   <code>description</code>: The Traffic Mirror session description.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>options.default-route-table-association</code> - Indicates whether resource attachments are automatically
-   *                associated with the default association route table (<code>enable</code> | <code>disable</code>).</p>
+   *                   <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>options.default-route-table-propagation</code> - Indicates whether resource attachments automatically propagate
-   *                routes to the default propagation route table (<code>enable</code> | <code>disable</code>).</p>
+   *                   <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>options.dns-support</code> - Indicates whether DNS support is enabled (<code>enable</code> | <code>disable</code>).</p>
+   *                   <code>packet-length</code>: The assigned number of packets to mirror. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>options.vpn-ecmp-support</code> - Indicates whether Equal Cost Multipath Protocol support is enabled  (<code>enable</code> | <code>disable</code>).</p>
+   *                   <code>session-number</code>: The assigned session number. </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the transit gateway.</p>
+   *                   <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the transit gateway (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>modifying</code> | <code>pending</code>).</p>
+   *                   <code>traffic-mirror-session-id</code>: The ID of the Traffic Mirror session.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key </code>- The key/value combination of a tag assigned to the resource. Use the
-   *                tag key in the filter name and the tag value as the filter value. For example, to
-   *                find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify
-   *                <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>virtual-network-id</code>: The virtual network ID of the Traffic Mirror session.</p>
    *             </li>
    *          </ul>
    * @public
@@ -3830,28 +3347,20 @@ export interface DescribeTransitGatewaysRequest {
    * @public
    */
   NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewaysResult {
+export interface DescribeTrafficMirrorSessionsResult {
   /**
-   * <p>Information about the transit gateways.</p>
+   * <p>Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.</p>
    * @public
    */
-  TransitGateways?: TransitGateway[] | undefined;
+  TrafficMirrorSessions?: TrafficMirrorSession[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -3860,31 +3369,43 @@ export interface DescribeTransitGatewaysResult {
 /**
  * @public
  */
-export interface DescribeTransitGatewayVpcAttachmentsRequest {
+export interface DescribeTrafficMirrorTargetsRequest {
   /**
-   * <p>The IDs of the attachments.</p>
+   * <p>The ID of the Traffic Mirror targets.</p>
    * @public
    */
-  TransitGatewayAttachmentIds?: string[] | undefined;
+  TrafficMirrorTargetIds?: string[] | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 
   /**
    * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>.</p>
+   *                   <code>description</code>: The Traffic Mirror target description.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
+   *                   <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *                   <code>network-load-balancer-arn</code>: The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the session.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC.</p>
+   *                   <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p>
    *             </li>
    *          </ul>
    * @public
@@ -3903,28 +3424,20 @@ export interface DescribeTransitGatewayVpcAttachmentsRequest {
    * @public
    */
   NextToken?: string | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeTransitGatewayVpcAttachmentsResult {
+export interface DescribeTrafficMirrorTargetsResult {
   /**
-   * <p>Information about the VPC attachments.</p>
+   * <p>Information about one or more Traffic Mirror targets.</p>
    * @public
    */
-  TransitGatewayVpcAttachments?: TransitGatewayVpcAttachment[] | undefined;
+  TrafficMirrorTargets?: TrafficMirrorTarget[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -3933,37 +3446,67 @@ export interface DescribeTransitGatewayVpcAttachmentsResult {
 /**
  * @public
  */
-export interface DescribeTrunkInterfaceAssociationsRequest {
-  /**
-   * <p>The IDs of the associations.</p>
-   * @public
-   */
-  AssociationIds?: string[] | undefined;
-
+export interface DescribeTransitGatewayAttachmentsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the attachments.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TransitGatewayAttachmentIds?: string[] | undefined;
 
   /**
-   * <p>One or more filters.</p>
+   * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>gre-key</code> - The ID of a trunk interface association.</p>
+   *                   <code>association.state</code> - The state of the association (<code>associating</code> | <code>associated</code> |
+   *                <code>disassociating</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>association.transit-gateway-route-table-id</code> - The ID of the route table for the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>resource-id</code> - The ID of the resource.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>resource-owner-id</code> - The ID of the Amazon Web Services account that owns the resource.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>resource-type</code> - The resource type. Valid values are <code>vpc</code>
+   *                     | <code>vpn</code> | <code>direct-connect-gateway</code> | <code>peering</code>
+   *                     | <code>connect</code>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>interface-protocol</code> - The interface protocol. Valid values are <code>VLAN</code> and <code>GRE</code>.</p>
+   *                   <code>state</code> - The state of the attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-owner-id</code> - The ID of the Amazon Web Services account that owns the transit gateway.</p>
    *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
 
+  /**
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
   /**
    * <p>The token for the next page of results.</p>
    * @public
@@ -3971,89 +3514,107 @@ export interface DescribeTrunkInterfaceAssociationsRequest {
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   *             To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes an association.</p>
  * @public
  */
-export interface DescribeTrunkInterfaceAssociationsResult {
+export interface TransitGatewayAttachmentAssociation {
   /**
-   * <p>Information about the trunk associations.</p>
+   * <p>The ID of the route table for the transit gateway.</p>
    * @public
    */
-  InterfaceAssociations?: TrunkInterfaceAssociation[] | undefined;
+  TransitGatewayRouteTableId?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The state of the association.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  State?: TransitGatewayAssociationState | undefined;
 }
 
 /**
+ * <p>Describes an attachment between a resource and a transit gateway.</p>
  * @public
  */
-export interface DescribeVerifiedAccessEndpointsRequest {
+export interface TransitGatewayAttachment {
   /**
-   * <p>The ID of the Verified Access endpoint.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  VerifiedAccessEndpointIds?: string[] | undefined;
+  TransitGatewayAttachmentId?: string | undefined;
 
   /**
-   * <p>The ID of the Verified Access instance.</p>
+   * <p>The ID of the transit gateway.</p>
    * @public
    */
-  VerifiedAccessInstanceId?: string | undefined;
+  TransitGatewayId?: string | undefined;
 
   /**
-   * <p>The ID of the Verified Access group.</p>
+   * <p>The ID of the Amazon Web Services account that owns the transit gateway.</p>
    * @public
    */
-  VerifiedAccessGroupId?: string | undefined;
+  TransitGatewayOwnerId?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The ID of the Amazon Web Services account that owns the resource.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ResourceOwnerId?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The resource type. Note that the <code>tgw-peering</code> resource type has been deprecated.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ResourceType?: TransitGatewayAttachmentResourceType | undefined;
 
   /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
+   * <p>The ID of the resource.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  ResourceId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The attachment state. Note that the <code>initiating</code> state has been deprecated.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  State?: TransitGatewayAttachmentState | undefined;
+
+  /**
+   * <p>The association.</p>
+   * @public
+   */
+  Association?: TransitGatewayAttachmentAssociation | undefined;
+
+  /**
+   * <p>The creation time.</p>
+   * @public
+   */
+  CreationTime?: Date | undefined;
+
+  /**
+   * <p>The tags for the attachment.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVerifiedAccessEndpointsResult {
+export interface DescribeTransitGatewayAttachmentsResult {
   /**
-   * <p>Details about the Verified Access endpoints.</p>
+   * <p>Information about the attachments.</p>
    * @public
    */
-  VerifiedAccessEndpoints?: VerifiedAccessEndpoint[] | undefined;
+  TransitGatewayAttachments?: TransitGatewayAttachment[] | undefined;
 
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
@@ -4065,18 +3626,34 @@ export interface DescribeVerifiedAccessEndpointsResult {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessGroupsRequest {
+export interface DescribeTransitGatewayConnectPeersRequest {
   /**
-   * <p>The ID of the Verified Access groups.</p>
+   * <p>The IDs of the Connect peers.</p>
    * @public
    */
-  VerifiedAccessGroupIds?: string[] | undefined;
+  TransitGatewayConnectPeerIds?: string[] | undefined;
 
   /**
-   * <p>The ID of the Verified Access instance.</p>
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the Connect peer (<code>pending</code> |
+   *                         <code>available</code> | <code>deleting</code> |
+   *                     <code>deleted</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-connect-peer-id</code> - The ID of the Connect peer.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  VerifiedAccessInstanceId?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -4091,12 +3668,6 @@ export interface DescribeVerifiedAccessGroupsRequest {
    */
   NextToken?: string | undefined;
 
-  /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -4109,12 +3680,12 @@ export interface DescribeVerifiedAccessGroupsRequest {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessGroupsResult {
+export interface DescribeTransitGatewayConnectPeersResult {
   /**
-   * <p>Details about the Verified Access groups.</p>
+   * <p>Information about the Connect peers.</p>
    * @public
    */
-  VerifiedAccessGroups?: VerifiedAccessGroup[] | undefined;
+  TransitGatewayConnectPeers?: TransitGatewayConnectPeer[] | undefined;
 
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
@@ -4126,12 +3697,46 @@ export interface DescribeVerifiedAccessGroupsResult {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessInstanceLoggingConfigurationsRequest {
+export interface DescribeTransitGatewayConnectsRequest {
   /**
-   * <p>The IDs of the Verified Access instances.</p>
+   * <p>The IDs of the attachments.</p>
    * @public
    */
-  VerifiedAccessInstanceIds?: string[] | undefined;
+  TransitGatewayAttachmentIds?: string[] | undefined;
+
+  /**
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>options.protocol</code> - The tunnel protocol (<code>gre</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the attachment (<code>initiating</code> |
+   *                         <code>initiatingRequest</code> | <code>pendingAcceptance</code> |
+   *                         <code>rollingBack</code> | <code>pending</code> | <code>available</code> |
+   *                         <code>modifying</code> | <code>deleting</code> | <code>deleted</code> |
+   *                         <code>failed</code> | <code>rejected</code> | <code>rejecting</code> |
+   *                         <code>failing</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-attachment-id</code> - The ID of the
+   *                     Connect attachment.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transport-transit-gateway-attachment-id</code> - The ID of the transit gateway attachment from which the Connect attachment was created.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -4146,201 +3751,179 @@ export interface DescribeVerifiedAccessInstanceLoggingConfigurationsRequest {
    */
   NextToken?: string | undefined;
 
-  /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
    *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const VerifiedAccessLogDeliveryStatusCode = {
-  FAILED: "failed",
-  SUCCESS: "success",
-} as const;
-
-/**
- * @public
- */
-export type VerifiedAccessLogDeliveryStatusCode =
-  (typeof VerifiedAccessLogDeliveryStatusCode)[keyof typeof VerifiedAccessLogDeliveryStatusCode];
-
-/**
- * <p>Describes a log delivery status.</p>
- * @public
- */
-export interface VerifiedAccessLogDeliveryStatus {
-  /**
-   * <p>The status code.</p>
-   * @public
-   */
-  Code?: VerifiedAccessLogDeliveryStatusCode | undefined;
-
-  /**
-   * <p>The status message.</p>
-   * @public
-   */
-  Message?: string | undefined;
-}
-
-/**
- * <p>Options for CloudWatch Logs as a logging destination.</p>
- * @public
- */
-export interface VerifiedAccessLogCloudWatchLogsDestination {
-  /**
-   * <p>Indicates whether logging is enabled.</p>
-   * @public
-   */
-  Enabled?: boolean | undefined;
-
-  /**
-   * <p>The delivery status for access logs.</p>
-   * @public
-   */
-  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
-
-  /**
-   * <p>The ID of the CloudWatch Logs log group.</p>
-   * @public
-   */
-  LogGroup?: string | undefined;
-}
-
-/**
- * <p>Options for Kinesis as a logging destination.</p>
- * @public
- */
-export interface VerifiedAccessLogKinesisDataFirehoseDestination {
-  /**
-   * <p>Indicates whether logging is enabled.</p>
-   * @public
-   */
-  Enabled?: boolean | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeTransitGatewayConnectsResult {
   /**
-   * <p>The delivery status.</p>
+   * <p>Information about the Connect attachments.</p>
    * @public
    */
-  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
+  TransitGatewayConnects?: TransitGatewayConnect[] | undefined;
 
   /**
-   * <p>The ID of the delivery stream.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  DeliveryStream?: string | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Options for Amazon S3 as a logging destination.</p>
  * @public
  */
-export interface VerifiedAccessLogS3Destination {
+export interface DescribeTransitGatewayMulticastDomainsRequest {
   /**
-   * <p>Indicates whether logging is enabled.</p>
+   * <p>The ID of the transit gateway multicast domain.</p>
    * @public
    */
-  Enabled?: boolean | undefined;
+  TransitGatewayMulticastDomainIds?: string[] | undefined;
 
   /**
-   * <p>The delivery status.</p>
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the transit gateway multicast domain. Valid values are <code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-multicast-domain-id</code> - The ID of the transit gateway multicast domain.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The bucket name.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  BucketName?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The bucket prefix.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  Prefix?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The Amazon Web Services account number that owns the bucket.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  BucketOwner?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Describes the options for Verified Access logs.</p>
  * @public
  */
-export interface VerifiedAccessLogs {
+export interface DescribeTransitGatewayMulticastDomainsResult {
   /**
-   * <p>Amazon S3 logging options.</p>
+   * <p>Information about the transit gateway multicast domains.</p>
    * @public
    */
-  S3?: VerifiedAccessLogS3Destination | undefined;
+  TransitGatewayMulticastDomains?: TransitGatewayMulticastDomain[] | undefined;
 
   /**
-   * <p>CloudWatch Logs logging destination.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  CloudWatchLogs?: VerifiedAccessLogCloudWatchLogsDestination | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeTransitGatewayPeeringAttachmentsRequest {
   /**
-   * <p>Kinesis logging destination.</p>
+   * <p>One or more IDs of the transit gateway peering attachments.</p>
    * @public
    */
-  KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestination | undefined;
+  TransitGatewayAttachmentIds?: string[] | undefined;
 
   /**
-   * <p>The log version.</p>
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-attachment-id</code> - The ID of the transit gateway attachment.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>local-owner-id</code> - The ID of your Amazon Web Services account.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>remote-owner-id</code> - The ID of the Amazon Web Services account in the remote Region that owns the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the peering attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  LogVersion?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>Indicates whether trust data is included in the logs.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  IncludeTrustContext?: boolean | undefined;
-}
+  MaxResults?: number | undefined;
 
-/**
- * <p>Describes logging options for an Amazon Web Services Verified Access instance.</p>
- * @public
- */
-export interface VerifiedAccessInstanceLoggingConfiguration {
   /**
-   * <p>The ID of the Amazon Web Services Verified Access instance.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  VerifiedAccessInstanceId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Details about the logging options.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AccessLogs?: VerifiedAccessLogs | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVerifiedAccessInstanceLoggingConfigurationsResult {
+export interface DescribeTransitGatewayPeeringAttachmentsResult {
   /**
-   * <p>The logging configuration for the Verified Access instances.</p>
+   * <p>The transit gateway peering attachments.</p>
    * @public
    */
-  LoggingConfigurations?: VerifiedAccessInstanceLoggingConfiguration[] | undefined;
+  TransitGatewayPeeringAttachments?: TransitGatewayPeeringAttachment[] | undefined;
 
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
@@ -4352,12 +3935,18 @@ export interface DescribeVerifiedAccessInstanceLoggingConfigurationsResult {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessInstancesRequest {
+export interface DescribeTransitGatewayPolicyTablesRequest {
   /**
-   * <p>The IDs of the Verified Access instances.</p>
+   * <p>The IDs of the transit gateway policy tables.</p>
    * @public
    */
-  VerifiedAccessInstanceIds?: string[] | undefined;
+  TransitGatewayPolicyTableIds?: string[] | undefined;
+
+  /**
+   * <p>The filters associated with the transit gateway policy table.</p>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -4372,12 +3961,6 @@ export interface DescribeVerifiedAccessInstancesRequest {
    */
   NextToken?: string | undefined;
 
-  /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -4390,15 +3973,15 @@ export interface DescribeVerifiedAccessInstancesRequest {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessInstancesResult {
+export interface DescribeTransitGatewayPolicyTablesResult {
   /**
-   * <p>Details about the Verified Access instances.</p>
+   * <p>Describes the transit gateway policy tables.</p>
    * @public
    */
-  VerifiedAccessInstances?: VerifiedAccessInstance[] | undefined;
+  TransitGatewayPolicyTables?: TransitGatewayPolicyTable[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -4407,12 +3990,18 @@ export interface DescribeVerifiedAccessInstancesResult {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessTrustProvidersRequest {
+export interface DescribeTransitGatewayRouteTableAnnouncementsRequest {
   /**
-   * <p>The IDs of the Verified Access trust providers.</p>
+   * <p>The IDs of the transit gateway route tables that are being advertised.</p>
    * @public
    */
-  VerifiedAccessTrustProviderIds?: string[] | undefined;
+  TransitGatewayRouteTableAnnouncementIds?: string[] | undefined;
+
+  /**
+   * <p>The filters associated with the transit gateway policy table.</p>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>The maximum number of results to return with a single call.
@@ -4427,12 +4016,6 @@ export interface DescribeVerifiedAccessTrustProvidersRequest {
    */
   NextToken?: string | undefined;
 
-  /**
-   * <p>One or more filters. Filter names and values are case-sensitive.</p>
-   * @public
-   */
-  Filters?: Filter[] | undefined;
-
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -4445,15 +4028,15 @@ export interface DescribeVerifiedAccessTrustProvidersRequest {
 /**
  * @public
  */
-export interface DescribeVerifiedAccessTrustProvidersResult {
+export interface DescribeTransitGatewayRouteTableAnnouncementsResult {
   /**
-   * <p>Details about the Verified Access trust providers.</p>
+   * <p>Describes the transit gateway route table announcement.</p>
    * @public
    */
-  VerifiedAccessTrustProviders?: VerifiedAccessTrustProvider[] | undefined;
+  TransitGatewayRouteTableAnnouncements?: TransitGatewayRouteTableAnnouncement[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -4461,33 +4044,56 @@ export interface DescribeVerifiedAccessTrustProvidersResult {
 
 /**
  * @public
- * @enum
  */
-export const VolumeAttributeName = {
-  autoEnableIO: "autoEnableIO",
-  productCodes: "productCodes",
-} as const;
+export interface DescribeTransitGatewayRouteTablesRequest {
+  /**
+   * <p>The IDs of the transit gateway route tables.</p>
+   * @public
+   */
+  TransitGatewayRouteTableIds?: string[] | undefined;
 
-/**
- * @public
- */
-export type VolumeAttributeName = (typeof VolumeAttributeName)[keyof typeof VolumeAttributeName];
+  /**
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>default-association-route-table</code> - Indicates whether this is the default
+   *                 association route table for the transit gateway (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>default-propagation-route-table</code> - Indicates whether this is the default
+   *                propagation route table for the transit gateway (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the route table (<code>available</code> | <code>deleting</code> | <code>deleted</code> | <code>pending</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-route-table-id</code> - The ID of the transit gateway route table.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeVolumeAttributeRequest {
   /**
-   * <p>The attribute of the volume. This parameter is required.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  Attribute: VolumeAttributeName | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The ID of the volume.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  VolumeId: string | undefined;
+  NextToken?: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -4501,128 +4107,158 @@ export interface DescribeVolumeAttributeRequest {
 /**
  * @public
  */
-export interface DescribeVolumeAttributeResult {
-  /**
-   * <p>The state of <code>autoEnableIO</code> attribute.</p>
-   * @public
-   */
-  AutoEnableIO?: AttributeBooleanValue | undefined;
-
+export interface DescribeTransitGatewayRouteTablesResult {
   /**
-   * <p>A list of product codes.</p>
+   * <p>Information about the transit gateway route tables.</p>
    * @public
    */
-  ProductCodes?: ProductCode[] | undefined;
+  TransitGatewayRouteTables?: TransitGatewayRouteTable[] | undefined;
 
   /**
-   * <p>The ID of the volume.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  VolumeId?: string | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumesRequest {
-  /**
-   * <p>The volume IDs. If not specified, then all volumes are included in the response.</p>
-   * @public
-   */
-  VolumeIds?: string[] | undefined;
-
+export interface DescribeTransitGatewaysRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the transit gateways.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TransitGatewayIds?: string[] | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>attachment.attach-time</code> - The time stamp when the attachment
-   *           initiated.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.delete-on-termination</code> - Whether the volume is deleted on
-   *           instance termination.</p>
+   *                   <code>options.propagation-default-route-table-id</code> - The ID of the default propagation route table.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>attachment.device</code> - The device name specified in the block device mapping
-   *           (for example, <code>/dev/sda1</code>).</p>
+   *                   <code>options.amazon-side-asn</code> - The private ASN for the Amazon side of a BGP session.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>attachment.instance-id</code> - The ID of the instance the volume is attached
-   *           to.</p>
+   *                   <code>options.association-default-route-table-id</code> - The ID of the default association route table.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>attachment.status</code> - The attachment state (<code>attaching</code> |
-   *             <code>attached</code> | <code>detaching</code>).</p>
+   *                   <code>options.auto-accept-shared-attachments</code> - Indicates whether there is automatic acceptance of attachment requests (<code>enable</code> | <code>disable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone in which the volume was
-   *           created.</p>
+   *                   <code>options.default-route-table-association</code> - Indicates whether resource attachments are automatically
+   *                associated with the default association route table (<code>enable</code> | <code>disable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>create-time</code> - The time stamp when the volume was created.</p>
+   *                   <code>options.default-route-table-propagation</code> - Indicates whether resource attachments automatically propagate
+   *                routes to the default propagation route table (<code>enable</code> | <code>disable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>encrypted</code> - Indicates whether the volume is encrypted (<code>true</code>
-   *           | <code>false</code>)</p>
+   *                   <code>options.dns-support</code> - Indicates whether DNS support is enabled (<code>enable</code> | <code>disable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>multi-attach-enabled</code> - Indicates whether the volume is enabled for Multi-Attach (<code>true</code>
-   *     			| <code>false</code>)</p>
+   *                   <code>options.vpn-ecmp-support</code> - Indicates whether Equal Cost Multipath Protocol support is enabled  (<code>enable</code> | <code>disable</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>fast-restored</code> - Indicates whether the volume was created from a
-   *           snapshot that is enabled for fast snapshot restore (<code>true</code> |
-   *           <code>false</code>).</p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the transit gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>size</code> - The size of the volume, in GiB.</p>
+   *                   <code>state</code> - The state of the transit gateway (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>modifying</code> | <code>pending</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>snapshot-id</code> - The snapshot from which the volume was created.</p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status</code> - The state of the volume (<code>creating</code> |
-   *             <code>available</code> | <code>in-use</code> | <code>deleting</code> |
-   *             <code>deleted</code> | <code>error</code>).</p>
+   *                   <code>tag-key </code>- The key/value combination of a tag assigned to the resource. Use the
+   *                tag key in the filter name and the tag value as the filter value. For example, to
+   *                find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify
+   *                <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
+   *          </ul>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeTransitGatewaysResult {
+  /**
+   * <p>Information about the transit gateways.</p>
+   * @public
+   */
+  TransitGateways?: TransitGateway[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeTransitGatewayVpcAttachmentsRequest {
+  /**
+   * <p>The IDs of the attachments.</p>
+   * @public
+   */
+  TransitGatewayAttachmentIds?: string[] | undefined;
+
+  /**
+   * <p>One or more filters. The possible values are:</p>
+   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>state</code> - The state of the attachment. Valid values are <code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> |  <code>failing</code> | <code>initiatingRequest</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>volume-id</code> - The volume ID.</p>
+   *                   <code>transit-gateway-id</code> - The ID of the transit gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>volume-type</code> - The Amazon EBS volume type (<code>gp2</code> | <code>gp3</code> | <code>io1</code> | <code>io2</code> |
-   *           <code>st1</code> | <code>sc1</code>| <code>standard</code>)</p>
+   *                   <code>vpc-id</code> - The ID of the VPC.</p>
    *             </li>
    *          </ul>
    * @public
@@ -4630,106 +4266,72 @@ export interface DescribeVolumesRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumesResult {
+export interface DescribeTransitGatewayVpcAttachmentsResult {
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>Information about the VPC attachments.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  TransitGatewayVpcAttachments?: TransitGatewayVpcAttachment[] | undefined;
 
   /**
-   * <p>Information about the volumes.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  Volumes?: Volume[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumesModificationsRequest {
+export interface DescribeTrunkInterfaceAssociationsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the associations.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  AssociationIds?: string[] | undefined;
 
   /**
-   * <p>The IDs of the volumes.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VolumeIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The filters.</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>modification-state</code> - The current modification state (modifying |
-   *           optimizing | completed | failed).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>original-iops</code> - The original IOPS rate of the volume.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>original-size</code> - The original size of the volume, in GiB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>original-volume-type</code> - The original volume type of the volume (standard |
-   *           io1 | io2 | gp2 | sc1 | st1).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>originalMultiAttachEnabled</code> - Indicates whether Multi-Attach support was enabled (true | false).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>start-time</code> - The modification start time.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>target-iops</code> - The target IOPS rate of the volume.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>target-size</code> - The target size of the volume, in GiB.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>target-volume-type</code> - The target volume type of the volume (standard |
-   *           io1 | io2 | gp2 | sc1 | st1).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>targetMultiAttachEnabled</code> - Indicates whether Multi-Attach support is to be enabled (true | false).</p>
+   *                   <code>gre-key</code> - The ID of a trunk interface association.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>volume-id</code> - The ID of the volume.</p>
+   *                   <code>interface-protocol</code> - The interface protocol. Valid values are <code>VLAN</code> and <code>GRE</code>.</p>
    *             </li>
    *          </ul>
    * @public
@@ -4737,181 +4339,192 @@ export interface DescribeVolumesModificationsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of results (up to a limit of 500) to be returned in a paginated
-   *       request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The maximum number of results to return with a single call.
+   *             To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 }
 
-/**
- * @public
- * @enum
- */
-export const VolumeModificationState = {
-  completed: "completed",
-  failed: "failed",
-  modifying: "modifying",
-  optimizing: "optimizing",
-} as const;
-
 /**
  * @public
  */
-export type VolumeModificationState = (typeof VolumeModificationState)[keyof typeof VolumeModificationState];
+export interface DescribeTrunkInterfaceAssociationsResult {
+  /**
+   * <p>Information about the trunk associations.</p>
+   * @public
+   */
+  InterfaceAssociations?: TrunkInterfaceAssociation[] | undefined;
 
-/**
- * <p>Describes the modification status of an EBS volume.</p>
- * @public
- */
-export interface VolumeModification {
   /**
-   * <p>The ID of the volume.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  VolumeId?: string | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVerifiedAccessEndpointsRequest {
   /**
-   * <p>The current modification state.</p>
+   * <p>The ID of the Verified Access endpoint.</p>
    * @public
    */
-  ModificationState?: VolumeModificationState | undefined;
+  VerifiedAccessEndpointIds?: string[] | undefined;
 
   /**
-   * <p>A status message about the modification progress or failure.</p>
+   * <p>The ID of the Verified Access instance.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  VerifiedAccessInstanceId?: string | undefined;
 
   /**
-   * <p>The target size of the volume, in GiB.</p>
+   * <p>The ID of the Verified Access group.</p>
    * @public
    */
-  TargetSize?: number | undefined;
+  VerifiedAccessGroupId?: string | undefined;
 
   /**
-   * <p>The target IOPS rate of the volume.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  TargetIops?: number | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The target EBS volume type of the volume.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  TargetVolumeType?: VolumeType | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The target throughput of the volume, in MiB/s.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
    * @public
    */
-  TargetThroughput?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The target setting for Amazon EBS Multi-Attach.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TargetMultiAttachEnabled?: boolean | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVerifiedAccessEndpointsResult {
   /**
-   * <p>The original size of the volume, in GiB.</p>
+   * <p>Details about the Verified Access endpoints.</p>
    * @public
    */
-  OriginalSize?: number | undefined;
+  VerifiedAccessEndpoints?: VerifiedAccessEndpoint[] | undefined;
 
   /**
-   * <p>The original IOPS rate of the volume.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  OriginalIops?: number | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVerifiedAccessGroupsRequest {
   /**
-   * <p>The original EBS volume type of the volume.</p>
+   * <p>The ID of the Verified Access groups.</p>
    * @public
    */
-  OriginalVolumeType?: VolumeType | undefined;
+  VerifiedAccessGroupIds?: string[] | undefined;
 
   /**
-   * <p>The original throughput of the volume, in MiB/s.</p>
+   * <p>The ID of the Verified Access instance.</p>
    * @public
    */
-  OriginalThroughput?: number | undefined;
+  VerifiedAccessInstanceId?: string | undefined;
 
   /**
-   * <p>The original setting for Amazon EBS Multi-Attach.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  OriginalMultiAttachEnabled?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The modification progress, from 0 to 100 percent complete.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  Progress?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The modification start time.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
    * @public
    */
-  StartTime?: Date | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The modification completion or failure time.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  EndTime?: Date | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumesModificationsResult {
+export interface DescribeVerifiedAccessGroupsResult {
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>Details about the Verified Access groups.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VerifiedAccessGroups?: VerifiedAccessGroup[] | undefined;
 
   /**
-   * <p>Information about the volume modifications.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  VolumesModifications?: VolumeModification[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumeStatusRequest {
+export interface DescribeVerifiedAccessInstanceLoggingConfigurationsRequest {
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The IDs of the Verified Access instances.</p>
+   * @public
+   */
+  VerifiedAccessInstanceIds?: string[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
   MaxResults?: number | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request.
-   *   Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The IDs of the volumes.</p>
-   *          <p>Default: Describes all your volumes.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
    * @public
    */
-  VolumeIds?: string[] | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -4920,326 +4533,279 @@ export interface DescribeVolumeStatusRequest {
    * @public
    */
   DryRun?: boolean | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const VerifiedAccessLogDeliveryStatusCode = {
+  FAILED: "failed",
+  SUCCESS: "success",
+} as const;
+
+/**
+ * @public
+ */
+export type VerifiedAccessLogDeliveryStatusCode =
+  (typeof VerifiedAccessLogDeliveryStatusCode)[keyof typeof VerifiedAccessLogDeliveryStatusCode];
 
+/**
+ * <p>Describes a log delivery status.</p>
+ * @public
+ */
+export interface VerifiedAccessLogDeliveryStatus {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>action.code</code> - The action code for the event (for example,
-   *             <code>enable-volume-io</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>action.description</code> - A description of the action.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>action.event-id</code> - The event ID associated with the action.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.description</code> - A description of the event.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.event-id</code> - The event ID.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.event-type</code> - The event type (for <code>io-enabled</code>:
-   *             <code>passed</code> | <code>failed</code>; for <code>io-performance</code>:
-   *             <code>io-performance:degraded</code> | <code>io-performance:severely-degraded</code> |
-   *             <code>io-performance:stalled</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.not-after</code> - The latest end time for the event.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>event.not-before</code> - The earliest start time for the event.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>volume-status.details-name</code> - The cause for
-   *             <code>volume-status.status</code> (<code>io-enabled</code> |
-   *           <code>io-performance</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>volume-status.details-status</code> - The status of
-   *             <code>volume-status.details-name</code> (for <code>io-enabled</code>:
-   *             <code>passed</code> | <code>failed</code>; for <code>io-performance</code>:
-   *             <code>normal</code> | <code>degraded</code> | <code>severely-degraded</code> |
-   *             <code>stalled</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>volume-status.status</code> - The status of the volume (<code>ok</code> |
-   *             <code>impaired</code> | <code>warning</code> | <code>insufficient-data</code>).</p>
-   *             </li>
-   *          </ul>
+   * <p>The status code.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Code?: VerifiedAccessLogDeliveryStatusCode | undefined;
+
+  /**
+   * <p>The status message.</p>
+   * @public
+   */
+  Message?: string | undefined;
 }
 
 /**
- * <p>Describes a volume status operation code.</p>
+ * <p>Options for CloudWatch Logs as a logging destination.</p>
  * @public
  */
-export interface VolumeStatusAction {
+export interface VerifiedAccessLogCloudWatchLogsDestination {
   /**
-   * <p>The code identifying the operation, for example, <code>enable-volume-io</code>.</p>
+   * <p>Indicates whether logging is enabled.</p>
    * @public
    */
-  Code?: string | undefined;
+  Enabled?: boolean | undefined;
 
   /**
-   * <p>A description of the operation.</p>
+   * <p>The delivery status for access logs.</p>
+   * @public
+   */
+  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
+
+  /**
+   * <p>The ID of the CloudWatch Logs log group.</p>
+   * @public
+   */
+  LogGroup?: string | undefined;
+}
+
+/**
+ * <p>Options for Kinesis as a logging destination.</p>
+ * @public
+ */
+export interface VerifiedAccessLogKinesisDataFirehoseDestination {
+  /**
+   * <p>Indicates whether logging is enabled.</p>
+   * @public
+   */
+  Enabled?: boolean | undefined;
+
+  /**
+   * <p>The delivery status.</p>
+   * @public
+   */
+  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
+
+  /**
+   * <p>The ID of the delivery stream.</p>
+   * @public
+   */
+  DeliveryStream?: string | undefined;
+}
+
+/**
+ * <p>Options for Amazon S3 as a logging destination.</p>
+ * @public
+ */
+export interface VerifiedAccessLogS3Destination {
+  /**
+   * <p>Indicates whether logging is enabled.</p>
    * @public
    */
-  Description?: string | undefined;
+  Enabled?: boolean | undefined;
 
   /**
-   * <p>The ID of the event associated with this operation.</p>
+   * <p>The delivery status.</p>
    * @public
    */
-  EventId?: string | undefined;
+  DeliveryStatus?: VerifiedAccessLogDeliveryStatus | undefined;
 
   /**
-   * <p>The event type associated with this operation.</p>
+   * <p>The bucket name.</p>
    * @public
    */
-  EventType?: string | undefined;
-}
+  BucketName?: string | undefined;
 
-/**
- * <p>Information about the instances to which the volume is attached.</p>
- * @public
- */
-export interface VolumeStatusAttachmentStatus {
   /**
-   * <p>The maximum IOPS supported by the attached instance.</p>
+   * <p>The bucket prefix.</p>
    * @public
    */
-  IoPerformance?: string | undefined;
+  Prefix?: string | undefined;
 
   /**
-   * <p>The ID of the attached instance.</p>
+   * <p>The Amazon Web Services account number that owns the bucket.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  BucketOwner?: string | undefined;
 }
 
 /**
- * <p>Describes a volume status event.</p>
+ * <p>Describes the options for Verified Access logs.</p>
  * @public
  */
-export interface VolumeStatusEvent {
-  /**
-   * <p>A description of the event.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
+export interface VerifiedAccessLogs {
   /**
-   * <p>The ID of this event.</p>
+   * <p>Amazon S3 logging options.</p>
    * @public
    */
-  EventId?: string | undefined;
+  S3?: VerifiedAccessLogS3Destination | undefined;
 
   /**
-   * <p>The type of this event.</p>
+   * <p>CloudWatch Logs logging destination.</p>
    * @public
    */
-  EventType?: string | undefined;
+  CloudWatchLogs?: VerifiedAccessLogCloudWatchLogsDestination | undefined;
 
   /**
-   * <p>The latest end time of the event.</p>
+   * <p>Kinesis logging destination.</p>
    * @public
    */
-  NotAfter?: Date | undefined;
+  KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestination | undefined;
 
   /**
-   * <p>The earliest start time of the event.</p>
+   * <p>The log version.</p>
    * @public
    */
-  NotBefore?: Date | undefined;
+  LogVersion?: string | undefined;
 
   /**
-   * <p>The ID of the instance associated with the event.</p>
+   * <p>Indicates whether trust data is included in the logs.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  IncludeTrustContext?: boolean | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const VolumeStatusName = {
-  io_enabled: "io-enabled",
-  io_performance: "io-performance",
-} as const;
-
-/**
- * @public
- */
-export type VolumeStatusName = (typeof VolumeStatusName)[keyof typeof VolumeStatusName];
-
-/**
- * <p>Describes a volume status.</p>
+ * <p>Describes logging options for an Amazon Web Services Verified Access instance.</p>
  * @public
  */
-export interface VolumeStatusDetails {
+export interface VerifiedAccessInstanceLoggingConfiguration {
   /**
-   * <p>The name of the volume status.</p>
+   * <p>The ID of the Amazon Web Services Verified Access instance.</p>
    * @public
    */
-  Name?: VolumeStatusName | undefined;
+  VerifiedAccessInstanceId?: string | undefined;
 
   /**
-   * <p>The intended status of the volume status.</p>
+   * <p>Details about the logging options.</p>
    * @public
    */
-  Status?: string | undefined;
+  AccessLogs?: VerifiedAccessLogs | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const VolumeStatusInfoStatus = {
-  impaired: "impaired",
-  insufficient_data: "insufficient-data",
-  ok: "ok",
-} as const;
-
-/**
- * @public
- */
-export type VolumeStatusInfoStatus = (typeof VolumeStatusInfoStatus)[keyof typeof VolumeStatusInfoStatus];
-
-/**
- * <p>Describes the status of a volume.</p>
  * @public
  */
-export interface VolumeStatusInfo {
+export interface DescribeVerifiedAccessInstanceLoggingConfigurationsResult {
   /**
-   * <p>The details of the volume status.</p>
+   * <p>The logging configuration for the Verified Access instances.</p>
    * @public
    */
-  Details?: VolumeStatusDetails[] | undefined;
+  LoggingConfigurations?: VerifiedAccessInstanceLoggingConfiguration[] | undefined;
 
   /**
-   * <p>The status of the volume.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  Status?: VolumeStatusInfoStatus | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Describes the volume status.</p>
  * @public
  */
-export interface VolumeStatusItem {
+export interface DescribeVerifiedAccessInstancesRequest {
   /**
-   * <p>The details of the operation.</p>
+   * <p>The IDs of the Verified Access instances.</p>
    * @public
    */
-  Actions?: VolumeStatusAction[] | undefined;
+  VerifiedAccessInstanceIds?: string[] | undefined;
 
   /**
-   * <p>The Availability Zone of the volume.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  OutpostArn?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>A list of events associated with the volume.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
    * @public
    */
-  Events?: VolumeStatusEvent[] | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The volume ID.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VolumeId?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVerifiedAccessInstancesResult {
   /**
-   * <p>The volume status.</p>
+   * <p>Details about the Verified Access instances.</p>
    * @public
    */
-  VolumeStatus?: VolumeStatusInfo | undefined;
+  VerifiedAccessInstances?: VerifiedAccessInstance[] | undefined;
 
   /**
-   * <p>Information about the instances to which the volume is attached.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  AttachmentStatuses?: VolumeStatusAttachmentStatus[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVolumeStatusResult {
+export interface DescribeVerifiedAccessTrustProvidersRequest {
   /**
-   * <p>The token to include in another request to get the next page of items.
-   *   This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The IDs of the Verified Access trust providers.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VerifiedAccessTrustProviderIds?: string[] | undefined;
 
   /**
-   * <p>Information about the status of the volumes.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  VolumeStatuses?: VolumeStatusItem[] | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const VpcAttributeName = {
-  enableDnsHostnames: "enableDnsHostnames",
-  enableDnsSupport: "enableDnsSupport",
-  enableNetworkAddressUsageMetrics: "enableNetworkAddressUsageMetrics",
-} as const;
-
-/**
- * @public
- */
-export type VpcAttributeName = (typeof VpcAttributeName)[keyof typeof VpcAttributeName];
+  MaxResults?: number | undefined;
 
-/**
- * @public
- */
-export interface DescribeVpcAttributeRequest {
   /**
-   * <p>The VPC attribute.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  Attribute: VpcAttributeName | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>One or more filters. Filter names and values are case-sensitive.</p>
    * @public
    */
-  VpcId: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -5253,183 +4819,228 @@ export interface DescribeVpcAttributeRequest {
 /**
  * @public
  */
-export interface DescribeVpcAttributeResult {
+export interface DescribeVerifiedAccessTrustProvidersResult {
   /**
-   * <p>Indicates whether the instances launched in the VPC get DNS hostnames.
-   * 				If this attribute is <code>true</code>, instances in the VPC get DNS hostnames;
-   * 				otherwise, they do not.</p>
+   * <p>Details about the Verified Access trust providers.</p>
    * @public
    */
-  EnableDnsHostnames?: AttributeBooleanValue | undefined;
+  VerifiedAccessTrustProviders?: VerifiedAccessTrustProvider[] | undefined;
 
   /**
-   * <p>Indicates whether DNS resolution is enabled for
-   * 				the VPC. If this attribute is <code>true</code>, the Amazon DNS server
-   * 				resolves DNS hostnames for your instances to their corresponding
-   * 				IP addresses; otherwise, it does not.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  EnableDnsSupport?: AttributeBooleanValue | undefined;
+  NextToken?: string | undefined;
+}
 
-  /**
-   * <p>Indicates whether Network Address Usage metrics are enabled for your VPC.</p>
-   * @public
-   */
-  EnableNetworkAddressUsageMetrics?: AttributeBooleanValue | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const VolumeAttributeName = {
+  autoEnableIO: "autoEnableIO",
+  productCodes: "productCodes",
+} as const;
 
-  /**
-   * <p>The ID of the VPC.</p>
-   * @public
-   */
-  VpcId?: string | undefined;
-}
+/**
+ * @public
+ */
+export type VolumeAttributeName = (typeof VolumeAttributeName)[keyof typeof VolumeAttributeName];
 
 /**
  * @public
  */
-export interface DescribeVpcClassicLinkRequest {
+export interface DescribeVolumeAttributeRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The attribute of the volume. This parameter is required.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Attribute: VolumeAttributeName | undefined;
 
   /**
-   * <p>The VPCs for which you want to describe the ClassicLink status.</p>
+   * <p>The ID of the volume.</p>
    * @public
    */
-  VpcIds?: string[] | undefined;
+  VolumeId: string | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>is-classic-link-enabled</code> - Whether the VPC is enabled for ClassicLink
-   * 					   (<code>true</code> | <code>false</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <note>
- *             <p>Deprecated.</p>
- *          </note>
- *          <p>Describes whether a VPC is enabled for ClassicLink.</p>
  * @public
  */
-export interface VpcClassicLink {
+export interface DescribeVolumeAttributeResult {
   /**
-   * <p>Indicates whether the VPC is enabled for ClassicLink.</p>
+   * <p>The state of <code>autoEnableIO</code> attribute.</p>
    * @public
    */
-  ClassicLinkEnabled?: boolean | undefined;
+  AutoEnableIO?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Any tags assigned to the VPC.</p>
+   * <p>A list of product codes.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  ProductCodes?: ProductCode[] | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The ID of the volume.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  VolumeId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcClassicLinkResult {
+export interface DescribeVolumesRequest {
   /**
-   * <p>The ClassicLink status of the VPCs.</p>
+   * <p>The volume IDs. If not specified, then all volumes are included in the response.</p>
    * @public
    */
-  Vpcs?: VpcClassicLink[] | undefined;
-}
+  VolumeIds?: string[] | undefined;
 
-/**
- * @public
- */
-export interface DescribeVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The IDs of the VPCs.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VpcIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.attach-time</code> - The time stamp when the attachment
+   *           initiated.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.delete-on-termination</code> - Whether the volume is deleted on
+   *           instance termination.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.device</code> - The device name specified in the block device mapping
+   *           (for example, <code>/dev/sda1</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.instance-id</code> - The ID of the instance the volume is attached
+   *           to.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.status</code> - The attachment state (<code>attaching</code> |
+   *             <code>attached</code> | <code>detaching</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone in which the volume was
+   *           created.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>create-time</code> - The time stamp when the volume was created.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>encrypted</code> - Indicates whether the volume is encrypted (<code>true</code>
+   *           | <code>false</code>)</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>multi-attach-enabled</code> - Indicates whether the volume is enabled for Multi-Attach (<code>true</code>
+   *     			| <code>false</code>)</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>fast-restored</code> - Indicates whether the volume was created from a
+   *           snapshot that is enabled for fast snapshot restore (<code>true</code> |
+   *           <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>size</code> - The size of the volume, in GiB.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>snapshot-id</code> - The snapshot from which the volume was created.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status</code> - The state of the volume (<code>creating</code> |
+   *             <code>available</code> | <code>in-use</code> | <code>deleting</code> |
+   *             <code>deleted</code> | <code>error</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-id</code> - The volume ID.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-type</code> - The Amazon EBS volume type (<code>gp2</code> | <code>gp3</code> | <code>io1</code> | <code>io2</code> |
+   *           <code>st1</code> | <code>sc1</code>| <code>standard</code>)</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  MaxResults?: number | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
-}
-
-/**
- * <note>
- *             <p>Deprecated.</p>
- *          </note>
- *          <p>Describes the ClassicLink DNS support status of a VPC.</p>
- * @public
- */
-export interface ClassicLinkDnsSupport {
-  /**
-   * <p>Indicates whether ClassicLink DNS support is enabled for the VPC.</p>
-   * @public
-   */
-  ClassicLinkDnsSupported?: boolean | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcClassicLinkDnsSupportResult {
+export interface DescribeVolumesResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>Information about the ClassicLink DNS support status of the VPCs.</p>
+   * <p>Information about the volumes.</p>
    * @public
    */
-  Vpcs?: ClassicLinkDnsSupport[] | undefined;
+  Volumes?: Volume[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointConnectionNotificationsRequest {
+export interface DescribeVolumesModificationsRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -5439,41 +5050,60 @@ export interface DescribeVpcEndpointConnectionNotificationsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the notification.</p>
+   * <p>The IDs of the volumes.</p>
    * @public
    */
-  ConnectionNotificationId?: string | undefined;
+  VolumeIds?: string[] | undefined;
 
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>connection-notification-arn</code> - The ARN of the SNS topic for the
-   *                     notification.</p>
+   *                   <code>modification-state</code> - The current modification state (modifying |
+   *           optimizing | completed | failed).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>connection-notification-id</code> - The ID of the
-   *                     notification.</p>
+   *                   <code>original-iops</code> - The original IOPS rate of the volume.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>connection-notification-state</code> - The state of the notification
-   *                         (<code>Enabled</code> | <code>Disabled</code>).</p>
+   *                   <code>original-size</code> - The original size of the volume, in GiB.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>connection-notification-type</code> - The type of notification
-   *                         (<code>Topic</code>).</p>
+   *                   <code>original-volume-type</code> - The original volume type of the volume (standard |
+   *           io1 | io2 | gp2 | sc1 | st1).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>service-id</code> - The ID of the endpoint service.</p>
+   *                   <code>originalMultiAttachEnabled</code> - Indicates whether Multi-Attach support was enabled (true | false).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-endpoint-id</code> - The ID of the VPC endpoint.</p>
+   *                   <code>start-time</code> - The modification start time.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>target-iops</code> - The target IOPS rate of the volume.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>target-size</code> - The target size of the volume, in GiB.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>target-volume-type</code> - The target volume type of the volume (standard |
+   *           io1 | io2 | gp2 | sc1 | st1).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>targetMultiAttachEnabled</code> - Indicates whether Multi-Attach support is to be enabled (true | false).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-id</code> - The ID of the volume.</p>
    *             </li>
    *          </ul>
    * @public
@@ -5481,439 +5111,557 @@ export interface DescribeVpcEndpointConnectionNotificationsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return in a single call. To retrieve the remaining
-   *             results, make another request with the returned <code>NextToken</code> value.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The token to request the next page of results.</p>
+   * <p>The maximum number of results (up to a limit of 500) to be returned in a paginated
+   *       request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeVpcEndpointConnectionNotificationsResult {
+export const VolumeModificationState = {
+  completed: "completed",
+  failed: "failed",
+  modifying: "modifying",
+  optimizing: "optimizing",
+} as const;
+
+/**
+ * @public
+ */
+export type VolumeModificationState = (typeof VolumeModificationState)[keyof typeof VolumeModificationState];
+
+/**
+ * <p>Describes the modification status of an EBS volume.</p>
+ * @public
+ */
+export interface VolumeModification {
   /**
-   * <p>The notifications.</p>
+   * <p>The ID of the volume.</p>
    * @public
    */
-  ConnectionNotificationSet?: ConnectionNotification[] | undefined;
+  VolumeId?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is
-   *             <code>null</code> when there are no more results to return.</p>
+   * <p>The current modification state.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  ModificationState?: VolumeModificationState | undefined;
 
-/**
- * @public
- */
-export interface DescribeVpcEndpointConnectionsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>A status message about the modification progress or failure.</p>
+   * @public
+   */
+  StatusMessage?: string | undefined;
+
+  /**
+   * <p>The target size of the volume, in GiB.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TargetSize?: number | undefined;
 
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>ip-address-type</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>service-id</code> - The ID of the service.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-endpoint-owner</code> - The ID of the Amazon Web Services account ID
-   * 		        that owns the endpoint.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-endpoint-state</code> - The state of the endpoint
-   * 			        (<code>pendingAcceptance</code> | <code>pending</code> |
-   * 			        <code>available</code> | <code>deleting</code> | <code>deleted</code> |
-   * 			        <code>rejected</code> | <code>failed</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpc-endpoint-id</code> - The ID of the endpoint.</p>
-   *             </li>
-   *          </ul>
+   * <p>The target IOPS rate of the volume.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  TargetIops?: number | undefined;
 
   /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining
-   *             results of the initial request can be seen by sending another request with the returned
-   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
-   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
-   *             returned.</p>
+   * <p>The target EBS volume type of the volume.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  TargetVolumeType?: VolumeType | undefined;
 
   /**
-   * <p>The token to retrieve the next page of results.</p>
+   * <p>The target throughput of the volume, in MiB/s.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  TargetThroughput?: number | undefined;
 
-/**
- * <p>Describes a VPC endpoint connection to a service.</p>
- * @public
- */
-export interface VpcEndpointConnection {
   /**
-   * <p>The ID of the service to which the endpoint is connected.</p>
+   * <p>The target setting for Amazon EBS Multi-Attach.</p>
    * @public
    */
-  ServiceId?: string | undefined;
+  TargetMultiAttachEnabled?: boolean | undefined;
 
   /**
-   * <p>The ID of the VPC endpoint.</p>
+   * <p>The original size of the volume, in GiB.</p>
    * @public
    */
-  VpcEndpointId?: string | undefined;
+  OriginalSize?: number | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the VPC endpoint.</p>
+   * <p>The original IOPS rate of the volume.</p>
    * @public
    */
-  VpcEndpointOwner?: string | undefined;
+  OriginalIops?: number | undefined;
 
   /**
-   * <p>The state of the VPC endpoint.</p>
+   * <p>The original EBS volume type of the volume.</p>
    * @public
    */
-  VpcEndpointState?: State | undefined;
+  OriginalVolumeType?: VolumeType | undefined;
 
   /**
-   * <p>The date and time that the VPC endpoint was created.</p>
+   * <p>The original throughput of the volume, in MiB/s.</p>
    * @public
    */
-  CreationTimestamp?: Date | undefined;
+  OriginalThroughput?: number | undefined;
 
   /**
-   * <p>The DNS entries for the VPC endpoint.</p>
+   * <p>The original setting for Amazon EBS Multi-Attach.</p>
    * @public
    */
-  DnsEntries?: DnsEntry[] | undefined;
+  OriginalMultiAttachEnabled?: boolean | undefined;
 
   /**
-   * <p>The Amazon Resource Names (ARNs) of the network load balancers for the service.</p>
+   * <p>The modification progress, from 0 to 100 percent complete.</p>
    * @public
    */
-  NetworkLoadBalancerArns?: string[] | undefined;
+  Progress?: number | undefined;
 
   /**
-   * <p>The Amazon Resource Names (ARNs) of the Gateway Load Balancers for the service.</p>
+   * <p>The modification start time.</p>
    * @public
    */
-  GatewayLoadBalancerArns?: string[] | undefined;
+  StartTime?: Date | undefined;
 
   /**
-   * <p>The IP address type for the endpoint.</p>
+   * <p>The modification completion or failure time.</p>
    * @public
    */
-  IpAddressType?: IpAddressType | undefined;
+  EndTime?: Date | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVolumesModificationsResult {
   /**
-   * <p>The ID of the VPC endpoint connection.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  VpcEndpointConnectionId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The tags.</p>
+   * <p>Information about the volume modifications.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  VolumesModifications?: VolumeModification[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointConnectionsResult {
+export interface DescribeVolumeStatusRequest {
   /**
-   * <p>Information about the VPC endpoint connections.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  VpcEndpointConnections?: VpcEndpointConnection[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The token returned from a previous paginated request.
+   *   Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
-}
 
-/**
- * @public
- */
-export interface DescribeVpcEndpointsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the volumes.</p>
+   *          <p>Default: Describes all your volumes.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  VolumeIds?: string[] | undefined;
 
   /**
-   * <p>The IDs of the VPC endpoints.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VpcEndpointIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>ip-address-type</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
+   *                   <code>action.code</code> - The action code for the event (for example,
+   *             <code>enable-volume-io</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>service-name</code> - The name of the service.</p>
+   *                   <code>action.description</code> - A description of the action.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>action.event-id</code> - The event ID associated with the action.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>availability-zone</code> - The Availability Zone of the instance.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC in which the endpoint resides.</p>
+   *                   <code>event.description</code> - A description of the event.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-endpoint-id</code> - The ID of the endpoint.</p>
+   *                   <code>event.event-id</code> - The event ID.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-endpoint-state</code> - The state of the endpoint
-   *                         (<code>pendingAcceptance</code> | <code>pending</code> |
-   *                         <code>available</code> | <code>deleting</code> | <code>deleted</code> |
-   *                         <code>rejected</code> | <code>failed</code>).</p>
+   *                   <code>event.event-type</code> - The event type (for <code>io-enabled</code>:
+   *             <code>passed</code> | <code>failed</code>; for <code>io-performance</code>:
+   *             <code>io-performance:degraded</code> | <code>io-performance:severely-degraded</code> |
+   *             <code>io-performance:stalled</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-endpoint-type</code> - The type of VPC endpoint (<code>Interface</code> | <code>Gateway</code> | <code>GatewayLoadBalancer</code>).</p>
+   *                   <code>event.not-after</code> - The latest end time for the event.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>event.not-before</code> - The earliest start time for the event.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-status.details-name</code> - The cause for
+   *             <code>volume-status.status</code> (<code>io-enabled</code> |
+   *           <code>io-performance</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-status.details-status</code> - The status of
+   *             <code>volume-status.details-name</code> (for <code>io-enabled</code>:
+   *             <code>passed</code> | <code>failed</code>; for <code>io-performance</code>:
+   *             <code>normal</code> | <code>degraded</code> | <code>severely-degraded</code> |
+   *             <code>stalled</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>volume-status.status</code> - The status of the volume (<code>ok</code> |
+   *             <code>impaired</code> | <code>warning</code> | <code>insufficient-data</code>).</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
+}
+
+/**
+ * <p>Describes a volume status operation code.</p>
+ * @public
+ */
+export interface VolumeStatusAction {
+  /**
+   * <p>The code identifying the operation, for example, <code>enable-volume-io</code>.</p>
+   * @public
+   */
+  Code?: string | undefined;
+
+  /**
+   * <p>A description of the operation.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>The ID of the event associated with this operation.</p>
+   * @public
+   */
+  EventId?: string | undefined;
+
+  /**
+   * <p>The event type associated with this operation.</p>
+   * @public
+   */
+  EventType?: string | undefined;
+}
+
+/**
+ * <p>Information about the instances to which the volume is attached.</p>
+ * @public
+ */
+export interface VolumeStatusAttachmentStatus {
+  /**
+   * <p>The maximum IOPS supported by the attached instance.</p>
+   * @public
+   */
+  IoPerformance?: string | undefined;
+
+  /**
+   * <p>The ID of the attached instance.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
+}
+
+/**
+ * <p>Describes a volume status event.</p>
+ * @public
+ */
+export interface VolumeStatusEvent {
+  /**
+   * <p>A description of the event.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>The ID of this event.</p>
+   * @public
+   */
+  EventId?: string | undefined;
+
+  /**
+   * <p>The type of this event.</p>
+   * @public
+   */
+  EventType?: string | undefined;
+
+  /**
+   * <p>The latest end time of the event.</p>
+   * @public
+   */
+  NotAfter?: Date | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>
-   *          <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>
+   * <p>The earliest start time of the event.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  NotBefore?: Date | undefined;
 
   /**
-   * <p>The token for the next set of items to return. (You received this token from a prior call.)</p>
+   * <p>The ID of the instance associated with the event.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InstanceId?: string | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeVpcEndpointsResult {
+export const VolumeStatusName = {
+  io_enabled: "io-enabled",
+  io_performance: "io-performance",
+} as const;
+
+/**
+ * @public
+ */
+export type VolumeStatusName = (typeof VolumeStatusName)[keyof typeof VolumeStatusName];
+
+/**
+ * <p>Describes a volume status.</p>
+ * @public
+ */
+export interface VolumeStatusDetails {
   /**
-   * <p>Information about the VPC endpoints.</p>
+   * <p>The name of the volume status.</p>
    * @public
    */
-  VpcEndpoints?: VpcEndpoint[] | undefined;
+  Name?: VolumeStatusName | undefined;
 
   /**
-   * <p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>
+   * <p>The intended status of the volume status.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  Status?: string | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DescribeVpcEndpointServiceConfigurationsRequest {
+export const VolumeStatusInfoStatus = {
+  impaired: "impaired",
+  insufficient_data: "insufficient-data",
+  ok: "ok",
+} as const;
+
+/**
+ * @public
+ */
+export type VolumeStatusInfoStatus = (typeof VolumeStatusInfoStatus)[keyof typeof VolumeStatusInfoStatus];
+
+/**
+ * <p>Describes the status of a volume.</p>
+ * @public
+ */
+export interface VolumeStatusInfo {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The details of the volume status.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Details?: VolumeStatusDetails[] | undefined;
 
   /**
-   * <p>The IDs of the endpoint services.</p>
+   * <p>The status of the volume.</p>
    * @public
    */
-  ServiceIds?: string[] | undefined;
+  Status?: VolumeStatusInfoStatus | undefined;
+}
 
+/**
+ * <p>Describes the volume status.</p>
+ * @public
+ */
+export interface VolumeStatusItem {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>service-name</code> - The name of the service.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>service-id</code> - The ID of the service.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>service-state</code> - The state of the service (<code>Pending</code> |
-   *                         <code>Available</code> | <code>Deleting</code> | <code>Deleted</code> |
-   *                         <code>Failed</code>). </p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>supported-ip-address-types</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
-   *             </li>
-   *          </ul>
+   * <p>The details of the operation.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Actions?: VolumeStatusAction[] | undefined;
 
   /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining
-   *             results of the initial request can be seen by sending another request with the returned
-   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
-   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
-   *             returned.</p>
+   * <p>The Availability Zone of the volume.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The token to retrieve the next page of results.</p>
+   * <p>The Amazon Resource Name (ARN) of the Outpost.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  OutpostArn?: string | undefined;
 
-/**
- * @public
- */
-export interface DescribeVpcEndpointServiceConfigurationsResult {
   /**
-   * <p>Information about the services.</p>
+   * <p>A list of events associated with the volume.</p>
    * @public
    */
-  ServiceConfigurations?: ServiceConfiguration[] | undefined;
+  Events?: VolumeStatusEvent[] | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The volume ID.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VolumeId?: string | undefined;
+
+  /**
+   * <p>The volume status.</p>
+   * @public
+   */
+  VolumeStatus?: VolumeStatusInfo | undefined;
+
+  /**
+   * <p>Information about the instances to which the volume is attached.</p>
+   * @public
+   */
+  AttachmentStatuses?: VolumeStatusAttachmentStatus[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointServicePermissionsRequest {
+export interface DescribeVolumeStatusResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The token to include in another request to get the next page of items.
+   *   This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The ID of the service.</p>
+   * <p>Information about the status of the volumes.</p>
    * @public
    */
-  ServiceId: string | undefined;
+  VolumeStatuses?: VolumeStatusItem[] | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const VpcAttributeName = {
+  enableDnsHostnames: "enableDnsHostnames",
+  enableDnsSupport: "enableDnsSupport",
+  enableNetworkAddressUsageMetrics: "enableNetworkAddressUsageMetrics",
+} as const;
+
+/**
+ * @public
+ */
+export type VpcAttributeName = (typeof VpcAttributeName)[keyof typeof VpcAttributeName];
 
+/**
+ * @public
+ */
+export interface DescribeVpcAttributeRequest {
   /**
-   * <p>The filters.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>principal</code> - The ARN of the principal.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>principal-type</code> - The principal type (<code>All</code> |
-   * 						<code>Service</code> | <code>OrganizationUnit</code> | <code>Account</code>
-   * 					| <code>User</code> | <code>Role</code>).</p>
-   *             </li>
-   *          </ul>
+   * <p>The VPC attribute.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Attribute: VpcAttributeName | undefined;
 
   /**
-   * <p>The maximum number of results to return for the request in a single page. The remaining
-   *             results of the initial request can be seen by sending another request with the returned
-   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
-   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
-   *             returned.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  VpcId: string | undefined;
 
   /**
-   * <p>The token to retrieve the next page of results.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointServicePermissionsResult {
+export interface DescribeVpcAttributeResult {
   /**
-   * <p>Information about the allowed principals.</p>
+   * <p>Indicates whether the instances launched in the VPC get DNS hostnames.
+   * 				If this attribute is <code>true</code>, instances in the VPC get DNS hostnames;
+   * 				otherwise, they do not.</p>
    * @public
    */
-  AllowedPrincipals?: AllowedPrincipal[] | undefined;
+  EnableDnsHostnames?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Indicates whether DNS resolution is enabled for
+   * 				the VPC. If this attribute is <code>true</code>, the Amazon DNS server
+   * 				resolves DNS hostnames for your instances to their corresponding
+   * 				IP addresses; otherwise, it does not.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  EnableDnsSupport?: AttributeBooleanValue | undefined;
+
+  /**
+   * <p>Indicates whether Network Address Usage metrics are enabled for your VPC.</p>
+   * @public
+   */
+  EnableNetworkAddressUsageMetrics?: AttributeBooleanValue | undefined;
+
+  /**
+   * <p>The ID of the VPC.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointServicesRequest {
+export interface DescribeVpcBlockPublicAccessExclusionsRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -5923,210 +5671,333 @@ export interface DescribeVpcEndpointServicesRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The service names.</p>
-   * @public
-   */
-  ServiceNames?: string[] | undefined;
-
-  /**
-   * <p>The filters.</p>
+   * <p>Filters for the request:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>owner</code> - The ID or alias of the Amazon Web Services account that owns
-   *                     the service.</p>
+   *                   <code>resource-arn</code> - The Amazon Resource Name (ARN) of a exclusion.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>service-name</code> - The name of the service.</p>
+   *                   <code>internet-gateway-exclusion-mode</code> - The mode of a VPC BPA exclusion. Possible values: <code>bidirectional-access-allowed | egress-access-allowed</code>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>service-type</code> - The type of service (<code>Interface</code> |
-   *                         <code>Gateway</code> | <code>GatewayLoadBalancer</code>).</p>
+   *                   <code>state</code> - The state of VPC BPA. Possible values: <code>create-in-progress | create-complete | update-in-progress | update-complete | delete-in-progress | deleted-complete | disable-in-progress | disable-complete</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>supported-ip-address-types</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>tag-value</code>: The value of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific value, regardless of the tag key.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>IDs of exclusions.</p>
+   * @public
+   */
+  ExclusionIds?: string[] | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>
-   *          <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
   MaxResults?: number | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVpcBlockPublicAccessExclusionsResult {
   /**
-   * <p>The token for the next set of items to return. (You received this token from a prior call.)</p>
+   * <p>Details related to the exclusions.</p>
+   * @public
+   */
+  VpcBlockPublicAccessExclusions?: VpcBlockPublicAccessExclusion[] | undefined;
+
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
- * <p>Information about the Private DNS name for interface endpoints.</p>
  * @public
  */
-export interface PrivateDnsDetails {
+export interface DescribeVpcBlockPublicAccessOptionsRequest {
   /**
-   * <p>The private DNS name assigned to the VPC endpoint service.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  PrivateDnsName?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Describes a VPC endpoint service.</p>
  * @public
+ * @enum
  */
-export interface ServiceDetail {
-  /**
-   * <p>The name of the service.</p>
-   * @public
-   */
-  ServiceName?: string | undefined;
+export const InternetGatewayBlockMode = {
+  block_bidirectional: "block-bidirectional",
+  block_ingress: "block-ingress",
+  off: "off",
+} as const;
+
+/**
+ * @public
+ */
+export type InternetGatewayBlockMode = (typeof InternetGatewayBlockMode)[keyof typeof InternetGatewayBlockMode];
+
+/**
+ * @public
+ * @enum
+ */
+export const VpcBlockPublicAccessState = {
+  default_state: "default-state",
+  update_complete: "update-complete",
+  update_in_progress: "update-in-progress",
+} as const;
+
+/**
+ * @public
+ */
+export type VpcBlockPublicAccessState = (typeof VpcBlockPublicAccessState)[keyof typeof VpcBlockPublicAccessState];
 
+/**
+ * <p>VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>
+ * @public
+ */
+export interface VpcBlockPublicAccessOptions {
   /**
-   * <p>The ID of the endpoint service.</p>
+   * <p>An Amazon Web Services account ID.</p>
    * @public
    */
-  ServiceId?: string | undefined;
+  AwsAccountId?: string | undefined;
 
   /**
-   * <p>The type of service.</p>
+   * <p>An Amazon Web Services Region.</p>
    * @public
    */
-  ServiceType?: ServiceTypeDetail[] | undefined;
+  AwsRegion?: string | undefined;
 
   /**
-   * <p>The Availability Zones in which the service is available.</p>
+   * <p>The current state of VPC BPA.</p>
    * @public
    */
-  AvailabilityZones?: string[] | undefined;
+  State?: VpcBlockPublicAccessState | undefined;
 
   /**
-   * <p>The Amazon Web Services account ID of the service owner.</p>
+   * <p>The current mode of VPC BPA.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Owner?: string | undefined;
+  InternetGatewayBlockMode?: InternetGatewayBlockMode | undefined;
 
   /**
-   * <p>The DNS names for the service.</p>
+   * <p>The reason for the current state.</p>
    * @public
    */
-  BaseEndpointDnsNames?: string[] | undefined;
+  Reason?: string | undefined;
 
   /**
-   * <p>The private DNS name for the service.</p>
+   * <p>The last time the VPC BPA mode was updated.</p>
    * @public
    */
-  PrivateDnsName?: string | undefined;
+  LastUpdateTimestamp?: Date | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVpcBlockPublicAccessOptionsResult {
   /**
-   * <p>The private DNS names assigned to the VPC endpoint service.</p>
+   * <p>Details related to the options.</p>
    * @public
    */
-  PrivateDnsNames?: PrivateDnsDetails[] | undefined;
+  VpcBlockPublicAccessOptions?: VpcBlockPublicAccessOptions | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVpcClassicLinkRequest {
   /**
-   * <p>Indicates whether the service supports endpoint policies.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VpcEndpointPolicySupported?: boolean | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Indicates whether VPC endpoint connection requests to the service must be accepted by the service owner.</p>
+   * <p>The VPCs for which you want to describe the ClassicLink status.</p>
    * @public
    */
-  AcceptanceRequired?: boolean | undefined;
+  VpcIds?: string[] | undefined;
 
   /**
-   * <p>Indicates whether the service manages its VPC endpoints. Management of the service VPC
-   *             endpoints using the VPC endpoint API is restricted.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>is-classic-link-enabled</code> - Whether the VPC is enabled for ClassicLink
+   * 					   (<code>true</code> | <code>false</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  ManagesVpcEndpoints?: boolean | undefined;
+  Filters?: Filter[] | undefined;
+}
 
+/**
+ * <note>
+ *             <p>Deprecated.</p>
+ *          </note>
+ *          <p>Describes whether a VPC is enabled for ClassicLink.</p>
+ * @public
+ */
+export interface VpcClassicLink {
   /**
-   * <p>The payer responsibility.</p>
+   * <p>Indicates whether the VPC is enabled for ClassicLink.</p>
    * @public
    */
-  PayerResponsibility?: PayerResponsibility | undefined;
+  ClassicLinkEnabled?: boolean | undefined;
 
   /**
-   * <p>The tags assigned to the service.</p>
+   * <p>Any tags assigned to the VPC.</p>
    * @public
    */
   Tags?: Tag[] | undefined;
 
   /**
-   * <p>The verification state of the VPC endpoint service.</p>
-   *          <p>Consumers of the endpoint service cannot use the private name when the state is not <code>verified</code>.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  PrivateDnsNameVerificationState?: DnsNameState | undefined;
+  VpcId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVpcClassicLinkResult {
   /**
-   * <p>The supported IP address types.</p>
+   * <p>The ClassicLink status of the VPCs.</p>
    * @public
    */
-  SupportedIpAddressTypes?: ServiceConnectivityType[] | undefined;
+  Vpcs?: VpcClassicLink[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcEndpointServicesResult {
+export interface DescribeVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The supported services.</p>
+   * <p>The IDs of the VPCs.</p>
    * @public
    */
-  ServiceNames?: string[] | undefined;
+  VpcIds?: string[] | undefined;
 
   /**
-   * <p>Information about the service.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  ServiceDetails?: ServiceDetail[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
 }
 
 /**
+ * <note>
+ *             <p>Deprecated.</p>
+ *          </note>
+ *          <p>Describes the ClassicLink DNS support status of a VPC.</p>
  * @public
  */
-export interface DescribeVpcPeeringConnectionsRequest {
+export interface ClassicLinkDnsSupport {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>Indicates whether ClassicLink DNS support is enabled for the VPC.</p>
+   * @public
+   */
+  ClassicLinkDnsSupported?: boolean | undefined;
+
+  /**
+   * <p>The ID of the VPC.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface DescribeVpcClassicLinkDnsSupportResult {
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>Information about the ClassicLink DNS support status of the VPCs.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Vpcs?: ClassicLinkDnsSupport[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DescribeVpcEndpointConnectionNotificationsRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -6136,92 +6007,74 @@ export interface DescribeVpcPeeringConnectionsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The IDs of the VPC peering connections.</p>
-   *          <p>Default: Describes all your VPC peering connections.</p>
+   * <p>The ID of the notification.</p>
    * @public
    */
-  VpcPeeringConnectionIds?: string[] | undefined;
+  ConnectionNotificationId?: string | undefined;
 
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>accepter-vpc-info.cidr-block</code> - The IPv4 CIDR block of the accepter
-   *                     VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>accepter-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the
-   *                     accepter VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>accepter-vpc-info.vpc-id</code> - The ID of the accepter VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>expiration-time</code> - The expiration date and time for the VPC peering
-   *           connection.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>requester-vpc-info.cidr-block</code> - The IPv4 CIDR block of the
-   *                     requester's VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>requester-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the
-   *                   requester VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>requester-vpc-info.vpc-id</code> - The ID of the requester VPC.</p>
+   *                   <code>connection-notification-arn</code> - The ARN of the SNS topic for the
+   *                     notification.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status-code</code> - The status of the VPC peering connection
-   *                         (<code>pending-acceptance</code> | <code>failed</code> |
-   *                         <code>expired</code> | <code>provisioning</code> | <code>active</code> |
-   *                         <code>deleting</code> | <code>deleted</code> |
-   *                     <code>rejected</code>).</p>
+   *                   <code>connection-notification-id</code> - The ID of the
+   *                     notification.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>status-message</code> - A message that provides more information about the status
-   *           of the VPC peering connection, if applicable.</p>
+   *                   <code>connection-notification-state</code> - The state of the notification
+   *                         (<code>Enabled</code> | <code>Disabled</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>connection-notification-type</code> - The type of notification
+   *                         (<code>Topic</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>service-id</code> - The ID of the endpoint service.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-peering-connection-id</code> - The ID of the VPC peering connection.</p>
+   *                   <code>vpc-endpoint-id</code> - The ID of the VPC endpoint.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return in a single call. To retrieve the remaining
+   *             results, make another request with the returned <code>NextToken</code> value.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token to request the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcPeeringConnectionsResult {
+export interface DescribeVpcEndpointConnectionNotificationsResult {
   /**
-   * <p>Information about the VPC peering connections.</p>
+   * <p>The notifications.</p>
    * @public
    */
-  VpcPeeringConnections?: VpcPeeringConnection[] | undefined;
+  ConnectionNotificationSet?: ConnectionNotification[] | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>The token to use to retrieve the next page of results. This value is
+   *             <code>null</code> when there are no more results to return.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -6230,79 +6083,41 @@ export interface DescribeVpcPeeringConnectionsResult {
 /**
  * @public
  */
-export interface DescribeVpcsRequest {
+export interface DescribeVpcEndpointConnectionsRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
   /**
    * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you
-   *                     specify must exactly match the VPC's CIDR block for information to be returned
-   *                     for the VPC. Must contain the slash followed by one or two digits (for example,
-   *                     <code>/28</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the
-   *                     VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>cidr-block-association.association-id</code> - The association ID for
-   *                     an IPv4 CIDR block associated with the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block
-   *                     associated with the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR
-   *                     block associated with the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipv6-cidr-block-association.ipv6-pool</code> - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipv6-cidr-block-association.association-id</code> - The association
-   *                     ID for an IPv6 CIDR block associated with the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR
-   *                     block associated with the VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>is-default</code> - Indicates whether the VPC is the default VPC.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the VPC.</p>
+   *                   <code>ip-address-type</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p>
+   *                   <code>service-id</code> - The ID of the service.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>vpc-endpoint-owner</code> - The ID of the Amazon Web Services account ID
+   * 		        that owns the endpoint.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *                   <code>vpc-endpoint-state</code> - The state of the endpoint
+   * 			        (<code>pendingAcceptance</code> | <code>pending</code> |
+   * 			        <code>available</code> | <code>deleting</code> | <code>deleted</code> |
+   * 			        <code>rejected</code> | <code>failed</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpc-id</code> - The ID of the VPC.</p>
+   *                   <code>vpc-endpoint-id</code> - The ID of the endpoint.</p>
    *             </li>
    *          </ul>
    * @public
@@ -6310,95 +6125,143 @@ export interface DescribeVpcsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The IDs of the VPCs.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining
+   *             results of the initial request can be seen by sending another request with the returned
+   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
+   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
+   *             returned.</p>
    * @public
    */
-  VpcIds?: string[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>The token to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
+}
 
+/**
+ * <p>Describes a VPC endpoint connection to a service.</p>
+ * @public
+ */
+export interface VpcEndpointConnection {
   /**
-   * <p>The maximum number of items to return for this request.
-   * 	To get the next page of items, make another request with the token returned in the output.
-   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The ID of the service to which the endpoint is connected.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ServiceId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the VPC endpoint.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  VpcEndpointId?: string | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the VPC endpoint.</p>
+   * @public
+   */
+  VpcEndpointOwner?: string | undefined;
+
+  /**
+   * <p>The state of the VPC endpoint.</p>
+   * @public
+   */
+  VpcEndpointState?: State | undefined;
+
+  /**
+   * <p>The date and time that the VPC endpoint was created.</p>
+   * @public
+   */
+  CreationTimestamp?: Date | undefined;
+
+  /**
+   * <p>The DNS entries for the VPC endpoint.</p>
+   * @public
+   */
+  DnsEntries?: DnsEntry[] | undefined;
+
+  /**
+   * <p>The Amazon Resource Names (ARNs) of the network load balancers for the service.</p>
+   * @public
+   */
+  NetworkLoadBalancerArns?: string[] | undefined;
+
+  /**
+   * <p>The Amazon Resource Names (ARNs) of the Gateway Load Balancers for the service.</p>
+   * @public
+   */
+  GatewayLoadBalancerArns?: string[] | undefined;
+
+  /**
+   * <p>The IP address type for the endpoint.</p>
+   * @public
+   */
+  IpAddressType?: IpAddressType | undefined;
+
+  /**
+   * <p>The ID of the VPC endpoint connection.</p>
+   * @public
+   */
+  VpcEndpointConnectionId?: string | undefined;
+
+  /**
+   * <p>The tags.</p>
+   * @public
+   */
+  Tags?: Tag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DescribeVpcsResult {
+export interface DescribeVpcEndpointConnectionsResult {
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * <p>Information about the VPC endpoint connections.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VpcEndpointConnections?: VpcEndpointConnection[] | undefined;
 
   /**
-   * <p>Information about the VPCs.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  Vpcs?: Vpc[] | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeVpnConnections.</p>
  * @public
  */
-export interface DescribeVpnConnectionsRequest {
+export interface DescribeVpcEndpointsRequest {
   /**
-   * <p>One or more filters.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The IDs of the VPC endpoints.</p>
+   * @public
+   */
+  VpcEndpointIds?: string[] | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>customer-gateway-configuration</code> - The configuration information
-   *                     for the customer gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>customer-gateway-id</code> - The ID of a customer gateway associated
-   *                     with the VPN connection.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the VPN connection (<code>pending</code> |
-   *                         <code>available</code> | <code>deleting</code> |
-   *                     <code>deleted</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>option.static-routes-only</code> - Indicates whether the connection has
-   *                     static routes only. Used for devices that do not support Border Gateway Protocol
-   *                     (BGP).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route.destination-cidr-block</code> - The destination CIDR block. This
-   *                     corresponds to the subnet used in a customer data center.</p>
+   *                   <code>ip-address-type</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>bgp-asn</code> - The BGP Autonomous System Number (ASN) associated with
-   *                     a BGP device.</p>
+   *                   <code>service-name</code> - The name of the service.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
@@ -6406,22 +6269,22 @@ export interface DescribeVpnConnectionsRequest {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>type</code> - The type of VPN connection. Currently the only supported
-   *                     type is <code>ipsec.1</code>.</p>
+   *                   <code>vpc-id</code> - The ID of the VPC in which the endpoint resides.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpn-connection-id</code> - The ID of the VPN connection.</p>
+   *                   <code>vpc-endpoint-id</code> - The ID of the endpoint.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>vpn-gateway-id</code> - The ID of a virtual private gateway associated
-   *                     with the VPN connection.</p>
+   *                   <code>vpc-endpoint-state</code> - The state of the endpoint
+   *                         (<code>pendingAcceptance</code> | <code>pending</code> |
+   *                         <code>available</code> | <code>deleting</code> | <code>deleted</code> |
+   *                         <code>rejected</code> | <code>failed</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>transit-gateway-id</code> - The ID of a transit gateway associated with
-   *                     the VPN connection.</p>
+   *                   <code>vpc-endpoint-type</code> - The type of VPC endpoint (<code>Interface</code> | <code>Gateway</code> | <code>GatewayLoadBalancer</code>).</p>
    *             </li>
    *          </ul>
    * @public
@@ -6429,124 +6292,126 @@ export interface DescribeVpnConnectionsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>One or more VPN connection IDs.</p>
-   *          <p>Default: Describes your VPN connections.</p>
+   * <p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>
+   *          <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>
    * @public
    */
-  VpnConnectionIds?: string[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The token for the next set of items to return. (You received this token from a prior call.)</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeVpnConnections.</p>
  * @public
  */
-export interface DescribeVpnConnectionsResult {
+export interface DescribeVpcEndpointsResult {
   /**
-   * <p>Information about one or more VPN connections.</p>
+   * <p>Information about the VPC endpoints.</p>
    * @public
    */
-  VpnConnections?: VpnConnection[] | undefined;
+  VpcEndpoints?: VpcEndpoint[] | undefined;
+
+  /**
+   * <p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Contains the parameters for DescribeVpnGateways.</p>
  * @public
  */
-export interface DescribeVpnGatewaysRequest {
+export interface DescribeVpcEndpointServiceConfigurationsRequest {
   /**
-   * <p>One or more filters.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The IDs of the endpoint services.</p>
+   * @public
+   */
+  ServiceIds?: string[] | undefined;
+
+  /**
+   * <p>The filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>amazon-side-asn</code> - The Autonomous System Number (ASN) for the
-   *                     Amazon side of the gateway.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.state</code> - The current state of the attachment between
-   *                     the gateway and the VPC (<code>attaching</code> | <code>attached</code> |
-   *                         <code>detaching</code> | <code>detached</code>).</p>
+   *                   <code>service-name</code> - The name of the service.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>
+   *                   <code>service-id</code> - The ID of the service.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>availability-zone</code> - The Availability Zone for the virtual private
-   *                     gateway (if applicable).</p>
+   *                   <code>service-state</code> - The state of the service (<code>Pending</code> |
+   *                         <code>Available</code> | <code>Deleting</code> | <code>Deleted</code> |
+   *                         <code>Failed</code>). </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>state</code> - The state of the virtual private gateway
-   *                         (<code>pending</code> | <code>available</code> | <code>deleting</code> |
-   *                         <code>deleted</code>).</p>
+   *                   <code>supported-ip-address-types</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
-   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
    *             </li>
    *             <li>
    *                <p>
    *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
    *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>type</code> - The type of virtual private gateway. Currently the only
-   *                     supported type is <code>ipsec.1</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>vpn-gateway-id</code> - The ID of the virtual private gateway.</p>
-   *             </li>
    *          </ul>
    * @public
    */
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>One or more virtual private gateway IDs.</p>
-   *          <p>Default: Describes all your virtual private gateways.</p>
+   * <p>The maximum number of results to return for the request in a single page. The remaining
+   *             results of the initial request can be seen by sending another request with the returned
+   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
+   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
+   *             returned.</p>
    * @public
    */
-  VpnGatewayIds?: string[] | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The token to retrieve the next page of results.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>Contains the output of DescribeVpnGateways.</p>
  * @public
  */
-export interface DescribeVpnGatewaysResult {
+export interface DescribeVpcEndpointServiceConfigurationsResult {
   /**
-   * <p>Information about one or more virtual private gateways.</p>
+   * <p>Information about the services.</p>
    * @public
    */
-  VpnGateways?: VpnGateway[] | undefined;
+  ServiceConfigurations?: ServiceConfiguration[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DetachClassicLinkVpcRequest {
+export interface DescribeVpcEndpointServicePermissionsRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -6556,33 +6421,67 @@ export interface DetachClassicLinkVpcRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the instance to unlink from the VPC.</p>
+   * <p>The ID of the service.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  ServiceId: string | undefined;
 
   /**
-   * <p>The ID of the VPC to which the instance is linked.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>principal</code> - The ARN of the principal.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>principal-type</code> - The principal type (<code>All</code> |
+   * 						<code>Service</code> | <code>OrganizationUnit</code> | <code>Account</code>
+   * 					| <code>User</code> | <code>Role</code>).</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  VpcId: string | undefined;
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>The maximum number of results to return for the request in a single page. The remaining
+   *             results of the initial request can be seen by sending another request with the returned
+   *                 <code>NextToken</code> value. This value can be between 5 and 1,000; if
+   *                 <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are
+   *             returned.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token to retrieve the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DetachClassicLinkVpcResult {
+export interface DescribeVpcEndpointServicePermissionsResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>Information about the allowed principals.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  AllowedPrincipals?: AllowedPrincipal[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DetachInternetGatewayRequest {
+export interface DescribeVpcEndpointServicesRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -6592,302 +6491,416 @@ export interface DetachInternetGatewayRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the internet gateway.</p>
+   * <p>The service names.</p>
    * @public
    */
-  InternetGatewayId: string | undefined;
+  ServiceNames?: string[] | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>owner</code> - The ID or alias of the Amazon Web Services account that owns
+   *                     the service.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>service-name</code> - The name of the service.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>service-type</code> - The type of service (<code>Interface</code> |
+   *                         <code>Gateway</code> | <code>GatewayLoadBalancer</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>supported-ip-address-types</code> - The IP address type (<code>ipv4</code> | <code>ipv6</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  VpcId: string | undefined;
-}
+  Filters?: Filter[] | undefined;
 
-/**
- * <p>Contains the parameters for DetachNetworkInterface.</p>
- * @public
- */
-export interface DetachNetworkInterfaceRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>
+   *          <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The token for the next set of items to return. (You received this token from a prior call.)</p>
    * @public
    */
-  AttachmentId: string | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * <p>Information about the Private DNS name for interface endpoints.</p>
+ * @public
+ */
+export interface PrivateDnsDetails {
   /**
-   * <p>Specifies whether to force a detachment.</p>
-   *          <note>
-   *             <ul>
-   *                <li>
-   *                   <p>Use the <code>Force</code> parameter only as a last resort to detach a network interface from a failed instance. </p>
-   *                </li>
-   *                <li>
-   *                   <p>If you use the <code>Force</code> parameter to detach a network interface, you might not be able to attach a different network interface to the same index on the instance without first stopping and starting the instance.</p>
-   *                </li>
-   *                <li>
-   *                   <p>If you force the detachment of a network interface, the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html">instance metadata</a>
-   *                         might not get updated. This means that the attributes associated
-   *                         with the detached network interface might still be visible. The
-   *                         instance metadata will get updated when you stop and start the
-   *                         instance.</p>
-   *                </li>
-   *             </ul>
-   *          </note>
+   * <p>The private DNS name assigned to the VPC endpoint service.</p>
    * @public
    */
-  Force?: boolean | undefined;
+  PrivateDnsName?: string | undefined;
 }
 
 /**
+ * <p>Describes a VPC endpoint service.</p>
  * @public
  */
-export interface DetachVerifiedAccessTrustProviderRequest {
+export interface ServiceDetail {
   /**
-   * <p>The ID of the Verified Access instance.</p>
+   * <p>The name of the service.</p>
    * @public
    */
-  VerifiedAccessInstanceId: string | undefined;
+  ServiceName?: string | undefined;
 
   /**
-   * <p>The ID of the Verified Access trust provider.</p>
+   * <p>The ID of the endpoint service.</p>
    * @public
    */
-  VerifiedAccessTrustProviderId: string | undefined;
+  ServiceId?: string | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>The type of service.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  ServiceType?: ServiceTypeDetail[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The Availability Zones in which the service is available.</p>
+   * @public
+   */
+  AvailabilityZones?: string[] | undefined;
+
+  /**
+   * <p>The Amazon Web Services account ID of the service owner.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  Owner?: string | undefined;
 
-/**
- * @public
- */
-export interface DetachVerifiedAccessTrustProviderResult {
   /**
-   * <p>Details about the Verified Access trust provider.</p>
+   * <p>The DNS names for the service.</p>
    * @public
    */
-  VerifiedAccessTrustProvider?: VerifiedAccessTrustProvider | undefined;
+  BaseEndpointDnsNames?: string[] | undefined;
 
   /**
-   * <p>Details about the Verified Access instance.</p>
+   * <p>The private DNS name for the service.</p>
    * @public
    */
-  VerifiedAccessInstance?: VerifiedAccessInstance | undefined;
-}
+  PrivateDnsName?: string | undefined;
 
-/**
- * @public
- */
-export interface DetachVolumeRequest {
   /**
-   * <p>The device name.</p>
+   * <p>The private DNS names assigned to the VPC endpoint service.</p>
    * @public
    */
-  Device?: string | undefined;
+  PrivateDnsNames?: PrivateDnsDetails[] | undefined;
 
   /**
-   * <p>Forces detachment if the previous detachment attempt did not occur cleanly (for example,
-   *       logging into an instance, unmounting the volume, and detaching normally). This option can lead
-   *       to data loss or a corrupted file system. Use this option only as a last resort to detach a
-   *       volume from a failed instance. The instance won't have an opportunity to flush file system
-   *       caches or file system metadata. If you use this option, you must perform file system check and
-   *       repair procedures.</p>
+   * <p>Indicates whether the service supports endpoint policies.</p>
    * @public
    */
-  Force?: boolean | undefined;
+  VpcEndpointPolicySupported?: boolean | undefined;
 
   /**
-   * <p>The ID of the instance. If you are detaching a Multi-Attach enabled volume, you must specify an instance ID.</p>
+   * <p>Indicates whether VPC endpoint connection requests to the service must be accepted by the service owner.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  AcceptanceRequired?: boolean | undefined;
 
   /**
-   * <p>The ID of the volume.</p>
+   * <p>Indicates whether the service manages its VPC endpoints. Management of the service VPC
+   *             endpoints using the VPC endpoint API is restricted.</p>
    * @public
    */
-  VolumeId: string | undefined;
+  ManagesVpcEndpoints?: boolean | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The payer responsibility.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  PayerResponsibility?: PayerResponsibility | undefined;
 
-/**
- * <p>Contains the parameters for DetachVpnGateway.</p>
- * @public
- */
-export interface DetachVpnGatewayRequest {
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The tags assigned to the service.</p>
    * @public
    */
-  VpcId: string | undefined;
+  Tags?: Tag[] | undefined;
 
   /**
-   * <p>The ID of the virtual private gateway.</p>
+   * <p>The verification state of the VPC endpoint service.</p>
+   *          <p>Consumers of the endpoint service cannot use the private name when the state is not <code>verified</code>.</p>
    * @public
    */
-  VpnGatewayId: string | undefined;
+  PrivateDnsNameVerificationState?: DnsNameState | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The supported IP address types.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SupportedIpAddressTypes?: ServiceConnectivityType[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableAddressTransferRequest {
+export interface DescribeVpcEndpointServicesResult {
   /**
-   * <p>The allocation ID of an Elastic IP address.</p>
+   * <p>The supported services.</p>
    * @public
    */
-  AllocationId: string | undefined;
+  ServiceNames?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Information about the service.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  ServiceDetails?: ServiceDetail[] | undefined;
 
-/**
- * @public
- */
-export interface DisableAddressTransferResult {
   /**
-   * <p>An Elastic IP address transfer.</p>
+   * <p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>
    * @public
    */
-  AddressTransfer?: AddressTransfer | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableAwsNetworkPerformanceMetricSubscriptionRequest {
+export interface DescribeVpcPeeringConnectionsRequest {
   /**
-   * <p>The source Region or Availability Zone that the metric subscription is disabled for. For example, <code>us-east-1</code>.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  Source?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The target Region or Availability Zone that the metric subscription is disabled for. For example, <code>eu-north-1</code>.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  Destination?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The metric used for the disabled subscription.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Metric?: MetricType | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The statistic used for the disabled subscription. </p>
+   * <p>The IDs of the VPC peering connections.</p>
+   *          <p>Default: Describes all your VPC peering connections.</p>
    * @public
    */
-  Statistic?: StatisticType | undefined;
+  VpcPeeringConnectionIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>accepter-vpc-info.cidr-block</code> - The IPv4 CIDR block of the accepter
+   *                     VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>accepter-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the
+   *                     accepter VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>accepter-vpc-info.vpc-id</code> - The ID of the accepter VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>expiration-time</code> - The expiration date and time for the VPC peering
+   *           connection.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>requester-vpc-info.cidr-block</code> - The IPv4 CIDR block of the
+   *                     requester's VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>requester-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the
+   *                   requester VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>requester-vpc-info.vpc-id</code> - The ID of the requester VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-code</code> - The status of the VPC peering connection
+   *                         (<code>pending-acceptance</code> | <code>failed</code> |
+   *                         <code>expired</code> | <code>provisioning</code> | <code>active</code> |
+   *                         <code>deleting</code> | <code>deleted</code> |
+   *                     <code>rejected</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>status-message</code> - A message that provides more information about the status
+   *           of the VPC peering connection, if applicable.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-peering-connection-id</code> - The ID of the VPC peering connection.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Filters?: Filter[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableAwsNetworkPerformanceMetricSubscriptionResult {
+export interface DescribeVpcPeeringConnectionsResult {
   /**
-   * <p>Indicates whether the unsubscribe action was successful.</p>
+   * <p>Information about the VPC peering connections.</p>
    * @public
    */
-  Output?: boolean | undefined;
+  VpcPeeringConnections?: VpcPeeringConnection[] | undefined;
+
+  /**
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableEbsEncryptionByDefaultRequest {
+export interface DescribeVpcsRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you
+   *                     specify must exactly match the VPC's CIDR block for information to be returned
+   *                     for the VPC. Must contain the slash followed by one or two digits (for example,
+   *                     <code>/28</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the
+   *                     VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>cidr-block-association.association-id</code> - The association ID for
+   *                     an IPv4 CIDR block associated with the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block
+   *                     associated with the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR
+   *                     block associated with the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.ipv6-pool</code> - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.association-id</code> - The association
+   *                     ID for an IPv6 CIDR block associated with the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR
+   *                     block associated with the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>is-default</code> - Indicates whether the VPC is the default VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>owner-id</code> - The ID of the Amazon Web Services account that owns the VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpc-id</code> - The ID of the VPC.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  Filters?: Filter[] | undefined;
 
-/**
- * @public
- */
-export interface DisableEbsEncryptionByDefaultResult {
   /**
-   * <p>The updated status of encryption by default.</p>
+   * <p>The IDs of the VPCs.</p>
    * @public
    */
-  EbsEncryptionByDefault?: boolean | undefined;
-}
+  VpcIds?: string[] | undefined;
 
-/**
- * @public
- */
-export interface DisableFastLaunchRequest {
   /**
-   * <p>Specify the ID of the image for which to disable Windows fast launch.</p>
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
-  ImageId: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Forces the image settings to turn off Windows fast launch for your Windows AMI. This parameter overrides
-   * 			any errors that are encountered while cleaning up resources in your account.</p>
+   * <p>The maximum number of items to return for this request.
+   * 	To get the next page of items, make another request with the token returned in the output.
+   * 	For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
    * @public
    */
-  Force?: boolean | undefined;
+  MaxResults?: number | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -6896,259 +6909,339 @@ export interface DisableFastLaunchRequest {
 /**
  * @public
  */
-export interface DisableFastLaunchResult {
-  /**
-   * <p>The ID of the image for which Windows fast launch was disabled.</p>
-   * @public
-   */
-  ImageId?: string | undefined;
-
-  /**
-   * <p>The pre-provisioning resource type that must be cleaned after turning off Windows fast launch
-   * 			for the Windows AMI. Supported values include: <code>snapshot</code>.</p>
-   * @public
-   */
-  ResourceType?: FastLaunchResourceType | undefined;
-
-  /**
-   * <p>Parameters that were used for Windows fast launch for the Windows AMI before
-   * 			Windows fast launch was disabled. This informs the clean-up process.</p>
-   * @public
-   */
-  SnapshotConfiguration?: FastLaunchSnapshotConfigurationResponse | undefined;
-
-  /**
-   * <p>The launch template that was used to launch Windows instances from pre-provisioned snapshots.</p>
-   * @public
-   */
-  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationResponse | undefined;
-
-  /**
-   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to
-   * 			create pre-provisioned snapshots for Windows fast launch.</p>
-   * @public
-   */
-  MaxParallelLaunches?: number | undefined;
-
-  /**
-   * <p>The owner of the Windows AMI for which Windows fast launch was disabled.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
-
-  /**
-   * <p>The current state of Windows fast launch for the specified Windows AMI.</p>
-   * @public
-   */
-  State?: FastLaunchStateCode | undefined;
-
+export interface DescribeVpcsResult {
   /**
-   * <p>The reason that the state changed for Windows fast launch for the Windows AMI.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>
    * @public
    */
-  StateTransitionReason?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The time that the state changed for Windows fast launch for the Windows AMI.</p>
+   * <p>Information about the VPCs.</p>
    * @public
    */
-  StateTransitionTime?: Date | undefined;
+  Vpcs?: Vpc[] | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DescribeVpnConnections.</p>
  * @public
  */
-export interface DisableFastSnapshotRestoresRequest {
+export interface DescribeVpnConnectionsRequest {
   /**
-   * <p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>customer-gateway-configuration</code> - The configuration information
+   *                     for the customer gateway.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>customer-gateway-id</code> - The ID of a customer gateway associated
+   *                     with the VPN connection.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the VPN connection (<code>pending</code> |
+   *                         <code>available</code> | <code>deleting</code> |
+   *                     <code>deleted</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>option.static-routes-only</code> - Indicates whether the connection has
+   *                     static routes only. Used for devices that do not support Border Gateway Protocol
+   *                     (BGP).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>route.destination-cidr-block</code> - The destination CIDR block. This
+   *                     corresponds to the subnet used in a customer data center.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>bgp-asn</code> - The BGP Autonomous System Number (ASN) associated with
+   *                     a BGP device.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>type</code> - The type of VPN connection. Currently the only supported
+   *                     type is <code>ipsec.1</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpn-connection-id</code> - The ID of the VPN connection.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpn-gateway-id</code> - The ID of a virtual private gateway associated
+   *                     with the VPN connection.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>transit-gateway-id</code> - The ID of a transit gateway associated with
+   *                     the VPN connection.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  AvailabilityZones: string[] | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>.</p>
+   * <p>One or more VPN connection IDs.</p>
+   *          <p>Default: Describes your VPN connections.</p>
    * @public
    */
-  SourceSnapshotIds: string[] | undefined;
+  VpnConnectionIds?: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Describes fast snapshot restores that were successfully disabled.</p>
+ * <p>Contains the output of DescribeVpnConnections.</p>
  * @public
  */
-export interface DisableFastSnapshotRestoreSuccessItem {
-  /**
-   * <p>The ID of the snapshot.</p>
-   * @public
-   */
-  SnapshotId?: string | undefined;
-
-  /**
-   * <p>The Availability Zone.</p>
-   * @public
-   */
-  AvailabilityZone?: string | undefined;
-
+export interface DescribeVpnConnectionsResult {
   /**
-   * <p>The state of fast snapshot restores for the snapshot.</p>
+   * <p>Information about one or more VPN connections.</p>
    * @public
    */
-  State?: FastSnapshotRestoreStateCode | undefined;
+  VpnConnections?: VpnConnection[] | undefined;
+}
 
+/**
+ * <p>Contains the parameters for DescribeVpnGateways.</p>
+ * @public
+ */
+export interface DescribeVpnGatewaysRequest {
   /**
-   * <p>The reason for the state transition. The possible values are as follows:</p>
+   * <p>One or more filters.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or
-   *           <code>disabling</code>.</p>
+   *                   <code>amazon-side-asn</code> - The Autonomous System Number (ASN) for the
+   *                     Amazon side of the gateway.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned
-   *           to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p>
+   *                   <code>attachment.state</code> - The current state of the attachment between
+   *                     the gateway and the VPC (<code>attaching</code> | <code>attached</code> |
+   *                         <code>detaching</code> | <code>detached</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>availability-zone</code> - The Availability Zone for the virtual private
+   *                     gateway (if applicable).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>state</code> - The state of the virtual private gateway
+   *                         (<code>pending</code> | <code>available</code> | <code>deleting</code> |
+   *                         <code>deleted</code>).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.
+   *     For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>type</code> - The type of virtual private gateway. Currently the only
+   *                     supported type is <code>ipsec.1</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>vpn-gateway-id</code> - The ID of the virtual private gateway.</p>
    *             </li>
    *          </ul>
    * @public
    */
-  StateTransitionReason?: string | undefined;
-
-  /**
-   * <p>The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.</p>
-   * @public
-   */
-  OwnerId?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.</p>
+   * <p>One or more virtual private gateway IDs.</p>
+   *          <p>Default: Describes all your virtual private gateways.</p>
    * @public
    */
-  OwnerAlias?: string | undefined;
+  VpnGatewayIds?: string[] | undefined;
 
   /**
-   * <p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  EnablingTime?: Date | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Contains the output of DescribeVpnGateways.</p>
+ * @public
+ */
+export interface DescribeVpnGatewaysResult {
   /**
-   * <p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>
+   * <p>Information about one or more virtual private gateways.</p>
    * @public
    */
-  OptimizingTime?: Date | undefined;
+  VpnGateways?: VpnGateway[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DetachClassicLinkVpcRequest {
   /**
-   * <p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  EnabledTime?: Date | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>
+   * <p>The ID of the instance to unlink from the VPC.</p>
    * @public
    */
-  DisablingTime?: Date | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>
+   * <p>The ID of the VPC to which the instance is linked.</p>
    * @public
    */
-  DisabledTime?: Date | undefined;
+  VpcId: string | undefined;
 }
 
 /**
- * <p>Describes an error that occurred when disabling fast snapshot restores.</p>
  * @public
  */
-export interface DisableFastSnapshotRestoreStateError {
-  /**
-   * <p>The error code.</p>
-   * @public
-   */
-  Code?: string | undefined;
-
+export interface DetachClassicLinkVpcResult {
   /**
-   * <p>The error message.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  Message?: string | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
- * <p>Contains information about an error that occurred when disabling fast snapshot restores.</p>
  * @public
  */
-export interface DisableFastSnapshotRestoreStateErrorItem {
+export interface DetachInternetGatewayRequest {
   /**
-   * <p>The Availability Zone.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The error.</p>
+   * <p>The ID of the internet gateway.</p>
    * @public
    */
-  Error?: DisableFastSnapshotRestoreStateError | undefined;
+  InternetGatewayId: string | undefined;
+
+  /**
+   * <p>The ID of the VPC.</p>
+   * @public
+   */
+  VpcId: string | undefined;
 }
 
 /**
- * <p>Contains information about the errors that occurred when disabling fast snapshot restores.</p>
+ * <p>Contains the parameters for DetachNetworkInterface.</p>
  * @public
  */
-export interface DisableFastSnapshotRestoreErrorItem {
+export interface DetachNetworkInterfaceRequest {
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The errors.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  FastSnapshotRestoreStateErrors?: DisableFastSnapshotRestoreStateErrorItem[] | undefined;
+  AttachmentId: string | undefined;
+
+  /**
+   * <p>Specifies whether to force a detachment.</p>
+   *          <note>
+   *             <ul>
+   *                <li>
+   *                   <p>Use the <code>Force</code> parameter only as a last resort to detach a network interface from a failed instance. </p>
+   *                </li>
+   *                <li>
+   *                   <p>If you use the <code>Force</code> parameter to detach a network interface, you might not be able to attach a different network interface to the same index on the instance without first stopping and starting the instance.</p>
+   *                </li>
+   *                <li>
+   *                   <p>If you force the detachment of a network interface, the <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html">instance metadata</a>
+   *                         might not get updated. This means that the attributes associated
+   *                         with the detached network interface might still be visible. The
+   *                         instance metadata will get updated when you stop and start the
+   *                         instance.</p>
+   *                </li>
+   *             </ul>
+   *          </note>
+   * @public
+   */
+  Force?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableFastSnapshotRestoresResult {
+export interface DetachVerifiedAccessTrustProviderRequest {
   /**
-   * <p>Information about the snapshots for which fast snapshot restores were successfully disabled.</p>
+   * <p>The ID of the Verified Access instance.</p>
    * @public
    */
-  Successful?: DisableFastSnapshotRestoreSuccessItem[] | undefined;
+  VerifiedAccessInstanceId: string | undefined;
 
   /**
-   * <p>Information about the snapshots for which fast snapshot restores could not be disabled.</p>
+   * <p>The ID of the Verified Access trust provider.</p>
    * @public
    */
-  Unsuccessful?: DisableFastSnapshotRestoreErrorItem[] | undefined;
-}
+  VerifiedAccessTrustProviderId: string | undefined;
 
-/**
- * @public
- */
-export interface DisableImageRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
    * @public
    */
-  ImageId: string | undefined;
+  ClientToken?: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -7157,97 +7250,103 @@ export interface DisableImageRequest {
 /**
  * @public
  */
-export interface DisableImageResult {
+export interface DetachVerifiedAccessTrustProviderResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>Details about the Verified Access trust provider.</p>
    * @public
    */
-  Return?: boolean | undefined;
-}
+  VerifiedAccessTrustProvider?: VerifiedAccessTrustProvider | undefined;
 
-/**
- * @public
- */
-export interface DisableImageBlockPublicAccessRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Details about the Verified Access instance.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  VerifiedAccessInstance?: VerifiedAccessInstance | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const ImageBlockPublicAccessDisabledState = {
-  unblocked: "unblocked",
-} as const;
+export interface DetachVolumeRequest {
+  /**
+   * <p>The device name.</p>
+   * @public
+   */
+  Device?: string | undefined;
 
-/**
- * @public
- */
-export type ImageBlockPublicAccessDisabledState =
-  (typeof ImageBlockPublicAccessDisabledState)[keyof typeof ImageBlockPublicAccessDisabledState];
+  /**
+   * <p>Forces detachment if the previous detachment attempt did not occur cleanly (for example,
+   *       logging into an instance, unmounting the volume, and detaching normally). This option can lead
+   *       to data loss or a corrupted file system. Use this option only as a last resort to detach a
+   *       volume from a failed instance. The instance won't have an opportunity to flush file system
+   *       caches or file system metadata. If you use this option, you must perform file system check and
+   *       repair procedures.</p>
+   * @public
+   */
+  Force?: boolean | undefined;
 
-/**
- * @public
- */
-export interface DisableImageBlockPublicAccessResult {
   /**
-   * <p>Returns <code>unblocked</code> if the request succeeds; otherwise, it returns an
-   *       error.</p>
+   * <p>The ID of the instance. If you are detaching a Multi-Attach enabled volume, you must specify an instance ID.</p>
    * @public
    */
-  ImageBlockPublicAccessState?: ImageBlockPublicAccessDisabledState | undefined;
-}
+  InstanceId?: string | undefined;
 
-/**
- * @public
- */
-export interface DisableImageDeprecationRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The ID of the volume.</p>
    * @public
    */
-  ImageId: string | undefined;
+  VolumeId: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DetachVpnGateway.</p>
  * @public
  */
-export interface DisableImageDeprecationResult {
+export interface DetachVpnGatewayRequest {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  VpcId: string | undefined;
+
+  /**
+   * <p>The ID of the virtual private gateway.</p>
+   * @public
+   */
+  VpnGatewayId: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableImageDeregistrationProtectionRequest {
+export interface DisableAddressTransferRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The allocation ID of an Elastic IP address.</p>
    * @public
    */
-  ImageId: string | undefined;
+  AllocationId: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -7256,50 +7355,46 @@ export interface DisableImageDeregistrationProtectionRequest {
 /**
  * @public
  */
-export interface DisableImageDeregistrationProtectionResult {
+export interface DisableAddressTransferResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>An Elastic IP address transfer.</p>
    * @public
    */
-  Return?: string | undefined;
+  AddressTransfer?: AddressTransfer | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableIpamOrganizationAdminAccountRequest {
+export interface DisableAwsNetworkPerformanceMetricSubscriptionRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The source Region or Availability Zone that the metric subscription is disabled for. For example, <code>us-east-1</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Source?: string | undefined;
 
   /**
-   * <p>The Organizations member account ID that you want to disable as IPAM account.</p>
+   * <p>The target Region or Availability Zone that the metric subscription is disabled for. For example, <code>eu-north-1</code>.</p>
    * @public
    */
-  DelegatedAdminAccountId: string | undefined;
-}
+  Destination?: string | undefined;
 
-/**
- * @public
- */
-export interface DisableIpamOrganizationAdminAccountResult {
   /**
-   * <p>The result of disabling the IPAM account.</p>
+   * <p>The metric used for the disabled subscription.</p>
+   * @public
+   */
+  Metric?: MetricType | undefined;
+
+  /**
+   * <p>The statistic used for the disabled subscription. </p>
    * @public
    */
-  Success?: boolean | undefined;
-}
+  Statistic?: StatisticType | undefined;
 
-/**
- * @public
- */
-export interface DisableSerialConsoleAccessRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -7308,20 +7403,18 @@ export interface DisableSerialConsoleAccessRequest {
 /**
  * @public
  */
-export interface DisableSerialConsoleAccessResult {
+export interface DisableAwsNetworkPerformanceMetricSubscriptionResult {
   /**
-   * <p>If <code>true</code>, access to the EC2 serial console of all instances is enabled for
-   * 			your account. If <code>false</code>, access to the EC2 serial console of all instances
-   * 			is disabled for your account.</p>
+   * <p>Indicates whether the unsubscribe action was successful.</p>
    * @public
    */
-  SerialConsoleAccessEnabled?: boolean | undefined;
+  Output?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableSnapshotBlockPublicAccessRequest {
+export interface DisableEbsEncryptionByDefaultRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -7331,330 +7424,301 @@ export interface DisableSnapshotBlockPublicAccessRequest {
   DryRun?: boolean | undefined;
 }
 
-/**
- * @public
- * @enum
- */
-export const SnapshotBlockPublicAccessState = {
-  block_all_sharing: "block-all-sharing",
-  block_new_sharing: "block-new-sharing",
-  unblocked: "unblocked",
-} as const;
-
-/**
- * @public
- */
-export type SnapshotBlockPublicAccessState =
-  (typeof SnapshotBlockPublicAccessState)[keyof typeof SnapshotBlockPublicAccessState];
-
 /**
  * @public
  */
-export interface DisableSnapshotBlockPublicAccessResult {
+export interface DisableEbsEncryptionByDefaultResult {
   /**
-   * <p>Returns <code>unblocked</code> if the request succeeds.</p>
+   * <p>The updated status of encryption by default.</p>
    * @public
    */
-  State?: SnapshotBlockPublicAccessState | undefined;
+  EbsEncryptionByDefault?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisableTransitGatewayRouteTablePropagationRequest {
+export interface DisableFastLaunchRequest {
   /**
-   * <p>The ID of the propagation route table.</p>
+   * <p>Specify the ID of the image for which to disable Windows fast launch.</p>
    * @public
    */
-  TransitGatewayRouteTableId: string | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>Forces the image settings to turn off Windows fast launch for your Windows AMI. This
+   *       parameter overrides any errors that are encountered while cleaning up resources in your
+   *       account.</p>
    * @public
    */
-  TransitGatewayAttachmentId?: string | undefined;
+  Force?: boolean | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the route table announcement.</p>
-   * @public
-   */
-  TransitGatewayRouteTableAnnouncementId?: string | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const TransitGatewayPropagationState = {
-  disabled: "disabled",
-  disabling: "disabling",
-  enabled: "enabled",
-  enabling: "enabling",
-} as const;
+export interface DisableFastLaunchResult {
+  /**
+   * <p>The ID of the image for which Windows fast launch was disabled.</p>
+   * @public
+   */
+  ImageId?: string | undefined;
 
-/**
- * @public
- */
-export type TransitGatewayPropagationState =
-  (typeof TransitGatewayPropagationState)[keyof typeof TransitGatewayPropagationState];
+  /**
+   * <p>The pre-provisioning resource type that must be cleaned after turning off Windows fast
+   *       launch for the Windows AMI. Supported values include: <code>snapshot</code>.</p>
+   * @public
+   */
+  ResourceType?: FastLaunchResourceType | undefined;
 
-/**
- * <p>Describes route propagation.</p>
- * @public
- */
-export interface TransitGatewayPropagation {
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>Parameters that were used for Windows fast launch for the Windows AMI before Windows fast
+   *       launch was disabled. This informs the clean-up process.</p>
    * @public
    */
-  TransitGatewayAttachmentId?: string | undefined;
+  SnapshotConfiguration?: FastLaunchSnapshotConfigurationResponse | undefined;
 
   /**
-   * <p>The ID of the resource.</p>
+   * <p>The launch template that was used to launch Windows instances from pre-provisioned
+   *       snapshots.</p>
    * @public
    */
-  ResourceId?: string | undefined;
+  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationResponse | undefined;
 
   /**
-   * <p>The resource type. Note that the <code>tgw-peering</code> resource type has been deprecated.</p>
+   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to create
+   *       pre-provisioned snapshots for Windows fast launch.</p>
    * @public
    */
-  ResourceType?: TransitGatewayAttachmentResourceType | undefined;
+  MaxParallelLaunches?: number | undefined;
 
   /**
-   * <p>The ID of the transit gateway route table.</p>
+   * <p>The owner of the Windows AMI for which Windows fast launch was disabled.</p>
    * @public
    */
-  TransitGatewayRouteTableId?: string | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The state.</p>
+   * <p>The current state of Windows fast launch for the specified Windows AMI.</p>
    * @public
    */
-  State?: TransitGatewayPropagationState | undefined;
+  State?: FastLaunchStateCode | undefined;
 
   /**
-   * <p>The ID of the transit gateway route table announcement.</p>
+   * <p>The reason that the state changed for Windows fast launch for the Windows AMI.</p>
    * @public
    */
-  TransitGatewayRouteTableAnnouncementId?: string | undefined;
-}
+  StateTransitionReason?: string | undefined;
 
-/**
- * @public
- */
-export interface DisableTransitGatewayRouteTablePropagationResult {
   /**
-   * <p>Information about route propagation.</p>
+   * <p>The time that the state changed for Windows fast launch for the Windows AMI.</p>
    * @public
    */
-  Propagation?: TransitGatewayPropagation | undefined;
+  StateTransitionTime?: Date | undefined;
 }
 
 /**
- * <p>Contains the parameters for DisableVgwRoutePropagation.</p>
  * @public
  */
-export interface DisableVgwRoutePropagationRequest {
+export interface DisableFastSnapshotRestoresRequest {
   /**
-   * <p>The ID of the virtual private gateway.</p>
+   * <p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>
    * @public
    */
-  GatewayId: string | undefined;
+  AvailabilityZones: string[] | undefined;
 
   /**
-   * <p>The ID of the route table.</p>
+   * <p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>.</p>
    * @public
    */
-  RouteTableId: string | undefined;
+  SourceSnapshotIds: string[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes fast snapshot restores that were successfully disabled.</p>
  * @public
  */
-export interface DisableVpcClassicLinkRequest {
+export interface DisableFastSnapshotRestoreSuccessItem {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  VpcId: string | undefined;
-}
+  AvailabilityZone?: string | undefined;
 
-/**
- * @public
- */
-export interface DisableVpcClassicLinkResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The state of fast snapshot restores for the snapshot.</p>
    * @public
    */
-  Return?: boolean | undefined;
-}
+  State?: FastSnapshotRestoreStateCode | undefined;
 
-/**
- * @public
- */
-export interface DisableVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The reason for the state transition. The possible values are as follows:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or
+   *           <code>disabling</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned
+   *           to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  VpcId?: string | undefined;
-}
+  StateTransitionReason?: string | undefined;
 
-/**
- * @public
- */
-export interface DisableVpcClassicLinkDnsSupportResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.</p>
    * @public
    */
-  Return?: boolean | undefined;
-}
+  OwnerId?: string | undefined;
 
-/**
- * @public
- */
-export interface DisassociateAddressRequest {
   /**
-   * <p>The association ID. This parameter is required.</p>
+   * <p>The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.</p>
    * @public
    */
-  AssociationId?: string | undefined;
+  OwnerAlias?: string | undefined;
 
   /**
-   * <p>Deprecated.</p>
+   * <p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>
    * @public
    */
-  PublicIp?: string | undefined;
+  EnablingTime?: Date | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  OptimizingTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface DisassociateCapacityReservationBillingOwnerRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  EnabledTime?: Date | undefined;
 
   /**
-   * <p>The ID of the Capacity Reservation.</p>
+   * <p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>
    * @public
    */
-  CapacityReservationId: string | undefined;
+  DisablingTime?: Date | undefined;
 
   /**
-   * <p>The ID of the consumer account to which the request was sent.</p>
+   * <p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>
    * @public
    */
-  UnusedReservationBillingOwnerId: string | undefined;
+  DisabledTime?: Date | undefined;
 }
 
 /**
+ * <p>Describes an error that occurred when disabling fast snapshot restores.</p>
  * @public
  */
-export interface DisassociateCapacityReservationBillingOwnerResult {
+export interface DisableFastSnapshotRestoreStateError {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The error code.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  Code?: string | undefined;
+
+  /**
+   * <p>The error message.</p>
+   * @public
+   */
+  Message?: string | undefined;
 }
 
 /**
+ * <p>Contains information about an error that occurred when disabling fast snapshot restores.</p>
  * @public
  */
-export interface DisassociateClientVpnTargetNetworkRequest {
+export interface DisableFastSnapshotRestoreStateErrorItem {
   /**
-   * <p>The ID of the Client VPN endpoint from which to disassociate the target network.</p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  ClientVpnEndpointId: string | undefined;
+  AvailabilityZone?: string | undefined;
+
+  /**
+   * <p>The error.</p>
+   * @public
+   */
+  Error?: DisableFastSnapshotRestoreStateError | undefined;
+}
 
+/**
+ * <p>Contains information about the errors that occurred when disabling fast snapshot restores.</p>
+ * @public
+ */
+export interface DisableFastSnapshotRestoreErrorItem {
   /**
-   * <p>The ID of the target network association.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The errors.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  FastSnapshotRestoreStateErrors?: DisableFastSnapshotRestoreStateErrorItem[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateClientVpnTargetNetworkResult {
+export interface DisableFastSnapshotRestoresResult {
   /**
-   * <p>The ID of the target network association.</p>
+   * <p>Information about the snapshots for which fast snapshot restores were successfully disabled.</p>
    * @public
    */
-  AssociationId?: string | undefined;
+  Successful?: DisableFastSnapshotRestoreSuccessItem[] | undefined;
 
   /**
-   * <p>The current state of the target network association.</p>
+   * <p>Information about the snapshots for which fast snapshot restores could not be disabled.</p>
    * @public
    */
-  Status?: AssociationStatus | undefined;
+  Unsuccessful?: DisableFastSnapshotRestoreErrorItem[] | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateEnclaveCertificateIamRoleRequest {
-  /**
-   * <p>The ARN of the ACM certificate from which to disassociate the IAM role.</p>
-   * @public
-   */
-  CertificateArn: string | undefined;
-
+export interface DisableImageRequest {
   /**
-   * <p>The ARN of the IAM role to disassociate.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  RoleArn: string | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -7663,7 +7727,7 @@ export interface DisassociateEnclaveCertificateIamRoleRequest {
 /**
  * @public
  */
-export interface DisassociateEnclaveCertificateIamRoleResult {
+export interface DisableImageResult {
   /**
    * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
@@ -7674,92 +7738,108 @@ export interface DisassociateEnclaveCertificateIamRoleResult {
 /**
  * @public
  */
-export interface DisassociateIamInstanceProfileRequest {
+export interface DisableImageBlockPublicAccessRequest {
   /**
-   * <p>The ID of the IAM instance profile association.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DisassociateIamInstanceProfileResult {
-  /**
-   * <p>Information about the IAM instance profile association.</p>
-   * @public
-   */
-  IamInstanceProfileAssociation?: IamInstanceProfileAssociation | undefined;
-}
+export const ImageBlockPublicAccessDisabledState = {
+  unblocked: "unblocked",
+} as const;
 
 /**
- * <p>The targets to disassociate from the specified event window.</p>
  * @public
  */
-export interface InstanceEventWindowDisassociationRequest {
+export type ImageBlockPublicAccessDisabledState =
+  (typeof ImageBlockPublicAccessDisabledState)[keyof typeof ImageBlockPublicAccessDisabledState];
+
+/**
+ * @public
+ */
+export interface DisableImageBlockPublicAccessResult {
   /**
-   * <p>The IDs of the instances to disassociate from the event window.</p>
+   * <p>Returns <code>unblocked</code> if the request succeeds; otherwise, it returns an
+   *       error.</p>
    * @public
    */
-  InstanceIds?: string[] | undefined;
+  ImageBlockPublicAccessState?: ImageBlockPublicAccessDisabledState | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableImageDeprecationRequest {
   /**
-   * <p>The instance tags to disassociate from the event window. Any instances associated with
-   *          the tags will be disassociated from the event window.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  InstanceTags?: Tag[] | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>The IDs of the Dedicated Hosts to disassociate from the event window.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DedicatedHostIds?: string[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateInstanceEventWindowRequest {
+export interface DisableImageDeprecationResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableImageDeregistrationProtectionRequest {
   /**
-   * <p>The ID of the event window.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  InstanceEventWindowId: string | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>One or more targets to disassociate from the specified event window.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AssociationTarget: InstanceEventWindowDisassociationRequest | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateInstanceEventWindowResult {
+export interface DisableImageDeregistrationProtectionResult {
   /**
-   * <p>Information about the event window.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  InstanceEventWindow?: InstanceEventWindow | undefined;
+  Return?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateIpamByoasnRequest {
+export interface DisableIpamOrganizationAdminAccountRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * <p>A check for whether you have the required permissions for the action without actually making the request
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
    *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
@@ -7767,80 +7847,102 @@ export interface DisassociateIpamByoasnRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>A public 2-byte or 4-byte ASN.</p>
-   * @public
-   */
-  Asn: string | undefined;
-
-  /**
-   * <p>A BYOIP CIDR.</p>
+   * <p>The Organizations member account ID that you want to disable as IPAM account.</p>
    * @public
    */
-  Cidr: string | undefined;
+  DelegatedAdminAccountId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateIpamByoasnResult {
+export interface DisableIpamOrganizationAdminAccountResult {
   /**
-   * <p>An ASN and BYOIP CIDR association.</p>
+   * <p>The result of disabling the IPAM account.</p>
    * @public
    */
-  AsnAssociation?: AsnAssociation | undefined;
+  Success?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateIpamResourceDiscoveryRequest {
+export interface DisableSerialConsoleAccessRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableSerialConsoleAccessResult {
   /**
-   * <p>A resource discovery association ID.</p>
+   * <p>If <code>true</code>, access to the EC2 serial console of all instances is enabled for
+   * 			your account. If <code>false</code>, access to the EC2 serial console of all instances
+   * 			is disabled for your account.</p>
    * @public
    */
-  IpamResourceDiscoveryAssociationId: string | undefined;
+  SerialConsoleAccessEnabled?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateIpamResourceDiscoveryResult {
+export interface DisableSnapshotBlockPublicAccessRequest {
   /**
-   * <p>A resource discovery association.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  IpamResourceDiscoveryAssociation?: IpamResourceDiscoveryAssociation | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DisassociateNatGatewayAddressRequest {
+export const SnapshotBlockPublicAccessState = {
+  block_all_sharing: "block-all-sharing",
+  block_new_sharing: "block-new-sharing",
+  unblocked: "unblocked",
+} as const;
+
+/**
+ * @public
+ */
+export type SnapshotBlockPublicAccessState =
+  (typeof SnapshotBlockPublicAccessState)[keyof typeof SnapshotBlockPublicAccessState];
+
+/**
+ * @public
+ */
+export interface DisableSnapshotBlockPublicAccessResult {
   /**
-   * <p>The ID of the NAT gateway.</p>
+   * <p>Returns <code>unblocked</code> if the request succeeds.</p>
    * @public
    */
-  NatGatewayId: string | undefined;
+  State?: SnapshotBlockPublicAccessState | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableTransitGatewayRouteTablePropagationRequest {
   /**
-   * <p>The association IDs of EIPs that have been associated with the NAT gateway.</p>
+   * <p>The ID of the propagation route table.</p>
    * @public
    */
-  AssociationIds: string[] | undefined;
+  TransitGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  MaxDrainDurationSeconds?: number | undefined;
+  TransitGatewayAttachmentId?: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -7849,64 +7951,106 @@ export interface DisassociateNatGatewayAddressRequest {
    * @public
    */
   DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the route table announcement.</p>
+   * @public
+   */
+  TransitGatewayRouteTableAnnouncementId?: string | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface DisassociateNatGatewayAddressResult {
+export const TransitGatewayPropagationState = {
+  disabled: "disabled",
+  disabling: "disabling",
+  enabled: "enabled",
+  enabling: "enabling",
+} as const;
+
+/**
+ * @public
+ */
+export type TransitGatewayPropagationState =
+  (typeof TransitGatewayPropagationState)[keyof typeof TransitGatewayPropagationState];
+
+/**
+ * <p>Describes route propagation.</p>
+ * @public
+ */
+export interface TransitGatewayPropagation {
   /**
-   * <p>The ID of the NAT gateway.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  NatGatewayId?: string | undefined;
+  TransitGatewayAttachmentId?: string | undefined;
 
   /**
-   * <p>Information about the NAT gateway IP addresses.</p>
+   * <p>The ID of the resource.</p>
    * @public
    */
-  NatGatewayAddresses?: NatGatewayAddress[] | undefined;
-}
+  ResourceId?: string | undefined;
 
-/**
- * @public
- */
-export interface DisassociateRouteTableRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The resource type. Note that the <code>tgw-peering</code> resource type has been deprecated.</p>
+   * @public
+   */
+  ResourceType?: TransitGatewayAttachmentResourceType | undefined;
+
+  /**
+   * <p>The ID of the transit gateway route table.</p>
+   * @public
+   */
+  TransitGatewayRouteTableId?: string | undefined;
+
+  /**
+   * <p>The state.</p>
+   * @public
+   */
+  State?: TransitGatewayPropagationState | undefined;
+
+  /**
+   * <p>The ID of the transit gateway route table announcement.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  TransitGatewayRouteTableAnnouncementId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableTransitGatewayRouteTablePropagationResult {
   /**
-   * <p>The association ID representing the current association between the route table and subnet or gateway.</p>
+   * <p>Information about route propagation.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  Propagation?: TransitGatewayPropagation | undefined;
 }
 
 /**
+ * <p>Contains the parameters for DisableVgwRoutePropagation.</p>
  * @public
  */
-export interface DisassociateSecurityGroupVpcRequest {
+export interface DisableVgwRoutePropagationRequest {
   /**
-   * <p>A security group ID.</p>
+   * <p>The ID of the virtual private gateway.</p>
    * @public
    */
-  GroupId: string | undefined;
+  GatewayId: string | undefined;
 
   /**
-   * <p>A VPC ID.</p>
+   * <p>The ID of the route table.</p>
    * @public
    */
-  VpcId: string | undefined;
+  RouteTableId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -7915,63 +8059,70 @@ export interface DisassociateSecurityGroupVpcRequest {
 /**
  * @public
  */
-export interface DisassociateSecurityGroupVpcResult {
+export interface DisableVpcClassicLinkRequest {
   /**
-   * <p>The state of the disassociation.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  State?: SecurityGroupVpcAssociationState | undefined;
-}
+  DryRun?: boolean | undefined;
 
-/**
- * @public
- */
-export interface DisassociateSubnetCidrBlockRequest {
   /**
-   * <p>The association ID for the CIDR block.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  VpcId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateSubnetCidrBlockResult {
+export interface DisableVpcClassicLinkResult {
   /**
-   * <p>Information about the IPv6 CIDR block association.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  Ipv6CidrBlockAssociation?: SubnetIpv6CidrBlockAssociation | undefined;
+  Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisableVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The ID of the subnet.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  VpcId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateTransitGatewayMulticastDomainRequest {
+export interface DisableVpcClassicLinkDnsSupportResult {
   /**
-   * <p>The ID of the transit gateway multicast domain.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  TransitGatewayMulticastDomainId: string | undefined;
+  Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateAddressRequest {
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The association ID. This parameter is required.</p>
    * @public
    */
-  TransitGatewayAttachmentId: string | undefined;
+  AssociationId?: string | undefined;
 
   /**
-   * <p>The IDs of the subnets;</p>
+   * <p>Deprecated.</p>
    * @public
    */
-  SubnetIds: string[] | undefined;
+  PublicIp?: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -7985,70 +8136,55 @@ export interface DisassociateTransitGatewayMulticastDomainRequest {
 /**
  * @public
  */
-export interface DisassociateTransitGatewayMulticastDomainResult {
-  /**
-   * <p>Information about the association.</p>
-   * @public
-   */
-  Associations?: TransitGatewayMulticastDomainAssociations | undefined;
-}
-
-/**
- * @public
- */
-export interface DisassociateTransitGatewayPolicyTableRequest {
+export interface DisassociateCapacityReservationBillingOwnerRequest {
   /**
-   * <p>The ID of the disassociated policy table.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TransitGatewayPolicyTableId: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the transit gateway attachment to disassociate from the policy table.</p>
+   * <p>The ID of the Capacity Reservation.</p>
    * @public
    */
-  TransitGatewayAttachmentId: string | undefined;
+  CapacityReservationId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the consumer account to which the request was sent.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  UnusedReservationBillingOwnerId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateTransitGatewayPolicyTableResult {
+export interface DisassociateCapacityReservationBillingOwnerResult {
   /**
-   * <p>Returns details about the transit gateway policy table disassociation.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  Association?: TransitGatewayPolicyTableAssociation | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateTransitGatewayRouteTableRequest {
+export interface DisassociateClientVpnTargetNetworkRequest {
   /**
-   * <p>The ID of the transit gateway route table.</p>
+   * <p>The ID of the Client VPN endpoint from which to disassociate the target network.</p>
    * @public
    */
-  TransitGatewayRouteTableId: string | undefined;
+  ClientVpnEndpointId: string | undefined;
 
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The ID of the target network association.</p>
    * @public
    */
-  TransitGatewayAttachmentId: string | undefined;
+  AssociationId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8057,36 +8193,38 @@ export interface DisassociateTransitGatewayRouteTableRequest {
 /**
  * @public
  */
-export interface DisassociateTransitGatewayRouteTableResult {
+export interface DisassociateClientVpnTargetNetworkResult {
   /**
-   * <p>Information about the association.</p>
+   * <p>The ID of the target network association.</p>
    * @public
    */
-  Association?: TransitGatewayAssociation | undefined;
+  AssociationId?: string | undefined;
+
+  /**
+   * <p>The current state of the target network association.</p>
+   * @public
+   */
+  Status?: AssociationStatus | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateTrunkInterfaceRequest {
+export interface DisassociateEnclaveCertificateIamRoleRequest {
   /**
-   * <p>The ID of the association</p>
+   * <p>The ARN of the ACM certificate from which to disassociate the IAM role.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  CertificateArn: string | undefined;
 
   /**
-   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the
-   *             request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring
-   *                 idempotency</a>.</p>
+   * <p>The ARN of the IAM role to disassociate.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  RoleArn: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8095,120 +8233,101 @@ export interface DisassociateTrunkInterfaceRequest {
 /**
  * @public
  */
-export interface DisassociateTrunkInterfaceResult {
+export interface DisassociateEnclaveCertificateIamRoleResult {
   /**
    * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
   Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateIamInstanceProfileRequest {
   /**
-   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the
-   *             request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring
-   *                 idempotency</a>.</p>
+   * <p>The ID of the IAM instance profile association.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  AssociationId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface DisassociateVpcCidrBlockRequest {
+export interface DisassociateIamInstanceProfileResult {
   /**
-   * <p>The association ID for the CIDR block.</p>
+   * <p>Information about the IAM instance profile association.</p>
    * @public
    */
-  AssociationId: string | undefined;
+  IamInstanceProfileAssociation?: IamInstanceProfileAssociation | undefined;
 }
 
 /**
+ * <p>The targets to disassociate from the specified event window.</p>
  * @public
  */
-export interface DisassociateVpcCidrBlockResult {
+export interface InstanceEventWindowDisassociationRequest {
   /**
-   * <p>Information about the IPv6 CIDR block association.</p>
+   * <p>The IDs of the instances to disassociate from the event window.</p>
    * @public
    */
-  Ipv6CidrBlockAssociation?: VpcIpv6CidrBlockAssociation | undefined;
+  InstanceIds?: string[] | undefined;
 
   /**
-   * <p>Information about the IPv4 CIDR block association.</p>
+   * <p>The instance tags to disassociate from the event window. Any instances associated with
+   *          the tags will be disassociated from the event window.</p>
    * @public
    */
-  CidrBlockAssociation?: VpcCidrBlockAssociation | undefined;
+  InstanceTags?: Tag[] | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The IDs of the Dedicated Hosts to disassociate from the event window.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  DedicatedHostIds?: string[] | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableAddressTransferRequest {
+export interface DisassociateInstanceEventWindowRequest {
   /**
-   * <p>The allocation ID of an Elastic IP address.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AllocationId: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the account that you want to transfer the Elastic IP address to.</p>
+   * <p>The ID of the event window.</p>
    * @public
    */
-  TransferAccountId: string | undefined;
+  InstanceEventWindowId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>One or more targets to disassociate from the specified event window.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  AssociationTarget: InstanceEventWindowDisassociationRequest | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableAddressTransferResult {
+export interface DisassociateInstanceEventWindowResult {
   /**
-   * <p>An Elastic IP address transfer.</p>
+   * <p>Information about the event window.</p>
    * @public
    */
-  AddressTransfer?: AddressTransfer | undefined;
+  InstanceEventWindow?: InstanceEventWindow | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableAwsNetworkPerformanceMetricSubscriptionRequest {
-  /**
-   * <p>The source Region (like <code>us-east-1</code>) or Availability Zone ID (like <code>use1-az1</code>) that the metric subscription is enabled for. If you use Availability Zone IDs, the Source and Destination Availability Zones must be in the same Region.</p>
-   * @public
-   */
-  Source?: string | undefined;
-
-  /**
-   * <p>The target Region (like <code>us-east-2</code>) or Availability Zone ID (like <code>use2-az2</code>) that the metric subscription is enabled for. If you use Availability Zone IDs, the Source and Destination Availability Zones must be in the same Region.</p>
-   * @public
-   */
-  Destination?: string | undefined;
-
-  /**
-   * <p>The metric used for the enabled subscription.</p>
-   * @public
-   */
-  Metric?: MetricType | undefined;
-
-  /**
-   * <p>The statistic used for the enabled subscription.</p>
-   * @public
-   */
-  Statistic?: StatisticType | undefined;
-
+export interface DisassociateIpamByoasnRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -8216,213 +8335,213 @@ export interface EnableAwsNetworkPerformanceMetricSubscriptionRequest {
    * @public
    */
   DryRun?: boolean | undefined;
-}
 
-/**
- * @public
- */
-export interface EnableAwsNetworkPerformanceMetricSubscriptionResult {
   /**
-   * <p>Indicates whether the subscribe action was successful.</p>
+   * <p>A public 2-byte or 4-byte ASN.</p>
    * @public
    */
-  Output?: boolean | undefined;
-}
-
-/**
- * @public
- */
-export interface EnableEbsEncryptionByDefaultRequest {
+  Asn: string | undefined;
+
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>A BYOIP CIDR.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Cidr: string | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableEbsEncryptionByDefaultResult {
+export interface DisassociateIpamByoasnResult {
   /**
-   * <p>The updated status of encryption by default.</p>
+   * <p>An ASN and BYOIP CIDR association.</p>
    * @public
    */
-  EbsEncryptionByDefault?: boolean | undefined;
+  AsnAssociation?: AsnAssociation | undefined;
 }
 
 /**
- * <p>Request to create a launch template for a Windows fast launch enabled AMI.</p>
- *          <note>
- *             <p>Note - You can specify either the <code>LaunchTemplateName</code> or the
- * 				<code>LaunchTemplateId</code>, but not both.</p>
- *          </note>
  * @public
  */
-export interface FastLaunchLaunchTemplateSpecificationRequest {
-  /**
-   * <p>Specify the ID of the launch template that the AMI should use for Windows fast launch.</p>
-   * @public
-   */
-  LaunchTemplateId?: string | undefined;
-
+export interface DisassociateIpamResourceDiscoveryRequest {
   /**
-   * <p>Specify the name of the launch template that the AMI should use for Windows fast launch.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LaunchTemplateName?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Specify the version of the launch template that the AMI should use for Windows fast launch.</p>
+   * <p>A resource discovery association ID.</p>
    * @public
    */
-  Version: string | undefined;
+  IpamResourceDiscoveryAssociationId: string | undefined;
 }
 
 /**
- * <p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows fast launch
- * 			enabled AMI.</p>
  * @public
  */
-export interface FastLaunchSnapshotConfigurationRequest {
+export interface DisassociateIpamResourceDiscoveryResult {
   /**
-   * <p>The number of pre-provisioned snapshots to keep on hand for a Windows fast launch
-   * 			enabled AMI.</p>
+   * <p>A resource discovery association.</p>
    * @public
    */
-  TargetResourceCount?: number | undefined;
+  IpamResourceDiscoveryAssociation?: IpamResourceDiscoveryAssociation | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableFastLaunchRequest {
+export interface DisassociateNatGatewayAddressRequest {
   /**
-   * <p>Specify the ID of the image for which to enable Windows fast launch.</p>
+   * <p>The ID of the NAT gateway.</p>
    * @public
    */
-  ImageId: string | undefined;
+  NatGatewayId: string | undefined;
 
   /**
-   * <p>The type of resource to use for pre-provisioning the AMI for Windows fast launch.
-   * 			Supported values include: <code>snapshot</code>, which is the default value.</p>
+   * <p>The association IDs of EIPs that have been associated with the NAT gateway.</p>
    * @public
    */
-  ResourceType?: string | undefined;
+  AssociationIds: string[] | undefined;
 
   /**
-   * <p>Configuration settings for creating and managing the snapshots that are used for
-   * 			pre-provisioning the AMI for Windows fast launch. The associated <code>ResourceType</code>
-   * 			must be <code>snapshot</code>.</p>
+   * <p>The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.</p>
    * @public
    */
-  SnapshotConfiguration?: FastLaunchSnapshotConfigurationRequest | undefined;
+  MaxDrainDurationSeconds?: number | undefined;
 
   /**
-   * <p>The launch template to use when launching Windows instances from pre-provisioned
-   * 			snapshots. Launch template parameters can include either the name or ID of the launch
-   * 			template, but not both.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationRequest | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateNatGatewayAddressResult {
   /**
-   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to create
-   * 			pre-provisioned snapshots for Windows fast launch. Value must be
-   * 			<code>6</code> or greater.</p>
+   * <p>The ID of the NAT gateway.</p>
    * @public
    */
-  MaxParallelLaunches?: number | undefined;
+  NatGatewayId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Information about the NAT gateway IP addresses.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  NatGatewayAddresses?: NatGatewayAddress[] | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableFastLaunchResult {
+export interface DisassociateRouteTableRequest {
   /**
-   * <p>The image ID that identifies the AMI for which Windows fast launch was enabled.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The type of resource that was defined for pre-provisioning the AMI for Windows fast launch.</p>
+   * <p>The association ID representing the current association between the route table and subnet or gateway.</p>
    * @public
    */
-  ResourceType?: FastLaunchResourceType | undefined;
+  AssociationId: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateSecurityGroupVpcRequest {
   /**
-   * <p>Settings to create and manage the pre-provisioned snapshots that Amazon EC2 uses for faster
-   * 			launches from the Windows AMI. This property is returned when the associated
-   * 			<code>resourceType</code> is <code>snapshot</code>.</p>
+   * <p>A security group ID.</p>
    * @public
    */
-  SnapshotConfiguration?: FastLaunchSnapshotConfigurationResponse | undefined;
+  GroupId: string | undefined;
 
   /**
-   * <p>The launch template that is used when launching Windows instances from pre-provisioned snapshots.</p>
+   * <p>A VPC ID.</p>
    * @public
    */
-  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationResponse | undefined;
+  VpcId: string | undefined;
 
   /**
-   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to
-   * 			create pre-provisioned snapshots for Windows fast launch.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  MaxParallelLaunches?: number | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateSecurityGroupVpcResult {
   /**
-   * <p>The owner ID for the AMI for which Windows fast launch was enabled.</p>
+   * <p>The state of the disassociation.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  State?: SecurityGroupVpcAssociationState | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateSubnetCidrBlockRequest {
   /**
-   * <p>The current state of Windows fast launch for the specified AMI.</p>
+   * <p>The association ID for the CIDR block.</p>
    * @public
    */
-  State?: FastLaunchStateCode | undefined;
+  AssociationId: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateSubnetCidrBlockResult {
   /**
-   * <p>The reason that the state changed for Windows fast launch for the AMI.</p>
+   * <p>Information about the IPv6 CIDR block association.</p>
    * @public
    */
-  StateTransitionReason?: string | undefined;
+  Ipv6CidrBlockAssociation?: SubnetIpv6CidrBlockAssociation | undefined;
 
   /**
-   * <p>The time that the state changed for Windows fast launch for the AMI.</p>
+   * <p>The ID of the subnet.</p>
    * @public
    */
-  StateTransitionTime?: Date | undefined;
+  SubnetId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableFastSnapshotRestoresRequest {
+export interface DisassociateTransitGatewayMulticastDomainRequest {
   /**
-   * <p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>
+   * <p>The ID of the transit gateway multicast domain.</p>
    * @public
    */
-  AvailabilityZones: string[] | undefined;
+  TransitGatewayMulticastDomainId: string | undefined;
 
   /**
-   * <p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>. You can specify
-   *       a snapshot that was shared with you from another Amazon Web Services account.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  SourceSnapshotIds: string[] | undefined;
+  TransitGatewayAttachmentId: string | undefined;
+
+  /**
+   * <p>The IDs of the subnets;</p>
+   * @public
+   */
+  SubnetIds: string[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8434,174 +8553,188 @@ export interface EnableFastSnapshotRestoresRequest {
 }
 
 /**
- * <p>Describes fast snapshot restores that were successfully enabled.</p>
  * @public
  */
-export interface EnableFastSnapshotRestoreSuccessItem {
-  /**
-   * <p>The ID of the snapshot.</p>
-   * @public
-   */
-  SnapshotId?: string | undefined;
-
-  /**
-   * <p>The Availability Zone.</p>
-   * @public
-   */
-  AvailabilityZone?: string | undefined;
-
+export interface DisassociateTransitGatewayMulticastDomainResult {
   /**
-   * <p>The state of fast snapshot restores.</p>
+   * <p>Information about the association.</p>
    * @public
    */
-  State?: FastSnapshotRestoreStateCode | undefined;
+  Associations?: TransitGatewayMulticastDomainAssociations | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateTransitGatewayPolicyTableRequest {
   /**
-   * <p>The reason for the state transition. The possible values are as follows:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or
-   *           <code>disabling</code>.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned
-   *           to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p>
-   *             </li>
-   *          </ul>
+   * <p>The ID of the disassociated policy table.</p>
    * @public
    */
-  StateTransitionReason?: string | undefined;
+  TransitGatewayPolicyTableId: string | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.</p>
+   * <p>The ID of the transit gateway attachment to disassociate from the policy table.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  TransitGatewayAttachmentId: string | undefined;
 
   /**
-   * <p>The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  OwnerAlias?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateTransitGatewayPolicyTableResult {
   /**
-   * <p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>
+   * <p>Returns details about the transit gateway policy table disassociation.</p>
    * @public
    */
-  EnablingTime?: Date | undefined;
+  Association?: TransitGatewayPolicyTableAssociation | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateTransitGatewayRouteTableRequest {
   /**
-   * <p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>
+   * <p>The ID of the transit gateway route table.</p>
    * @public
    */
-  OptimizingTime?: Date | undefined;
+  TransitGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  EnabledTime?: Date | undefined;
+  TransitGatewayAttachmentId: string | undefined;
 
   /**
-   * <p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DisablingTime?: Date | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface DisassociateTransitGatewayRouteTableResult {
   /**
-   * <p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>
+   * <p>Information about the association.</p>
    * @public
    */
-  DisabledTime?: Date | undefined;
+  Association?: TransitGatewayAssociation | undefined;
 }
 
 /**
- * <p>Describes an error that occurred when enabling fast snapshot restores.</p>
  * @public
  */
-export interface EnableFastSnapshotRestoreStateError {
+export interface DisassociateTrunkInterfaceRequest {
   /**
-   * <p>The error code.</p>
+   * <p>The ID of the association</p>
    * @public
    */
-  Code?: string | undefined;
+  AssociationId: string | undefined;
 
   /**
-   * <p>The error message.</p>
+   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the
+   *             request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring
+   *                 idempotency</a>.</p>
    * @public
    */
-  Message?: string | undefined;
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Contains information about an error that occurred when enabling fast snapshot restores.</p>
  * @public
  */
-export interface EnableFastSnapshotRestoreStateErrorItem {
+export interface DisassociateTrunkInterfaceResult {
   /**
-   * <p>The Availability Zone.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  AvailabilityZone?: string | undefined;
+  Return?: boolean | undefined;
 
   /**
-   * <p>The error.</p>
+   * <p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the
+   *             request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring
+   *                 idempotency</a>.</p>
    * @public
    */
-  Error?: EnableFastSnapshotRestoreStateError | undefined;
+  ClientToken?: string | undefined;
 }
 
 /**
- * <p>Contains information about the errors that occurred when enabling fast snapshot restores.</p>
  * @public
  */
-export interface EnableFastSnapshotRestoreErrorItem {
-  /**
-   * <p>The ID of the snapshot.</p>
-   * @public
-   */
-  SnapshotId?: string | undefined;
-
+export interface DisassociateVpcCidrBlockRequest {
   /**
-   * <p>The errors.</p>
+   * <p>The association ID for the CIDR block.</p>
    * @public
    */
-  FastSnapshotRestoreStateErrors?: EnableFastSnapshotRestoreStateErrorItem[] | undefined;
+  AssociationId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableFastSnapshotRestoresResult {
+export interface DisassociateVpcCidrBlockResult {
   /**
-   * <p>Information about the snapshots for which fast snapshot restores were successfully enabled.</p>
+   * <p>Information about the IPv6 CIDR block association.</p>
    * @public
    */
-  Successful?: EnableFastSnapshotRestoreSuccessItem[] | undefined;
+  Ipv6CidrBlockAssociation?: VpcIpv6CidrBlockAssociation | undefined;
 
   /**
-   * <p>Information about the snapshots for which fast snapshot restores could not be enabled.</p>
+   * <p>Information about the IPv4 CIDR block association.</p>
    * @public
    */
-  Unsuccessful?: EnableFastSnapshotRestoreErrorItem[] | undefined;
+  CidrBlockAssociation?: VpcCidrBlockAssociation | undefined;
+
+  /**
+   * <p>The ID of the VPC.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableImageRequest {
+export interface EnableAddressTransferRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>The allocation ID of an Elastic IP address.</p>
    * @public
    */
-  ImageId: string | undefined;
+  AllocationId: string | undefined;
+
+  /**
+   * <p>The ID of the account that you want to transfer the Elastic IP address to.</p>
+   * @public
+   */
+  TransferAccountId: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8610,44 +8743,46 @@ export interface EnableImageRequest {
 /**
  * @public
  */
-export interface EnableImageResult {
+export interface EnableAddressTransferResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>An Elastic IP address transfer.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  AddressTransfer?: AddressTransfer | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const ImageBlockPublicAccessEnabledState = {
-  block_new_sharing: "block-new-sharing",
-} as const;
+export interface EnableAwsNetworkPerformanceMetricSubscriptionRequest {
+  /**
+   * <p>The source Region (like <code>us-east-1</code>) or Availability Zone ID (like <code>use1-az1</code>) that the metric subscription is enabled for. If you use Availability Zone IDs, the Source and Destination Availability Zones must be in the same Region.</p>
+   * @public
+   */
+  Source?: string | undefined;
 
-/**
- * @public
- */
-export type ImageBlockPublicAccessEnabledState =
-  (typeof ImageBlockPublicAccessEnabledState)[keyof typeof ImageBlockPublicAccessEnabledState];
+  /**
+   * <p>The target Region (like <code>us-east-2</code>) or Availability Zone ID (like <code>use2-az2</code>) that the metric subscription is enabled for. If you use Availability Zone IDs, the Source and Destination Availability Zones must be in the same Region.</p>
+   * @public
+   */
+  Destination?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableImageBlockPublicAccessRequest {
   /**
-   * <p>Specify <code>block-new-sharing</code> to enable block public access for AMIs at the
-   *       account level in the specified Region. This will block any attempt to publicly share your AMIs
-   *       in the specified Region.</p>
+   * <p>The metric used for the enabled subscription.</p>
    * @public
    */
-  ImageBlockPublicAccessState: ImageBlockPublicAccessEnabledState | undefined;
+  Metric?: MetricType | undefined;
+
+  /**
+   * <p>The statistic used for the enabled subscription.</p>
+   * @public
+   */
+  Statistic?: StatisticType | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8656,40 +8791,22 @@ export interface EnableImageBlockPublicAccessRequest {
 /**
  * @public
  */
-export interface EnableImageBlockPublicAccessResult {
+export interface EnableAwsNetworkPerformanceMetricSubscriptionResult {
   /**
-   * <p>Returns <code>block-new-sharing</code> if the request succeeds; otherwise, it returns an
-   *       error.</p>
+   * <p>Indicates whether the subscribe action was successful.</p>
    * @public
    */
-  ImageBlockPublicAccessState?: ImageBlockPublicAccessEnabledState | undefined;
+  Output?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableImageDeprecationRequest {
-  /**
-   * <p>The ID of the AMI.</p>
-   * @public
-   */
-  ImageId: string | undefined;
-
-  /**
-   * <p>The date and time to deprecate the AMI, in UTC, in the following format:
-   *         <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.
-   *       If you specify a value for seconds, Amazon EC2 rounds the seconds to the
-   *       nearest minute.</p>
-   *          <p>You can’t specify a date in the past. The upper limit for <code>DeprecateAt</code> is 10
-   *       years from now, except for public AMIs, where the upper limit is 2 years from the creation date.</p>
-   * @public
-   */
-  DeprecateAt: Date | undefined;
-
+export interface EnableEbsEncryptionByDefaultRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8698,89 +8815,104 @@ export interface EnableImageDeprecationRequest {
 /**
  * @public
  */
-export interface EnableImageDeprecationResult {
+export interface EnableEbsEncryptionByDefaultResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The updated status of encryption by default.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  EbsEncryptionByDefault?: boolean | undefined;
 }
 
 /**
+ * <p>Request to create a launch template for a Windows fast launch enabled AMI.</p>
+ *          <note>
+ *             <p>Note - You can specify either the <code>LaunchTemplateName</code> or the
+ *           <code>LaunchTemplateId</code>, but not both.</p>
+ *          </note>
  * @public
  */
-export interface EnableImageDeregistrationProtectionRequest {
+export interface FastLaunchLaunchTemplateSpecificationRequest {
   /**
-   * <p>The ID of the AMI.</p>
+   * <p>Specify the ID of the launch template that the AMI should use for Windows fast
+   *       launch.</p>
    * @public
    */
-  ImageId: string | undefined;
+  LaunchTemplateId?: string | undefined;
 
   /**
-   * <p>If <code>true</code>, enforces deregistration protection for 24 hours after deregistration
-   *       protection is disabled.</p>
+   * <p>Specify the name of the launch template that the AMI should use for Windows fast
+   *       launch.</p>
    * @public
    */
-  WithCooldown?: boolean | undefined;
+  LaunchTemplateName?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Specify the version of the launch template that the AMI should use for Windows fast
+   *       launch.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Version: string | undefined;
 }
 
 /**
+ * <p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows
+ *       fast launch enabled AMI.</p>
  * @public
  */
-export interface EnableImageDeregistrationProtectionResult {
+export interface FastLaunchSnapshotConfigurationRequest {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The number of pre-provisioned snapshots to keep on hand for a Windows fast launch enabled
+   *       AMI.</p>
    * @public
    */
-  Return?: string | undefined;
+  TargetResourceCount?: number | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableIpamOrganizationAdminAccountRequest {
+export interface EnableFastLaunchRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Specify the ID of the image for which to enable Windows fast launch.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>The Organizations member account ID that you want to enable as the IPAM account.</p>
+   * <p>The type of resource to use for pre-provisioning the AMI for Windows fast launch.
+   *       Supported values include: <code>snapshot</code>, which is the default value.</p>
    * @public
    */
-  DelegatedAdminAccountId: string | undefined;
-}
+  ResourceType?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableIpamOrganizationAdminAccountResult {
   /**
-   * <p>The result of enabling the IPAM account.</p>
+   * <p>Configuration settings for creating and managing the snapshots that are used for
+   *       pre-provisioning the AMI for Windows fast launch. The associated <code>ResourceType</code>
+   *       must be <code>snapshot</code>.</p>
    * @public
    */
-  Success?: boolean | undefined;
-}
+  SnapshotConfiguration?: FastLaunchSnapshotConfigurationRequest | undefined;
+
+  /**
+   * <p>The launch template to use when launching Windows instances from pre-provisioned
+   *       snapshots. Launch template parameters can include either the name or ID of the launch
+   *       template, but not both.</p>
+   * @public
+   */
+  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationRequest | undefined;
+
+  /**
+   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to create
+   *       pre-provisioned snapshots for Windows fast launch. Value must be <code>6</code> or
+   *       greater.</p>
+   * @public
+   */
+  MaxParallelLaunches?: number | undefined;
 
-/**
- * @public
- */
-export interface EnableReachabilityAnalyzerOrganizationSharingRequest {
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -8789,104 +8921,83 @@ export interface EnableReachabilityAnalyzerOrganizationSharingRequest {
 /**
  * @public
  */
-export interface EnableReachabilityAnalyzerOrganizationSharingResult {
+export interface EnableFastLaunchResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>
+   * <p>The image ID that identifies the AMI for which Windows fast launch was enabled.</p>
    * @public
    */
-  ReturnValue?: boolean | undefined;
-}
+  ImageId?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableSerialConsoleAccessRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The type of resource that was defined for pre-provisioning the AMI for Windows fast
+   *       launch.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  ResourceType?: FastLaunchResourceType | undefined;
 
-/**
- * @public
- */
-export interface EnableSerialConsoleAccessResult {
   /**
-   * <p>If <code>true</code>, access to the EC2 serial console of all instances is enabled for
-   * 			your account. If <code>false</code>, access to the EC2 serial console of all instances
-   * 			is disabled for your account.</p>
+   * <p>Settings to create and manage the pre-provisioned snapshots that Amazon EC2 uses for faster
+   *       launches from the Windows AMI. This property is returned when the associated
+   *         <code>resourceType</code> is <code>snapshot</code>.</p>
    * @public
    */
-  SerialConsoleAccessEnabled?: boolean | undefined;
-}
+  SnapshotConfiguration?: FastLaunchSnapshotConfigurationResponse | undefined;
 
-/**
- * @public
- */
-export interface EnableSnapshotBlockPublicAccessRequest {
   /**
-   * <p>The mode in which to enable block public access for snapshots for the Region.
-   *       Specify one of the following values:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>block-all-sharing</code> - Prevents all public sharing of snapshots in
-   *           the Region. Users in the account will no longer be able to request new public
-   *           sharing. Additionally, snapshots that are already publicly shared are treated as
-   *           private and they are no longer publicly available.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>block-new-sharing</code>  - Prevents only new public sharing of snapshots
-   *           in the Region. Users in the account will no longer be able to request new public
-   *           sharing. However, snapshots that are already publicly shared, remain publicly
-   *           available.</p>
-   *             </li>
-   *          </ul>
-   *          <p>
-   *             <code>unblocked</code> is not a valid value for <b>EnableSnapshotBlockPublicAccess</b>.</p>
+   * <p>The launch template that is used when launching Windows instances from pre-provisioned
+   *       snapshots.</p>
+   * @public
+   */
+  LaunchTemplate?: FastLaunchLaunchTemplateSpecificationResponse | undefined;
+
+  /**
+   * <p>The maximum number of instances that Amazon EC2 can launch at the same time to create
+   *       pre-provisioned snapshots for Windows fast launch.</p>
    * @public
    */
-  State: SnapshotBlockPublicAccessState | undefined;
+  MaxParallelLaunches?: number | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The owner ID for the AMI for which Windows fast launch was enabled.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  OwnerId?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableSnapshotBlockPublicAccessResult {
   /**
-   * <p>The state of block public access for snapshots for the account and Region. Returns
-   *       either <code>block-all-sharing</code> or <code>block-new-sharing</code> if the request
-   *       succeeds.</p>
+   * <p>The current state of Windows fast launch for the specified AMI.</p>
    * @public
    */
-  State?: SnapshotBlockPublicAccessState | undefined;
+  State?: FastLaunchStateCode | undefined;
+
+  /**
+   * <p>The reason that the state changed for Windows fast launch for the AMI.</p>
+   * @public
+   */
+  StateTransitionReason?: string | undefined;
+
+  /**
+   * <p>The time that the state changed for Windows fast launch for the AMI.</p>
+   * @public
+   */
+  StateTransitionTime?: Date | undefined;
 }
 
 /**
  * @public
  */
-export interface EnableTransitGatewayRouteTablePropagationRequest {
+export interface EnableFastSnapshotRestoresRequest {
   /**
-   * <p>The ID of the propagation route table.</p>
+   * <p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>
    * @public
    */
-  TransitGatewayRouteTableId: string | undefined;
+  AvailabilityZones: string[] | undefined;
 
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>. You can specify
+   *       a snapshot that was shared with you from another Amazon Web Services account.</p>
    * @public
    */
-  TransitGatewayAttachmentId?: string | undefined;
+  SourceSnapshotIds: string[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8895,205 +9006,177 @@ export interface EnableTransitGatewayRouteTablePropagationRequest {
    * @public
    */
   DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the transit gateway route table announcement.</p>
-   * @public
-   */
-  TransitGatewayRouteTableAnnouncementId?: string | undefined;
 }
 
 /**
+ * <p>Describes fast snapshot restores that were successfully enabled.</p>
  * @public
  */
-export interface EnableTransitGatewayRouteTablePropagationResult {
+export interface EnableFastSnapshotRestoreSuccessItem {
   /**
-   * <p>Information about route propagation.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  Propagation?: TransitGatewayPropagation | undefined;
-}
+  SnapshotId?: string | undefined;
 
-/**
- * <p>Contains the parameters for EnableVgwRoutePropagation.</p>
- * @public
- */
-export interface EnableVgwRoutePropagationRequest {
   /**
-   * <p>The ID of the virtual private gateway that is attached to a VPC. The virtual private
-   *             gateway must be attached to the same VPC that the routing tables are associated with.
-   *         </p>
+   * <p>The Availability Zone.</p>
    * @public
    */
-  GatewayId: string | undefined;
+  AvailabilityZone?: string | undefined;
 
   /**
-   * <p>The ID of the route table. The routing table must be associated with the same VPC that
-   *             the virtual private gateway is attached to. </p>
+   * <p>The state of fast snapshot restores.</p>
    * @public
    */
-  RouteTableId: string | undefined;
+  State?: FastSnapshotRestoreStateCode | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The reason for the state transition. The possible values are as follows:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or
+   *           <code>disabling</code>.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned
+   *           to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  StateTransitionReason?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableVolumeIORequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  OwnerId?: string | undefined;
 
   /**
-   * <p>The ID of the volume.</p>
+   * <p>The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.</p>
    * @public
    */
-  VolumeId: string | undefined;
-}
+  OwnerAlias?: string | undefined;
 
-/**
- * @public
- */
-export interface EnableVpcClassicLinkRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  EnablingTime?: Date | undefined;
 
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>
    * @public
    */
-  VpcId: string | undefined;
-}
+  OptimizingTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface EnableVpcClassicLinkResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>
    * @public
    */
-  Return?: boolean | undefined;
-}
+  EnabledTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface EnableVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The ID of the VPC.</p>
+   * <p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>
    * @public
    */
-  VpcId?: string | undefined;
-}
+  DisablingTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface EnableVpcClassicLinkDnsSupportResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+   * <p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  DisabledTime?: Date | undefined;
 }
 
 /**
+ * <p>Describes an error that occurred when enabling fast snapshot restores.</p>
  * @public
  */
-export interface ExportClientVpnClientCertificateRevocationListRequest {
+export interface EnableFastSnapshotRestoreStateError {
   /**
-   * <p>The ID of the Client VPN endpoint.</p>
+   * <p>The error code.</p>
    * @public
    */
-  ClientVpnEndpointId: string | undefined;
+  Code?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The error message.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Message?: string | undefined;
 }
 
 /**
+ * <p>Contains information about an error that occurred when enabling fast snapshot restores.</p>
  * @public
- * @enum
  */
-export const ClientCertificateRevocationListStatusCode = {
-  active: "active",
-  pending: "pending",
-} as const;
+export interface EnableFastSnapshotRestoreStateErrorItem {
+  /**
+   * <p>The Availability Zone.</p>
+   * @public
+   */
+  AvailabilityZone?: string | undefined;
 
-/**
- * @public
- */
-export type ClientCertificateRevocationListStatusCode =
-  (typeof ClientCertificateRevocationListStatusCode)[keyof typeof ClientCertificateRevocationListStatusCode];
+  /**
+   * <p>The error.</p>
+   * @public
+   */
+  Error?: EnableFastSnapshotRestoreStateError | undefined;
+}
 
 /**
- * <p>Describes the state of a client certificate revocation list.</p>
+ * <p>Contains information about the errors that occurred when enabling fast snapshot restores.</p>
  * @public
  */
-export interface ClientCertificateRevocationListStatus {
+export interface EnableFastSnapshotRestoreErrorItem {
   /**
-   * <p>The state of the client certificate revocation list.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  Code?: ClientCertificateRevocationListStatusCode | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>A message about the status of the client certificate revocation list, if applicable.</p>
+   * <p>The errors.</p>
    * @public
    */
-  Message?: string | undefined;
+  FastSnapshotRestoreStateErrors?: EnableFastSnapshotRestoreStateErrorItem[] | undefined;
 }
 
 /**
  * @public
  */
-export interface ExportClientVpnClientCertificateRevocationListResult {
+export interface EnableFastSnapshotRestoresResult {
   /**
-   * <p>Information about the client certificate revocation list.</p>
+   * <p>Information about the snapshots for which fast snapshot restores were successfully enabled.</p>
    * @public
    */
-  CertificateRevocationList?: string | undefined;
+  Successful?: EnableFastSnapshotRestoreSuccessItem[] | undefined;
 
   /**
-   * <p>The current state of the client certificate revocation list.</p>
+   * <p>Information about the snapshots for which fast snapshot restores could not be enabled.</p>
    * @public
    */
-  Status?: ClientCertificateRevocationListStatus | undefined;
+  Unsuccessful?: EnableFastSnapshotRestoreErrorItem[] | undefined;
 }
 
 /**
  * @public
  */
-export interface ExportClientVpnClientConfigurationRequest {
+export interface EnableImageRequest {
   /**
-   * <p>The ID of the Client VPN endpoint.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  ClientVpnEndpointId: string | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -9102,215 +9185,245 @@ export interface ExportClientVpnClientConfigurationRequest {
 /**
  * @public
  */
-export interface ExportClientVpnClientConfigurationResult {
+export interface EnableImageResult {
   /**
-   * <p>The contents of the Client VPN endpoint configuration file.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  ClientConfiguration?: string | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
- * <p>Describes the destination for an export image task.</p>
  * @public
+ * @enum
  */
-export interface ExportTaskS3LocationRequest {
-  /**
-   * <p>The destination Amazon S3 bucket.</p>
-   * @public
-   */
-  S3Bucket: string | undefined;
-
-  /**
-   * <p>The prefix (logical hierarchy) in the bucket.</p>
-   * @public
-   */
-  S3Prefix?: string | undefined;
-}
+export const ImageBlockPublicAccessEnabledState = {
+  block_new_sharing: "block-new-sharing",
+} as const;
 
 /**
  * @public
  */
-export interface ExportImageRequest {
-  /**
-   * <p>Token to enable idempotency for export image requests.</p>
-   * @public
-   */
-  ClientToken?: string | undefined;
+export type ImageBlockPublicAccessEnabledState =
+  (typeof ImageBlockPublicAccessEnabledState)[keyof typeof ImageBlockPublicAccessEnabledState];
 
+/**
+ * @public
+ */
+export interface EnableImageBlockPublicAccessRequest {
   /**
-   * <p>A description of the image being exported. The maximum length is 255 characters.</p>
+   * <p>Specify <code>block-new-sharing</code> to enable block public access for AMIs at the
+   *       account level in the specified Region. This will block any attempt to publicly share your AMIs
+   *       in the specified Region.</p>
    * @public
    */
-  Description?: string | undefined;
+  ImageBlockPublicAccessState: ImageBlockPublicAccessEnabledState | undefined;
 
   /**
-   * <p>The disk image format.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DiskImageFormat: DiskImageFormat | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableImageBlockPublicAccessResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Returns <code>block-new-sharing</code> if the request succeeds; otherwise, it returns an
+   *       error.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  ImageBlockPublicAccessState?: ImageBlockPublicAccessEnabledState | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableImageDeprecationRequest {
   /**
-   * <p>The ID of the image.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
   ImageId: string | undefined;
 
   /**
-   * <p>The Amazon S3 bucket for the destination image. The destination bucket must exist.</p>
+   * <p>The date and time to deprecate the AMI, in UTC, in the following format:
+   *         <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.
+   *       If you specify a value for seconds, Amazon EC2 rounds the seconds to the nearest minute.</p>
+   *          <p>You can’t specify a date in the past. The upper limit for <code>DeprecateAt</code> is 10
+   *       years from now, except for public AMIs, where the upper limit is 2 years from the creation
+   *       date.</p>
    * @public
    */
-  S3ExportLocation: ExportTaskS3LocationRequest | undefined;
+  DeprecateAt: Date | undefined;
 
   /**
-   * <p>The name of the role that grants VM Import/Export permission to export images to your Amazon
-   *    S3 bucket. If this parameter is not specified, the default role is named 'vmimport'.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  RoleName?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableImageDeprecationResult {
   /**
-   * <p>The tags to apply to the export image task during creation.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  TagSpecifications?: TagSpecification[] | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface ExportImageResult {
+export interface EnableImageDeregistrationProtectionRequest {
   /**
-   * <p>A description of the image being exported.</p>
+   * <p>The ID of the AMI.</p>
    * @public
    */
-  Description?: string | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>The disk image format for the exported image.</p>
+   * <p>If <code>true</code>, enforces deregistration protection for 24 hours after deregistration
+   *       protection is disabled.</p>
    * @public
    */
-  DiskImageFormat?: DiskImageFormat | undefined;
+  WithCooldown?: boolean | undefined;
 
   /**
-   * <p>The ID of the export image task.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  ExportImageTaskId?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableImageDeregistrationProtectionResult {
   /**
-   * <p>The ID of the image.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  ImageId?: string | undefined;
+  Return?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableIpamOrganizationAdminAccountRequest {
   /**
-   * <p>The name of the role that grants VM Import/Export permission to export images to your Amazon
-   *    S3 bucket.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  RoleName?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The percent complete of the export image task.</p>
+   * <p>The Organizations member account ID that you want to enable as the IPAM account.</p>
    * @public
    */
-  Progress?: string | undefined;
+  DelegatedAdminAccountId: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableIpamOrganizationAdminAccountResult {
   /**
-   * <p>Information about the destination Amazon S3 bucket.</p>
+   * <p>The result of enabling the IPAM account.</p>
    * @public
    */
-  S3ExportLocation?: ExportTaskS3Location | undefined;
+  Success?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableReachabilityAnalyzerOrganizationSharingRequest {
   /**
-   * <p>The status of the export image task. The possible values are <code>active</code>, <code>completed</code>,
-   *     <code>deleting</code>, and <code>deleted</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Status?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableReachabilityAnalyzerOrganizationSharingResult {
   /**
-   * <p>The status message for the export image task.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>
    * @public
    */
-  StatusMessage?: string | undefined;
+  ReturnValue?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableSerialConsoleAccessRequest {
   /**
-   * <p>Any tags assigned to the export image task.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Tags?: Tag[] | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface ExportTransitGatewayRoutesRequest {
+export interface EnableSerialConsoleAccessResult {
   /**
-   * <p>The ID of the route table.</p>
+   * <p>If <code>true</code>, access to the EC2 serial console of all instances is enabled for
+   * 			your account. If <code>false</code>, access to the EC2 serial console of all instances
+   * 			is disabled for your account.</p>
    * @public
    */
-  TransitGatewayRouteTableId: string | undefined;
+  SerialConsoleAccessEnabled?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableSnapshotBlockPublicAccessRequest {
   /**
-   * <p>One or more filters. The possible values are:</p>
+   * <p>The mode in which to enable block public access for snapshots for the Region.
+   *       Specify one of the following values:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>attachment.transit-gateway-attachment-id</code> - The id of the transit gateway attachment.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route-search.exact-match</code> - The exact match of the specified filter.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>state</code> - The state of the route (<code>active</code> | <code>blackhole</code>).</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>transit-gateway-route-destination-cidr-block</code> - The CIDR range.</p>
+   *                   <code>block-all-sharing</code> - Prevents all public sharing of snapshots in
+   *           the Region. Users in the account will no longer be able to request new public
+   *           sharing. Additionally, snapshots that are already publicly shared are treated as
+   *           private and they are no longer publicly available.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>type</code> - The type of route (<code>propagated</code> |
-   *                <code>static</code>).</p>
+   *                   <code>block-new-sharing</code>  - Prevents only new public sharing of snapshots
+   *           in the Region. Users in the account will no longer be able to request new public
+   *           sharing. However, snapshots that are already publicly shared, remain publicly
+   *           available.</p>
    *             </li>
    *          </ul>
+   *          <p>
+   *             <code>unblocked</code> is not a valid value for <b>EnableSnapshotBlockPublicAccess</b>.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
-
-  /**
-   * <p>The name of the S3 bucket.</p>
-   * @public
-   */
-  S3Bucket: string | undefined;
+  State: SnapshotBlockPublicAccessState | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -9324,473 +9437,444 @@ export interface ExportTransitGatewayRoutesRequest {
 /**
  * @public
  */
-export interface ExportTransitGatewayRoutesResult {
-  /**
-   * <p>The URL of the exported file in Amazon S3. For example,
-   *          s3://<i>bucket_name</i>/VPCTransitGateway/TransitGatewayRouteTables/<i>file_name</i>.</p>
-   * @public
-   */
-  S3Location?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface GetAssociatedEnclaveCertificateIamRolesRequest {
-  /**
-   * <p>The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon
-   * 			S3 object information.</p>
-   * @public
-   */
-  CertificateArn: string | undefined;
-
+export interface EnableSnapshotBlockPublicAccessResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The state of block public access for snapshots for the account and Region. Returns
+   *       either <code>block-all-sharing</code> or <code>block-new-sharing</code> if the request
+   *       succeeds.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  State?: SnapshotBlockPublicAccessState | undefined;
 }
 
 /**
- * <p>Information about the associated IAM roles.</p>
  * @public
  */
-export interface AssociatedRole {
+export interface EnableTransitGatewayRouteTablePropagationRequest {
   /**
-   * <p>The ARN of the associated IAM role.</p>
+   * <p>The ID of the propagation route table.</p>
    * @public
    */
-  AssociatedRoleArn?: string | undefined;
+  TransitGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>The name of the Amazon S3 bucket in which the Amazon S3 object is stored.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  CertificateS3BucketName?: string | undefined;
+  TransitGatewayAttachmentId?: string | undefined;
 
   /**
-   * <p>The key of the Amazon S3 object where the certificate, certificate chain, and encrypted private key bundle
-   * 			are stored. The object key is formatted as follows: <code>role_arn</code>/<code>certificate_arn</code>.
-   * 		</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  CertificateS3ObjectKey?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the KMS key used to encrypt the private key.</p>
+   * <p>The ID of the transit gateway route table announcement.</p>
    * @public
    */
-  EncryptionKmsKeyId?: string | undefined;
+  TransitGatewayRouteTableAnnouncementId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetAssociatedEnclaveCertificateIamRolesResult {
+export interface EnableTransitGatewayRouteTablePropagationResult {
   /**
-   * <p>Information about the associated IAM roles.</p>
+   * <p>Information about route propagation.</p>
    * @public
    */
-  AssociatedRoles?: AssociatedRole[] | undefined;
+  Propagation?: TransitGatewayPropagation | undefined;
 }
 
 /**
+ * <p>Contains the parameters for EnableVgwRoutePropagation.</p>
  * @public
  */
-export interface GetAssociatedIpv6PoolCidrsRequest {
-  /**
-   * <p>The ID of the IPv6 address pool.</p>
-   * @public
-   */
-  PoolId: string | undefined;
-
+export interface EnableVgwRoutePropagationRequest {
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The ID of the virtual private gateway that is attached to a VPC. The virtual private
+   *             gateway must be attached to the same VPC that the routing tables are associated with.
+   *         </p>
    * @public
    */
-  NextToken?: string | undefined;
+  GatewayId: string | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The ID of the route table. The routing table must be associated with the same VPC that
+   *             the virtual private gateway is attached to. </p>
    * @public
    */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+  RouteTableId: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Describes an IPv6 CIDR block association.</p>
  * @public
  */
-export interface Ipv6CidrAssociation {
+export interface EnableVolumeIORequest {
   /**
-   * <p>The IPv6 CIDR block.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Ipv6Cidr?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The resource that's associated with the IPv6 CIDR block.</p>
+   * <p>The ID of the volume.</p>
    * @public
    */
-  AssociatedResource?: string | undefined;
+  VolumeId: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetAssociatedIpv6PoolCidrsResult {
+export interface EnableVpcClassicLinkRequest {
   /**
-   * <p>Information about the IPv6 CIDR block associations.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Ipv6CidrAssociations?: Ipv6CidrAssociation[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  VpcId: string | undefined;
 }
 
 /**
- * <p>A query used for retrieving network health data. </p>
  * @public
  */
-export interface DataQuery {
-  /**
-   * <p>A user-defined ID associated with a data query that's returned in the <code>dataResponse</code> identifying the query. For example, if you set the Id to <code>MyQuery01</code>in the query, the <code>dataResponse</code> identifies the query as <code>MyQuery01</code>.</p>
-   * @public
-   */
-  Id?: string | undefined;
-
+export interface EnableVpcClassicLinkResult {
   /**
-   * <p>The Region or Availability Zone that's the source for the data query. For example, <code>us-east-1</code>.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  Source?: string | undefined;
+  Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableVpcClassicLinkDnsSupportRequest {
   /**
-   * <p>The Region or Availability Zone that's the target for the data query. For example, <code>eu-north-1</code>.</p>
+   * <p>The ID of the VPC.</p>
    * @public
    */
-  Destination?: string | undefined;
+  VpcId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface EnableVpcClassicLinkDnsSupportResult {
   /**
-   * <p>The metric used for the network performance request.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
    * @public
    */
-  Metric?: MetricType | undefined;
+  Return?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ExportClientVpnClientCertificateRevocationListRequest {
   /**
-   * <p>The metric data aggregation period, <code>p50</code>, between the specified <code>startDate</code>
-   *          and <code>endDate</code>. For example, a metric of <code>five_minutes</code> is the median of all
-   *          the data points gathered within those five minutes. <code>p50</code> is the only supported metric.</p>
+   * <p>The ID of the Client VPN endpoint.</p>
    * @public
    */
-  Statistic?: StatisticType | undefined;
+  ClientVpnEndpointId: string | undefined;
 
   /**
-   * <p>The aggregation period used for the data query.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Period?: PeriodType | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * @public
+ * @enum
+ */
+export const ClientCertificateRevocationListStatusCode = {
+  active: "active",
+  pending: "pending",
+} as const;
+
+/**
+ * @public
+ */
+export type ClientCertificateRevocationListStatusCode =
+  (typeof ClientCertificateRevocationListStatusCode)[keyof typeof ClientCertificateRevocationListStatusCode];
+
+/**
+ * <p>Describes the state of a client certificate revocation list.</p>
  * @public
  */
-export interface GetAwsNetworkPerformanceDataRequest {
+export interface ClientCertificateRevocationListStatus {
   /**
-   * <p>A list of network performance data queries.</p>
+   * <p>The state of the client certificate revocation list.</p>
    * @public
    */
-  DataQueries?: DataQuery[] | undefined;
+  Code?: ClientCertificateRevocationListStatusCode | undefined;
 
   /**
-   * <p>The starting time for the performance data request. The starting time must be formatted
-   *          as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-10T12:00:00.000Z</code>.</p>
+   * <p>A message about the status of the client certificate revocation list, if applicable.</p>
    * @public
    */
-  StartTime?: Date | undefined;
+  Message?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ExportClientVpnClientCertificateRevocationListResult {
   /**
-   * <p>The ending time for the performance data request. The end time must be formatted as <code>yyyy-mm-ddThh:mm:ss</code>. For example, <code>2022-06-12T12:00:00.000Z</code>.</p>
+   * <p>Information about the client certificate revocation list.</p>
    * @public
    */
-  EndTime?: Date | undefined;
+  CertificateRevocationList?: string | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
+   * <p>The current state of the client certificate revocation list.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  Status?: ClientCertificateRevocationListStatus | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ExportClientVpnClientConfigurationRequest {
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The ID of the Client VPN endpoint.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  ClientVpnEndpointId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Indicates whether the network was healthy or degraded at a particular point. The value is aggregated from the <code>startDate</code> to the <code>endDate</code>. Currently only <code>five_minutes</code> is supported.</p>
  * @public
  */
-export interface MetricPoint {
+export interface ExportClientVpnClientConfigurationResult {
   /**
-   * <p>The start date for the metric point. The starting date for the metric point. The starting time must be formatted
-   *          as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-10T12:00:00.000Z</code>.</p>
+   * <p>The contents of the Client VPN endpoint configuration file.</p>
    * @public
    */
-  StartDate?: Date | undefined;
+  ClientConfiguration?: string | undefined;
+}
 
+/**
+ * <p>Describes the destination for an export image task.</p>
+ * @public
+ */
+export interface ExportTaskS3LocationRequest {
   /**
-   * <p>The end date for the metric point. The ending time must be formatted as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-12T12:00:00.000Z</code>.</p>
+   * <p>The destination Amazon S3 bucket.</p>
    * @public
    */
-  EndDate?: Date | undefined;
+  S3Bucket: string | undefined;
 
-  Value?: number | undefined;
   /**
-   * <p>The status of the metric point.</p>
+   * <p>The prefix (logical hierarchy) in the bucket.</p>
    * @public
    */
-  Status?: string | undefined;
+  S3Prefix?: string | undefined;
 }
 
 /**
- * <p>The response to a <code>DataQuery</code>.</p>
  * @public
  */
-export interface DataResponse {
-  /**
-   * <p>The ID passed in the <code>DataQuery</code>.</p>
-   * @public
-   */
-  Id?: string | undefined;
-
+export interface ExportImageRequest {
   /**
-   * <p>The Region or Availability Zone that's the source for the data query. For example, <code>us-east-1</code>.</p>
+   * <p>Token to enable idempotency for export image requests.</p>
    * @public
    */
-  Source?: string | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>The Region or Availability Zone that's the destination for the data query. For example, <code>eu-west-1</code>.</p>
+   * <p>A description of the image being exported. The maximum length is 255 characters.</p>
    * @public
    */
-  Destination?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The metric used for the network performance request.</p>
+   * <p>The disk image format.</p>
    * @public
    */
-  Metric?: MetricType | undefined;
+  DiskImageFormat: DiskImageFormat | undefined;
 
   /**
-   * <p>The statistic used for the network performance request.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  Statistic?: StatisticType | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The period used for the network performance request.</p>
+   * <p>The ID of the image.</p>
    * @public
    */
-  Period?: PeriodType | undefined;
+  ImageId: string | undefined;
 
   /**
-   * <p>A list of <code>MetricPoint</code> objects.</p>
+   * <p>The Amazon S3 bucket for the destination image. The destination bucket must exist.</p>
    * @public
    */
-  MetricPoints?: MetricPoint[] | undefined;
-}
+  S3ExportLocation: ExportTaskS3LocationRequest | undefined;
 
-/**
- * @public
- */
-export interface GetAwsNetworkPerformanceDataResult {
   /**
-   * <p>The list of data responses.</p>
+   * <p>The name of the role that grants VM Import/Export permission to export images to your Amazon
+   *    S3 bucket. If this parameter is not specified, the default role is named 'vmimport'.</p>
    * @public
    */
-  DataResponses?: DataResponse[] | undefined;
+  RoleName?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The tags to apply to the export image task during creation.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  TagSpecifications?: TagSpecification[] | undefined;
 }
 
 /**
  * @public
  */
-export interface GetCapacityReservationUsageRequest {
+export interface ExportImageResult {
   /**
-   * <p>The ID of the Capacity Reservation.</p>
+   * <p>A description of the image being exported.</p>
    * @public
    */
-  CapacityReservationId: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results.</p>
+   * <p>The disk image format for the exported image.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DiskImageFormat?: DiskImageFormat | undefined;
 
   /**
-   * <p>The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information,
-   *     see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>The ID of the export image task.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  ExportImageTaskId?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the image.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  ImageId?: string | undefined;
 
-/**
- * <p>Information about the Capacity Reservation usage.</p>
- * @public
- */
-export interface InstanceUsage {
   /**
-   * <p>The ID of the Amazon Web Services account that is making use of the Capacity Reservation.</p>
+   * <p>The name of the role that grants VM Import/Export permission to export images to your Amazon
+   *    S3 bucket.</p>
    * @public
    */
-  AccountId?: string | undefined;
+  RoleName?: string | undefined;
 
   /**
-   * <p>The number of instances the Amazon Web Services account currently has in the Capacity Reservation.</p>
+   * <p>The percent complete of the export image task.</p>
    * @public
    */
-  UsedInstanceCount?: number | undefined;
-}
+  Progress?: string | undefined;
 
-/**
- * @public
- */
-export interface GetCapacityReservationUsageResult {
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>Information about the destination Amazon S3 bucket.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  S3ExportLocation?: ExportTaskS3Location | undefined;
 
   /**
-   * <p>The ID of the Capacity Reservation.</p>
+   * <p>The status of the export image task. The possible values are <code>active</code>, <code>completed</code>,
+   *     <code>deleting</code>, and <code>deleted</code>.</p>
    * @public
    */
-  CapacityReservationId?: string | undefined;
+  Status?: string | undefined;
 
   /**
-   * <p>The type of instance for which the Capacity Reservation reserves capacity.</p>
+   * <p>The status message for the export image task.</p>
    * @public
    */
-  InstanceType?: string | undefined;
+  StatusMessage?: string | undefined;
 
   /**
-   * <p>The number of instances for which the Capacity Reservation reserves capacity.</p>
+   * <p>Any tags assigned to the export image task.</p>
    * @public
    */
-  TotalInstanceCount?: number | undefined;
+  Tags?: Tag[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ExportTransitGatewayRoutesRequest {
   /**
-   * <p>The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.</p>
+   * <p>The ID of the route table.</p>
    * @public
    */
-  AvailableInstanceCount?: number | undefined;
+  TransitGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p>
+   * <p>One or more filters. The possible values are:</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p>
+   *                   <code>attachment.transit-gateway-attachment-id</code> - The id of the transit gateway attachment.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>expired</code> - The Capacity Reservation expired automatically at the date and time specified
-   * 					in your request. The reserved capacity is no longer available for your use.</p>
+   *                   <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>cancelled</code> - The Capacity Reservation was cancelled. The reserved capacity is no
-   * 					longer available for your use.</p>
+   *                   <code>route-search.exact-match</code> - The exact match of the specified filter.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>pending</code> - The Capacity Reservation request was successful but the capacity
-   * 					provisioning is still pending.</p>
+   *                   <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>failed</code> - The Capacity Reservation request has failed. A request might fail
-   * 					due to invalid request parameters, capacity constraints, or instance limit constraints.
-   * 					Failed requests are retained for 60 minutes.</p>
+   *                   <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p>
    *             </li>
-   *          </ul>
-   * @public
-   */
-  State?: CapacityReservationState | undefined;
-
-  /**
-   * <p>Information about the Capacity Reservation usage.</p>
-   * @public
-   */
-  InstanceUsages?: InstanceUsage[] | undefined;
-}
-
-/**
- * @public
- */
-export interface GetCoipPoolUsageRequest {
-  /**
-   * <p>The ID of the address pool.</p>
-   * @public
-   */
-  PoolId: string | undefined;
-
-  /**
-   * <p>One or more filters.</p>
-   *          <ul>
    *             <li>
    *                <p>
-   *                   <code>coip-address-usage.allocation-id</code> - The allocation ID of the address.</p>
+   *                   <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>coip-address-usage.aws-account-id</code> - The ID of the Amazon Web Services account that is using the customer-owned IP address.</p>
+   *                   <code>state</code> - The state of the route (<code>active</code> | <code>blackhole</code>).</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>coip-address-usage.aws-service</code> - The Amazon Web Services service that is using the customer-owned IP address.</p>
+   *                   <code>transit-gateway-route-destination-cidr-block</code> - The CIDR range.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>coip-address-usage.co-ip</code> - The customer-owned IP address.</p>
+   *                   <code>type</code> - The type of route (<code>propagated</code> |
+   *                <code>static</code>).</p>
    *             </li>
    *          </ul>
    * @public
@@ -9798,17 +9882,10 @@ export interface GetCoipPoolUsageRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>The maximum number of results to return with a single call.
-   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
-   * @public
-   */
-  MaxResults?: number | undefined;
-
-  /**
-   * <p>The token for the next page of results.</p>
+   * <p>The name of the S3 bucket.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  S3Bucket: string | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -9820,33 +9897,15 @@ export interface GetCoipPoolUsageRequest {
 }
 
 /**
- * <p>Describes address usage for a customer-owned address pool.</p>
  * @public
  */
-export interface CoipAddressUsage {
-  /**
-   * <p>The allocation ID of the address.</p>
-   * @public
-   */
-  AllocationId?: string | undefined;
-
-  /**
-   * <p>The Amazon Web Services account ID.</p>
-   * @public
-   */
-  AwsAccountId?: string | undefined;
-
-  /**
-   * <p>The Amazon Web Services service.</p>
-   * @public
-   */
-  AwsService?: string | undefined;
-
+export interface ExportTransitGatewayRoutesResult {
   /**
-   * <p>The customer-owned IP address.</p>
+   * <p>The URL of the exported file in Amazon S3. For example,
+   *          s3://<i>bucket_name</i>/VPCTransitGateway/TransitGatewayRouteTables/<i>file_name</i>.</p>
    * @public
    */
-  CoIp?: string | undefined;
+  S3Location?: string | undefined;
 }
 
 /**
diff --git a/clients/client-ec2/src/models/models_6.ts b/clients/client-ec2/src/models/models_6.ts
index 2552a15db473..2ea6f8b8fb3b 100644
--- a/clients/client-ec2/src/models/models_6.ts
+++ b/clients/client-ec2/src/models/models_6.ts
@@ -9,6 +9,7 @@ import {
   Affinity,
   ApplianceModeSupportValue,
   AutoPlacement,
+  CapacityReservationState,
   CurrencyCodeValues,
   DnsSupportValue,
   EnaSrdSpecification,
@@ -29,8 +30,6 @@ import {
   TransitGatewayPolicyTableAssociation,
   TransitGatewayVpcAttachment,
   UnsuccessfulItem,
-  VerifiedAccessInstance,
-  VerifiedAccessSseSpecificationResponse,
 } from "./models_0";
 
 import {
@@ -84,10 +83,7 @@ import {
   TrafficMirrorSession,
   TransitGateway,
   TransitGatewayPrefixListReference,
-  VerifiedAccessEndpoint,
   VerifiedAccessEndpointProtocol,
-  VerifiedAccessGroup,
-  VerifiedAccessSseSpecificationRequest,
   VpnEcmpSupportValue,
 } from "./models_2";
 
@@ -98,8 +94,11 @@ import {
   FpgaImageAttribute,
   FpgaImageAttributeName,
   IpamPoolCidr,
+  MetricType,
   PaymentOption,
+  PeriodType,
   PermissionGroup,
+  StatisticType,
 } from "./models_3";
 
 import {
@@ -108,7 +107,6 @@ import {
   ArchitectureValues,
   AttributeBooleanValue,
   BootModeValues,
-  CreateVolumePermission,
   HttpTokensState,
   ImportImageLicenseConfigurationResponse,
   InstanceAttributeName,
@@ -121,7 +119,6 @@ import {
   LaunchPermission,
   LockState,
   ReservedInstancesConfiguration,
-  SnapshotAttributeName,
   SnapshotDetail,
   SnapshotDetailFilterSensitiveLog,
   SnapshotTaskDetail,
@@ -130,364 +127,328 @@ import {
 } from "./models_4";
 
 import {
-  CoipAddressUsage,
+  CreateVolumePermission,
   ExcessCapacityTerminationPolicy,
   LaunchTemplateConfig,
+  SnapshotAttributeName,
   SnapshotBlockPublicAccessState,
   TransitGatewayPropagationState,
-  VerifiedAccessInstanceLoggingConfiguration,
 } from "./models_5";
 
 /**
  * @public
  */
-export interface GetCoipPoolUsageResult {
+export interface GetAssociatedEnclaveCertificateIamRolesRequest {
   /**
-   * <p>The ID of the customer-owned address pool.</p>
+   * <p>The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon
+   * 			S3 object information.</p>
    * @public
    */
-  CoipPoolId?: string | undefined;
+  CertificateArn: string | undefined;
 
   /**
-   * <p>Information about the address usage.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  CoipAddressUsages?: CoipAddressUsage[] | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Information about the associated IAM roles.</p>
+ * @public
+ */
+export interface AssociatedRole {
   /**
-   * <p>The ID of the local gateway route table.</p>
+   * <p>The ARN of the associated IAM role.</p>
    * @public
    */
-  LocalGatewayRouteTableId?: string | undefined;
+  AssociatedRoleArn?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The name of the Amazon S3 bucket in which the Amazon S3 object is stored.</p>
    * @public
    */
-  NextToken?: string | undefined;
-}
+  CertificateS3BucketName?: string | undefined;
 
-/**
- * @public
- */
-export interface GetConsoleOutputRequest {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The key of the Amazon S3 object where the certificate, certificate chain, and encrypted private key bundle
+   * 			are stored. The object key is formatted as follows: <code>role_arn</code>/<code>certificate_arn</code>.
+   * 		</p>
    * @public
    */
-  InstanceId: string | undefined;
+  CertificateS3ObjectKey?: string | undefined;
 
   /**
-   * <p>When enabled, retrieves the latest console output for the instance.</p>
-   *          <p>Default: disabled (<code>false</code>)</p>
+   * <p>The ID of the KMS key used to encrypt the private key.</p>
    * @public
    */
-  Latest?: boolean | undefined;
+  EncryptionKmsKeyId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetAssociatedEnclaveCertificateIamRolesResult {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Information about the associated IAM roles.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  AssociatedRoles?: AssociatedRole[] | undefined;
 }
 
 /**
  * @public
  */
-export interface GetConsoleOutputResult {
+export interface GetAssociatedIpv6PoolCidrsRequest {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The ID of the IPv6 address pool.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  PoolId: string | undefined;
 
   /**
-   * <p>The time at which the output was last updated.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  Timestamp?: Date | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The console output, base64-encoded. If you are using a command line tool, the tool
-   *             decodes the output for you.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  Output?: string | undefined;
-}
+  MaxResults?: number | undefined;
 
-/**
- * @public
- */
-export interface GetConsoleScreenshotRequest {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
+}
 
+/**
+ * <p>Describes an IPv6 CIDR block association.</p>
+ * @public
+ */
+export interface Ipv6CidrAssociation {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The IPv6 CIDR block.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  Ipv6Cidr?: string | undefined;
 
   /**
-   * <p>When set to <code>true</code>, acts as keystroke input and wakes up an instance that's
-   *             in standby or "sleep" mode.</p>
+   * <p>The resource that's associated with the IPv6 CIDR block.</p>
    * @public
    */
-  WakeUp?: boolean | undefined;
+  AssociatedResource?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetConsoleScreenshotResult {
+export interface GetAssociatedIpv6PoolCidrsResult {
   /**
-   * <p>The data that comprises the image.</p>
+   * <p>Information about the IPv6 CIDR block associations.</p>
    * @public
    */
-  ImageData?: string | undefined;
+  Ipv6CidrAssociations?: Ipv6CidrAssociation[] | undefined;
 
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
+ * <p>A query used for retrieving network health data. </p>
  * @public
- * @enum
  */
-export const UnlimitedSupportedInstanceFamily = {
-  t2: "t2",
-  t3: "t3",
-  t3a: "t3a",
-  t4g: "t4g",
-} as const;
+export interface DataQuery {
+  /**
+   * <p>A user-defined ID associated with a data query that's returned in the <code>dataResponse</code> identifying the query. For example, if you set the Id to <code>MyQuery01</code>in the query, the <code>dataResponse</code> identifies the query as <code>MyQuery01</code>.</p>
+   * @public
+   */
+  Id?: string | undefined;
 
-/**
- * @public
- */
-export type UnlimitedSupportedInstanceFamily =
-  (typeof UnlimitedSupportedInstanceFamily)[keyof typeof UnlimitedSupportedInstanceFamily];
+  /**
+   * <p>The Region or Availability Zone that's the source for the data query. For example, <code>us-east-1</code>.</p>
+   * @public
+   */
+  Source?: string | undefined;
 
-/**
- * @public
- */
-export interface GetDefaultCreditSpecificationRequest {
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The Region or Availability Zone that's the target for the data query. For example, <code>eu-north-1</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Destination?: string | undefined;
 
   /**
-   * <p>The instance family.</p>
+   * <p>The metric used for the network performance request.</p>
    * @public
    */
-  InstanceFamily: UnlimitedSupportedInstanceFamily | undefined;
-}
+  Metric?: MetricType | undefined;
 
-/**
- * <p>Describes the default credit option for CPU usage of a burstable performance instance
- *             family.</p>
- * @public
- */
-export interface InstanceFamilyCreditSpecification {
   /**
-   * <p>The instance family.</p>
+   * <p>The metric data aggregation period, <code>p50</code>, between the specified <code>startDate</code>
+   *          and <code>endDate</code>. For example, a metric of <code>five_minutes</code> is the median of all
+   *          the data points gathered within those five minutes. <code>p50</code> is the only supported metric.</p>
    * @public
    */
-  InstanceFamily?: UnlimitedSupportedInstanceFamily | undefined;
+  Statistic?: StatisticType | undefined;
 
   /**
-   * <p>The default credit option for CPU usage of the instance family. Valid values are
-   *                 <code>standard</code> and <code>unlimited</code>.</p>
+   * <p>The aggregation period used for the data query.</p>
    * @public
    */
-  CpuCredits?: string | undefined;
+  Period?: PeriodType | undefined;
 }
 
 /**
  * @public
  */
-export interface GetDefaultCreditSpecificationResult {
+export interface GetAwsNetworkPerformanceDataRequest {
   /**
-   * <p>The default credit option for CPU usage of the instance family.</p>
+   * <p>A list of network performance data queries.</p>
    * @public
    */
-  InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification | undefined;
-}
+  DataQueries?: DataQuery[] | undefined;
 
-/**
- * @public
- */
-export interface GetEbsDefaultKmsKeyIdRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The starting time for the performance data request. The starting time must be formatted
+   *          as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-10T12:00:00.000Z</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  StartTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface GetEbsDefaultKmsKeyIdResult {
   /**
-   * <p>The Amazon Resource Name (ARN) of the default KMS key for encryption by default.</p>
+   * <p>The ending time for the performance data request. The end time must be formatted as <code>yyyy-mm-ddThh:mm:ss</code>. For example, <code>2022-06-12T12:00:00.000Z</code>.</p>
    * @public
    */
-  KmsKeyId?: string | undefined;
-}
+  EndTime?: Date | undefined;
 
-/**
- * @public
- */
-export interface GetEbsEncryptionByDefaultRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The maximum number of results to return with a single call.
+   *    To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  MaxResults?: number | undefined;
 
-/**
- * @public
- */
-export interface GetEbsEncryptionByDefaultResult {
   /**
-   * <p>Indicates whether encryption by default is enabled.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  EbsEncryptionByDefault?: boolean | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Reserved for future use.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SseType?: SSEType | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const PartitionLoadFrequency = {
-  DAILY: "daily",
-  MONTHLY: "monthly",
-  NONE: "none",
-  WEEKLY: "weekly",
-} as const;
-
-/**
+ * <p>Indicates whether the network was healthy or degraded at a particular point. The value is aggregated from the <code>startDate</code> to the <code>endDate</code>. Currently only <code>five_minutes</code> is supported.</p>
  * @public
  */
-export type PartitionLoadFrequency = (typeof PartitionLoadFrequency)[keyof typeof PartitionLoadFrequency];
+export interface MetricPoint {
+  /**
+   * <p>The start date for the metric point. The starting date for the metric point. The starting time must be formatted
+   *          as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-10T12:00:00.000Z</code>.</p>
+   * @public
+   */
+  StartDate?: Date | undefined;
 
-/**
- * <p>Describes integration options for Amazon Athena.</p>
- * @public
- */
-export interface AthenaIntegration {
   /**
-   * <p>The location in Amazon S3 to store the generated CloudFormation template.</p>
+   * <p>The end date for the metric point. The ending time must be formatted as <code>yyyy-mm-ddThh:mm:ss</code>.  For example, <code>2022-06-12T12:00:00.000Z</code>.</p>
    * @public
    */
-  IntegrationResultS3DestinationArn: string | undefined;
+  EndDate?: Date | undefined;
 
+  Value?: number | undefined;
   /**
-   * <p>The schedule for adding new partitions to the table.</p>
+   * <p>The status of the metric point.</p>
    * @public
    */
-  PartitionLoadFrequency: PartitionLoadFrequency | undefined;
+  Status?: string | undefined;
+}
 
+/**
+ * <p>The response to a <code>DataQuery</code>.</p>
+ * @public
+ */
+export interface DataResponse {
   /**
-   * <p>The start date for the partition.</p>
+   * <p>The ID passed in the <code>DataQuery</code>.</p>
    * @public
    */
-  PartitionStartDate?: Date | undefined;
+  Id?: string | undefined;
 
   /**
-   * <p>The end date for the partition.</p>
+   * <p>The Region or Availability Zone that's the source for the data query. For example, <code>us-east-1</code>.</p>
    * @public
    */
-  PartitionEndDate?: Date | undefined;
-}
+  Source?: string | undefined;
 
-/**
- * <p>Describes service integrations with VPC Flow logs.</p>
- * @public
- */
-export interface IntegrateServices {
   /**
-   * <p>Information about the integration with Amazon Athena.</p>
+   * <p>The Region or Availability Zone that's the destination for the data query. For example, <code>eu-west-1</code>.</p>
    * @public
    */
-  AthenaIntegrations?: AthenaIntegration[] | undefined;
-}
+  Destination?: string | undefined;
 
-/**
- * @public
- */
-export interface GetFlowLogsIntegrationTemplateRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The metric used for the network performance request.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Metric?: MetricType | undefined;
 
   /**
-   * <p>The ID of the flow log.</p>
+   * <p>The statistic used for the network performance request.</p>
    * @public
    */
-  FlowLogId: string | undefined;
+  Statistic?: StatisticType | undefined;
 
   /**
-   * <p>To store the CloudFormation template in Amazon S3, specify the location in Amazon S3.</p>
+   * <p>The period used for the network performance request.</p>
    * @public
    */
-  ConfigDeliveryS3DestinationArn: string | undefined;
+  Period?: PeriodType | undefined;
 
   /**
-   * <p>Information about the service integration.</p>
+   * <p>A list of <code>MetricPoint</code> objects.</p>
    * @public
    */
-  IntegrateServices: IntegrateServices | undefined;
+  MetricPoints?: MetricPoint[] | undefined;
 }
 
 /**
  * @public
  */
-export interface GetFlowLogsIntegrationTemplateResult {
+export interface GetAwsNetworkPerformanceDataResult {
   /**
-   * <p>The generated CloudFormation template.</p>
+   * <p>The list of data responses.</p>
    * @public
    */
-  Result?: string | undefined;
+  DataResponses?: DataResponse[] | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetGroupsForCapacityReservationRequest {
+export interface GetCapacityReservationUsageRequest {
   /**
-   * <p>The ID of the Capacity Reservation. If you specify a Capacity Reservation that is shared
-   * 			with you, the operation returns only Capacity Reservation groups that you own.</p>
+   * <p>The ID of the Capacity Reservation.</p>
    * @public
    */
   CapacityReservationId: string | undefined;
@@ -513,27 +474,27 @@ export interface GetGroupsForCapacityReservationRequest {
 }
 
 /**
- * <p>Describes a resource group to which a Capacity Reservation has been added.</p>
+ * <p>Information about the Capacity Reservation usage.</p>
  * @public
  */
-export interface CapacityReservationGroup {
+export interface InstanceUsage {
   /**
-   * <p>The ARN of the resource group.</p>
+   * <p>The ID of the Amazon Web Services account that is making use of the Capacity Reservation.</p>
    * @public
    */
-  GroupArn?: string | undefined;
+  AccountId?: string | undefined;
 
   /**
-   * <p>The ID of the Amazon Web Services account that owns the resource group.</p>
+   * <p>The number of instances the Amazon Web Services account currently has in the Capacity Reservation.</p>
    * @public
    */
-  OwnerId?: string | undefined;
+  UsedInstanceCount?: number | undefined;
 }
 
 /**
  * @public
  */
-export interface GetGroupsForCapacityReservationResult {
+export interface GetCapacityReservationUsageResult {
   /**
    * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
@@ -541,160 +502,201 @@ export interface GetGroupsForCapacityReservationResult {
   NextToken?: string | undefined;
 
   /**
-   * <p>Information about the resource groups to which the Capacity Reservation has been added.</p>
+   * <p>The ID of the Capacity Reservation.</p>
    * @public
    */
-  CapacityReservationGroups?: CapacityReservationGroup[] | undefined;
-}
+  CapacityReservationId?: string | undefined;
 
-/**
- * @public
- */
-export interface GetHostReservationPurchasePreviewRequest {
   /**
-   * <p>The IDs of the Dedicated Hosts with which the reservation is associated.</p>
+   * <p>The type of instance for which the Capacity Reservation reserves capacity.</p>
    * @public
    */
-  HostIdSet: string[] | undefined;
+  InstanceType?: string | undefined;
 
   /**
-   * <p>The offering ID of the reservation.</p>
+   * <p>The number of instances for which the Capacity Reservation reserves capacity.</p>
    * @public
    */
-  OfferingId: string | undefined;
-}
+  TotalInstanceCount?: number | undefined;
 
-/**
- * <p>Describes the result of the purchase.</p>
- * @public
- */
-export interface Purchase {
   /**
-   * <p>The currency in which the <code>UpfrontPrice</code> and <code>HourlyPrice</code>
-   *             amounts are specified. At this time, the only supported currency is
-   *             <code>USD</code>.</p>
+   * <p>The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.</p>
    * @public
    */
-  CurrencyCode?: CurrencyCodeValues | undefined;
+  AvailableInstanceCount?: number | undefined;
 
   /**
-   * <p>The duration of the reservation's term in seconds.</p>
+   * <p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>expired</code> - The Capacity Reservation expired automatically at the date and time specified
+   * 					in your request. The reserved capacity is no longer available for your use.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>cancelled</code> - The Capacity Reservation was cancelled. The reserved capacity is no
+   * 					longer available for your use.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>pending</code> - The Capacity Reservation request was successful but the capacity
+   * 					provisioning is still pending.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>failed</code> - The Capacity Reservation request has failed. A request might fail
+   * 					due to invalid request parameters, capacity constraints, or instance limit constraints.
+   * 					Failed requests are retained for 60 minutes.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  Duration?: number | undefined;
+  State?: CapacityReservationState | undefined;
 
   /**
-   * <p>The IDs of the Dedicated Hosts associated with the reservation.</p>
+   * <p>Information about the Capacity Reservation usage.</p>
    * @public
    */
-  HostIdSet?: string[] | undefined;
+  InstanceUsages?: InstanceUsage[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetCoipPoolUsageRequest {
   /**
-   * <p>The ID of the reservation.</p>
+   * <p>The ID of the address pool.</p>
    * @public
    */
-  HostReservationId?: string | undefined;
+  PoolId: string | undefined;
 
   /**
-   * <p>The hourly price of the reservation per hour.</p>
+   * <p>One or more filters.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>coip-address-usage.allocation-id</code> - The allocation ID of the address.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>coip-address-usage.aws-account-id</code> - The ID of the Amazon Web Services account that is using the customer-owned IP address.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>coip-address-usage.aws-service</code> - The Amazon Web Services service that is using the customer-owned IP address.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>coip-address-usage.co-ip</code> - The customer-owned IP address.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  HourlyPrice?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The instance family on the Dedicated Host that the reservation can be associated
-   *             with.</p>
+   * <p>The maximum number of results to return with a single call.
+   * 	To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>
    * @public
    */
-  InstanceFamily?: string | undefined;
+  MaxResults?: number | undefined;
 
   /**
-   * <p>The payment option for the reservation.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
-  PaymentOption?: PaymentOption | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>The upfront price of the reservation.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  UpfrontPrice?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes address usage for a customer-owned address pool.</p>
  * @public
  */
-export interface GetHostReservationPurchasePreviewResult {
+export interface CoipAddressUsage {
   /**
-   * <p>The currency in which the <code>totalUpfrontPrice</code> and
-   *                 <code>totalHourlyPrice</code> amounts are specified. At this time, the only
-   *             supported currency is <code>USD</code>.</p>
+   * <p>The allocation ID of the address.</p>
    * @public
    */
-  CurrencyCode?: CurrencyCodeValues | undefined;
+  AllocationId?: string | undefined;
 
   /**
-   * <p>The purchase information of the Dedicated Host reservation and the Dedicated Hosts
-   *             associated with it.</p>
+   * <p>The Amazon Web Services account ID.</p>
    * @public
    */
-  Purchase?: Purchase[] | undefined;
+  AwsAccountId?: string | undefined;
 
   /**
-   * <p>The potential total hourly price of the reservation per hour.</p>
+   * <p>The Amazon Web Services service.</p>
    * @public
    */
-  TotalHourlyPrice?: string | undefined;
+  AwsService?: string | undefined;
 
   /**
-   * <p>The potential total upfront price. This is billed immediately.</p>
+   * <p>The customer-owned IP address.</p>
    * @public
    */
-  TotalUpfrontPrice?: string | undefined;
+  CoIp?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetImageBlockPublicAccessStateRequest {
+export interface GetCoipPoolUsageResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   * 			and provides an error response. If you have the required permissions, the error response is
-   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the customer-owned address pool.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  CoipPoolId?: string | undefined;
 
-/**
- * @public
- */
-export interface GetImageBlockPublicAccessStateResult {
   /**
-   * <p>The current state of block public access for AMIs at the account level in the specified
-   *       Amazon Web Services Region.</p>
-   *          <p>Possible values:</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>block-new-sharing</code> - Any attempt to publicly share your AMIs in the
-   *           specified Region is blocked.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>unblocked</code> - Your AMIs in the specified Region can be publicly
-   *           shared.</p>
-   *             </li>
-   *          </ul>
+   * <p>Information about the address usage.</p>
    * @public
    */
-  ImageBlockPublicAccessState?: string | undefined;
+  CoipAddressUsages?: CoipAddressUsage[] | undefined;
+
+  /**
+   * <p>The ID of the local gateway route table.</p>
+   * @public
+   */
+  LocalGatewayRouteTableId?: string | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetInstanceMetadataDefaultsRequest {
+export interface GetConsoleOutputRequest {
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId: string | undefined;
+
+  /**
+   * <p>When enabled, retrieves the latest console output for the instance.</p>
+   *          <p>Default: disabled (<code>false</code>)</p>
+   * @public
+   */
+  Latest?: boolean | undefined;
+
   /**
    * <p>Checks whether you have the required permissions for the operation, without actually making the
    *   request, and provides an error response. If you have the required permissions, the error response is
@@ -705,119 +707,147 @@ export interface GetInstanceMetadataDefaultsRequest {
 }
 
 /**
- * <p>The default instance metadata service (IMDS) settings that were set at the account
- *             level in the specified Amazon Web Services
 Region.</p>
  * @public
  */
-export interface InstanceMetadataDefaultsResponse {
-  /**
-   * <p>Indicates whether IMDSv2 is required.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>optional</code> – IMDSv2 is optional, which means that you can
-   *                     use either IMDSv2 or IMDSv1.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>required</code> – IMDSv2 is required, which means that IMDSv1 is
-   *                     disabled, and you must use IMDSv2.</p>
-   *             </li>
-   *          </ul>
-   * @public
-   */
-  HttpTokens?: HttpTokensState | undefined;
-
+export interface GetConsoleOutputResult {
   /**
-   * <p>The maximum number of hops that the metadata token can travel.</p>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  HttpPutResponseHopLimit?: number | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>Indicates whether the IMDS endpoint for an instance is enabled or disabled. When disabled, the instance
-   *             metadata can't be accessed.</p>
+   * <p>The time at which the output was last updated.</p>
    * @public
    */
-  HttpEndpoint?: InstanceMetadataEndpointState | undefined;
+  Timestamp?: Date | undefined;
 
   /**
-   * <p>Indicates whether access to instance tags from the instance metadata is enabled or
-   *             disabled. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS">Work with
-   *                 instance tags using the instance metadata</a> in the
-   *                 <i>Amazon EC2 User Guide</i>.</p>
+   * <p>The console output, base64-encoded. If you are using a command line tool, the tool
+   *             decodes the output for you.</p>
    * @public
    */
-  InstanceMetadataTags?: InstanceMetadataTagsState | undefined;
+  Output?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetInstanceMetadataDefaultsResult {
+export interface GetConsoleScreenshotRequest {
   /**
-   * <p>The account-level default IMDS settings.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AccountLevel?: InstanceMetadataDefaultsResponse | undefined;
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId: string | undefined;
+
+  /**
+   * <p>When set to <code>true</code>, acts as keystroke input and wakes up an instance that's
+   *             in standby or "sleep" mode.</p>
+   * @public
+   */
+  WakeUp?: boolean | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const EkPubKeyFormat = {
-  der: "der",
-  tpmt: "tpmt",
-} as const;
+export interface GetConsoleScreenshotResult {
+  /**
+   * <p>The data that comprises the image.</p>
+   * @public
+   */
+  ImageData?: string | undefined;
 
-/**
- * @public
- */
-export type EkPubKeyFormat = (typeof EkPubKeyFormat)[keyof typeof EkPubKeyFormat];
+  /**
+   * <p>The ID of the instance.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
+}
 
 /**
  * @public
  * @enum
  */
-export const EkPubKeyType = {
-  ECC_SEC_P384: "ecc-sec-p384",
-  RSA_2048: "rsa-2048",
+export const UnlimitedSupportedInstanceFamily = {
+  t2: "t2",
+  t3: "t3",
+  t3a: "t3a",
+  t4g: "t4g",
 } as const;
 
 /**
  * @public
  */
-export type EkPubKeyType = (typeof EkPubKeyType)[keyof typeof EkPubKeyType];
+export type UnlimitedSupportedInstanceFamily =
+  (typeof UnlimitedSupportedInstanceFamily)[keyof typeof UnlimitedSupportedInstanceFamily];
 
 /**
  * @public
  */
-export interface GetInstanceTpmEkPubRequest {
+export interface GetDefaultCreditSpecificationRequest {
   /**
-   * <p>The ID of the instance for which to get the public endorsement key.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The required public endorsement key type.</p>
+   * <p>The instance family.</p>
    * @public
    */
-  KeyType: EkPubKeyType | undefined;
+  InstanceFamily: UnlimitedSupportedInstanceFamily | undefined;
+}
 
+/**
+ * <p>Describes the default credit option for CPU usage of a burstable performance instance
+ *             family.</p>
+ * @public
+ */
+export interface InstanceFamilyCreditSpecification {
   /**
-   * <p>The required public endorsement key format. Specify <code>der</code> for a DER-encoded public
-   *             key that is compatible with OpenSSL. Specify <code>tpmt</code> for a TPM 2.0 format that is
-   *             compatible with tpm2-tools. The returned key is base64 encoded.</p>
+   * <p>The instance family.</p>
    * @public
    */
-  KeyFormat: EkPubKeyFormat | undefined;
+  InstanceFamily?: UnlimitedSupportedInstanceFamily | undefined;
 
   /**
-   * <p>Specify this parameter to verify whether the request will succeed, without actually making the
-   *             request. If the request will succeed, the response is <code>DryRunOperation</code>. Otherwise,
-   *             the response is <code>UnauthorizedOperation</code>.</p>
+   * <p>The default credit option for CPU usage of the instance family. Valid values are
+   *                 <code>standard</code> and <code>unlimited</code>.</p>
+   * @public
+   */
+  CpuCredits?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface GetDefaultCreditSpecificationResult {
+  /**
+   * <p>The default credit option for CPU usage of the instance family.</p>
+   * @public
+   */
+  InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification | undefined;
+}
+
+/**
+ * @public
+ */
+export interface GetEbsDefaultKmsKeyIdRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
@@ -826,344 +856,521 @@ export interface GetInstanceTpmEkPubRequest {
 /**
  * @public
  */
-export interface GetInstanceTpmEkPubResult {
+export interface GetEbsDefaultKmsKeyIdResult {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>The Amazon Resource Name (ARN) of the default KMS key for encryption by default.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  KmsKeyId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetEbsEncryptionByDefaultRequest {
   /**
-   * <p>The public endorsement key type.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  KeyType?: EkPubKeyType | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetEbsEncryptionByDefaultResult {
   /**
-   * <p>The public endorsement key format.</p>
+   * <p>Indicates whether encryption by default is enabled.</p>
    * @public
    */
-  KeyFormat?: EkPubKeyFormat | undefined;
+  EbsEncryptionByDefault?: boolean | undefined;
 
   /**
-   * <p>The public endorsement key material.</p>
+   * <p>Reserved for future use.</p>
    * @public
    */
-  KeyValue?: string | undefined;
+  SseType?: SSEType | undefined;
 }
 
+/**
+ * @public
+ * @enum
+ */
+export const PartitionLoadFrequency = {
+  DAILY: "daily",
+  MONTHLY: "monthly",
+  NONE: "none",
+  WEEKLY: "weekly",
+} as const;
+
 /**
  * @public
  */
-export interface GetInstanceTypesFromInstanceRequirementsRequest {
+export type PartitionLoadFrequency = (typeof PartitionLoadFrequency)[keyof typeof PartitionLoadFrequency];
+
+/**
+ * <p>Describes integration options for Amazon Athena.</p>
+ * @public
+ */
+export interface AthenaIntegration {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The location in Amazon S3 to store the generated CloudFormation template.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  IntegrationResultS3DestinationArn: string | undefined;
 
   /**
-   * <p>The processor architecture type.</p>
+   * <p>The schedule for adding new partitions to the table.</p>
    * @public
    */
-  ArchitectureTypes: ArchitectureType[] | undefined;
+  PartitionLoadFrequency: PartitionLoadFrequency | undefined;
 
   /**
-   * <p>The virtualization type.</p>
+   * <p>The start date for the partition.</p>
    * @public
    */
-  VirtualizationTypes: VirtualizationType[] | undefined;
+  PartitionStartDate?: Date | undefined;
 
   /**
-   * <p>The attributes required for the instance types.</p>
+   * <p>The end date for the partition.</p>
    * @public
    */
-  InstanceRequirements: InstanceRequirementsRequest | undefined;
+  PartitionEndDate?: Date | undefined;
+}
 
+/**
+ * <p>Describes service integrations with VPC Flow logs.</p>
+ * @public
+ */
+export interface IntegrateServices {
   /**
-   * <p>The maximum number of items to return for this request.
-   *          To get the next page of items, make another request with the token returned in the output.
-   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * <p>Information about the integration with Amazon Athena.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  AthenaIntegrations?: AthenaIntegration[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetFlowLogsIntegrationTemplateRequest {
   /**
-   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of the flow log.</p>
+   * @public
+   */
+  FlowLogId: string | undefined;
+
+  /**
+   * <p>To store the CloudFormation template in Amazon S3, specify the location in Amazon S3.</p>
+   * @public
+   */
+  ConfigDeliveryS3DestinationArn: string | undefined;
+
+  /**
+   * <p>Information about the service integration.</p>
+   * @public
+   */
+  IntegrateServices: IntegrateServices | undefined;
 }
 
 /**
- * <p>The list of instance types with the specified instance attributes.</p>
  * @public
  */
-export interface InstanceTypeInfoFromInstanceRequirements {
+export interface GetFlowLogsIntegrationTemplateResult {
   /**
-   * <p>The matching instance type.</p>
+   * <p>The generated CloudFormation template.</p>
    * @public
    */
-  InstanceType?: string | undefined;
+  Result?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetInstanceTypesFromInstanceRequirementsResult {
+export interface GetGroupsForCapacityReservationRequest {
   /**
-   * <p>The instance types with the specified instance attributes.</p>
+   * <p>The ID of the Capacity Reservation. If you specify a Capacity Reservation that is shared
+   * 			with you, the operation returns only Capacity Reservation groups that you own.</p>
    * @public
    */
-  InstanceTypes?: InstanceTypeInfoFromInstanceRequirements[] | undefined;
+  CapacityReservationId: string | undefined;
 
   /**
-   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
-   *          are no more items to return.</p>
+   * <p>The token to use to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
+
+  /**
+   * <p>The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information,
+   *     see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
 }
 
 /**
+ * <p>Describes a resource group to which a Capacity Reservation has been added.</p>
  * @public
  */
-export interface GetInstanceUefiDataRequest {
+export interface CapacityReservationGroup {
   /**
-   * <p>The ID of the instance from which to retrieve the UEFI data.</p>
+   * <p>The ARN of the resource group.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  GroupArn?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the operation, without actually making the
-   *   request, and provides an error response. If you have the required permissions, the error response is
-   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the Amazon Web Services account that owns the resource group.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  OwnerId?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetInstanceUefiDataResult {
+export interface GetGroupsForCapacityReservationResult {
   /**
-   * <p>The ID of the instance from which to retrieve the UEFI data.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Base64 representation of the non-volatile UEFI variable store.</p>
+   * <p>Information about the resource groups to which the Capacity Reservation has been added.</p>
    * @public
    */
-  UefiData?: string | undefined;
+  CapacityReservationGroups?: CapacityReservationGroup[] | undefined;
 }
 
 /**
  * @public
  */
-export interface GetIpamAddressHistoryRequest {
+export interface GetHostReservationPurchasePreviewRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The IDs of the Dedicated Hosts with which the reservation is associated.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  HostIdSet: string[] | undefined;
 
   /**
-   * <p>The CIDR you want the history of. The CIDR can be an IPv4 or IPv6 IP address range.
-   *          If you enter a /16 IPv4 CIDR, you will get records that match it exactly. You will not get records for any subnets within the /16 CIDR.</p>
+   * <p>The offering ID of the reservation.</p>
    * @public
    */
-  Cidr: string | undefined;
+  OfferingId: string | undefined;
+}
 
+/**
+ * <p>Describes the result of the purchase.</p>
+ * @public
+ */
+export interface Purchase {
   /**
-   * <p>The ID of the IPAM scope that the CIDR is in.</p>
+   * <p>The currency in which the <code>UpfrontPrice</code> and <code>HourlyPrice</code>
+   *             amounts are specified. At this time, the only supported currency is
+   *             <code>USD</code>.</p>
    * @public
    */
-  IpamScopeId: string | undefined;
+  CurrencyCode?: CurrencyCodeValues | undefined;
 
   /**
-   * <p>The ID of the VPC you want your history records filtered by.</p>
+   * <p>The duration of the reservation's term in seconds.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  Duration?: number | undefined;
 
   /**
-   * <p>The start of the time period for which you are looking for history. If you omit this option, it will default to the value of EndTime.</p>
+   * <p>The IDs of the Dedicated Hosts associated with the reservation.</p>
    * @public
    */
-  StartTime?: Date | undefined;
+  HostIdSet?: string[] | undefined;
 
   /**
-   * <p>The end of the time period for which you are looking for history. If you omit this option, it will default to the current time.</p>
+   * <p>The ID of the reservation.</p>
    * @public
    */
-  EndTime?: Date | undefined;
+  HostReservationId?: string | undefined;
 
   /**
-   * <p>The maximum number of historical results you would like returned per page. Defaults to 100.</p>
+   * <p>The hourly price of the reservation per hour.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  HourlyPrice?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The instance family on the Dedicated Host that the reservation can be associated
+   *             with.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  InstanceFamily?: string | undefined;
+
+  /**
+   * <p>The payment option for the reservation.</p>
+   * @public
+   */
+  PaymentOption?: PaymentOption | undefined;
+
+  /**
+   * <p>The upfront price of the reservation.</p>
+   * @public
+   */
+  UpfrontPrice?: string | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const IpamComplianceStatus = {
-  compliant: "compliant",
-  ignored: "ignored",
-  noncompliant: "noncompliant",
-  unmanaged: "unmanaged",
-} as const;
+export interface GetHostReservationPurchasePreviewResult {
+  /**
+   * <p>The currency in which the <code>totalUpfrontPrice</code> and
+   *                 <code>totalHourlyPrice</code> amounts are specified. At this time, the only
+   *             supported currency is <code>USD</code>.</p>
+   * @public
+   */
+  CurrencyCode?: CurrencyCodeValues | undefined;
 
-/**
- * @public
- */
-export type IpamComplianceStatus = (typeof IpamComplianceStatus)[keyof typeof IpamComplianceStatus];
+  /**
+   * <p>The purchase information of the Dedicated Host reservation and the Dedicated Hosts
+   *             associated with it.</p>
+   * @public
+   */
+  Purchase?: Purchase[] | undefined;
 
-/**
- * @public
- * @enum
- */
-export const IpamOverlapStatus = {
-  ignored: "ignored",
-  nonoverlapping: "nonoverlapping",
-  overlapping: "overlapping",
-} as const;
+  /**
+   * <p>The potential total hourly price of the reservation per hour.</p>
+   * @public
+   */
+  TotalHourlyPrice?: string | undefined;
+
+  /**
+   * <p>The potential total upfront price. This is billed immediately.</p>
+   * @public
+   */
+  TotalUpfrontPrice?: string | undefined;
+}
 
 /**
  * @public
  */
-export type IpamOverlapStatus = (typeof IpamOverlapStatus)[keyof typeof IpamOverlapStatus];
+export interface GetImageBlockPublicAccessStateRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * 			and provides an error response. If you have the required permissions, the error response is
+   * 			<code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
 
 /**
  * @public
- * @enum
  */
-export const IpamAddressHistoryResourceType = {
-  eip: "eip",
-  instance: "instance",
-  network_interface: "network-interface",
-  subnet: "subnet",
-  vpc: "vpc",
-} as const;
+export interface GetImageBlockPublicAccessStateResult {
+  /**
+   * <p>The current state of block public access for AMIs at the account level in the specified
+   *       Amazon Web Services Region.</p>
+   *          <p>Possible values:</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>block-new-sharing</code> - Any attempt to publicly share your AMIs in the
+   *           specified Region is blocked.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>unblocked</code> - Your AMIs in the specified Region can be publicly
+   *           shared.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  ImageBlockPublicAccessState?: string | undefined;
+}
 
 /**
  * @public
  */
-export type IpamAddressHistoryResourceType =
-  (typeof IpamAddressHistoryResourceType)[keyof typeof IpamAddressHistoryResourceType];
+export interface GetInstanceMetadataDefaultsRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
 
 /**
- * <p>The historical record of a CIDR within an IPAM scope. For more information, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/view-history-cidr-ipam.html">View the history of IP addresses</a> in the <i>Amazon VPC IPAM User Guide</i>.
- *       </p>
+ * <p>The default instance metadata service (IMDS) settings that were set at the account
+ *             level in the specified Amazon Web Services
 Region.</p>
  * @public
  */
-export interface IpamAddressHistoryRecord {
+export interface InstanceMetadataDefaultsResponse {
   /**
-   * <p>The ID of the resource owner.</p>
+   * <p>Indicates whether IMDSv2 is required.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>optional</code> – IMDSv2 is optional, which means that you can
+   *                     use either IMDSv2 or IMDSv1.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>required</code> – IMDSv2 is required, which means that IMDSv1 is
+   *                     disabled, and you must use IMDSv2.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  ResourceOwnerId?: string | undefined;
+  HttpTokens?: HttpTokensState | undefined;
 
   /**
-   * <p>The Amazon Web Services Region of the resource.</p>
+   * <p>The maximum number of hops that the metadata token can travel.</p>
    * @public
    */
-  ResourceRegion?: string | undefined;
+  HttpPutResponseHopLimit?: number | undefined;
 
   /**
-   * <p>The type of the resource.</p>
+   * <p>Indicates whether the IMDS endpoint for an instance is enabled or disabled. When disabled, the instance
+   *             metadata can't be accessed.</p>
    * @public
    */
-  ResourceType?: IpamAddressHistoryResourceType | undefined;
+  HttpEndpoint?: InstanceMetadataEndpointState | undefined;
 
   /**
-   * <p>The ID of the resource.</p>
+   * <p>Indicates whether access to instance tags from the instance metadata is enabled or
+   *             disabled. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS">Work with
+   *                 instance tags using the instance metadata</a> in the
+   *                 <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  ResourceId?: string | undefined;
+  InstanceMetadataTags?: InstanceMetadataTagsState | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetInstanceMetadataDefaultsResult {
   /**
-   * <p>The CIDR of the resource.</p>
+   * <p>The account-level default IMDS settings.</p>
    * @public
    */
-  ResourceCidr?: string | undefined;
+  AccountLevel?: InstanceMetadataDefaultsResponse | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const EkPubKeyFormat = {
+  der: "der",
+  tpmt: "tpmt",
+} as const;
+
+/**
+ * @public
+ */
+export type EkPubKeyFormat = (typeof EkPubKeyFormat)[keyof typeof EkPubKeyFormat];
+
+/**
+ * @public
+ * @enum
+ */
+export const EkPubKeyType = {
+  ECC_SEC_P384: "ecc-sec-p384",
+  RSA_2048: "rsa-2048",
+} as const;
+
+/**
+ * @public
+ */
+export type EkPubKeyType = (typeof EkPubKeyType)[keyof typeof EkPubKeyType];
 
+/**
+ * @public
+ */
+export interface GetInstanceTpmEkPubRequest {
   /**
-   * <p>The name of the resource.</p>
+   * <p>The ID of the instance for which to get the public endorsement key.</p>
    * @public
    */
-  ResourceName?: string | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>The compliance status of a resource. For more information on compliance statuses, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/monitor-cidr-compliance-ipam.html">Monitor CIDR usage by resource</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
+   * <p>The required public endorsement key type.</p>
    * @public
    */
-  ResourceComplianceStatus?: IpamComplianceStatus | undefined;
+  KeyType: EkPubKeyType | undefined;
 
   /**
-   * <p>The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/monitor-cidr-compliance-ipam.html">Monitor CIDR usage by resource</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
+   * <p>The required public endorsement key format. Specify <code>der</code> for a DER-encoded public
+   *             key that is compatible with OpenSSL. Specify <code>tpmt</code> for a TPM 2.0 format that is
+   *             compatible with tpm2-tools. The returned key is base64 encoded.</p>
    * @public
    */
-  ResourceOverlapStatus?: IpamOverlapStatus | undefined;
+  KeyFormat: EkPubKeyFormat | undefined;
 
   /**
-   * <p>The VPC ID of the resource.</p>
+   * <p>Specify this parameter to verify whether the request will succeed, without actually making the
+   *             request. If the request will succeed, the response is <code>DryRunOperation</code>. Otherwise,
+   *             the response is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetInstanceTpmEkPubResult {
   /**
-   * <p>Sampled start time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the start time may have occurred before this specific time.</p>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  SampledStartTime?: Date | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>Sampled end time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the end time may have occurred before this specific time.</p>
+   * <p>The public endorsement key type.</p>
    * @public
    */
-  SampledEndTime?: Date | undefined;
-}
+  KeyType?: EkPubKeyType | undefined;
 
-/**
- * @public
- */
-export interface GetIpamAddressHistoryResult {
   /**
-   * <p>A historical record for a CIDR within an IPAM scope. If the CIDR is associated with an EC2 instance, you will see an object in the response for the instance and one for the network interface.</p>
+   * <p>The public endorsement key format.</p>
    * @public
    */
-  HistoryRecords?: IpamAddressHistoryRecord[] | undefined;
+  KeyFormat?: EkPubKeyFormat | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The public endorsement key material.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  KeyValue?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetIpamDiscoveredAccountsRequest {
+export interface GetInstanceTypesFromInstanceRequirementsRequest {
   /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
    *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
@@ -1171,152 +1378,108 @@ export interface GetIpamDiscoveredAccountsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>A resource discovery ID.</p>
+   * <p>The processor architecture type.</p>
    * @public
    */
-  IpamResourceDiscoveryId: string | undefined;
+  ArchitectureTypes: ArchitectureType[] | undefined;
 
   /**
-   * <p>The Amazon Web Services Region that the account information is returned from.</p>
+   * <p>The virtualization type.</p>
    * @public
    */
-  DiscoveryRegion: string | undefined;
+  VirtualizationTypes: VirtualizationType[] | undefined;
 
   /**
-   * <p>Discovered account filters.</p>
+   * <p>The attributes required for the instance types.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  InstanceRequirements: InstanceRequirementsRequest | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>The maximum number of items to return for this request.
+   *          To get the next page of items, make another request with the token returned in the output.
+   * 	        For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination">Pagination</a>.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+
+  /**
+   * <p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>
    * @public
    */
   NextToken?: string | undefined;
+}
 
+/**
+ * <p>The list of instance types with the specified instance attributes.</p>
+ * @public
+ */
+export interface InstanceTypeInfoFromInstanceRequirements {
   /**
-   * <p>The maximum number of discovered accounts to return in one page of results.</p>
+   * <p>The matching instance type.</p>
    * @public
    */
-  MaxResults?: number | undefined;
+  InstanceType?: string | undefined;
 }
 
 /**
  * @public
- * @enum
  */
-export const IpamDiscoveryFailureCode = {
-  assume_role_failure: "assume-role-failure",
-  throttling_failure: "throttling-failure",
-  unauthorized_failure: "unauthorized-failure",
-} as const;
-
-/**
- * @public
- */
-export type IpamDiscoveryFailureCode = (typeof IpamDiscoveryFailureCode)[keyof typeof IpamDiscoveryFailureCode];
-
-/**
- * <p>The discovery failure reason.</p>
- * @public
- */
-export interface IpamDiscoveryFailureReason {
+export interface GetInstanceTypesFromInstanceRequirementsResult {
   /**
-   * <p>The discovery failure code.</p>
-   *          <ul>
-   *             <li>
-   *                <p>
-   *                   <code>assume-role-failure</code> - IPAM could not assume the Amazon Web Services IAM service-linked role. This could be because of any of the following:</p>
-   *                <ul>
-   *                   <li>
-   *                      <p>SLR has not been created yet and IPAM is still creating it.</p>
-   *                   </li>
-   *                   <li>
-   *                      <p>You have opted-out of the IPAM home Region.</p>
-   *                   </li>
-   *                   <li>
-   *                      <p>Account you are using as your IPAM account has been suspended.</p>
-   *                   </li>
-   *                </ul>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>throttling-failure</code> - IPAM account is already using the allotted transactions per second and IPAM is receiving a throttling error when assuming the Amazon Web Services IAM SLR.</p>
-   *             </li>
-   *             <li>
-   *                <p>
-   *                   <code>unauthorized-failure</code> - Amazon Web Services account making the request is not authorized. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html">AuthFailure</a> in the <i>Amazon Elastic Compute Cloud API Reference</i>.</p>
-   *             </li>
-   *          </ul>
+   * <p>The instance types with the specified instance attributes.</p>
    * @public
    */
-  Code?: IpamDiscoveryFailureCode | undefined;
+  InstanceTypes?: InstanceTypeInfoFromInstanceRequirements[] | undefined;
 
   /**
-   * <p>The discovery failure message.</p>
+   * <p>The token to include in another request to get the next page of items. This value is <code>null</code> when there
+   *          are no more items to return.</p>
    * @public
    */
-  Message?: string | undefined;
+  NextToken?: string | undefined;
 }
 
 /**
- * <p>An IPAM discovered account. A discovered account is an Amazon Web Services account that is monitored under a resource discovery. If you have integrated IPAM with Amazon Web Services Organizations, all accounts in the organization are discovered accounts.</p>
  * @public
  */
-export interface IpamDiscoveredAccount {
-  /**
-   * <p>The account ID.</p>
-   * @public
-   */
-  AccountId?: string | undefined;
-
-  /**
-   * <p>The Amazon Web Services Region that the account information is returned from.
-   *          An account can be discovered in multiple regions and will have a separate discovered account for each Region.</p>
-   * @public
-   */
-  DiscoveryRegion?: string | undefined;
-
-  /**
-   * <p>The resource discovery failure reason.</p>
-   * @public
-   */
-  FailureReason?: IpamDiscoveryFailureReason | undefined;
-
+export interface GetInstanceUefiDataRequest {
   /**
-   * <p>The last attempted resource discovery time.</p>
+   * <p>The ID of the instance from which to retrieve the UEFI data.</p>
    * @public
    */
-  LastAttemptedDiscoveryTime?: Date | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>The last successful resource discovery time.</p>
+   * <p>Checks whether you have the required permissions for the operation, without actually making the
+   *   request, and provides an error response. If you have the required permissions, the error response is
+   *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  LastSuccessfulDiscoveryTime?: Date | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
  * @public
  */
-export interface GetIpamDiscoveredAccountsResult {
+export interface GetInstanceUefiDataResult {
   /**
-   * <p>Discovered accounts.</p>
+   * <p>The ID of the instance from which to retrieve the UEFI data.</p>
    * @public
    */
-  IpamDiscoveredAccounts?: IpamDiscoveredAccount[] | undefined;
+  InstanceId?: string | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>Base64 representation of the non-volatile UEFI variable store.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  UefiData?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface GetIpamDiscoveredPublicAddressesRequest {
+export interface GetIpamAddressHistoryRequest {
   /**
    * <p>A check for whether you have the required permissions for the action without actually making the request
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -1326,277 +1489,338 @@ export interface GetIpamDiscoveredPublicAddressesRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>An IPAM resource discovery ID.</p>
+   * <p>The CIDR you want the history of. The CIDR can be an IPv4 or IPv6 IP address range.
+   *          If you enter a /16 IPv4 CIDR, you will get records that match it exactly. You will not get records for any subnets within the /16 CIDR.</p>
    * @public
    */
-  IpamResourceDiscoveryId: string | undefined;
+  Cidr: string | undefined;
 
   /**
-   * <p>The Amazon Web Services Region for the IP address.</p>
+   * <p>The ID of the IPAM scope that the CIDR is in.</p>
    * @public
    */
-  AddressRegion: string | undefined;
+  IpamScopeId: string | undefined;
 
   /**
-   * <p>Filters.</p>
+   * <p>The ID of the VPC you want your history records filtered by.</p>
    * @public
    */
-  Filters?: Filter[] | undefined;
+  VpcId?: string | undefined;
 
   /**
-   * <p>The token for the next page of results.</p>
+   * <p>The start of the time period for which you are looking for history. If you omit this option, it will default to the value of EndTime.</p>
    * @public
    */
-  NextToken?: string | undefined;
+  StartTime?: Date | undefined;
 
   /**
-   * <p>The maximum number of IPAM discovered public addresses to return in one page of results.</p>
+   * <p>The end of the time period for which you are looking for history. If you omit this option, it will default to the current time.</p>
+   * @public
+   */
+  EndTime?: Date | undefined;
+
+  /**
+   * <p>The maximum number of historical results you would like returned per page. Defaults to 100.</p>
    * @public
    */
   MaxResults?: number | undefined;
+
+  /**
+   * <p>The token for the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
 }
 
 /**
  * @public
  * @enum
  */
-export const IpamPublicAddressType = {
-  AMAZON_OWNED_CONTIG: "amazon-owned-contig",
-  AMAZON_OWNED_EIP: "amazon-owned-eip",
-  BYOIP: "byoip",
-  EC2_PUBLIC_IP: "ec2-public-ip",
-  SERVICE_MANAGED_BYOIP: "service-managed-byoip",
-  SERVICE_MANAGED_IP: "service-managed-ip",
+export const IpamComplianceStatus = {
+  compliant: "compliant",
+  ignored: "ignored",
+  noncompliant: "noncompliant",
+  unmanaged: "unmanaged",
 } as const;
 
 /**
  * @public
  */
-export type IpamPublicAddressType = (typeof IpamPublicAddressType)[keyof typeof IpamPublicAddressType];
+export type IpamComplianceStatus = (typeof IpamComplianceStatus)[keyof typeof IpamComplianceStatus];
 
 /**
  * @public
  * @enum
  */
-export const IpamPublicAddressAssociationStatus = {
-  ASSOCIATED: "associated",
-  DISASSOCIATED: "disassociated",
+export const IpamOverlapStatus = {
+  ignored: "ignored",
+  nonoverlapping: "nonoverlapping",
+  overlapping: "overlapping",
 } as const;
 
 /**
  * @public
  */
-export type IpamPublicAddressAssociationStatus =
-  (typeof IpamPublicAddressAssociationStatus)[keyof typeof IpamPublicAddressAssociationStatus];
-
-/**
- * <p>The security group that the resource with the public IP address is in.</p>
- * @public
- */
-export interface IpamPublicAddressSecurityGroup {
-  /**
-   * <p>The security group's name.</p>
-   * @public
-   */
-  GroupName?: string | undefined;
-
-  /**
-   * <p>The security group's ID.</p>
-   * @public
-   */
-  GroupId?: string | undefined;
-}
+export type IpamOverlapStatus = (typeof IpamOverlapStatus)[keyof typeof IpamOverlapStatus];
 
 /**
  * @public
  * @enum
  */
-export const IpamPublicAddressAwsService = {
-  AGA: "global-accelerator",
-  DMS: "database-migration-service",
-  EC2_LB: "load-balancer",
-  ECS: "elastic-container-service",
-  NAT_GATEWAY: "nat-gateway",
-  OTHER: "other",
-  RDS: "relational-database-service",
-  REDSHIFT: "redshift",
-  S2S_VPN: "site-to-site-vpn",
+export const IpamAddressHistoryResourceType = {
+  eip: "eip",
+  instance: "instance",
+  network_interface: "network-interface",
+  subnet: "subnet",
+  vpc: "vpc",
 } as const;
 
 /**
  * @public
  */
-export type IpamPublicAddressAwsService =
-  (typeof IpamPublicAddressAwsService)[keyof typeof IpamPublicAddressAwsService];
+export type IpamAddressHistoryResourceType =
+  (typeof IpamAddressHistoryResourceType)[keyof typeof IpamAddressHistoryResourceType];
 
 /**
- * <p>A tag for a public IP address discovered by IPAM.</p>
+ * <p>The historical record of a CIDR within an IPAM scope. For more information, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/view-history-cidr-ipam.html">View the history of IP addresses</a> in the <i>Amazon VPC IPAM User Guide</i>.
+ *       </p>
  * @public
  */
-export interface IpamPublicAddressTag {
+export interface IpamAddressHistoryRecord {
   /**
-   * <p>The tag's key.</p>
+   * <p>The ID of the resource owner.</p>
    * @public
    */
-  Key?: string | undefined;
+  ResourceOwnerId?: string | undefined;
 
   /**
-   * <p>The tag's value.</p>
+   * <p>The Amazon Web Services Region of the resource.</p>
    * @public
    */
-  Value?: string | undefined;
-}
+  ResourceRegion?: string | undefined;
 
-/**
- * <p>Tags for a public IP address discovered by IPAM.</p>
- * @public
- */
-export interface IpamPublicAddressTags {
   /**
-   * <p>Tags for an Elastic IP address.</p>
+   * <p>The type of the resource.</p>
    * @public
    */
-  EipTags?: IpamPublicAddressTag[] | undefined;
-}
+  ResourceType?: IpamAddressHistoryResourceType | undefined;
 
-/**
- * <p>A public IP Address discovered by IPAM.</p>
- * @public
- */
-export interface IpamDiscoveredPublicAddress {
   /**
-   * <p>The resource discovery ID.</p>
+   * <p>The ID of the resource.</p>
    * @public
    */
-  IpamResourceDiscoveryId?: string | undefined;
+  ResourceId?: string | undefined;
 
   /**
-   * <p>The Region of the resource the IP address is assigned to.</p>
+   * <p>The CIDR of the resource.</p>
    * @public
    */
-  AddressRegion?: string | undefined;
+  ResourceCidr?: string | undefined;
 
   /**
-   * <p>The IP address.</p>
+   * <p>The name of the resource.</p>
    * @public
    */
-  Address?: string | undefined;
+  ResourceName?: string | undefined;
 
   /**
-   * <p>The ID of the owner of the resource the IP address is assigned to.</p>
+   * <p>The compliance status of a resource. For more information on compliance statuses, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/monitor-cidr-compliance-ipam.html">Monitor CIDR usage by resource</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
    * @public
    */
-  AddressOwnerId?: string | undefined;
+  ResourceComplianceStatus?: IpamComplianceStatus | undefined;
 
   /**
-   * <p>The allocation ID of the resource the IP address is assigned to.</p>
+   * <p>The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/monitor-cidr-compliance-ipam.html">Monitor CIDR usage by resource</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
    * @public
    */
-  AddressAllocationId?: string | undefined;
+  ResourceOverlapStatus?: IpamOverlapStatus | undefined;
 
   /**
-   * <p>The association status.</p>
+   * <p>The VPC ID of the resource.</p>
    * @public
    */
-  AssociationStatus?: IpamPublicAddressAssociationStatus | undefined;
+  VpcId?: string | undefined;
 
   /**
-   * <p>The IP address type.</p>
+   * <p>Sampled start time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the start time may have occurred before this specific time.</p>
    * @public
    */
-  AddressType?: IpamPublicAddressType | undefined;
+  SampledStartTime?: Date | undefined;
 
   /**
-   * <p>The Amazon Web Services service associated with the IP address.</p>
+   * <p>Sampled end time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the end time may have occurred before this specific time.</p>
    * @public
    */
-  Service?: IpamPublicAddressAwsService | undefined;
+  SampledEndTime?: Date | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetIpamAddressHistoryResult {
   /**
-   * <p>The resource ARN or ID.</p>
+   * <p>A historical record for a CIDR within an IPAM scope. If the CIDR is associated with an EC2 instance, you will see an object in the response for the instance and one for the network interface.</p>
    * @public
    */
-  ServiceResource?: string | undefined;
+  HistoryRecords?: IpamAddressHistoryRecord[] | undefined;
 
   /**
-   * <p>The ID of the VPC that the resource with the assigned IP address is in.</p>
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
    * @public
    */
-  VpcId?: string | undefined;
+  NextToken?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface GetIpamDiscoveredAccountsRequest {
   /**
-   * <p>The ID of the subnet that the resource with the assigned IP address is in.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SubnetId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the public IPv4 pool that the resource with the assigned IP address is from.</p>
+   * <p>A resource discovery ID.</p>
    * @public
    */
-  PublicIpv4PoolId?: string | undefined;
+  IpamResourceDiscoveryId: string | undefined;
 
   /**
-   * <p>The network interface ID of the resource with the assigned IP address.</p>
+   * <p>The Amazon Web Services Region that the account information is returned from.</p>
    * @public
    */
-  NetworkInterfaceId?: string | undefined;
+  DiscoveryRegion: string | undefined;
 
   /**
-   * <p>The description of the network interface that IP address is assigned to.</p>
+   * <p>Discovered account filters.</p>
    * @public
    */
-  NetworkInterfaceDescription?: string | undefined;
+  Filters?: Filter[] | undefined;
 
   /**
-   * <p>The instance ID of the instance the assigned IP address is assigned to.</p>
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
-  InstanceId?: string | undefined;
+  NextToken?: string | undefined;
 
   /**
-   * <p>Tags associated with the IP address.</p>
+   * <p>The maximum number of discovered accounts to return in one page of results.</p>
    * @public
    */
-  Tags?: IpamPublicAddressTags | undefined;
+  MaxResults?: number | undefined;
+}
 
-  /**
-   * <p>The Availability Zone (AZ) or Local Zone (LZ) network border group that the resource that the IP address is assigned to is in. Defaults to an AZ network border group. For more information on available Local Zones, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail">Local Zone availability</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  NetworkBorderGroup?: string | undefined;
+/**
+ * @public
+ * @enum
+ */
+export const IpamDiscoveryFailureCode = {
+  assume_role_failure: "assume-role-failure",
+  throttling_failure: "throttling-failure",
+  unauthorized_failure: "unauthorized-failure",
+} as const;
+
+/**
+ * @public
+ */
+export type IpamDiscoveryFailureCode = (typeof IpamDiscoveryFailureCode)[keyof typeof IpamDiscoveryFailureCode];
 
+/**
+ * <p>The discovery failure reason.</p>
+ * @public
+ */
+export interface IpamDiscoveryFailureReason {
   /**
-   * <p>Security groups associated with the resource that the IP address is assigned to.</p>
+   * <p>The discovery failure code.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>assume-role-failure</code> - IPAM could not assume the Amazon Web Services IAM service-linked role. This could be because of any of the following:</p>
+   *                <ul>
+   *                   <li>
+   *                      <p>SLR has not been created yet and IPAM is still creating it.</p>
+   *                   </li>
+   *                   <li>
+   *                      <p>You have opted-out of the IPAM home Region.</p>
+   *                   </li>
+   *                   <li>
+   *                      <p>Account you are using as your IPAM account has been suspended.</p>
+   *                   </li>
+   *                </ul>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>throttling-failure</code> - IPAM account is already using the allotted transactions per second and IPAM is receiving a throttling error when assuming the Amazon Web Services IAM SLR.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>unauthorized-failure</code> - Amazon Web Services account making the request is not authorized. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html">AuthFailure</a> in the <i>Amazon Elastic Compute Cloud API Reference</i>.</p>
+   *             </li>
+   *          </ul>
    * @public
    */
-  SecurityGroups?: IpamPublicAddressSecurityGroup[] | undefined;
+  Code?: IpamDiscoveryFailureCode | undefined;
 
   /**
-   * <p>The last successful resource discovery time.</p>
+   * <p>The discovery failure message.</p>
    * @public
    */
-  SampleTime?: Date | undefined;
+  Message?: string | undefined;
 }
 
 /**
+ * <p>An IPAM discovered account. A discovered account is an Amazon Web Services account that is monitored under a resource discovery. If you have integrated IPAM with Amazon Web Services Organizations, all accounts in the organization are discovered accounts.</p>
  * @public
  */
-export interface GetIpamDiscoveredPublicAddressesResult {
+export interface IpamDiscoveredAccount {
   /**
-   * <p>IPAM discovered public addresses.</p>
+   * <p>The account ID.</p>
    * @public
    */
-  IpamDiscoveredPublicAddresses?: IpamDiscoveredPublicAddress[] | undefined;
+  AccountId?: string | undefined;
 
   /**
-   * <p>The oldest successful resource discovery time.</p>
+   * <p>The Amazon Web Services Region that the account information is returned from.
+   *          An account can be discovered in multiple regions and will have a separate discovered account for each Region.</p>
    * @public
    */
-  OldestSampleTime?: Date | undefined;
+  DiscoveryRegion?: string | undefined;
 
   /**
-   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * <p>The resource discovery failure reason.</p>
+   * @public
+   */
+  FailureReason?: IpamDiscoveryFailureReason | undefined;
+
+  /**
+   * <p>The last attempted resource discovery time.</p>
+   * @public
+   */
+  LastAttemptedDiscoveryTime?: Date | undefined;
+
+  /**
+   * <p>The last successful resource discovery time.</p>
+   * @public
+   */
+  LastSuccessfulDiscoveryTime?: Date | undefined;
+}
+
+/**
+ * @public
+ */
+export interface GetIpamDiscoveredAccountsResult {
+  /**
+   * <p>Discovered accounts.</p>
+   * @public
+   */
+  IpamDiscoveredAccounts?: IpamDiscoveredAccount[] | undefined;
+
+  /**
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
@@ -1605,7 +1829,7 @@ export interface GetIpamDiscoveredPublicAddressesResult {
 /**
  * @public
  */
-export interface GetIpamDiscoveredResourceCidrsRequest {
+export interface GetIpamDiscoveredPublicAddressesRequest {
   /**
    * <p>A check for whether you have the required permissions for the action without actually making the request
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
@@ -1615,16 +1839,16 @@ export interface GetIpamDiscoveredResourceCidrsRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>A resource discovery ID.</p>
+   * <p>An IPAM resource discovery ID.</p>
    * @public
    */
   IpamResourceDiscoveryId: string | undefined;
 
   /**
-   * <p>A resource Region.</p>
+   * <p>The Amazon Web Services Region for the IP address.</p>
    * @public
    */
-  ResourceRegion: string | undefined;
+  AddressRegion: string | undefined;
 
   /**
    * <p>Filters.</p>
@@ -1633,13 +1857,13 @@ export interface GetIpamDiscoveredResourceCidrsRequest {
   Filters?: Filter[] | undefined;
 
   /**
-   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * <p>The token for the next page of results.</p>
    * @public
    */
   NextToken?: string | undefined;
 
   /**
-   * <p>The maximum number of discovered resource CIDRs to return in one page of results.</p>
+   * <p>The maximum number of IPAM discovered public addresses to return in one page of results.</p>
    * @public
    */
   MaxResults?: number | undefined;
@@ -1649,99 +1873,388 @@ export interface GetIpamDiscoveredResourceCidrsRequest {
  * @public
  * @enum
  */
-export const IpamResourceCidrIpSource = {
-  amazon: "amazon",
-  byoip: "byoip",
-  none: "none",
+export const IpamPublicAddressType = {
+  AMAZON_OWNED_CONTIG: "amazon-owned-contig",
+  AMAZON_OWNED_EIP: "amazon-owned-eip",
+  BYOIP: "byoip",
+  EC2_PUBLIC_IP: "ec2-public-ip",
+  SERVICE_MANAGED_BYOIP: "service-managed-byoip",
+  SERVICE_MANAGED_IP: "service-managed-ip",
 } as const;
 
 /**
  * @public
  */
-export type IpamResourceCidrIpSource = (typeof IpamResourceCidrIpSource)[keyof typeof IpamResourceCidrIpSource];
+export type IpamPublicAddressType = (typeof IpamPublicAddressType)[keyof typeof IpamPublicAddressType];
 
 /**
  * @public
  * @enum
  */
-export const IpamNetworkInterfaceAttachmentStatus = {
-  available: "available",
-  in_use: "in-use",
+export const IpamPublicAddressAssociationStatus = {
+  ASSOCIATED: "associated",
+  DISASSOCIATED: "disassociated",
 } as const;
 
 /**
  * @public
  */
-export type IpamNetworkInterfaceAttachmentStatus =
-  (typeof IpamNetworkInterfaceAttachmentStatus)[keyof typeof IpamNetworkInterfaceAttachmentStatus];
+export type IpamPublicAddressAssociationStatus =
+  (typeof IpamPublicAddressAssociationStatus)[keyof typeof IpamPublicAddressAssociationStatus];
+
+/**
+ * <p>The security group that the resource with the public IP address is in.</p>
+ * @public
+ */
+export interface IpamPublicAddressSecurityGroup {
+  /**
+   * <p>The security group's name.</p>
+   * @public
+   */
+  GroupName?: string | undefined;
+
+  /**
+   * <p>The security group's ID.</p>
+   * @public
+   */
+  GroupId?: string | undefined;
+}
 
 /**
  * @public
  * @enum
  */
-export const IpamResourceType = {
-  eip: "eip",
-  eni: "eni",
-  ipv6_pool: "ipv6-pool",
-  public_ipv4_pool: "public-ipv4-pool",
-  subnet: "subnet",
-  vpc: "vpc",
+export const IpamPublicAddressAwsService = {
+  AGA: "global-accelerator",
+  DMS: "database-migration-service",
+  EC2_LB: "load-balancer",
+  ECS: "elastic-container-service",
+  NAT_GATEWAY: "nat-gateway",
+  OTHER: "other",
+  RDS: "relational-database-service",
+  REDSHIFT: "redshift",
+  S2S_VPN: "site-to-site-vpn",
 } as const;
 
 /**
  * @public
  */
-export type IpamResourceType = (typeof IpamResourceType)[keyof typeof IpamResourceType];
+export type IpamPublicAddressAwsService =
+  (typeof IpamPublicAddressAwsService)[keyof typeof IpamPublicAddressAwsService];
 
 /**
- * <p>An IPAM discovered resource CIDR. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered resource CIDR is the IP address range in CIDR notation that is associated with the resource.</p>
+ * <p>A tag for a public IP address discovered by IPAM.</p>
  * @public
  */
-export interface IpamDiscoveredResourceCidr {
+export interface IpamPublicAddressTag {
   /**
-   * <p>The resource discovery ID.</p>
+   * <p>The tag's key.</p>
    * @public
    */
-  IpamResourceDiscoveryId?: string | undefined;
+  Key?: string | undefined;
 
   /**
-   * <p>The resource Region.</p>
+   * <p>The tag's value.</p>
    * @public
    */
-  ResourceRegion?: string | undefined;
+  Value?: string | undefined;
+}
 
+/**
+ * <p>Tags for a public IP address discovered by IPAM.</p>
+ * @public
+ */
+export interface IpamPublicAddressTags {
   /**
-   * <p>The resource ID.</p>
+   * <p>Tags for an Elastic IP address.</p>
    * @public
    */
-  ResourceId?: string | undefined;
+  EipTags?: IpamPublicAddressTag[] | undefined;
+}
 
+/**
+ * <p>A public IP Address discovered by IPAM.</p>
+ * @public
+ */
+export interface IpamDiscoveredPublicAddress {
   /**
-   * <p>The resource owner ID.</p>
+   * <p>The resource discovery ID.</p>
    * @public
    */
-  ResourceOwnerId?: string | undefined;
+  IpamResourceDiscoveryId?: string | undefined;
 
   /**
-   * <p>The resource CIDR.</p>
+   * <p>The Region of the resource the IP address is assigned to.</p>
    * @public
    */
-  ResourceCidr?: string | undefined;
+  AddressRegion?: string | undefined;
 
   /**
-   * <p>The source that allocated the IP address space. <code>byoip</code> or <code>amazon</code> indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). <code>none</code> indicates private space.</p>
+   * <p>The IP address.</p>
    * @public
    */
-  IpSource?: IpamResourceCidrIpSource | undefined;
+  Address?: string | undefined;
 
   /**
-   * <p>The resource type.</p>
+   * <p>The ID of the owner of the resource the IP address is assigned to.</p>
    * @public
    */
-  ResourceType?: IpamResourceType | undefined;
+  AddressOwnerId?: string | undefined;
 
   /**
-   * <p>The resource tags.</p>
+   * <p>The allocation ID of the resource the IP address is assigned to.</p>
+   * @public
+   */
+  AddressAllocationId?: string | undefined;
+
+  /**
+   * <p>The association status.</p>
+   * @public
+   */
+  AssociationStatus?: IpamPublicAddressAssociationStatus | undefined;
+
+  /**
+   * <p>The IP address type.</p>
+   * @public
+   */
+  AddressType?: IpamPublicAddressType | undefined;
+
+  /**
+   * <p>The Amazon Web Services service associated with the IP address.</p>
+   * @public
+   */
+  Service?: IpamPublicAddressAwsService | undefined;
+
+  /**
+   * <p>The resource ARN or ID.</p>
+   * @public
+   */
+  ServiceResource?: string | undefined;
+
+  /**
+   * <p>The ID of the VPC that the resource with the assigned IP address is in.</p>
+   * @public
+   */
+  VpcId?: string | undefined;
+
+  /**
+   * <p>The ID of the subnet that the resource with the assigned IP address is in.</p>
+   * @public
+   */
+  SubnetId?: string | undefined;
+
+  /**
+   * <p>The ID of the public IPv4 pool that the resource with the assigned IP address is from.</p>
+   * @public
+   */
+  PublicIpv4PoolId?: string | undefined;
+
+  /**
+   * <p>The network interface ID of the resource with the assigned IP address.</p>
+   * @public
+   */
+  NetworkInterfaceId?: string | undefined;
+
+  /**
+   * <p>The description of the network interface that IP address is assigned to.</p>
+   * @public
+   */
+  NetworkInterfaceDescription?: string | undefined;
+
+  /**
+   * <p>The instance ID of the instance the assigned IP address is assigned to.</p>
+   * @public
+   */
+  InstanceId?: string | undefined;
+
+  /**
+   * <p>Tags associated with the IP address.</p>
+   * @public
+   */
+  Tags?: IpamPublicAddressTags | undefined;
+
+  /**
+   * <p>The Availability Zone (AZ) or Local Zone (LZ) network border group that the resource that the IP address is assigned to is in. Defaults to an AZ network border group. For more information on available Local Zones, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail">Local Zone availability</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   * @public
+   */
+  NetworkBorderGroup?: string | undefined;
+
+  /**
+   * <p>Security groups associated with the resource that the IP address is assigned to.</p>
+   * @public
+   */
+  SecurityGroups?: IpamPublicAddressSecurityGroup[] | undefined;
+
+  /**
+   * <p>The last successful resource discovery time.</p>
+   * @public
+   */
+  SampleTime?: Date | undefined;
+}
+
+/**
+ * @public
+ */
+export interface GetIpamDiscoveredPublicAddressesResult {
+  /**
+   * <p>IPAM discovered public addresses.</p>
+   * @public
+   */
+  IpamDiscoveredPublicAddresses?: IpamDiscoveredPublicAddress[] | undefined;
+
+  /**
+   * <p>The oldest successful resource discovery time.</p>
+   * @public
+   */
+  OldestSampleTime?: Date | undefined;
+
+  /**
+   * <p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface GetIpamDiscoveredResourceCidrsRequest {
+  /**
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>A resource discovery ID.</p>
+   * @public
+   */
+  IpamResourceDiscoveryId: string | undefined;
+
+  /**
+   * <p>A resource Region.</p>
+   * @public
+   */
+  ResourceRegion: string | undefined;
+
+  /**
+   * <p>Filters.</p>
+   * @public
+   */
+  Filters?: Filter[] | undefined;
+
+  /**
+   * <p>Specify the pagination token from a previous request to retrieve the next page of results.</p>
+   * @public
+   */
+  NextToken?: string | undefined;
+
+  /**
+   * <p>The maximum number of discovered resource CIDRs to return in one page of results.</p>
+   * @public
+   */
+  MaxResults?: number | undefined;
+}
+
+/**
+ * @public
+ * @enum
+ */
+export const IpamResourceCidrIpSource = {
+  amazon: "amazon",
+  byoip: "byoip",
+  none: "none",
+} as const;
+
+/**
+ * @public
+ */
+export type IpamResourceCidrIpSource = (typeof IpamResourceCidrIpSource)[keyof typeof IpamResourceCidrIpSource];
+
+/**
+ * @public
+ * @enum
+ */
+export const IpamNetworkInterfaceAttachmentStatus = {
+  available: "available",
+  in_use: "in-use",
+} as const;
+
+/**
+ * @public
+ */
+export type IpamNetworkInterfaceAttachmentStatus =
+  (typeof IpamNetworkInterfaceAttachmentStatus)[keyof typeof IpamNetworkInterfaceAttachmentStatus];
+
+/**
+ * @public
+ * @enum
+ */
+export const IpamResourceType = {
+  eip: "eip",
+  eni: "eni",
+  ipv6_pool: "ipv6-pool",
+  public_ipv4_pool: "public-ipv4-pool",
+  subnet: "subnet",
+  vpc: "vpc",
+} as const;
+
+/**
+ * @public
+ */
+export type IpamResourceType = (typeof IpamResourceType)[keyof typeof IpamResourceType];
+
+/**
+ * <p>An IPAM discovered resource CIDR. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered resource CIDR is the IP address range in CIDR notation that is associated with the resource.</p>
+ * @public
+ */
+export interface IpamDiscoveredResourceCidr {
+  /**
+   * <p>The resource discovery ID.</p>
+   * @public
+   */
+  IpamResourceDiscoveryId?: string | undefined;
+
+  /**
+   * <p>The resource Region.</p>
+   * @public
+   */
+  ResourceRegion?: string | undefined;
+
+  /**
+   * <p>The resource ID.</p>
+   * @public
+   */
+  ResourceId?: string | undefined;
+
+  /**
+   * <p>The resource owner ID.</p>
+   * @public
+   */
+  ResourceOwnerId?: string | undefined;
+
+  /**
+   * <p>The resource CIDR.</p>
+   * @public
+   */
+  ResourceCidr?: string | undefined;
+
+  /**
+   * <p>The source that allocated the IP address space. <code>byoip</code> or <code>amazon</code> indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). <code>none</code> indicates private space.</p>
+   * @public
+   */
+  IpSource?: IpamResourceCidrIpSource | undefined;
+
+  /**
+   * <p>The resource type.</p>
+   * @public
+   */
+  ResourceType?: IpamResourceType | undefined;
+
+  /**
+   * <p>The resource tags.</p>
    * @public
    */
   ResourceTags?: IpamResourceTag[] | undefined;
@@ -4879,8 +5392,8 @@ export interface ImportVolumeResult {
  */
 export interface ListImagesInRecycleBinRequest {
   /**
-   * <p>The IDs of the AMIs to list. Omit this parameter to list all of the AMIs that
-   *       are in the Recycle Bin. You can specify up to 20 IDs in a single request.</p>
+   * <p>The IDs of the AMIs to list. Omit this parameter to list all of the AMIs that are in the
+   *       Recycle Bin. You can specify up to 20 IDs in a single request.</p>
    * @public
    */
   ImageIds?: string[] | undefined;
@@ -6046,13 +6559,15 @@ export interface ModifyIdFormatRequest {
  */
 export interface LaunchPermissionModifications {
   /**
-   * <p>The Amazon Web Services account ID, organization ARN, or OU ARN to add to the list of launch permissions for the AMI.</p>
+   * <p>The Amazon Web Services account ID, organization ARN, or OU ARN to add to the list of
+   *       launch permissions for the AMI.</p>
    * @public
    */
   Add?: LaunchPermission[] | undefined;
 
   /**
-   * <p>The Amazon Web Services account ID, organization ARN, or OU ARN to remove from the list of launch permissions for the AMI.</p>
+   * <p>The Amazon Web Services account ID, organization ARN, or OU ARN to remove from the list of
+   *       launch permissions for the AMI.</p>
    * @public
    */
   Remove?: LaunchPermission[] | undefined;
@@ -6065,7 +6580,8 @@ export interface LaunchPermissionModifications {
 export interface ModifyImageAttributeRequest {
   /**
    * <p>The name of the attribute to modify.</p>
-   *          <p>Valid values: <code>description</code> | <code>imdsSupport</code> | <code>launchPermission</code>
+   *          <p>Valid values: <code>description</code> | <code>imdsSupport</code> |
+   *         <code>launchPermission</code>
    *          </p>
    * @public
    */
@@ -6090,8 +6606,8 @@ export interface ModifyImageAttributeRequest {
   LaunchPermission?: LaunchPermissionModifications | undefined;
 
   /**
-   * <p>The operation type.
-   *        This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
+   * <p>The operation type. This parameter can be used only when the <code>Attribute</code>
+   *       parameter is <code>launchPermission</code>.</p>
    * @public
    */
   OperationType?: OperationType | undefined;
@@ -6103,34 +6619,37 @@ export interface ModifyImageAttributeRequest {
   ProductCodes?: string[] | undefined;
 
   /**
-   * <p>The user groups.
-   *        This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
+   * <p>The user groups. This parameter can be used only when the <code>Attribute</code> parameter
+   *       is <code>launchPermission</code>.</p>
    * @public
    */
   UserGroups?: string[] | undefined;
 
   /**
-   * <p>The Amazon Web Services account IDs.
-   *        This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
+   * <p>The Amazon Web Services account IDs. This parameter can be used only when the
+   *         <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
    * @public
    */
   UserIds?: string[] | undefined;
 
   /**
-   * <p>The value of the attribute being modified.
-   *        This parameter can be used only when the <code>Attribute</code> parameter is <code>description</code> or <code>imdsSupport</code>.</p>
+   * <p>The value of the attribute being modified. This parameter can be used only when the
+   *         <code>Attribute</code> parameter is <code>description</code> or
+   *       <code>imdsSupport</code>.</p>
    * @public
    */
   Value?: string | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of an organization. This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
+   * <p>The Amazon Resource Name (ARN) of an organization. This parameter can be used only when
+   *       the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
    * @public
    */
   OrganizationArns?: string[] | undefined;
 
   /**
-   * <p>The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
+   * <p>The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used
+   *       only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>
    * @public
    */
   OrganizationalUnitArns?: string[] | undefined;
@@ -6138,13 +6657,13 @@ export interface ModifyImageAttributeRequest {
   /**
    * <p>Set to <code>v2.0</code> to indicate that IMDSv2 is specified in the AMI. Instances
    *       launched from this AMI will have <code>HttpTokens</code> automatically set to
-   *       <code>required</code> so that, by default, the instance requires that IMDSv2 is used when
+   *         <code>required</code> so that, by default, the instance requires that IMDSv2 is used when
    *       requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to
-   *       <code>2</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure
-   *         the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *         <code>2</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
    *          <important>
-   *             <p>Do not use this parameter unless your AMI software supports IMDSv2. After you set the value to <code>v2.0</code>,
-   *         you can't undo it. The only way to “reset” your AMI is to create a new AMI from the underlying snapshot.</p>
+   *             <p>Do not use this parameter unless your AMI software supports IMDSv2. After you set the
+   *         value to <code>v2.0</code>, you can't undo it. The only way to “reset” your AMI is to create
+   *         a new AMI from the underlying snapshot.</p>
    *          </important>
    * @public
    */
@@ -7045,522 +7564,162 @@ export type HostTenancy = (typeof HostTenancy)[keyof typeof HostTenancy];
 /**
  * @public
  */
-export interface ModifyInstancePlacementRequest {
-  /**
-   * <p>The name of the placement group in which to place the instance. For spread placement
-   *             groups, the instance must have a tenancy of <code>default</code>. For cluster and
-   *             partition placement groups, the instance must have a tenancy of <code>default</code> or
-   *                 <code>dedicated</code>.</p>
-   *          <p>To remove an instance from a placement group, specify an empty string ("").</p>
-   * @public
-   */
-  GroupName?: string | undefined;
-
-  /**
-   * <p>The number of the partition in which to place the instance. Valid only if the
-   *             placement group strategy is set to <code>partition</code>.</p>
-   * @public
-   */
-  PartitionNumber?: number | undefined;
-
-  /**
-   * <p>The ARN of the host resource group in which to place the instance. The instance must
-   *             have a tenancy of <code>host</code> to specify this parameter.</p>
-   * @public
-   */
-  HostResourceGroupArn?: string | undefined;
-
-  /**
-   * <p>The Group Id of a placement group. You must specify the Placement Group <b>Group Id</b> to launch an instance in a shared placement
-   *             group.</p>
-   * @public
-   */
-  GroupId?: string | undefined;
-
-  /**
-   * <p>The ID of the instance that you are modifying.</p>
-   * @public
-   */
-  InstanceId: string | undefined;
-
-  /**
-   * <p>The tenancy for the instance.</p>
-   *          <note>
-   *             <p>For T3 instances, you must launch the instance on a Dedicated Host to use a
-   *                 tenancy of <code>host</code>. You can't change the tenancy from
-   *                 <code>host</code> to <code>dedicated</code> or <code>default</code>.
-   *                 Attempting to make one of these unsupported tenancy changes results in an
-   *                 <code>InvalidRequest</code> error code.</p>
-   *          </note>
-   * @public
-   */
-  Tenancy?: HostTenancy | undefined;
-
-  /**
-   * <p>The affinity setting for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-affinity">Host affinity</a> in the <i>Amazon EC2 User Guide</i>.</p>
-   * @public
-   */
-  Affinity?: Affinity | undefined;
-
-  /**
-   * <p>The ID of the Dedicated Host with which to associate the instance.</p>
-   * @public
-   */
-  HostId?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyInstancePlacementResult {
-  /**
-   * <p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>
-   * @public
-   */
-  Return?: boolean | undefined;
-}
-
-/**
- * <p>Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
- *          <p>For more information about operating Regions, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html">Create an IPAM</a> in the <i>Amazon VPC IPAM User Guide</i>
- *          </p>
- * @public
- */
-export interface RemoveIpamOperatingRegion {
-  /**
-   * <p>The name of the operating Region you want to remove.</p>
-   * @public
-   */
-  RegionName?: string | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the IPAM you want to modify.</p>
-   * @public
-   */
-  IpamId: string | undefined;
-
-  /**
-   * <p>The description of the IPAM you want to modify.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
-  /**
-   * <p>Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
-   *          <p>For more information about operating Regions, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html">Create an IPAM</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
-   * @public
-   */
-  AddOperatingRegions?: AddIpamOperatingRegion[] | undefined;
-
-  /**
-   * <p>The operating Regions to remove.</p>
-   * @public
-   */
-  RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined;
-
-  /**
-   * <p>IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing > IPAM tab</a>.</p>
-   * @public
-   */
-  Tier?: IpamTier | undefined;
-
-  /**
-   * <p>Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.</p>
-   * @public
-   */
-  EnablePrivateGua?: boolean | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamResult {
-  /**
-   * <p>The results of the modification.</p>
-   * @public
-   */
-  Ipam?: Ipam | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamPoolRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the IPAM pool you want to modify.</p>
-   * @public
-   */
-  IpamPoolId: string | undefined;
-
-  /**
-   * <p>The description of the IPAM pool you want to modify.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
-  /**
-   * <p>If true, IPAM will continuously look for resources within the CIDR range of this pool
-   *          and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for
-   *          these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import
-   *          a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently
-   *          marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM
-   *          discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.
-   *       </p>
-   *          <p>A locale must be set on the pool for this feature to work.</p>
-   * @public
-   */
-  AutoImport?: boolean | undefined;
-
-  /**
-   * <p>The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. Possible
-   *          netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are  0 - 128. The minimum netmask
-   *          length must be less than the maximum netmask length.</p>
-   * @public
-   */
-  AllocationMinNetmaskLength?: number | undefined;
-
-  /**
-   * <p>The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. Possible
-   *          netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are  0 - 128.The maximum netmask
-   *          length must be greater than the minimum netmask length.</p>
-   * @public
-   */
-  AllocationMaxNetmaskLength?: number | undefined;
-
-  /**
-   * <p>The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.</p>
-   * @public
-   */
-  AllocationDefaultNetmaskLength?: number | undefined;
-
-  /**
-   * <p>Clear the default netmask length allocation rule for this pool.</p>
-   * @public
-   */
-  ClearAllocationDefaultNetmaskLength?: boolean | undefined;
-
-  /**
-   * <p>Add tag allocation rules to a pool. For more information about allocation rules, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-top-ipam.html">Create a top-level pool</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
-   * @public
-   */
-  AddAllocationResourceTags?: RequestIpamResourceTag[] | undefined;
-
-  /**
-   * <p>Remove tag allocation rules from a pool.</p>
-   * @public
-   */
-  RemoveAllocationResourceTags?: RequestIpamResourceTag[] | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamPoolResult {
-  /**
-   * <p>The results of the modification.</p>
-   * @public
-   */
-  IpamPool?: IpamPool | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamResourceCidrRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>The ID of the resource you want to modify.</p>
-   * @public
-   */
-  ResourceId: string | undefined;
-
-  /**
-   * <p>The CIDR of the resource you want to modify.</p>
-   * @public
-   */
-  ResourceCidr: string | undefined;
-
-  /**
-   * <p>The Amazon Web Services Region of the resource you want to modify.</p>
-   * @public
-   */
-  ResourceRegion: string | undefined;
-
-  /**
-   * <p>The ID of the current scope that the resource CIDR is in.</p>
-   * @public
-   */
-  CurrentIpamScopeId: string | undefined;
-
-  /**
-   * <p>The ID of the scope you want to transfer the resource CIDR to.</p>
-   * @public
-   */
-  DestinationIpamScopeId?: string | undefined;
-
-  /**
-   * <p>Determines if the resource is monitored by IPAM. If a resource is monitored, the resource is discovered by IPAM and you can view details about the resource’s CIDR.</p>
-   * @public
-   */
-  Monitored: boolean | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamResourceCidrResult {
-  /**
-   * <p>The CIDR of the resource.</p>
-   * @public
-   */
-  IpamResourceCidr?: IpamResourceCidr | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamResourceDiscoveryRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
-  /**
-   * <p>A resource discovery ID.</p>
-   * @public
-   */
-  IpamResourceDiscoveryId: string | undefined;
-
-  /**
-   * <p>A resource discovery description.</p>
-   * @public
-   */
-  Description?: string | undefined;
-
-  /**
-   * <p>Add operating Regions to the resource discovery. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
-   * @public
-   */
-  AddOperatingRegions?: AddIpamOperatingRegion[] | undefined;
-
-  /**
-   * <p>Remove operating Regions.</p>
-   * @public
-   */
-  RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamResourceDiscoveryResult {
-  /**
-   * <p>A resource discovery.</p>
-   * @public
-   */
-  IpamResourceDiscovery?: IpamResourceDiscovery | undefined;
-}
-
-/**
- * @public
- */
-export interface ModifyIpamScopeRequest {
-  /**
-   * <p>A check for whether you have the required permissions for the action without actually making the request
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+export interface ModifyInstancePlacementRequest {
+  /**
+   * <p>The name of the placement group in which to place the instance. For spread placement
+   *             groups, the instance must have a tenancy of <code>default</code>. For cluster and
+   *             partition placement groups, the instance must have a tenancy of <code>default</code> or
+   *                 <code>dedicated</code>.</p>
+   *          <p>To remove an instance from a placement group, specify an empty string ("").</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  GroupName?: string | undefined;
 
   /**
-   * <p>The ID of the scope you want to modify.</p>
+   * <p>The number of the partition in which to place the instance. Valid only if the
+   *             placement group strategy is set to <code>partition</code>.</p>
    * @public
    */
-  IpamScopeId: string | undefined;
+  PartitionNumber?: number | undefined;
 
   /**
-   * <p>The description of the scope you want to modify.</p>
+   * <p>The ARN of the host resource group in which to place the instance. The instance must
+   *             have a tenancy of <code>host</code> to specify this parameter.</p>
    * @public
    */
-  Description?: string | undefined;
-}
+  HostResourceGroupArn?: string | undefined;
 
-/**
- * @public
- */
-export interface ModifyIpamScopeResult {
   /**
-   * <p>The results of the modification.</p>
+   * <p>The Group Id of a placement group. You must specify the Placement Group <b>Group Id</b> to launch an instance in a shared placement
+   *             group.</p>
    * @public
    */
-  IpamScope?: IpamScope | undefined;
-}
+  GroupId?: string | undefined;
 
-/**
- * @public
- */
-export interface ModifyLaunchTemplateRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the instance that you are modifying.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>Unique, case-sensitive identifier you provide to ensure the idempotency of the
-   *             request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring
-   *                 idempotency</a>.</p>
-   *          <p>Constraint: Maximum 128 ASCII characters.</p>
+   * <p>The tenancy for the instance.</p>
+   *          <note>
+   *             <p>For T3 instances, you must launch the instance on a Dedicated Host to use a
+   *                 tenancy of <code>host</code>. You can't change the tenancy from
+   *                 <code>host</code> to <code>dedicated</code> or <code>default</code>.
+   *                 Attempting to make one of these unsupported tenancy changes results in an
+   *                 <code>InvalidRequest</code> error code.</p>
+   *          </note>
    * @public
    */
-  ClientToken?: string | undefined;
+  Tenancy?: HostTenancy | undefined;
 
   /**
-   * <p>The ID of the launch template.</p>
-   *          <p>You must specify either the launch template ID or the
-   *             launch template name, but not both.</p>
+   * <p>The affinity setting for the instance. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-affinity">Host affinity</a> in the <i>Amazon EC2 User Guide</i>.</p>
    * @public
    */
-  LaunchTemplateId?: string | undefined;
+  Affinity?: Affinity | undefined;
 
   /**
-   * <p>The name of the launch template.</p>
-   *          <p>You must specify either the launch template ID or the
-   *             launch template name, but not both.</p>
+   * <p>The ID of the Dedicated Host with which to associate the instance.</p>
    * @public
    */
-  LaunchTemplateName?: string | undefined;
+  HostId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyInstancePlacementResult {
   /**
-   * <p>The version number of the launch template to set as the default version.</p>
+   * <p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>
    * @public
    */
-  DefaultVersion?: string | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
+ * <p>Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
+ *          <p>For more information about operating Regions, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html">Create an IPAM</a> in the <i>Amazon VPC IPAM User Guide</i>
+ *          </p>
  * @public
  */
-export interface ModifyLaunchTemplateResult {
+export interface RemoveIpamOperatingRegion {
   /**
-   * <p>Information about the launch template.</p>
+   * <p>The name of the operating Region you want to remove.</p>
    * @public
    */
-  LaunchTemplate?: LaunchTemplate | undefined;
+  RegionName?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyLocalGatewayRouteRequest {
+export interface ModifyIpamRequest {
   /**
-   * <p>The CIDR block used for destination matches. The value that you provide must match the CIDR of an existing route in the table.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DestinationCidrBlock?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the local gateway route table.</p>
+   * <p>The ID of the IPAM you want to modify.</p>
    * @public
    */
-  LocalGatewayRouteTableId: string | undefined;
+  IpamId: string | undefined;
 
   /**
-   * <p>
-   *          The ID of the virtual interface group.
-   *       </p>
+   * <p>The description of the IPAM you want to modify.</p>
    * @public
    */
-  LocalGatewayVirtualInterfaceGroupId?: string | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The ID of the network interface.</p>
+   * <p>Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
+   *          <p>For more information about operating Regions, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-ipam.html">Create an IPAM</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
    * @public
    */
-  NetworkInterfaceId?: string | undefined;
+  AddOperatingRegions?: AddIpamOperatingRegion[] | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The operating Regions to remove.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined;
 
   /**
-   * <p>
-   *          The ID of the prefix list. Use a prefix list in place of <code>DestinationCidrBlock</code>. You
-   *          cannot use <code>DestinationPrefixListId</code> and <code>DestinationCidrBlock</code> in the same request.
-   *       </p>
+   * <p>IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing > IPAM tab</a>.</p>
    * @public
    */
-  DestinationPrefixListId?: string | undefined;
-}
+  Tier?: IpamTier | undefined;
 
-/**
- * @public
- */
-export interface ModifyLocalGatewayRouteResult {
   /**
-   * <p>Information about the local gateway route table.</p>
+   * <p>Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.</p>
    * @public
    */
-  Route?: LocalGatewayRoute | undefined;
+  EnablePrivateGua?: boolean | undefined;
 }
 
 /**
- * <p>An entry for a prefix list.</p>
  * @public
  */
-export interface RemovePrefixListEntry {
+export interface ModifyIpamResult {
   /**
-   * <p>The CIDR block.</p>
+   * <p>The results of the modification.</p>
    * @public
    */
-  Cidr: string | undefined;
+  Ipam?: Ipam | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyManagedPrefixListRequest {
+export interface ModifyIpamPoolRequest {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   * <p>A check for whether you have the required permissions for the action without actually making the request
    *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
    *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
@@ -7568,687 +7727,725 @@ export interface ModifyManagedPrefixListRequest {
   DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the prefix list.</p>
+   * <p>The ID of the IPAM pool you want to modify.</p>
    * @public
    */
-  PrefixListId: string | undefined;
+  IpamPoolId: string | undefined;
 
   /**
-   * <p>The current version of the prefix list.</p>
+   * <p>The description of the IPAM pool you want to modify.</p>
    * @public
    */
-  CurrentVersion?: number | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>A name for the prefix list.</p>
+   * <p>If true, IPAM will continuously look for resources within the CIDR range of this pool
+   *          and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for
+   *          these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import
+   *          a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently
+   *          marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM
+   *          discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.
+   *       </p>
+   *          <p>A locale must be set on the pool for this feature to work.</p>
    * @public
    */
-  PrefixListName?: string | undefined;
+  AutoImport?: boolean | undefined;
 
   /**
-   * <p>One or more entries to add to the prefix list.</p>
+   * <p>The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. Possible
+   *          netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are  0 - 128. The minimum netmask
+   *          length must be less than the maximum netmask length.</p>
    * @public
    */
-  AddEntries?: AddPrefixListEntry[] | undefined;
+  AllocationMinNetmaskLength?: number | undefined;
 
   /**
-   * <p>One or more entries to remove from the prefix list.</p>
+   * <p>The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. Possible
+   *          netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are  0 - 128.The maximum netmask
+   *          length must be greater than the minimum netmask length.</p>
    * @public
    */
-  RemoveEntries?: RemovePrefixListEntry[] | undefined;
+  AllocationMaxNetmaskLength?: number | undefined;
 
   /**
-   * <p>The maximum number of entries for the prefix list. You cannot modify the entries
-   *             of a prefix list and modify the size of a prefix list at the same time.</p>
-   *          <p>If any of the resources that reference the prefix list cannot support the new
-   *             maximum size, the modify operation fails. Check the state message for the IDs of
-   *             the first ten resources that do not support the new maximum size.</p>
+   * <p>The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.</p>
    * @public
    */
-  MaxEntries?: number | undefined;
+  AllocationDefaultNetmaskLength?: number | undefined;
+
+  /**
+   * <p>Clear the default netmask length allocation rule for this pool.</p>
+   * @public
+   */
+  ClearAllocationDefaultNetmaskLength?: boolean | undefined;
+
+  /**
+   * <p>Add tag allocation rules to a pool. For more information about allocation rules, see <a href="https://docs.aws.amazon.com/vpc/latest/ipam/create-top-ipam.html">Create a top-level pool</a> in the <i>Amazon VPC IPAM User Guide</i>.</p>
+   * @public
+   */
+  AddAllocationResourceTags?: RequestIpamResourceTag[] | undefined;
+
+  /**
+   * <p>Remove tag allocation rules from a pool.</p>
+   * @public
+   */
+  RemoveAllocationResourceTags?: RequestIpamResourceTag[] | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyManagedPrefixListResult {
+export interface ModifyIpamPoolResult {
   /**
-   * <p>Information about the prefix list.</p>
+   * <p>The results of the modification.</p>
    * @public
    */
-  PrefixList?: ManagedPrefixList | undefined;
+  IpamPool?: IpamPool | undefined;
 }
 
 /**
- * <p>Describes an attachment change.</p>
  * @public
  */
-export interface NetworkInterfaceAttachmentChanges {
+export interface ModifyIpamResourceCidrRequest {
   /**
-   * <p>The ID of the network interface attachment.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  AttachmentId?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Indicates whether the network interface is deleted when the instance is terminated.</p>
+   * <p>The ID of the resource you want to modify.</p>
    * @public
    */
-  DeleteOnTermination?: boolean | undefined;
-}
+  ResourceId: string | undefined;
 
-/**
- * <p>Contains the parameters for ModifyNetworkInterfaceAttribute.</p>
- * @public
- */
-export interface ModifyNetworkInterfaceAttributeRequest {
   /**
-   * <p>Updates the ENA Express configuration for the network interface that’s attached to the
-   * 			instance.</p>
+   * <p>The CIDR of the resource you want to modify.</p>
    * @public
    */
-  EnaSrdSpecification?: EnaSrdSpecification | undefined;
+  ResourceCidr: string | undefined;
 
   /**
-   * <p>If you’re modifying a network interface in a dual-stack or IPv6-only subnet, you have
-   *             the option to assign a primary IPv6 IP address. A primary IPv6 address is an IPv6 GUA
-   *             address associated with an ENI that you have enabled to use a primary IPv6 address. Use
-   *             this option if the instance that this ENI will be attached to relies on its IPv6 address
-   *             not changing. Amazon Web Services will automatically assign an IPv6 address associated
-   *             with the ENI attached to your instance to be the primary IPv6 address. Once you enable
-   *             an IPv6 GUA address to be a primary IPv6, you cannot disable it. When you enable an IPv6
-   *             GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6
-   *             address until the instance is terminated or the network interface is detached. If you
-   *             have multiple IPv6 addresses associated with an ENI attached to your instance and you
-   *             enable a primary IPv6 address, the first IPv6 GUA address associated with the ENI
-   *             becomes the primary IPv6 address.</p>
+   * <p>The Amazon Web Services Region of the resource you want to modify.</p>
    * @public
    */
-  EnablePrimaryIpv6?: boolean | undefined;
+  ResourceRegion: string | undefined;
 
   /**
-   * <p>A connection tracking specification.</p>
+   * <p>The ID of the current scope that the resource CIDR is in.</p>
    * @public
    */
-  ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined;
+  CurrentIpamScopeId: string | undefined;
 
   /**
-   * <p>Indicates whether to assign a public IPv4 address to a network interface.
-   *             This option can be enabled for any network interface but will only apply to the primary network interface (eth0).</p>
+   * <p>The ID of the scope you want to transfer the resource CIDR to.</p>
+   * @public
+   */
+  DestinationIpamScopeId?: string | undefined;
+
+  /**
+   * <p>Determines if the resource is monitored by IPAM. If a resource is monitored, the resource is discovered by IPAM and you can view details about the resource’s CIDR.</p>
    * @public
    */
-  AssociatePublicIpAddress?: boolean | undefined;
+  Monitored: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyIpamResourceCidrResult {
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The CIDR of the resource.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  IpamResourceCidr?: IpamResourceCidr | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyIpamResourceDiscoveryRequest {
   /**
-   * <p>The ID of the network interface.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  NetworkInterfaceId: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>A description for the network interface.</p>
+   * <p>A resource discovery ID.</p>
    * @public
    */
-  Description?: AttributeValue | undefined;
+  IpamResourceDiscoveryId: string | undefined;
 
   /**
-   * <p>Enable or disable source/destination checks, which ensure that the instance
-   *             is either the source or the destination of any traffic that it receives.
-   *             If the value is <code>true</code>, source/destination checks are enabled;
-   *             otherwise, they are disabled. The default value is <code>true</code>.
-   *             You must disable source/destination checks if the instance runs services
-   *             such as network address translation, routing, or firewalls.</p>
+   * <p>A resource discovery description.</p>
    * @public
    */
-  SourceDestCheck?: AttributeBooleanValue | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>Changes the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.</p>
+   * <p>Add operating Regions to the resource discovery. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.</p>
    * @public
    */
-  Groups?: string[] | undefined;
+  AddOperatingRegions?: AddIpamOperatingRegion[] | undefined;
 
   /**
-   * <p>Information about the interface attachment. If modifying the <code>delete on
-   * 				termination</code> attribute, you must specify the ID of the interface
-   * 			attachment.</p>
+   * <p>Remove operating Regions.</p>
    * @public
    */
-  Attachment?: NetworkInterfaceAttachmentChanges | undefined;
+  RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyPrivateDnsNameOptionsRequest {
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually
-   *             making the request, and provides an error response. If you have the required
-   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-   *                 <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface ModifyIpamResourceDiscoveryResult {
   /**
-   * <p>The ID of the instance.</p>
+   * <p>A resource discovery.</p>
    * @public
    */
-  InstanceId: string | undefined;
+  IpamResourceDiscovery?: IpamResourceDiscovery | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyIpamScopeRequest {
   /**
-   * <p>The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name
-   *             must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name
-   *             must be based on the instance ID. For dual-stack subnets, you can specify whether DNS
-   *             names use the instance IPv4 address or the instance ID.</p>
+   * <p>A check for whether you have the required permissions for the action without actually making the request
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  PrivateDnsHostnameType?: HostnameType | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A
-   *             records.</p>
+   * <p>The ID of the scope you want to modify.</p>
    * @public
    */
-  EnableResourceNameDnsARecord?: boolean | undefined;
+  IpamScopeId: string | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA
-   *             records.</p>
+   * <p>The description of the scope you want to modify.</p>
    * @public
    */
-  EnableResourceNameDnsAAAARecord?: boolean | undefined;
+  Description?: string | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyPrivateDnsNameOptionsResult {
+export interface ModifyIpamScopeResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an
-   *             error.</p>
+   * <p>The results of the modification.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  IpamScope?: IpamScope | undefined;
 }
 
 /**
- * <p>Contains the parameters for ModifyReservedInstances.</p>
  * @public
  */
-export interface ModifyReservedInstancesRequest {
+export interface ModifyLaunchTemplateRequest {
   /**
-   * <p>The IDs of the Reserved Instances to modify.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  ReservedInstancesIds: string[] | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see
-   *    		<a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
+   * <p>Unique, case-sensitive identifier you provide to ensure the idempotency of the
+   *             request. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring
+   *                 idempotency</a>.</p>
+   *          <p>Constraint: Maximum 128 ASCII characters.</p>
    * @public
    */
   ClientToken?: string | undefined;
 
   /**
-   * <p>The configuration settings for the Reserved Instances to modify.</p>
+   * <p>The ID of the launch template.</p>
+   *          <p>You must specify either the launch template ID or the
+   *             launch template name, but not both.</p>
    * @public
    */
-  TargetConfigurations: ReservedInstancesConfiguration[] | undefined;
+  LaunchTemplateId?: string | undefined;
+
+  /**
+   * <p>The name of the launch template.</p>
+   *          <p>You must specify either the launch template ID or the
+   *             launch template name, but not both.</p>
+   * @public
+   */
+  LaunchTemplateName?: string | undefined;
+
+  /**
+   * <p>The version number of the launch template to set as the default version.</p>
+   * @public
+   */
+  DefaultVersion?: string | undefined;
 }
 
 /**
- * <p>Contains the output of ModifyReservedInstances.</p>
  * @public
  */
-export interface ModifyReservedInstancesResult {
+export interface ModifyLaunchTemplateResult {
   /**
-   * <p>The ID for the modification.</p>
+   * <p>Information about the launch template.</p>
    * @public
    */
-  ReservedInstancesModificationId?: string | undefined;
+  LaunchTemplate?: LaunchTemplate | undefined;
 }
 
 /**
- * <p>Describes a security group rule.</p>
- *          <p>You must specify exactly one of the following parameters, based on the rule type:</p>
- *          <ul>
- *             <li>
- *                <p>CidrIpv4</p>
- *             </li>
- *             <li>
- *                <p>CidrIpv6</p>
- *             </li>
- *             <li>
- *                <p>PrefixListId</p>
- *             </li>
- *             <li>
- *                <p>ReferencedGroupId</p>
- *             </li>
- *          </ul>
- *          <p>When you modify a rule, you cannot change the rule type. For example, if the rule
- *             uses an IPv4 address range, you must use <code>CidrIpv4</code> to specify a new IPv4
- *             address range.</p>
  * @public
  */
-export interface SecurityGroupRuleRequest {
+export interface ModifyLocalGatewayRouteRequest {
   /**
-   * <p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>,
-   *                 <code>icmpv6</code>) or number (see <a href="http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml">Protocol Numbers</a>). </p>
-   *          <p>Use <code>-1</code> to specify all protocols.</p>
+   * <p>The CIDR block used for destination matches. The value that you provide must match the CIDR of an existing route in the table.</p>
    * @public
    */
-  IpProtocol?: string | undefined;
+  DestinationCidrBlock?: string | undefined;
 
   /**
-   * <p>If the protocol is TCP or UDP, this is the start of the port range.
-   *             If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).</p>
+   * <p>The ID of the local gateway route table.</p>
    * @public
    */
-  FromPort?: number | undefined;
+  LocalGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>If the protocol is TCP or UDP, this is the end of the port range.
-   *             If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes).
-   *             If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).</p>
+   * <p>
+   *          The ID of the virtual interface group.
+   *       </p>
    * @public
    */
-  ToPort?: number | undefined;
+  LocalGatewayVirtualInterfaceGroupId?: string | undefined;
 
   /**
-   * <p>The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length. </p>
+   * <p>The ID of the network interface.</p>
    * @public
    */
-  CidrIpv4?: string | undefined;
+  NetworkInterfaceId?: string | undefined;
 
   /**
-   * <p>The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  CidrIpv6?: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>The ID of the prefix list.</p>
+   * <p>
+   *          The ID of the prefix list. Use a prefix list in place of <code>DestinationCidrBlock</code>. You
+   *          cannot use <code>DestinationPrefixListId</code> and <code>DestinationCidrBlock</code> in the same request.
+   *       </p>
    * @public
    */
-  PrefixListId?: string | undefined;
+  DestinationPrefixListId?: string | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyLocalGatewayRouteResult {
   /**
-   * <p>The ID of the security group that is referenced in the security group rule.</p>
+   * <p>Information about the local gateway route table.</p>
    * @public
    */
-  ReferencedGroupId?: string | undefined;
+  Route?: LocalGatewayRoute | undefined;
+}
 
+/**
+ * <p>An entry for a prefix list.</p>
+ * @public
+ */
+export interface RemovePrefixListEntry {
   /**
-   * <p>The description of the security group rule.</p>
+   * <p>The CIDR block.</p>
    * @public
    */
-  Description?: string | undefined;
+  Cidr: string | undefined;
 }
 
 /**
- * <p>Describes an update to a security group rule.</p>
  * @public
  */
-export interface SecurityGroupRuleUpdate {
+export interface ModifyManagedPrefixListRequest {
   /**
-   * <p>The ID of the security group rule.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  SecurityGroupRuleId: string | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Information about the security group rule.</p>
+   * <p>The ID of the prefix list.</p>
    * @public
    */
-  SecurityGroupRule?: SecurityGroupRuleRequest | undefined;
-}
+  PrefixListId: string | undefined;
 
-/**
- * @public
- */
-export interface ModifySecurityGroupRulesRequest {
   /**
-   * <p>The ID of the security group.</p>
+   * <p>The current version of the prefix list.</p>
    * @public
    */
-  GroupId: string | undefined;
+  CurrentVersion?: number | undefined;
 
   /**
-   * <p>Information about the security group properties to update.</p>
+   * <p>A name for the prefix list.</p>
    * @public
    */
-  SecurityGroupRules: SecurityGroupRuleUpdate[] | undefined;
+  PrefixListName?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>One or more entries to add to the prefix list.</p>
+   * @public
+   */
+  AddEntries?: AddPrefixListEntry[] | undefined;
+
+  /**
+   * <p>One or more entries to remove from the prefix list.</p>
+   * @public
+   */
+  RemoveEntries?: RemovePrefixListEntry[] | undefined;
+
+  /**
+   * <p>The maximum number of entries for the prefix list. You cannot modify the entries
+   *             of a prefix list and modify the size of a prefix list at the same time.</p>
+   *          <p>If any of the resources that reference the prefix list cannot support the new
+   *             maximum size, the modify operation fails. Check the state message for the IDs of
+   *             the first ten resources that do not support the new maximum size.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  MaxEntries?: number | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifySecurityGroupRulesResult {
+export interface ModifyManagedPrefixListResult {
   /**
-   * <p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>
+   * <p>Information about the prefix list.</p>
    * @public
    */
-  Return?: boolean | undefined;
+  PrefixList?: ManagedPrefixList | undefined;
 }
 
 /**
- * <p>Describes modifications to the list of create volume permissions for a volume.</p>
+ * <p>Describes an attachment change.</p>
  * @public
  */
-export interface CreateVolumePermissionModifications {
+export interface NetworkInterfaceAttachmentChanges {
   /**
-   * <p>Adds the specified Amazon Web Services account ID or group to the list.</p>
+   * <p>The ID of the network interface attachment.</p>
    * @public
    */
-  Add?: CreateVolumePermission[] | undefined;
+  AttachmentId?: string | undefined;
 
   /**
-   * <p>Removes the specified Amazon Web Services account ID or group from the list.</p>
+   * <p>Indicates whether the network interface is deleted when the instance is terminated.</p>
    * @public
    */
-  Remove?: CreateVolumePermission[] | undefined;
+  DeleteOnTermination?: boolean | undefined;
 }
 
 /**
+ * <p>Contains the parameters for ModifyNetworkInterfaceAttribute.</p>
  * @public
  */
-export interface ModifySnapshotAttributeRequest {
-  /**
-   * <p>The snapshot attribute to modify. Only volume creation permissions can be modified.</p>
-   * @public
-   */
-  Attribute?: SnapshotAttributeName | undefined;
-
-  /**
-   * <p>A JSON representation of the snapshot attribute modification.</p>
-   * @public
-   */
-  CreateVolumePermission?: CreateVolumePermissionModifications | undefined;
-
+export interface ModifyNetworkInterfaceAttributeRequest {
   /**
-   * <p>The group to modify for the snapshot.</p>
+   * <p>Updates the ENA Express configuration for the network interface that’s attached to the
+   * 			instance.</p>
    * @public
    */
-  GroupNames?: string[] | undefined;
+  EnaSrdSpecification?: EnaSrdSpecification | undefined;
 
   /**
-   * <p>The type of operation to perform to the attribute.</p>
+   * <p>If you’re modifying a network interface in a dual-stack or IPv6-only subnet, you have
+   *             the option to assign a primary IPv6 IP address. A primary IPv6 address is an IPv6 GUA
+   *             address associated with an ENI that you have enabled to use a primary IPv6 address. Use
+   *             this option if the instance that this ENI will be attached to relies on its IPv6 address
+   *             not changing. Amazon Web Services will automatically assign an IPv6 address associated
+   *             with the ENI attached to your instance to be the primary IPv6 address. Once you enable
+   *             an IPv6 GUA address to be a primary IPv6, you cannot disable it. When you enable an IPv6
+   *             GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6
+   *             address until the instance is terminated or the network interface is detached. If you
+   *             have multiple IPv6 addresses associated with an ENI attached to your instance and you
+   *             enable a primary IPv6 address, the first IPv6 GUA address associated with the ENI
+   *             becomes the primary IPv6 address.</p>
    * @public
    */
-  OperationType?: OperationType | undefined;
+  EnablePrimaryIpv6?: boolean | undefined;
 
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>A connection tracking specification.</p>
    * @public
    */
-  SnapshotId: string | undefined;
+  ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined;
 
   /**
-   * <p>The account ID to modify for the snapshot.</p>
+   * <p>Indicates whether to assign a public IPv4 address to a network interface.
+   *             This option can be enabled for any network interface but will only apply to the primary network interface (eth0).</p>
    * @public
    */
-  UserIds?: string[] | undefined;
+  AssociatePublicIpAddress?: boolean | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   *             and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *             Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
   DryRun?: boolean | undefined;
-}
-
-/**
- * @public
- * @enum
- */
-export const TargetStorageTier = {
-  archive: "archive",
-} as const;
-
-/**
- * @public
- */
-export type TargetStorageTier = (typeof TargetStorageTier)[keyof typeof TargetStorageTier];
 
-/**
- * @public
- */
-export interface ModifySnapshotTierRequest {
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>The ID of the network interface.</p>
    * @public
    */
-  SnapshotId: string | undefined;
+  NetworkInterfaceId: string | undefined;
 
   /**
-   * <p>The name of the storage tier. You must specify <code>archive</code>.</p>
+   * <p>A description for the network interface.</p>
    * @public
    */
-  StorageTier?: TargetStorageTier | undefined;
+  Description?: AttributeValue | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Enable or disable source/destination checks, which ensure that the instance
+   *             is either the source or the destination of any traffic that it receives.
+   *             If the value is <code>true</code>, source/destination checks are enabled;
+   *             otherwise, they are disabled. The default value is <code>true</code>.
+   *             You must disable source/destination checks if the instance runs services
+   *             such as network address translation, routing, or firewalls.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  SourceDestCheck?: AttributeBooleanValue | undefined;
 
-/**
- * @public
- */
-export interface ModifySnapshotTierResult {
   /**
-   * <p>The ID of the snapshot.</p>
+   * <p>Changes the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.</p>
    * @public
    */
-  SnapshotId?: string | undefined;
+  Groups?: string[] | undefined;
 
   /**
-   * <p>The date and time when the archive process was started.</p>
+   * <p>Information about the interface attachment. If modifying the <code>delete on
+   * 				termination</code> attribute, you must specify the ID of the interface
+   * 			attachment.</p>
    * @public
    */
-  TieringStartTime?: Date | undefined;
+  Attachment?: NetworkInterfaceAttachmentChanges | undefined;
 }
 
 /**
- * <p>Contains the parameters for ModifySpotFleetRequest.</p>
  * @public
  */
-export interface ModifySpotFleetRequestRequest {
-  /**
-   * <p>The launch template and overrides. You can only use this parameter if you specified a
-   *             launch template (<code>LaunchTemplateConfigs</code>) in your Spot Fleet request. If you
-   *             specified <code>LaunchSpecifications</code> in your Spot Fleet request, then omit this
-   *             parameter.</p>
-   * @public
-   */
-  LaunchTemplateConfigs?: LaunchTemplateConfig[] | undefined;
-
+export interface ModifyPrivateDnsNameOptionsRequest {
   /**
-   * <p>The number of On-Demand Instances in the fleet.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually
+   *             making the request, and provides an error response. If you have the required
+   *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+   *                 <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  OnDemandTargetCapacity?: number | undefined;
+  DryRun?: boolean | undefined;
 
   /**
-   * <p>Reserved.</p>
+   * <p>The ID of the instance.</p>
    * @public
    */
-  Context?: string | undefined;
+  InstanceId: string | undefined;
 
   /**
-   * <p>The ID of the Spot Fleet request.</p>
+   * <p>The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name
+   *             must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name
+   *             must be based on the instance ID. For dual-stack subnets, you can specify whether DNS
+   *             names use the instance IPv4 address or the instance ID.</p>
    * @public
    */
-  SpotFleetRequestId: string | undefined;
+  PrivateDnsHostnameType?: HostnameType | undefined;
 
   /**
-   * <p>The size of the fleet.</p>
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A
+   *             records.</p>
    * @public
    */
-  TargetCapacity?: number | undefined;
+  EnableResourceNameDnsARecord?: boolean | undefined;
 
   /**
-   * <p>Indicates whether running instances should be terminated if the target capacity
-   *             of the Spot Fleet request is decreased below the current size of the Spot Fleet.</p>
-   *          <p>Supported only for fleets of type <code>maintain</code>.</p>
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA
+   *             records.</p>
    * @public
    */
-  ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | undefined;
+  EnableResourceNameDnsAAAARecord?: boolean | undefined;
 }
 
 /**
- * <p>Contains the output of ModifySpotFleetRequest.</p>
  * @public
  */
-export interface ModifySpotFleetRequestResponse {
+export interface ModifyPrivateDnsNameOptionsResult {
   /**
-   * <p>If the request succeeds, the response returns <code>true</code>. If the request fails,
-   *             no response is returned, and instead an error message is returned.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an
+   *             error.</p>
    * @public
    */
   Return?: boolean | undefined;
 }
 
 /**
+ * <p>Contains the parameters for ModifyReservedInstances.</p>
  * @public
  */
-export interface ModifySubnetAttributeRequest {
+export interface ModifyReservedInstancesRequest {
   /**
-   * <p>Specify <code>true</code> to indicate that network interfaces created in the
-   *             specified subnet should be assigned an IPv6 address. This includes a network interface
-   *             that's created when launching an instance into the subnet (the instance therefore
-   *             receives an IPv6 address). </p>
-   *          <p>If you enable the IPv6 addressing feature for your subnet, your network interface
-   *             or instance only receives an IPv6 address if it's created using version
-   *                 <code>2016-11-15</code> or later of the Amazon EC2 API.</p>
+   * <p>The IDs of the Reserved Instances to modify.</p>
    * @public
    */
-  AssignIpv6AddressOnCreation?: AttributeBooleanValue | undefined;
+  ReservedInstancesIds: string[] | undefined;
 
   /**
-   * <p>Specify <code>true</code> to indicate that network interfaces attached to instances created in the
-   *             specified subnet should be assigned a public IPv4 address.</p>
-   *          <p>Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses
-   * associated with running instances and Elastic IP addresses. For more information, see the <i>Public IPv4 Address</i> tab on the <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing page</a>.</p>
+   * <p>A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see
+   *    		<a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html">Ensuring Idempotency</a>.</p>
    * @public
    */
-  MapPublicIpOnLaunch?: AttributeBooleanValue | undefined;
+  ClientToken?: string | undefined;
 
   /**
-   * <p>The ID of the subnet.</p>
+   * <p>The configuration settings for the Reserved Instances to modify.</p>
    * @public
    */
-  SubnetId: string | undefined;
+  TargetConfigurations: ReservedInstancesConfiguration[] | undefined;
+}
 
+/**
+ * <p>Contains the output of ModifyReservedInstances.</p>
+ * @public
+ */
+export interface ModifyReservedInstancesResult {
   /**
-   * <p>Specify <code>true</code> to indicate that network interfaces  attached to instances created in the
-   *             specified subnet should be assigned a customer-owned IPv4 address.</p>
-   *          <p>When this value is <code>true</code>, you must specify the customer-owned IP pool using <code>CustomerOwnedIpv4Pool</code>.</p>
+   * <p>The ID for the modification.</p>
    * @public
    */
-  MapCustomerOwnedIpOnLaunch?: AttributeBooleanValue | undefined;
+  ReservedInstancesModificationId?: string | undefined;
+}
+
+/**
+ * <p>Describes a security group rule.</p>
+ *          <p>You must specify exactly one of the following parameters, based on the rule type:</p>
+ *          <ul>
+ *             <li>
+ *                <p>CidrIpv4</p>
+ *             </li>
+ *             <li>
+ *                <p>CidrIpv6</p>
+ *             </li>
+ *             <li>
+ *                <p>PrefixListId</p>
+ *             </li>
+ *             <li>
+ *                <p>ReferencedGroupId</p>
+ *             </li>
+ *          </ul>
+ *          <p>When you modify a rule, you cannot change the rule type. For example, if the rule
+ *             uses an IPv4 address range, you must use <code>CidrIpv4</code> to specify a new IPv4
+ *             address range.</p>
+ * @public
+ */
+export interface SecurityGroupRuleRequest {
+  /**
+   * <p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>,
+   *                 <code>icmpv6</code>) or number (see <a href="http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml">Protocol Numbers</a>). </p>
+   *          <p>Use <code>-1</code> to specify all protocols.</p>
+   * @public
+   */
+  IpProtocol?: string | undefined;
 
   /**
-   * <p>The customer-owned IPv4 address pool associated with the subnet.</p>
-   *          <p>You must set this value when you specify <code>true</code> for <code>MapCustomerOwnedIpOnLaunch</code>.</p>
+   * <p>If the protocol is TCP or UDP, this is the start of the port range.
+   *             If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).</p>
    * @public
    */
-  CustomerOwnedIpv4Pool?: string | undefined;
+  FromPort?: number | undefined;
 
   /**
-   * <p>Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet
-   *             should return synthetic IPv6 addresses for IPv4-only destinations.</p>
-   *          <p>You must first configure a NAT gateway in a public subnet (separate from the subnet
-   *            containing the IPv6-only workloads). For example, the subnet containing the NAT gateway
-   *            should have a <code>0.0.0.0/0</code> route pointing to the internet gateway. For more
-   *            information, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough">Configure DNS64 and NAT64</a> in the <i>Amazon VPC User Guide</i>.</p>
+   * <p>If the protocol is TCP or UDP, this is the end of the port range.
+   *             If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes).
+   *             If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).</p>
    * @public
    */
-  EnableDns64?: AttributeBooleanValue | undefined;
+  ToPort?: number | undefined;
 
   /**
-   * <p>The type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an
-   *             instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance
-   *             DNS name must be based on the instance ID (resource-name).</p>
+   * <p>The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length. </p>
    * @public
    */
-  PrivateDnsHostnameTypeOnLaunch?: HostnameType | undefined;
+  CidrIpv4?: string | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A records.</p>
+   * <p>The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.</p>
    * @public
    */
-  EnableResourceNameDnsARecordOnLaunch?: AttributeBooleanValue | undefined;
+  CidrIpv6?: string | undefined;
 
   /**
-   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.</p>
+   * <p>The ID of the prefix list.</p>
    * @public
    */
-  EnableResourceNameDnsAAAARecordOnLaunch?: AttributeBooleanValue | undefined;
+  PrefixListId?: string | undefined;
 
   /**
-   * <p>
-   *             Indicates the device position for local network interfaces in this subnet. For example,
-   *             <code>1</code> indicates local network interfaces in this subnet are the secondary
-   *             network interface (eth1). A local network interface cannot be the primary network
-   *             interface (eth0).
-   *         </p>
+   * <p>The ID of the security group that is referenced in the security group rule.</p>
    * @public
    */
-  EnableLniAtDeviceIndex?: number | undefined;
+  ReferencedGroupId?: string | undefined;
 
   /**
-   * <p>
-   *             Specify <code>true</code> to indicate that local network interfaces at the current
-   *             position should be disabled.
-   *         </p>
+   * <p>The description of the security group rule.</p>
    * @public
    */
-  DisableLniAtDeviceIndex?: AttributeBooleanValue | undefined;
+  Description?: string | undefined;
 }
 
 /**
+ * <p>Describes an update to a security group rule.</p>
  * @public
  */
-export interface ModifyTrafficMirrorFilterNetworkServicesRequest {
+export interface SecurityGroupRuleUpdate {
   /**
-   * <p>The ID of the Traffic Mirror filter.</p>
+   * <p>The ID of the security group rule.</p>
    * @public
    */
-  TrafficMirrorFilterId: string | undefined;
+  SecurityGroupRuleId: string | undefined;
 
   /**
-   * <p>The network service, for example Amazon DNS, that you want to mirror.</p>
+   * <p>Information about the security group rule.</p>
    * @public
    */
-  AddNetworkServices?: TrafficMirrorNetworkService[] | undefined;
+  SecurityGroupRule?: SecurityGroupRuleRequest | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifySecurityGroupRulesRequest {
   /**
-   * <p>The network service, for example Amazon DNS, that you no longer want to mirror.</p>
+   * <p>The ID of the security group.</p>
    * @public
    */
-  RemoveNetworkServices?: TrafficMirrorNetworkService[] | undefined;
+  GroupId: string | undefined;
+
+  /**
+   * <p>Information about the security group properties to update.</p>
+   * @public
+   */
+  SecurityGroupRules: SecurityGroupRuleUpdate[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8262,102 +8459,71 @@ export interface ModifyTrafficMirrorFilterNetworkServicesRequest {
 /**
  * @public
  */
-export interface ModifyTrafficMirrorFilterNetworkServicesResult {
+export interface ModifySecurityGroupRulesResult {
   /**
-   * <p>The Traffic Mirror filter that the network service is associated with.</p>
+   * <p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>
    * @public
    */
-  TrafficMirrorFilter?: TrafficMirrorFilter | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
- * @public
- * @enum
- */
-export const TrafficMirrorFilterRuleField = {
-  description: "description",
-  destination_port_range: "destination-port-range",
-  protocol: "protocol",
-  source_port_range: "source-port-range",
-} as const;
-
-/**
- * @public
- */
-export type TrafficMirrorFilterRuleField =
-  (typeof TrafficMirrorFilterRuleField)[keyof typeof TrafficMirrorFilterRuleField];
-
-/**
+ * <p>Describes modifications to the list of create volume permissions for a volume.</p>
  * @public
  */
-export interface ModifyTrafficMirrorFilterRuleRequest {
-  /**
-   * <p>The ID of the Traffic Mirror rule.</p>
-   * @public
-   */
-  TrafficMirrorFilterRuleId: string | undefined;
-
-  /**
-   * <p>The type of traffic to assign to the rule.</p>
-   * @public
-   */
-  TrafficDirection?: TrafficDirection | undefined;
-
-  /**
-   * <p>The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given
-   *          direction. The rules are processed in ascending order by rule number.</p>
-   * @public
-   */
-  RuleNumber?: number | undefined;
-
+export interface CreateVolumePermissionModifications {
   /**
-   * <p>The action to assign to the rule.</p>
+   * <p>Adds the specified Amazon Web Services account ID or group to the list.</p>
    * @public
    */
-  RuleAction?: TrafficMirrorRuleAction | undefined;
+  Add?: CreateVolumePermission[] | undefined;
 
   /**
-   * <p>The destination ports that are associated with the Traffic Mirror rule.</p>
+   * <p>Removes the specified Amazon Web Services account ID or group from the list.</p>
    * @public
    */
-  DestinationPortRange?: TrafficMirrorPortRangeRequest | undefined;
+  Remove?: CreateVolumePermission[] | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifySnapshotAttributeRequest {
   /**
-   * <p>The port range to assign to the Traffic Mirror rule.</p>
+   * <p>The snapshot attribute to modify. Only volume creation permissions can be modified.</p>
    * @public
    */
-  SourcePortRange?: TrafficMirrorPortRangeRequest | undefined;
+  Attribute?: SnapshotAttributeName | undefined;
 
   /**
-   * <p>The protocol, for example TCP, to assign to the Traffic Mirror rule.</p>
+   * <p>A JSON representation of the snapshot attribute modification.</p>
    * @public
    */
-  Protocol?: number | undefined;
+  CreateVolumePermission?: CreateVolumePermissionModifications | undefined;
 
   /**
-   * <p>The destination CIDR block to assign to the Traffic Mirror rule.</p>
+   * <p>The group to modify for the snapshot.</p>
    * @public
    */
-  DestinationCidrBlock?: string | undefined;
+  GroupNames?: string[] | undefined;
 
   /**
-   * <p>The source CIDR block to assign to the Traffic Mirror rule.</p>
+   * <p>The type of operation to perform to the attribute.</p>
    * @public
    */
-  SourceCidrBlock?: string | undefined;
+  OperationType?: OperationType | undefined;
 
   /**
-   * <p>The description to assign to the Traffic Mirror rule.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  Description?: string | undefined;
+  SnapshotId: string | undefined;
 
   /**
-   * <p>The properties that you want to remove from the Traffic Mirror filter rule.</p>
-   *          <p>When you remove a property from a Traffic Mirror filter rule, the property is set to the default.</p>
+   * <p>The account ID to modify for the snapshot.</p>
    * @public
    */
-  RemoveFields?: TrafficMirrorFilterRuleField[] | undefined;
+  UserIds?: string[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8368,225 +8534,240 @@ export interface ModifyTrafficMirrorFilterRuleRequest {
   DryRun?: boolean | undefined;
 }
 
-/**
- * @public
- */
-export interface ModifyTrafficMirrorFilterRuleResult {
-  /**
-   * <note>
-   *             <p>Tags are not returned for ModifyTrafficMirrorFilterRule.</p>
-   *          </note>
-   *          <p>A Traffic Mirror rule.</p>
-   * @public
-   */
-  TrafficMirrorFilterRule?: TrafficMirrorFilterRule | undefined;
-}
-
 /**
  * @public
  * @enum
  */
-export const TrafficMirrorSessionField = {
-  description: "description",
-  packet_length: "packet-length",
-  virtual_network_id: "virtual-network-id",
+export const TargetStorageTier = {
+  archive: "archive",
 } as const;
 
 /**
  * @public
  */
-export type TrafficMirrorSessionField = (typeof TrafficMirrorSessionField)[keyof typeof TrafficMirrorSessionField];
+export type TargetStorageTier = (typeof TargetStorageTier)[keyof typeof TargetStorageTier];
 
 /**
  * @public
  */
-export interface ModifyTrafficMirrorSessionRequest {
+export interface ModifySnapshotTierRequest {
   /**
-   * <p>The ID of the Traffic Mirror session.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  TrafficMirrorSessionId: string | undefined;
+  SnapshotId: string | undefined;
 
   /**
-   * <p>The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.</p>
+   * <p>The name of the storage tier. You must specify <code>archive</code>.</p>
    * @public
    */
-  TrafficMirrorTargetId?: string | undefined;
+  StorageTier?: TargetStorageTier | undefined;
 
   /**
-   * <p>The ID of the Traffic Mirror filter.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  TrafficMirrorFilterId?: string | undefined;
+  DryRun?: boolean | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifySnapshotTierResult {
   /**
-   * <p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.</p>
-   *          <p>For sessions with Network Load Balancer (NLB) traffic mirror targets, the default <code>PacketLength</code> will be set to 8500. Valid values are 1-8500. Setting a <code>PacketLength</code> greater than 8500 will result in an error response.</p>
+   * <p>The ID of the snapshot.</p>
    * @public
    */
-  PacketLength?: number | undefined;
+  SnapshotId?: string | undefined;
 
   /**
-   * <p>The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.</p>
-   *          <p>Valid values are 1-32766.</p>
+   * <p>The date and time when the archive process was started.</p>
    * @public
    */
-  SessionNumber?: number | undefined;
+  TieringStartTime?: Date | undefined;
+}
 
+/**
+ * <p>Contains the parameters for ModifySpotFleetRequest.</p>
+ * @public
+ */
+export interface ModifySpotFleetRequestRequest {
   /**
-   * <p>The virtual network ID of the Traffic Mirror session.</p>
+   * <p>The launch template and overrides. You can only use this parameter if you specified a
+   *             launch template (<code>LaunchTemplateConfigs</code>) in your Spot Fleet request. If you
+   *             specified <code>LaunchSpecifications</code> in your Spot Fleet request, then omit this
+   *             parameter.</p>
    * @public
    */
-  VirtualNetworkId?: number | undefined;
+  LaunchTemplateConfigs?: LaunchTemplateConfig[] | undefined;
 
   /**
-   * <p>The description to assign to the Traffic Mirror session.</p>
+   * <p>The number of On-Demand Instances in the fleet.</p>
    * @public
    */
-  Description?: string | undefined;
+  OnDemandTargetCapacity?: number | undefined;
 
   /**
-   * <p>The properties that you want to remove from the Traffic Mirror session.</p>
-   *          <p>When you remove a property from a Traffic Mirror session, the property is set to the default.</p>
+   * <p>Reserved.</p>
    * @public
    */
-  RemoveFields?: TrafficMirrorSessionField[] | undefined;
+  Context?: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The ID of the Spot Fleet request.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SpotFleetRequestId: string | undefined;
+
+  /**
+   * <p>The size of the fleet.</p>
+   * @public
+   */
+  TargetCapacity?: number | undefined;
+
+  /**
+   * <p>Indicates whether running instances should be terminated if the target capacity
+   *             of the Spot Fleet request is decreased below the current size of the Spot Fleet.</p>
+   *          <p>Supported only for fleets of type <code>maintain</code>.</p>
+   * @public
+   */
+  ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | undefined;
 }
 
 /**
+ * <p>Contains the output of ModifySpotFleetRequest.</p>
  * @public
  */
-export interface ModifyTrafficMirrorSessionResult {
+export interface ModifySpotFleetRequestResponse {
   /**
-   * <p>Information about the Traffic Mirror session.</p>
+   * <p>If the request succeeds, the response returns <code>true</code>. If the request fails,
+   *             no response is returned, and instead an error message is returned.</p>
    * @public
    */
-  TrafficMirrorSession?: TrafficMirrorSession | undefined;
+  Return?: boolean | undefined;
 }
 
 /**
- * <p>The transit gateway options.</p>
  * @public
  */
-export interface ModifyTransitGatewayOptions {
+export interface ModifySubnetAttributeRequest {
   /**
-   * <p>Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.</p>
+   * <p>Specify <code>true</code> to indicate that network interfaces created in the
+   *             specified subnet should be assigned an IPv6 address. This includes a network interface
+   *             that's created when launching an instance into the subnet (the instance therefore
+   *             receives an IPv6 address). </p>
+   *          <p>If you enable the IPv6 addressing feature for your subnet, your network interface
+   *             or instance only receives an IPv6 address if it's created using version
+   *                 <code>2016-11-15</code> or later of the Amazon EC2 API.</p>
    * @public
    */
-  AddTransitGatewayCidrBlocks?: string[] | undefined;
+  AssignIpv6AddressOnCreation?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Removes CIDR blocks for the transit gateway.</p>
+   * <p>Specify <code>true</code> to indicate that network interfaces attached to instances created in the
+   *             specified subnet should be assigned a public IPv4 address.</p>
+   *          <p>Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses
+   * associated with running instances and Elastic IP addresses. For more information, see the <i>Public IPv4 Address</i> tab on the <a href="http://aws.amazon.com/vpc/pricing/">Amazon VPC pricing page</a>.</p>
    * @public
    */
-  RemoveTransitGatewayCidrBlocks?: string[] | undefined;
+  MapPublicIpOnLaunch?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Enable or disable Equal Cost Multipath Protocol support.</p>
+   * <p>The ID of the subnet.</p>
    * @public
    */
-  VpnEcmpSupport?: VpnEcmpSupportValue | undefined;
+  SubnetId: string | undefined;
 
   /**
-   * <p>Enable or disable DNS support.</p>
+   * <p>Specify <code>true</code> to indicate that network interfaces  attached to instances created in the
+   *             specified subnet should be assigned a customer-owned IPv4 address.</p>
+   *          <p>When this value is <code>true</code>, you must specify the customer-owned IP pool using <code>CustomerOwnedIpv4Pool</code>.</p>
    * @public
    */
-  DnsSupport?: DnsSupportValue | undefined;
+  MapCustomerOwnedIpOnLaunch?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.
-   *
-   * </p>
-   *          <p>This option is disabled by default.</p>
-   *          <p>For more information about security group referencing, see  <a href="https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html#vpc-attachment-security">Security group referencing</a> in the <i>Amazon Web Services Transit Gateways Guide</i>.</p>
+   * <p>The customer-owned IPv4 address pool associated with the subnet.</p>
+   *          <p>You must set this value when you specify <code>true</code> for <code>MapCustomerOwnedIpOnLaunch</code>.</p>
    * @public
    */
-  SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined;
+  CustomerOwnedIpv4Pool?: string | undefined;
 
   /**
-   * <p>Enable or disable automatic acceptance of attachment requests.</p>
+   * <p>Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet
+   *             should return synthetic IPv6 addresses for IPv4-only destinations.</p>
+   *          <p>You must first configure a NAT gateway in a public subnet (separate from the subnet
+   *            containing the IPv6-only workloads). For example, the subnet containing the NAT gateway
+   *            should have a <code>0.0.0.0/0</code> route pointing to the internet gateway. For more
+   *            information, see <a href="https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough">Configure DNS64 and NAT64</a> in the <i>Amazon VPC User Guide</i>.</p>
    * @public
    */
-  AutoAcceptSharedAttachments?: AutoAcceptSharedAttachmentsValue | undefined;
+  EnableDns64?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Enable or disable automatic association with the default association route table.</p>
+   * <p>The type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an
+   *             instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance
+   *             DNS name must be based on the instance ID (resource-name).</p>
    * @public
    */
-  DefaultRouteTableAssociation?: DefaultRouteTableAssociationValue | undefined;
+  PrivateDnsHostnameTypeOnLaunch?: HostnameType | undefined;
 
   /**
-   * <p>The ID of the default association route table.</p>
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS A records.</p>
    * @public
    */
-  AssociationDefaultRouteTableId?: string | undefined;
+  EnableResourceNameDnsARecordOnLaunch?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>Enable or disable automatic propagation of routes to the default propagation route table.</p>
+   * <p>Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.</p>
    * @public
    */
-  DefaultRouteTablePropagation?: DefaultRouteTablePropagationValue | undefined;
+  EnableResourceNameDnsAAAARecordOnLaunch?: AttributeBooleanValue | undefined;
 
   /**
-   * <p>The ID of the default propagation route table.</p>
+   * <p>
+   *             Indicates the device position for local network interfaces in this subnet. For example,
+   *             <code>1</code> indicates local network interfaces in this subnet are the secondary
+   *             network interface (eth1). A local network interface cannot be the primary network
+   *             interface (eth0).
+   *         </p>
    * @public
    */
-  PropagationDefaultRouteTableId?: string | undefined;
+  EnableLniAtDeviceIndex?: number | undefined;
 
   /**
-   * <p>A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
-   *             The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.</p>
-   *          <p>The modify ASN operation is not allowed on a transit gateway if it has the following attachments:</p>
-   *          <ul>
-   *             <li>
-   *                <p>Dynamic VPN</p>
-   *             </li>
-   *             <li>
-   *                <p>Static VPN</p>
-   *             </li>
-   *             <li>
-   *                <p>Direct Connect Gateway</p>
-   *             </li>
-   *             <li>
-   *                <p>Connect</p>
-   *             </li>
-   *          </ul>
-   *          <p>You must first delete all transit gateway attachments configured prior to modifying the ASN on
-   *             the transit gateway.</p>
+   * <p>
+   *             Specify <code>true</code> to indicate that local network interfaces at the current
+   *             position should be disabled.
+   *         </p>
    * @public
    */
-  AmazonSideAsn?: number | undefined;
+  DisableLniAtDeviceIndex?: AttributeBooleanValue | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyTransitGatewayRequest {
+export interface ModifyTrafficMirrorFilterNetworkServicesRequest {
   /**
-   * <p>The ID of the transit gateway.</p>
+   * <p>The ID of the Traffic Mirror filter.</p>
    * @public
    */
-  TransitGatewayId: string | undefined;
+  TrafficMirrorFilterId: string | undefined;
 
   /**
-   * <p>The description for the transit gateway.</p>
+   * <p>The network service, for example Amazon DNS, that you want to mirror.</p>
    * @public
    */
-  Description?: string | undefined;
+  AddNetworkServices?: TrafficMirrorNetworkService[] | undefined;
 
   /**
-   * <p>The options to modify.</p>
+   * <p>The network service, for example Amazon DNS, that you no longer want to mirror.</p>
    * @public
    */
-  Options?: ModifyTransitGatewayOptions | undefined;
+  RemoveNetworkServices?: TrafficMirrorNetworkService[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8600,123 +8781,102 @@ export interface ModifyTransitGatewayRequest {
 /**
  * @public
  */
-export interface ModifyTransitGatewayResult {
+export interface ModifyTrafficMirrorFilterNetworkServicesResult {
   /**
-   * <p>Information about the transit gateway.</p>
+   * <p>The Traffic Mirror filter that the network service is associated with.</p>
    * @public
    */
-  TransitGateway?: TransitGateway | undefined;
+  TrafficMirrorFilter?: TrafficMirrorFilter | undefined;
 }
 
 /**
  * @public
+ * @enum
  */
-export interface ModifyTransitGatewayPrefixListReferenceRequest {
-  /**
-   * <p>The ID of the transit gateway route table.</p>
-   * @public
-   */
-  TransitGatewayRouteTableId: string | undefined;
-
-  /**
-   * <p>The ID of the prefix list.</p>
-   * @public
-   */
-  PrefixListId: string | undefined;
+export const TrafficMirrorFilterRuleField = {
+  description: "description",
+  destination_port_range: "destination-port-range",
+  protocol: "protocol",
+  source_port_range: "source-port-range",
+} as const;
 
-  /**
-   * <p>The ID of the attachment to which traffic is routed.</p>
-   * @public
-   */
-  TransitGatewayAttachmentId?: string | undefined;
+/**
+ * @public
+ */
+export type TrafficMirrorFilterRuleField =
+  (typeof TrafficMirrorFilterRuleField)[keyof typeof TrafficMirrorFilterRuleField];
 
+/**
+ * @public
+ */
+export interface ModifyTrafficMirrorFilterRuleRequest {
   /**
-   * <p>Indicates whether to drop traffic that matches this route.</p>
+   * <p>The ID of the Traffic Mirror rule.</p>
    * @public
    */
-  Blackhole?: boolean | undefined;
+  TrafficMirrorFilterRuleId: string | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>The type of traffic to assign to the rule.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
-}
+  TrafficDirection?: TrafficDirection | undefined;
 
-/**
- * @public
- */
-export interface ModifyTransitGatewayPrefixListReferenceResult {
   /**
-   * <p>Information about the prefix list reference.</p>
+   * <p>The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given
+   *          direction. The rules are processed in ascending order by rule number.</p>
    * @public
    */
-  TransitGatewayPrefixListReference?: TransitGatewayPrefixListReference | undefined;
-}
+  RuleNumber?: number | undefined;
 
-/**
- * <p>Describes the options for a VPC attachment.</p>
- * @public
- */
-export interface ModifyTransitGatewayVpcAttachmentRequestOptions {
   /**
-   * <p>Enable or disable DNS support. The default is <code>enable</code>.</p>
+   * <p>The action to assign to the rule.</p>
    * @public
    */
-  DnsSupport?: DnsSupportValue | undefined;
+  RuleAction?: TrafficMirrorRuleAction | undefined;
 
   /**
-   * <p>Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.
-   *
-   * </p>
-   *          <p>This option is disabled by default.</p>
-   *          <p>For more information about security group referencing, see  <a href="https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html#vpc-attachment-security">Security group referencing</a> in the <i>Amazon Web Services Transit Gateways Guide</i>.</p>
+   * <p>The destination ports that are associated with the Traffic Mirror rule.</p>
    * @public
    */
-  SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined;
+  DestinationPortRange?: TrafficMirrorPortRangeRequest | undefined;
 
   /**
-   * <p>Enable or disable IPv6 support. The default is <code>enable</code>.</p>
+   * <p>The port range to assign to the Traffic Mirror rule.</p>
    * @public
    */
-  Ipv6Support?: Ipv6SupportValue | undefined;
+  SourcePortRange?: TrafficMirrorPortRangeRequest | undefined;
 
   /**
-   * <p>Enable or disable support for appliance mode. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is <code>disable</code>.</p>
+   * <p>The protocol, for example TCP, to assign to the Traffic Mirror rule.</p>
    * @public
    */
-  ApplianceModeSupport?: ApplianceModeSupportValue | undefined;
-}
+  Protocol?: number | undefined;
 
-/**
- * @public
- */
-export interface ModifyTransitGatewayVpcAttachmentRequest {
   /**
-   * <p>The ID of the attachment.</p>
+   * <p>The destination CIDR block to assign to the Traffic Mirror rule.</p>
    * @public
    */
-  TransitGatewayAttachmentId: string | undefined;
+  DestinationCidrBlock?: string | undefined;
 
   /**
-   * <p>The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.</p>
+   * <p>The source CIDR block to assign to the Traffic Mirror rule.</p>
    * @public
    */
-  AddSubnetIds?: string[] | undefined;
+  SourceCidrBlock?: string | undefined;
 
   /**
-   * <p>The IDs of one or more subnets to remove.</p>
+   * <p>The description to assign to the Traffic Mirror rule.</p>
    * @public
    */
-  RemoveSubnetIds?: string[] | undefined;
+  Description?: string | undefined;
 
   /**
-   * <p>The new VPC attachment options.</p>
+   * <p>The properties that you want to remove from the Traffic Mirror filter rule.</p>
+   *          <p>When you remove a property from a Traffic Mirror filter rule, the property is set to the default.</p>
    * @public
    */
-  Options?: ModifyTransitGatewayVpcAttachmentRequestOptions | undefined;
+  RemoveFields?: TrafficMirrorFilterRuleField[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8730,99 +8890,86 @@ export interface ModifyTransitGatewayVpcAttachmentRequest {
 /**
  * @public
  */
-export interface ModifyTransitGatewayVpcAttachmentResult {
+export interface ModifyTrafficMirrorFilterRuleResult {
   /**
-   * <p>Information about the modified attachment.</p>
+   * <note>
+   *             <p>Tags are not returned for ModifyTrafficMirrorFilterRule.</p>
+   *          </note>
+   *          <p>A Traffic Mirror rule.</p>
    * @public
    */
-  TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment | undefined;
+  TrafficMirrorFilterRule?: TrafficMirrorFilterRule | undefined;
 }
 
 /**
- * <p>Describes a load balancer when creating an Amazon Web Services Verified Access endpoint using the
- *             <code>load-balancer</code> type.</p>
  * @public
+ * @enum
  */
-export interface ModifyVerifiedAccessEndpointLoadBalancerOptions {
-  /**
-   * <p>The IDs of the subnets.</p>
-   * @public
-   */
-  SubnetIds?: string[] | undefined;
-
-  /**
-   * <p>The IP protocol.</p>
-   * @public
-   */
-  Protocol?: VerifiedAccessEndpointProtocol | undefined;
+export const TrafficMirrorSessionField = {
+  description: "description",
+  packet_length: "packet-length",
+  virtual_network_id: "virtual-network-id",
+} as const;
 
-  /**
-   * <p>The IP port number.</p>
-   * @public
-   */
-  Port?: number | undefined;
-}
+/**
+ * @public
+ */
+export type TrafficMirrorSessionField = (typeof TrafficMirrorSessionField)[keyof typeof TrafficMirrorSessionField];
 
 /**
- * <p>Describes the options when modifying a Verified Access endpoint with the
- *             <code>network-interface</code> type.</p>
  * @public
  */
-export interface ModifyVerifiedAccessEndpointEniOptions {
+export interface ModifyTrafficMirrorSessionRequest {
   /**
-   * <p>The IP protocol.</p>
+   * <p>The ID of the Traffic Mirror session.</p>
    * @public
    */
-  Protocol?: VerifiedAccessEndpointProtocol | undefined;
+  TrafficMirrorSessionId: string | undefined;
 
   /**
-   * <p>The IP port number.</p>
+   * <p>The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.</p>
    * @public
    */
-  Port?: number | undefined;
-}
+  TrafficMirrorTargetId?: string | undefined;
 
-/**
- * @public
- */
-export interface ModifyVerifiedAccessEndpointRequest {
   /**
-   * <p>The ID of the Verified Access endpoint.</p>
+   * <p>The ID of the Traffic Mirror filter.</p>
    * @public
    */
-  VerifiedAccessEndpointId: string | undefined;
+  TrafficMirrorFilterId?: string | undefined;
 
   /**
-   * <p>The ID of the Verified Access group.</p>
+   * <p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.</p>
+   *          <p>For sessions with Network Load Balancer (NLB) traffic mirror targets, the default <code>PacketLength</code> will be set to 8500. Valid values are 1-8500. Setting a <code>PacketLength</code> greater than 8500 will result in an error response.</p>
    * @public
    */
-  VerifiedAccessGroupId?: string | undefined;
+  PacketLength?: number | undefined;
 
   /**
-   * <p>The load balancer details if creating the Verified Access endpoint as
-   *          <code>load-balancer</code>type.</p>
+   * <p>The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.</p>
+   *          <p>Valid values are 1-32766.</p>
    * @public
    */
-  LoadBalancerOptions?: ModifyVerifiedAccessEndpointLoadBalancerOptions | undefined;
+  SessionNumber?: number | undefined;
 
   /**
-   * <p>The network interface options.</p>
+   * <p>The virtual network ID of the Traffic Mirror session.</p>
    * @public
    */
-  NetworkInterfaceOptions?: ModifyVerifiedAccessEndpointEniOptions | undefined;
+  VirtualNetworkId?: number | undefined;
 
   /**
-   * <p>A description for the Verified Access endpoint.</p>
+   * <p>The description to assign to the Traffic Mirror session.</p>
    * @public
    */
   Description?: string | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>The properties that you want to remove from the Traffic Mirror session.</p>
+   *          <p>When you remove a property from a Traffic Mirror session, the property is set to the default.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  RemoveFields?: TrafficMirrorSessionField[] | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8836,109 +8983,129 @@ export interface ModifyVerifiedAccessEndpointRequest {
 /**
  * @public
  */
-export interface ModifyVerifiedAccessEndpointResult {
+export interface ModifyTrafficMirrorSessionResult {
   /**
-   * <p>Details about the Verified Access endpoint.</p>
+   * <p>Information about the Traffic Mirror session.</p>
    * @public
    */
-  VerifiedAccessEndpoint?: VerifiedAccessEndpoint | undefined;
+  TrafficMirrorSession?: TrafficMirrorSession | undefined;
 }
 
 /**
+ * <p>The transit gateway options.</p>
  * @public
  */
-export interface ModifyVerifiedAccessEndpointPolicyRequest {
+export interface ModifyTransitGatewayOptions {
   /**
-   * <p>The ID of the Verified Access endpoint.</p>
+   * <p>Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.</p>
    * @public
    */
-  VerifiedAccessEndpointId: string | undefined;
+  AddTransitGatewayCidrBlocks?: string[] | undefined;
 
   /**
-   * <p>The status of the Verified Access policy.</p>
+   * <p>Removes CIDR blocks for the transit gateway.</p>
    * @public
    */
-  PolicyEnabled?: boolean | undefined;
+  RemoveTransitGatewayCidrBlocks?: string[] | undefined;
 
   /**
-   * <p>The Verified Access policy document.</p>
+   * <p>Enable or disable Equal Cost Multipath Protocol support.</p>
    * @public
    */
-  PolicyDocument?: string | undefined;
+  VpnEcmpSupport?: VpnEcmpSupportValue | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>Enable or disable DNS support.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  DnsSupport?: DnsSupportValue | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.
+   *
+   * </p>
+   *          <p>This option is disabled by default.</p>
+   *          <p>For more information about security group referencing, see  <a href="https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html#vpc-attachment-security">Security group referencing</a> in the <i>Amazon Web Services Transit Gateways Guide</i>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined;
 
   /**
-   * <p>The options for server side encryption.</p>
+   * <p>Enable or disable automatic acceptance of attachment requests.</p>
    * @public
    */
-  SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined;
-}
+  AutoAcceptSharedAttachments?: AutoAcceptSharedAttachmentsValue | undefined;
 
-/**
- * @public
- */
-export interface ModifyVerifiedAccessEndpointPolicyResult {
   /**
-   * <p>The status of the Verified Access policy.</p>
+   * <p>Enable or disable automatic association with the default association route table.</p>
    * @public
    */
-  PolicyEnabled?: boolean | undefined;
+  DefaultRouteTableAssociation?: DefaultRouteTableAssociationValue | undefined;
 
   /**
-   * <p>The Verified Access policy document.</p>
+   * <p>The ID of the default association route table.</p>
    * @public
    */
-  PolicyDocument?: string | undefined;
+  AssociationDefaultRouteTableId?: string | undefined;
 
   /**
-   * <p>The options in use for server side encryption.</p>
+   * <p>Enable or disable automatic propagation of routes to the default propagation route table.</p>
    * @public
    */
-  SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined;
-}
+  DefaultRouteTablePropagation?: DefaultRouteTablePropagationValue | undefined;
 
-/**
- * @public
- */
-export interface ModifyVerifiedAccessGroupRequest {
   /**
-   * <p>The ID of the Verified Access group.</p>
+   * <p>The ID of the default propagation route table.</p>
    * @public
    */
-  VerifiedAccessGroupId: string | undefined;
+  PropagationDefaultRouteTableId?: string | undefined;
+
+  /**
+   * <p>A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
+   *             The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.</p>
+   *          <p>The modify ASN operation is not allowed on a transit gateway if it has the following attachments:</p>
+   *          <ul>
+   *             <li>
+   *                <p>Dynamic VPN</p>
+   *             </li>
+   *             <li>
+   *                <p>Static VPN</p>
+   *             </li>
+   *             <li>
+   *                <p>Direct Connect Gateway</p>
+   *             </li>
+   *             <li>
+   *                <p>Connect</p>
+   *             </li>
+   *          </ul>
+   *          <p>You must first delete all transit gateway attachments configured prior to modifying the ASN on
+   *             the transit gateway.</p>
+   * @public
+   */
+  AmazonSideAsn?: number | undefined;
+}
 
+/**
+ * @public
+ */
+export interface ModifyTransitGatewayRequest {
   /**
-   * <p>The ID of the Verified Access instance.</p>
+   * <p>The ID of the transit gateway.</p>
    * @public
    */
-  VerifiedAccessInstanceId?: string | undefined;
+  TransitGatewayId: string | undefined;
 
   /**
-   * <p>A description for the Verified Access group.</p>
+   * <p>The description for the transit gateway.</p>
    * @public
    */
   Description?: string | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>The options to modify.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  Options?: ModifyTransitGatewayOptions | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8952,42 +9119,41 @@ export interface ModifyVerifiedAccessGroupRequest {
 /**
  * @public
  */
-export interface ModifyVerifiedAccessGroupResult {
+export interface ModifyTransitGatewayResult {
   /**
-   * <p>Details about the Verified Access group.</p>
+   * <p>Information about the transit gateway.</p>
    * @public
    */
-  VerifiedAccessGroup?: VerifiedAccessGroup | undefined;
+  TransitGateway?: TransitGateway | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyVerifiedAccessGroupPolicyRequest {
+export interface ModifyTransitGatewayPrefixListReferenceRequest {
   /**
-   * <p>The ID of the Verified Access group.</p>
+   * <p>The ID of the transit gateway route table.</p>
    * @public
    */
-  VerifiedAccessGroupId: string | undefined;
+  TransitGatewayRouteTableId: string | undefined;
 
   /**
-   * <p>The status of the Verified Access policy.</p>
+   * <p>The ID of the prefix list.</p>
    * @public
    */
-  PolicyEnabled?: boolean | undefined;
+  PrefixListId: string | undefined;
 
   /**
-   * <p>The Verified Access policy document.</p>
+   * <p>The ID of the attachment to which traffic is routed.</p>
    * @public
    */
-  PolicyDocument?: string | undefined;
+  TransitGatewayAttachmentId?: string | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>Indicates whether to drop traffic that matches this route.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  Blackhole?: boolean | undefined;
 
   /**
    * <p>Checks whether you have the required permissions for the action, without actually making the request,
@@ -8996,225 +9162,143 @@ export interface ModifyVerifiedAccessGroupPolicyRequest {
    * @public
    */
   DryRun?: boolean | undefined;
-
-  /**
-   * <p>The options for server side encryption.</p>
-   * @public
-   */
-  SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyVerifiedAccessGroupPolicyResult {
-  /**
-   * <p>The status of the Verified Access policy.</p>
-   * @public
-   */
-  PolicyEnabled?: boolean | undefined;
-
-  /**
-   * <p>The Verified Access policy document.</p>
-   * @public
-   */
-  PolicyDocument?: string | undefined;
-
+export interface ModifyTransitGatewayPrefixListReferenceResult {
   /**
-   * <p>The options in use for server side encryption.</p>
+   * <p>Information about the prefix list reference.</p>
    * @public
    */
-  SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined;
+  TransitGatewayPrefixListReference?: TransitGatewayPrefixListReference | undefined;
 }
 
 /**
+ * <p>Describes the options for a VPC attachment.</p>
  * @public
  */
-export interface ModifyVerifiedAccessInstanceRequest {
+export interface ModifyTransitGatewayVpcAttachmentRequestOptions {
   /**
-   * <p>The ID of the Verified Access instance.</p>
+   * <p>Enable or disable DNS support. The default is <code>enable</code>.</p>
    * @public
    */
-  VerifiedAccessInstanceId: string | undefined;
+  DnsSupport?: DnsSupportValue | undefined;
 
   /**
-   * <p>A description for the Verified Access instance.</p>
+   * <p>Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.
+   *
+   * </p>
+   *          <p>This option is disabled by default.</p>
+   *          <p>For more information about security group referencing, see  <a href="https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html#vpc-attachment-security">Security group referencing</a> in the <i>Amazon Web Services Transit Gateways Guide</i>.</p>
    * @public
    */
-  Description?: string | undefined;
+  SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined;
 
   /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * <p>Enable or disable IPv6 support. The default is <code>enable</code>.</p>
    * @public
    */
-  DryRun?: boolean | undefined;
+  Ipv6Support?: Ipv6SupportValue | undefined;
 
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>Enable or disable support for appliance mode. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is <code>disable</code>.</p>
    * @public
    */
-  ClientToken?: string | undefined;
+  ApplianceModeSupport?: ApplianceModeSupportValue | undefined;
 }
 
 /**
  * @public
  */
-export interface ModifyVerifiedAccessInstanceResult {
+export interface ModifyTransitGatewayVpcAttachmentRequest {
   /**
-   * <p>Details about the Verified Access instance.</p>
+   * <p>The ID of the attachment.</p>
    * @public
    */
-  VerifiedAccessInstance?: VerifiedAccessInstance | undefined;
-}
+  TransitGatewayAttachmentId: string | undefined;
 
-/**
- * <p>Options for CloudWatch Logs as a logging destination.</p>
- * @public
- */
-export interface VerifiedAccessLogCloudWatchLogsDestinationOptions {
   /**
-   * <p>Indicates whether logging is enabled.</p>
+   * <p>The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.</p>
    * @public
    */
-  Enabled: boolean | undefined;
+  AddSubnetIds?: string[] | undefined;
 
   /**
-   * <p>The ID of the CloudWatch Logs log group.</p>
+   * <p>The IDs of one or more subnets to remove.</p>
    * @public
    */
-  LogGroup?: string | undefined;
-}
+  RemoveSubnetIds?: string[] | undefined;
 
-/**
- * <p>Describes Amazon Kinesis Data Firehose logging options.</p>
- * @public
- */
-export interface VerifiedAccessLogKinesisDataFirehoseDestinationOptions {
   /**
-   * <p>Indicates whether logging is enabled.</p>
+   * <p>The new VPC attachment options.</p>
    * @public
    */
-  Enabled: boolean | undefined;
+  Options?: ModifyTransitGatewayVpcAttachmentRequestOptions | undefined;
 
   /**
-   * <p>The ID of the delivery stream.</p>
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    * @public
    */
-  DeliveryStream?: string | undefined;
+  DryRun?: boolean | undefined;
 }
 
 /**
- * <p>Options for Amazon S3 as a logging destination.</p>
  * @public
  */
-export interface VerifiedAccessLogS3DestinationOptions {
-  /**
-   * <p>Indicates whether logging is enabled.</p>
-   * @public
-   */
-  Enabled: boolean | undefined;
-
-  /**
-   * <p>The bucket name.</p>
-   * @public
-   */
-  BucketName?: string | undefined;
-
-  /**
-   * <p>The bucket prefix.</p>
-   * @public
-   */
-  Prefix?: string | undefined;
-
+export interface ModifyTransitGatewayVpcAttachmentResult {
   /**
-   * <p>The ID of the Amazon Web Services account that owns the Amazon S3 bucket.</p>
+   * <p>Information about the modified attachment.</p>
    * @public
    */
-  BucketOwner?: string | undefined;
+  TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment | undefined;
 }
 
 /**
- * <p>Options for Verified Access logs.</p>
+ * <p>Describes a load balancer when creating an Amazon Web Services Verified Access endpoint using the
+ *             <code>load-balancer</code> type.</p>
  * @public
  */
-export interface VerifiedAccessLogOptions {
-  /**
-   * <p>Sends Verified Access logs to Amazon S3.</p>
-   * @public
-   */
-  S3?: VerifiedAccessLogS3DestinationOptions | undefined;
-
-  /**
-   * <p>Sends Verified Access logs to CloudWatch Logs.</p>
-   * @public
-   */
-  CloudWatchLogs?: VerifiedAccessLogCloudWatchLogsDestinationOptions | undefined;
-
+export interface ModifyVerifiedAccessEndpointLoadBalancerOptions {
   /**
-   * <p>Sends Verified Access logs to Kinesis.</p>
+   * <p>The IDs of the subnets.</p>
    * @public
    */
-  KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestinationOptions | undefined;
+  SubnetIds?: string[] | undefined;
 
   /**
-   * <p>The logging version.</p>
-   *          <p>Valid values: <code>ocsf-0.1</code> | <code>ocsf-1.0.0-rc.2</code>
-   *          </p>
+   * <p>The IP protocol.</p>
    * @public
    */
-  LogVersion?: string | undefined;
+  Protocol?: VerifiedAccessEndpointProtocol | undefined;
 
   /**
-   * <p>Indicates whether to include trust data sent by trust providers in the logs.</p>
+   * <p>The IP port number.</p>
    * @public
    */
-  IncludeTrustContext?: boolean | undefined;
+  Port?: number | undefined;
 }
 
 /**
+ * <p>Describes the options when modifying a Verified Access endpoint with the
+ *             <code>network-interface</code> type.</p>
  * @public
  */
-export interface ModifyVerifiedAccessInstanceLoggingConfigurationRequest {
-  /**
-   * <p>The ID of the Verified Access instance.</p>
-   * @public
-   */
-  VerifiedAccessInstanceId: string | undefined;
-
-  /**
-   * <p>The configuration options for Verified Access instances.</p>
-   * @public
-   */
-  AccessLogs: VerifiedAccessLogOptions | undefined;
-
-  /**
-   * <p>Checks whether you have the required permissions for the action, without actually making the request,
-   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-   * @public
-   */
-  DryRun?: boolean | undefined;
-
+export interface ModifyVerifiedAccessEndpointEniOptions {
   /**
-   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
-   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * <p>The IP protocol.</p>
    * @public
    */
-  ClientToken?: string | undefined;
-}
+  Protocol?: VerifiedAccessEndpointProtocol | undefined;
 
-/**
- * @public
- */
-export interface ModifyVerifiedAccessInstanceLoggingConfigurationResult {
   /**
-   * <p>The logging configuration for the Verified Access instance.</p>
+   * <p>The IP port number.</p>
    * @public
    */
-  LoggingConfiguration?: VerifiedAccessInstanceLoggingConfiguration | undefined;
+  Port?: number | undefined;
 }
 
 /**
diff --git a/clients/client-ec2/src/models/models_7.ts b/clients/client-ec2/src/models/models_7.ts
index 9c657b637860..ee0ee54aeec5 100644
--- a/clients/client-ec2/src/models/models_7.ts
+++ b/clients/client-ec2/src/models/models_7.ts
@@ -21,6 +21,8 @@ import {
   TransitGatewayPeeringAttachment,
   TransitGatewayVpcAttachment,
   UnsuccessfulItem,
+  VerifiedAccessInstance,
+  VerifiedAccessSseSpecificationResponse,
   VerifiedAccessTrustProvider,
   VerifiedAccessTrustProviderFilterSensitiveLog,
 } from "./models_0";
@@ -50,6 +52,7 @@ import {
 import {
   DnsOptionsSpecification,
   IKEVersionsRequestListValue,
+  InternetGatewayExclusionMode,
   IpAddressType,
   PayerResponsibility,
   Phase1DHGroupNumbersRequestListValue,
@@ -62,7 +65,10 @@ import {
   SSEType,
   SubnetConfiguration,
   TransitGatewayRoute,
+  VerifiedAccessEndpoint,
+  VerifiedAccessGroup,
   VerifiedAccessSseSpecificationRequest,
+  VpcBlockPublicAccessExclusion,
   VpnConnection,
   VpnConnectionFilterSensitiveLog,
   VpnTunnelLogOptionsSpecification,
@@ -87,22 +93,465 @@ import {
   NetworkInsightsAnalysis,
   PublicIpv4PoolRange,
   ScheduledInstance,
-  SnapshotAttributeName,
   TpmSupportValues,
 } from "./models_4";
 
 import {
   InstanceNetworkInterfaceSpecification,
+  InternetGatewayBlockMode,
   RunInstancesMonitoringEnabled,
+  SnapshotAttributeName,
   SpotFleetRequestConfigData,
   SpotFleetRequestConfigDataFilterSensitiveLog,
   SpotInstanceRequest,
   SpotInstanceRequestFilterSensitiveLog,
   SpotPlacement,
+  VerifiedAccessInstanceLoggingConfiguration,
   VolumeModification,
+  VpcBlockPublicAccessOptions,
 } from "./models_5";
 
-import { CapacityReservationSpecification, Purchase } from "./models_6";
+import {
+  CapacityReservationSpecification,
+  ModifyVerifiedAccessEndpointEniOptions,
+  ModifyVerifiedAccessEndpointLoadBalancerOptions,
+  Purchase,
+} from "./models_6";
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessEndpointRequest {
+  /**
+   * <p>The ID of the Verified Access endpoint.</p>
+   * @public
+   */
+  VerifiedAccessEndpointId: string | undefined;
+
+  /**
+   * <p>The ID of the Verified Access group.</p>
+   * @public
+   */
+  VerifiedAccessGroupId?: string | undefined;
+
+  /**
+   * <p>The load balancer details if creating the Verified Access endpoint as
+   *          <code>load-balancer</code>type.</p>
+   * @public
+   */
+  LoadBalancerOptions?: ModifyVerifiedAccessEndpointLoadBalancerOptions | undefined;
+
+  /**
+   * <p>The network interface options.</p>
+   * @public
+   */
+  NetworkInterfaceOptions?: ModifyVerifiedAccessEndpointEniOptions | undefined;
+
+  /**
+   * <p>A description for the Verified Access endpoint.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessEndpointResult {
+  /**
+   * <p>Details about the Verified Access endpoint.</p>
+   * @public
+   */
+  VerifiedAccessEndpoint?: VerifiedAccessEndpoint | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessEndpointPolicyRequest {
+  /**
+   * <p>The ID of the Verified Access endpoint.</p>
+   * @public
+   */
+  VerifiedAccessEndpointId: string | undefined;
+
+  /**
+   * <p>The status of the Verified Access policy.</p>
+   * @public
+   */
+  PolicyEnabled?: boolean | undefined;
+
+  /**
+   * <p>The Verified Access policy document.</p>
+   * @public
+   */
+  PolicyDocument?: string | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The options for server side encryption.</p>
+   * @public
+   */
+  SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessEndpointPolicyResult {
+  /**
+   * <p>The status of the Verified Access policy.</p>
+   * @public
+   */
+  PolicyEnabled?: boolean | undefined;
+
+  /**
+   * <p>The Verified Access policy document.</p>
+   * @public
+   */
+  PolicyDocument?: string | undefined;
+
+  /**
+   * <p>The options in use for server side encryption.</p>
+   * @public
+   */
+  SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessGroupRequest {
+  /**
+   * <p>The ID of the Verified Access group.</p>
+   * @public
+   */
+  VerifiedAccessGroupId: string | undefined;
+
+  /**
+   * <p>The ID of the Verified Access instance.</p>
+   * @public
+   */
+  VerifiedAccessInstanceId?: string | undefined;
+
+  /**
+   * <p>A description for the Verified Access group.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessGroupResult {
+  /**
+   * <p>Details about the Verified Access group.</p>
+   * @public
+   */
+  VerifiedAccessGroup?: VerifiedAccessGroup | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessGroupPolicyRequest {
+  /**
+   * <p>The ID of the Verified Access group.</p>
+   * @public
+   */
+  VerifiedAccessGroupId: string | undefined;
+
+  /**
+   * <p>The status of the Verified Access policy.</p>
+   * @public
+   */
+  PolicyEnabled?: boolean | undefined;
+
+  /**
+   * <p>The Verified Access policy document.</p>
+   * @public
+   */
+  PolicyDocument?: string | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The options for server side encryption.</p>
+   * @public
+   */
+  SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessGroupPolicyResult {
+  /**
+   * <p>The status of the Verified Access policy.</p>
+   * @public
+   */
+  PolicyEnabled?: boolean | undefined;
+
+  /**
+   * <p>The Verified Access policy document.</p>
+   * @public
+   */
+  PolicyDocument?: string | undefined;
+
+  /**
+   * <p>The options in use for server side encryption.</p>
+   * @public
+   */
+  SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessInstanceRequest {
+  /**
+   * <p>The ID of the Verified Access instance.</p>
+   * @public
+   */
+  VerifiedAccessInstanceId: string | undefined;
+
+  /**
+   * <p>A description for the Verified Access instance.</p>
+   * @public
+   */
+  Description?: string | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessInstanceResult {
+  /**
+   * <p>Details about the Verified Access instance.</p>
+   * @public
+   */
+  VerifiedAccessInstance?: VerifiedAccessInstance | undefined;
+}
+
+/**
+ * <p>Options for CloudWatch Logs as a logging destination.</p>
+ * @public
+ */
+export interface VerifiedAccessLogCloudWatchLogsDestinationOptions {
+  /**
+   * <p>Indicates whether logging is enabled.</p>
+   * @public
+   */
+  Enabled: boolean | undefined;
+
+  /**
+   * <p>The ID of the CloudWatch Logs log group.</p>
+   * @public
+   */
+  LogGroup?: string | undefined;
+}
+
+/**
+ * <p>Describes Amazon Kinesis Data Firehose logging options.</p>
+ * @public
+ */
+export interface VerifiedAccessLogKinesisDataFirehoseDestinationOptions {
+  /**
+   * <p>Indicates whether logging is enabled.</p>
+   * @public
+   */
+  Enabled: boolean | undefined;
+
+  /**
+   * <p>The ID of the delivery stream.</p>
+   * @public
+   */
+  DeliveryStream?: string | undefined;
+}
+
+/**
+ * <p>Options for Amazon S3 as a logging destination.</p>
+ * @public
+ */
+export interface VerifiedAccessLogS3DestinationOptions {
+  /**
+   * <p>Indicates whether logging is enabled.</p>
+   * @public
+   */
+  Enabled: boolean | undefined;
+
+  /**
+   * <p>The bucket name.</p>
+   * @public
+   */
+  BucketName?: string | undefined;
+
+  /**
+   * <p>The bucket prefix.</p>
+   * @public
+   */
+  Prefix?: string | undefined;
+
+  /**
+   * <p>The ID of the Amazon Web Services account that owns the Amazon S3 bucket.</p>
+   * @public
+   */
+  BucketOwner?: string | undefined;
+}
+
+/**
+ * <p>Options for Verified Access logs.</p>
+ * @public
+ */
+export interface VerifiedAccessLogOptions {
+  /**
+   * <p>Sends Verified Access logs to Amazon S3.</p>
+   * @public
+   */
+  S3?: VerifiedAccessLogS3DestinationOptions | undefined;
+
+  /**
+   * <p>Sends Verified Access logs to CloudWatch Logs.</p>
+   * @public
+   */
+  CloudWatchLogs?: VerifiedAccessLogCloudWatchLogsDestinationOptions | undefined;
+
+  /**
+   * <p>Sends Verified Access logs to Kinesis.</p>
+   * @public
+   */
+  KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestinationOptions | undefined;
+
+  /**
+   * <p>The logging version.</p>
+   *          <p>Valid values: <code>ocsf-0.1</code> | <code>ocsf-1.0.0-rc.2</code>
+   *          </p>
+   * @public
+   */
+  LogVersion?: string | undefined;
+
+  /**
+   * <p>Indicates whether to include trust data sent by trust providers in the logs.</p>
+   * @public
+   */
+  IncludeTrustContext?: boolean | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessInstanceLoggingConfigurationRequest {
+  /**
+   * <p>The ID of the Verified Access instance.</p>
+   * @public
+   */
+  VerifiedAccessInstanceId: string | undefined;
+
+  /**
+   * <p>The configuration options for Verified Access instances.</p>
+   * @public
+   */
+  AccessLogs: VerifiedAccessLogOptions | undefined;
+
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>A unique, case-sensitive token that you provide to ensure idempotency of your
+   *             modification request. For more information, see <a href="https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html">Ensuring idempotency</a>.</p>
+   * @public
+   */
+  ClientToken?: string | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVerifiedAccessInstanceLoggingConfigurationResult {
+  /**
+   * <p>The logging configuration for the Verified Access instance.</p>
+   * @public
+   */
+  LoggingConfiguration?: VerifiedAccessInstanceLoggingConfiguration | undefined;
+}
 
 /**
  * <p>Modifies the configuration of the specified device-based Amazon Web Services Verified Access trust provider.</p>
@@ -401,6 +850,96 @@ export interface ModifyVpcAttributeRequest {
   EnableNetworkAddressUsageMetrics?: AttributeBooleanValue | undefined;
 }
 
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessExclusionRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The ID of an exclusion.</p>
+   * @public
+   */
+  ExclusionId: string | undefined;
+
+  /**
+   * <p>The exclusion mode for internet gateway traffic.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  InternetGatewayExclusionMode: InternetGatewayExclusionMode | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessExclusionResult {
+  /**
+   * <p>Details related to the exclusion.</p>
+   * @public
+   */
+  VpcBlockPublicAccessExclusion?: VpcBlockPublicAccessExclusion | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessOptionsRequest {
+  /**
+   * <p>Checks whether you have the required permissions for the action, without actually making the request,
+   *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+   *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+   * @public
+   */
+  DryRun?: boolean | undefined;
+
+  /**
+   * <p>The mode of VPC BPA.</p>
+   *          <ul>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>
+   *             </li>
+   *             <li>
+   *                <p>
+   *                   <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>
+   *             </li>
+   *          </ul>
+   * @public
+   */
+  InternetGatewayBlockMode: InternetGatewayBlockMode | undefined;
+}
+
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessOptionsResult {
+  /**
+   * <p>Details related to the VPC Block Public Access (BPA) options.</p>
+   * @public
+   */
+  VpcBlockPublicAccessOptions?: VpcBlockPublicAccessOptions | undefined;
+}
+
 /**
  * @public
  */
@@ -2115,28 +2654,31 @@ export interface RebootInstancesRequest {
 export interface RegisterImageRequest {
   /**
    * <p>The full path to your AMI manifest in Amazon S3 storage. The specified bucket must have the
-   *    		<code>aws-exec-read</code> canned access control list (ACL) to ensure that it can be accessed
-   *    		by Amazon EC2. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl">Canned ACLs</a> in the
-   *    		<i>Amazon S3 Service Developer Guide</i>.</p>
+   *         <code>aws-exec-read</code> canned access control list (ACL) to ensure that it can be
+   *       accessed by Amazon EC2. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl">Canned ACLs</a> in the
+   *         <i>Amazon S3 Service Developer Guide</i>.</p>
    * @public
    */
   ImageLocation?: string | undefined;
 
   /**
-   * <p>The billing product codes. Your account must be authorized to specify billing product codes.</p>
+   * <p>The billing product codes. Your account must be authorized to specify billing product
+   *       codes.</p>
    *          <p>If your account is not authorized to specify billing product codes, you can publish AMIs
    *       that include billable software and list them on the Amazon Web Services Marketplace. You must first register as a seller
    *       on the Amazon Web Services Marketplace. For more information, see <a href="https://docs.aws.amazon.com/marketplace/latest/userguide/user-guide-for-sellers.html">Getting started as a
-   *         seller</a> and <a href="https://docs.aws.amazon.com/marketplace/latest/userguide/ami-products.html">AMI-based
-   *         products</a> in the <i>Amazon Web Services Marketplace Seller Guide</i>.</p>
+   *         seller</a> and <a href="https://docs.aws.amazon.com/marketplace/latest/userguide/ami-products.html">AMI-based products</a> in the
+   *         <i>Amazon Web Services Marketplace Seller Guide</i>.</p>
    * @public
    */
   BillingProducts?: string[] | undefined;
 
   /**
-   * <p>The boot mode of the AMI. A value of <code>uefi-preferred</code> indicates that the AMI supports both UEFI and Legacy BIOS.</p>
+   * <p>The boot mode of the AMI. A value of <code>uefi-preferred</code> indicates that the AMI
+   *       supports both UEFI and Legacy BIOS.</p>
    *          <note>
-   *             <p>The operating system contained in the AMI must be configured to support the specified boot mode.</p>
+   *             <p>The operating system contained in the AMI must be configured to support the specified
+   *         boot mode.</p>
    *          </note>
    *          <p>For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html">Boot modes</a> in the
    *         <i>Amazon EC2 User Guide</i>.</p>
@@ -2166,10 +2708,10 @@ export interface RegisterImageRequest {
    *       launched from this AMI will have <code>HttpTokens</code> automatically set to
    *         <code>required</code> so that, by default, the instance requires that IMDSv2 is used when
    *       requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to
-   *         <code>2</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure
-   *         the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
+   *         <code>2</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>
    *          <note>
-   *             <p>If you set the value to <code>v2.0</code>, make sure that your AMI software can support IMDSv2.</p>
+   *             <p>If you set the value to <code>v2.0</code>, make sure that your AMI software can support
+   *         IMDSv2.</p>
    *          </note>
    * @public
    */
@@ -2194,7 +2736,9 @@ export interface RegisterImageRequest {
 
   /**
    * <p>A name for your AMI.</p>
-   *          <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>
+   *          <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces
+   *       ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or
+   *       underscores(_)</p>
    * @public
    */
   Name: string | undefined;
@@ -2207,8 +2751,8 @@ export interface RegisterImageRequest {
 
   /**
    * <p>The architecture of the AMI.</p>
-   *          <p>Default: For Amazon EBS-backed AMIs, <code>i386</code>.
-   *         For instance store-backed AMIs, the architecture specified in the manifest file.</p>
+   *          <p>Default: For Amazon EBS-backed AMIs, <code>i386</code>. For instance store-backed AMIs, the
+   *       architecture specified in the manifest file.</p>
    * @public
    */
   Architecture?: ArchitectureValues | undefined;
@@ -2233,10 +2777,11 @@ export interface RegisterImageRequest {
 
   /**
    * <p>The block device mapping entries.</p>
-   *          <p>If you specify an Amazon EBS volume using the ID of an Amazon EBS snapshot, you can't specify the encryption state of the volume.</p>
-   *          <p>If you create an AMI on an Outpost, then all backing snapshots must be on the same
-   *       Outpost or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can
-   *       be used to launch instances on the same Outpost only. For more information, <a href="https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami">Amazon EBS local
+   *          <p>If you specify an Amazon EBS volume using the ID of an Amazon EBS snapshot, you can't specify the
+   *       encryption state of the volume.</p>
+   *          <p>If you create an AMI on an Outpost, then all backing snapshots must be on the same Outpost
+   *       or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can be used
+   *       to launch instances on the same Outpost only. For more information, <a href="https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami">Amazon EBS local
    *         snapshots on Outposts</a> in the <i>Amazon EBS User Guide</i>.</p>
    * @public
    */
@@ -2251,16 +2796,20 @@ export interface RegisterImageRequest {
   VirtualizationType?: string | undefined;
 
   /**
-   * <p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual Function interface for the AMI and any instances that you launch from the AMI.</p>
+   * <p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual
+   *       Function interface for the AMI and any instances that you launch from the AMI.</p>
    *          <p>There is no way to disable <code>sriovNetSupport</code> at this time.</p>
-   *          <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>
+   *          <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make
+   *       instances launched from the AMI unreachable.</p>
    * @public
    */
   SriovNetSupport?: string | undefined;
 
   /**
-   * <p>Set to <code>true</code> to enable enhanced networking with ENA for the AMI and any instances that you launch from the AMI.</p>
-   *          <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>
+   * <p>Set to <code>true</code> to enable enhanced networking with ENA for the AMI and any
+   *       instances that you launch from the AMI.</p>
+   *          <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make
+   *       instances launched from the AMI unreachable.</p>
    * @public
    */
   EnaSupport?: boolean | undefined;
@@ -3689,7 +4238,8 @@ export type ResetImageAttributeName = (typeof ResetImageAttributeName)[keyof typ
  */
 export interface ResetImageAttributeRequest {
   /**
-   * <p>The attribute to reset (currently you can only reset the launch permission attribute).</p>
+   * <p>The attribute to reset (currently you can only reset the launch permission
+   *       attribute).</p>
    * @public
    */
   Attribute: ResetImageAttributeName | undefined;
diff --git a/clients/client-ec2/src/protocols/Aws_ec2.ts b/clients/client-ec2/src/protocols/Aws_ec2.ts
index d8ad12b80bf7..e82feb71fa63 100644
--- a/clients/client-ec2/src/protocols/Aws_ec2.ts
+++ b/clients/client-ec2/src/protocols/Aws_ec2.ts
@@ -458,6 +458,10 @@ import {
   CreateVerifiedAccessTrustProviderCommandOutput,
 } from "../commands/CreateVerifiedAccessTrustProviderCommand";
 import { CreateVolumeCommandInput, CreateVolumeCommandOutput } from "../commands/CreateVolumeCommand";
+import {
+  CreateVpcBlockPublicAccessExclusionCommandInput,
+  CreateVpcBlockPublicAccessExclusionCommandOutput,
+} from "../commands/CreateVpcBlockPublicAccessExclusionCommand";
 import { CreateVpcCommandInput, CreateVpcCommandOutput } from "../commands/CreateVpcCommand";
 import { CreateVpcEndpointCommandInput, CreateVpcEndpointCommandOutput } from "../commands/CreateVpcEndpointCommand";
 import {
@@ -695,6 +699,10 @@ import {
   DeleteVerifiedAccessTrustProviderCommandOutput,
 } from "../commands/DeleteVerifiedAccessTrustProviderCommand";
 import { DeleteVolumeCommandInput, DeleteVolumeCommandOutput } from "../commands/DeleteVolumeCommand";
+import {
+  DeleteVpcBlockPublicAccessExclusionCommandInput,
+  DeleteVpcBlockPublicAccessExclusionCommandOutput,
+} from "../commands/DeleteVpcBlockPublicAccessExclusionCommand";
 import { DeleteVpcCommandInput, DeleteVpcCommandOutput } from "../commands/DeleteVpcCommand";
 import {
   DeleteVpcEndpointConnectionNotificationsCommandInput,
@@ -1253,6 +1261,14 @@ import {
   DescribeVpcAttributeCommandInput,
   DescribeVpcAttributeCommandOutput,
 } from "../commands/DescribeVpcAttributeCommand";
+import {
+  DescribeVpcBlockPublicAccessExclusionsCommandInput,
+  DescribeVpcBlockPublicAccessExclusionsCommandOutput,
+} from "../commands/DescribeVpcBlockPublicAccessExclusionsCommand";
+import {
+  DescribeVpcBlockPublicAccessOptionsCommandInput,
+  DescribeVpcBlockPublicAccessOptionsCommandOutput,
+} from "../commands/DescribeVpcBlockPublicAccessOptionsCommand";
 import {
   DescribeVpcClassicLinkCommandInput,
   DescribeVpcClassicLinkCommandOutput,
@@ -1913,6 +1929,14 @@ import {
 } from "../commands/ModifyVolumeAttributeCommand";
 import { ModifyVolumeCommandInput, ModifyVolumeCommandOutput } from "../commands/ModifyVolumeCommand";
 import { ModifyVpcAttributeCommandInput, ModifyVpcAttributeCommandOutput } from "../commands/ModifyVpcAttributeCommand";
+import {
+  ModifyVpcBlockPublicAccessExclusionCommandInput,
+  ModifyVpcBlockPublicAccessExclusionCommandOutput,
+} from "../commands/ModifyVpcBlockPublicAccessExclusionCommand";
+import {
+  ModifyVpcBlockPublicAccessOptionsCommandInput,
+  ModifyVpcBlockPublicAccessOptionsCommandOutput,
+} from "../commands/ModifyVpcBlockPublicAccessOptionsCommand";
 import { ModifyVpcEndpointCommandInput, ModifyVpcEndpointCommandOutput } from "../commands/ModifyVpcEndpointCommand";
 import {
   ModifyVpcEndpointConnectionNotificationCommandInput,
@@ -2434,6 +2458,7 @@ import {
   BaselineEbsBandwidthMbps,
   BaselineEbsBandwidthMbpsRequest,
   BlockDeviceMapping,
+  BlockPublicAccessStates,
   CapacityReservation,
   CapacityReservationOptionsRequest,
   CapacityReservationTarget,
@@ -2524,7 +2549,6 @@ import {
   CreateNetworkAclEntryRequest,
   CreateNetworkAclRequest,
   CreateNetworkAclResult,
-  CreateNetworkInsightsAccessScopeRequest,
   CreditSpecification,
   CreditSpecificationRequest,
   CustomerGateway,
@@ -2632,7 +2656,6 @@ import {
   NetworkAclEntry,
   NetworkBandwidthGbps,
   NetworkBandwidthGbpsRequest,
-  NetworkInsightsAccessScope,
   NetworkInterfaceCount,
   NetworkInterfaceCountRequest,
   NewDhcpConfiguration,
@@ -2668,6 +2691,7 @@ import {
   CloudWatchLogOptionsSpecification,
   ConnectionNotification,
   ConnectionTrackingConfiguration,
+  CreateNetworkInsightsAccessScopeRequest,
   CreateNetworkInsightsAccessScopeResult,
   CreateNetworkInsightsPathRequest,
   CreateNetworkInsightsPathResult,
@@ -2750,6 +2774,8 @@ import {
   CreateVerifiedAccessTrustProviderRequest,
   CreateVerifiedAccessTrustProviderResult,
   CreateVolumeRequest,
+  CreateVpcBlockPublicAccessExclusionRequest,
+  CreateVpcBlockPublicAccessExclusionResult,
   CreateVpcEndpointConnectionNotificationRequest,
   CreateVpcEndpointConnectionNotificationResult,
   CreateVpcEndpointRequest,
@@ -2794,15 +2820,8 @@ import {
   DeleteInstanceEventWindowResult,
   DeleteInternetGatewayRequest,
   DeleteIpamExternalResourceVerificationTokenRequest,
-  DeleteIpamExternalResourceVerificationTokenResult,
-  DeleteIpamPoolRequest,
-  DeleteIpamPoolResult,
   DeleteIpamRequest,
-  DeleteIpamResourceDiscoveryRequest,
-  DeleteIpamResourceDiscoveryResult,
   DeleteIpamResult,
-  DeleteIpamScopeRequest,
-  DeleteIpamScopeResult,
   DnsEntry,
   DnsOptions,
   DnsOptionsSpecification,
@@ -2814,6 +2833,7 @@ import {
   InstanceSpecification,
   Ipv6PrefixSpecification,
   LastError,
+  NetworkInsightsAccessScope,
   NetworkInsightsAccessScopeContent,
   NetworkInsightsPath,
   NetworkInterface,
@@ -2891,6 +2911,7 @@ import {
   VerifiedAccessSseSpecificationRequest,
   VgwTelemetry,
   Volume,
+  VpcBlockPublicAccessExclusion,
   VpcEndpoint,
   VpnConnection,
   VpnConnectionOptions,
@@ -2906,7 +2927,6 @@ import {
   AuthorizationRule,
   AvailabilityZone,
   AvailabilityZoneMessage,
-  AvailableCapacity,
   Byoasn,
   CapacityBlockOffering,
   CapacityReservationBillingRequest,
@@ -2925,6 +2945,13 @@ import {
   ClientVpnRoute,
   ConnectionLogResponseOptions,
   ConversionTask,
+  DeleteIpamExternalResourceVerificationTokenResult,
+  DeleteIpamPoolRequest,
+  DeleteIpamPoolResult,
+  DeleteIpamResourceDiscoveryRequest,
+  DeleteIpamResourceDiscoveryResult,
+  DeleteIpamScopeRequest,
+  DeleteIpamScopeResult,
   DeleteKeyPairRequest,
   DeleteKeyPairResult,
   DeleteLaunchTemplateRequest,
@@ -3012,6 +3039,8 @@ import {
   DeleteVerifiedAccessTrustProviderRequest,
   DeleteVerifiedAccessTrustProviderResult,
   DeleteVolumeRequest,
+  DeleteVpcBlockPublicAccessExclusionRequest,
+  DeleteVpcBlockPublicAccessExclusionResult,
   DeleteVpcEndpointConnectionNotificationsRequest,
   DeleteVpcEndpointConnectionNotificationsResult,
   DeleteVpcEndpointServiceConfigurationsRequest,
@@ -3120,10 +3149,6 @@ import {
   DescribeHostReservationOfferingsResult,
   DescribeHostReservationsRequest,
   DescribeHostReservationsResult,
-  DescribeHostsRequest,
-  DescribeHostsResult,
-  DescribeIamInstanceProfileAssociationsRequest,
-  DescribeIamInstanceProfileAssociationsResult,
   DestinationOptionsResponse,
   DirectoryServiceAuthentication,
   DiskImageDescription,
@@ -3147,16 +3172,12 @@ import {
   FpgaImageAttribute,
   FpgaImageState,
   HistoryRecordEntry,
-  Host,
-  HostInstance,
   HostOffering,
-  HostProperties,
   HostReservation,
   IdFormat,
   ImportInstanceTaskDetails,
   ImportInstanceVolumeDetailItem,
   ImportVolumeTaskDetails,
-  InstanceCapacity,
   InstanceTagNotificationAttribute,
   IpamPoolCidr,
   IpamPoolCidrFailureReason,
@@ -3176,11 +3197,15 @@ import {
 import {
   ArchitectureType,
   AttributeBooleanValue,
+  AvailableCapacity,
   BootModeType,
   CapacityReservationSpecificationResponse,
   ConnectionTrackingSpecificationResponse,
   CpuOptions,
-  CreateVolumePermission,
+  DescribeHostsRequest,
+  DescribeHostsResult,
+  DescribeIamInstanceProfileAssociationsRequest,
+  DescribeIamInstanceProfileAssociationsResult,
   DescribeIdentityIdFormatRequest,
   DescribeIdentityIdFormatResult,
   DescribeIdFormatRequest,
@@ -3309,11 +3334,6 @@ import {
   DescribeSecurityGroupsResult,
   DescribeSecurityGroupVpcAssociationsRequest,
   DescribeSecurityGroupVpcAssociationsResult,
-  DescribeSnapshotAttributeRequest,
-  DescribeSnapshotAttributeResult,
-  DescribeSnapshotsRequest,
-  DescribeSnapshotsResult,
-  DescribeSnapshotTierStatusRequest,
   DiskInfo,
   EbsInfo,
   EbsInstanceBlockDevice,
@@ -3331,6 +3351,9 @@ import {
   GpuDeviceMemoryInfo,
   GpuInfo,
   HibernationOptions,
+  Host,
+  HostInstance,
+  HostProperties,
   Image,
   ImageAttribute,
   ImageMetadata,
@@ -3345,6 +3368,7 @@ import {
   InstanceAttachmentEnaSrdUdpSpecification,
   InstanceAttribute,
   InstanceBlockDeviceMapping,
+  InstanceCapacity,
   InstanceCreditSpecification,
   InstanceImageMetadata,
   InstanceIpv4Prefix,
@@ -3419,7 +3443,6 @@ import {
   SlotStartTimeRangeRequest,
   SnapshotDetail,
   SnapshotTaskDetail,
-  SnapshotTierStatus,
   SupportedAdditionalProcessorFeature,
   UsageClassType,
   UserBucketDetails,
@@ -3427,14 +3450,16 @@ import {
   VirtualizationType,
 } from "../models/models_4";
 import {
-  AssociatedRole,
   ClassicLinkDnsSupport,
   ClassicLoadBalancer,
   ClassicLoadBalancersConfig,
   ClientCertificateRevocationListStatus,
-  CoipAddressUsage,
-  DataQuery,
-  DataResponse,
+  CreateVolumePermission,
+  DescribeSnapshotAttributeRequest,
+  DescribeSnapshotAttributeResult,
+  DescribeSnapshotsRequest,
+  DescribeSnapshotsResult,
+  DescribeSnapshotTierStatusRequest,
   DescribeSnapshotTierStatusResult,
   DescribeSpotDatafeedSubscriptionRequest,
   DescribeSpotDatafeedSubscriptionResult,
@@ -3506,6 +3531,10 @@ import {
   DescribeVolumeStatusResult,
   DescribeVpcAttributeRequest,
   DescribeVpcAttributeResult,
+  DescribeVpcBlockPublicAccessExclusionsRequest,
+  DescribeVpcBlockPublicAccessExclusionsResult,
+  DescribeVpcBlockPublicAccessOptionsRequest,
+  DescribeVpcBlockPublicAccessOptionsResult,
   DescribeVpcClassicLinkDnsSupportRequest,
   DescribeVpcClassicLinkDnsSupportResult,
   DescribeVpcClassicLinkRequest,
@@ -3654,28 +3683,17 @@ import {
   ExportTransitGatewayRoutesResult,
   FastLaunchLaunchTemplateSpecificationRequest,
   FastLaunchSnapshotConfigurationRequest,
-  GetAssociatedEnclaveCertificateIamRolesRequest,
-  GetAssociatedEnclaveCertificateIamRolesResult,
-  GetAssociatedIpv6PoolCidrsRequest,
-  GetAssociatedIpv6PoolCidrsResult,
-  GetAwsNetworkPerformanceDataRequest,
-  GetAwsNetworkPerformanceDataResult,
-  GetCapacityReservationUsageRequest,
-  GetCapacityReservationUsageResult,
-  GetCoipPoolUsageRequest,
   HistoryRecord,
   InstanceEventWindowDisassociationRequest,
   InstanceNetworkInterfaceSpecification,
-  InstanceUsage,
-  Ipv6CidrAssociation,
   LaunchSpecification,
   LaunchTemplateConfig,
   LaunchTemplateOverrides,
   LoadBalancersConfig,
-  MetricPoint,
   PrivateDnsDetails,
   RunInstancesMonitoringEnabled,
   ServiceDetail,
+  SnapshotTierStatus,
   SpotCapacityRebalance,
   SpotFleetLaunchSpecification,
   SpotFleetMonitoring,
@@ -3709,20 +3727,34 @@ import {
   VolumeStatusEvent,
   VolumeStatusInfo,
   VolumeStatusItem,
+  VpcBlockPublicAccessOptions,
   VpcClassicLink,
   VpcEndpointConnection,
 } from "../models/models_5";
 import {
+  AssociatedRole,
   AthenaIntegration,
   BlobAttributeValue,
   CapacityReservationGroup,
   CapacityReservationSpecification,
   ClientData,
+  CoipAddressUsage,
   CreateVolumePermissionModifications,
+  DataQuery,
+  DataResponse,
   DiskImage,
   DiskImageDetail,
   DnsServersOptionsModifyStructure,
   EbsInstanceBlockDeviceSpecification,
+  GetAssociatedEnclaveCertificateIamRolesRequest,
+  GetAssociatedEnclaveCertificateIamRolesResult,
+  GetAssociatedIpv6PoolCidrsRequest,
+  GetAssociatedIpv6PoolCidrsResult,
+  GetAwsNetworkPerformanceDataRequest,
+  GetAwsNetworkPerformanceDataResult,
+  GetCapacityReservationUsageRequest,
+  GetCapacityReservationUsageResult,
+  GetCoipPoolUsageRequest,
   GetCoipPoolUsageResult,
   GetConsoleOutputRequest,
   GetConsoleOutputResult,
@@ -3834,6 +3866,7 @@ import {
   InstanceMetadataDefaultsResponse,
   InstanceRequirementsWithMetadataRequest,
   InstanceTypeInfoFromInstanceRequirements,
+  InstanceUsage,
   IntegrateServices,
   IpamAddressHistoryRecord,
   IpamDiscoveredAccount,
@@ -3844,6 +3877,7 @@ import {
   IpamPublicAddressTag,
   IpamPublicAddressTags,
   IpamResourceCidr,
+  Ipv6CidrAssociation,
   LaunchPermissionModifications,
   ListImagesInRecycleBinRequest,
   ListImagesInRecycleBinResult,
@@ -3854,6 +3888,7 @@ import {
   LockSnapshotRequest,
   LockSnapshotResult,
   MaintenanceDetails,
+  MetricPoint,
   ModifyAddressAttributeRequest,
   ModifyAddressAttributeResult,
   ModifyAvailabilityZoneGroupRequest,
@@ -3941,18 +3976,6 @@ import {
   ModifyTransitGatewayVpcAttachmentResult,
   ModifyVerifiedAccessEndpointEniOptions,
   ModifyVerifiedAccessEndpointLoadBalancerOptions,
-  ModifyVerifiedAccessEndpointPolicyRequest,
-  ModifyVerifiedAccessEndpointPolicyResult,
-  ModifyVerifiedAccessEndpointRequest,
-  ModifyVerifiedAccessEndpointResult,
-  ModifyVerifiedAccessGroupPolicyRequest,
-  ModifyVerifiedAccessGroupPolicyResult,
-  ModifyVerifiedAccessGroupRequest,
-  ModifyVerifiedAccessGroupResult,
-  ModifyVerifiedAccessInstanceLoggingConfigurationRequest,
-  ModifyVerifiedAccessInstanceLoggingConfigurationResult,
-  ModifyVerifiedAccessInstanceRequest,
-  ModifyVerifiedAccessInstanceResult,
   NetworkInterfaceAttachmentChanges,
   PrefixListAssociation,
   PrefixListEntry,
@@ -3983,10 +4006,6 @@ import {
   UnsuccessfulInstanceCreditSpecificationItemError,
   UserBucket,
   UserData,
-  VerifiedAccessLogCloudWatchLogsDestinationOptions,
-  VerifiedAccessLogKinesisDataFirehoseDestinationOptions,
-  VerifiedAccessLogOptions,
-  VerifiedAccessLogS3DestinationOptions,
   VolumeDetail,
   VpnConnectionDeviceType,
 } from "../models/models_6";
@@ -4005,6 +4024,18 @@ import {
   IpamCidrAuthorizationContext,
   LaunchTemplateSpecification,
   LicenseConfigurationRequest,
+  ModifyVerifiedAccessEndpointPolicyRequest,
+  ModifyVerifiedAccessEndpointPolicyResult,
+  ModifyVerifiedAccessEndpointRequest,
+  ModifyVerifiedAccessEndpointResult,
+  ModifyVerifiedAccessGroupPolicyRequest,
+  ModifyVerifiedAccessGroupPolicyResult,
+  ModifyVerifiedAccessGroupRequest,
+  ModifyVerifiedAccessGroupResult,
+  ModifyVerifiedAccessInstanceLoggingConfigurationRequest,
+  ModifyVerifiedAccessInstanceLoggingConfigurationResult,
+  ModifyVerifiedAccessInstanceRequest,
+  ModifyVerifiedAccessInstanceResult,
   ModifyVerifiedAccessTrustProviderDeviceOptions,
   ModifyVerifiedAccessTrustProviderOidcOptions,
   ModifyVerifiedAccessTrustProviderRequest,
@@ -4013,6 +4044,10 @@ import {
   ModifyVolumeRequest,
   ModifyVolumeResult,
   ModifyVpcAttributeRequest,
+  ModifyVpcBlockPublicAccessExclusionRequest,
+  ModifyVpcBlockPublicAccessExclusionResult,
+  ModifyVpcBlockPublicAccessOptionsRequest,
+  ModifyVpcBlockPublicAccessOptionsResult,
   ModifyVpcEndpointConnectionNotificationRequest,
   ModifyVpcEndpointConnectionNotificationResult,
   ModifyVpcEndpointRequest,
@@ -4190,6 +4225,10 @@ import {
   UpdateSecurityGroupRuleDescriptionsEgressResult,
   UpdateSecurityGroupRuleDescriptionsIngressRequest,
   UpdateSecurityGroupRuleDescriptionsIngressResult,
+  VerifiedAccessLogCloudWatchLogsDestinationOptions,
+  VerifiedAccessLogKinesisDataFirehoseDestinationOptions,
+  VerifiedAccessLogOptions,
+  VerifiedAccessLogS3DestinationOptions,
   WithdrawByoipCidrRequest,
   WithdrawByoipCidrResult,
 } from "../models/models_7";
@@ -6489,6 +6528,23 @@ export const se_CreateVpcCommand = async (
   return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
 
+/**
+ * serializeAws_ec2CreateVpcBlockPublicAccessExclusionCommand
+ */
+export const se_CreateVpcBlockPublicAccessExclusionCommand = async (
+  input: CreateVpcBlockPublicAccessExclusionCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_CreateVpcBlockPublicAccessExclusionRequest(input, context),
+    [_A]: _CVBPAE,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
 /**
  * serializeAws_ec2CreateVpcEndpointCommand
  */
@@ -7764,6 +7820,23 @@ export const se_DeleteVpcCommand = async (
   return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
 
+/**
+ * serializeAws_ec2DeleteVpcBlockPublicAccessExclusionCommand
+ */
+export const se_DeleteVpcBlockPublicAccessExclusionCommand = async (
+  input: DeleteVpcBlockPublicAccessExclusionCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_DeleteVpcBlockPublicAccessExclusionRequest(input, context),
+    [_A]: _DVBPAE,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
 /**
  * serializeAws_ec2DeleteVpcEndpointConnectionNotificationsCommand
  */
@@ -10450,6 +10523,40 @@ export const se_DescribeVpcAttributeCommand = async (
   return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
 
+/**
+ * serializeAws_ec2DescribeVpcBlockPublicAccessExclusionsCommand
+ */
+export const se_DescribeVpcBlockPublicAccessExclusionsCommand = async (
+  input: DescribeVpcBlockPublicAccessExclusionsCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_DescribeVpcBlockPublicAccessExclusionsRequest(input, context),
+    [_A]: _DVBPAEe,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
+/**
+ * serializeAws_ec2DescribeVpcBlockPublicAccessOptionsCommand
+ */
+export const se_DescribeVpcBlockPublicAccessOptionsCommand = async (
+  input: DescribeVpcBlockPublicAccessOptionsCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_DescribeVpcBlockPublicAccessOptionsRequest(input, context),
+    [_A]: _DVBPAO,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
 /**
  * serializeAws_ec2DescribeVpcClassicLinkCommand
  */
@@ -13612,6 +13719,40 @@ export const se_ModifyVpcAttributeCommand = async (
   return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
 
+/**
+ * serializeAws_ec2ModifyVpcBlockPublicAccessExclusionCommand
+ */
+export const se_ModifyVpcBlockPublicAccessExclusionCommand = async (
+  input: ModifyVpcBlockPublicAccessExclusionCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_ModifyVpcBlockPublicAccessExclusionRequest(input, context),
+    [_A]: _MVBPAE,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
+/**
+ * serializeAws_ec2ModifyVpcBlockPublicAccessOptionsCommand
+ */
+export const se_ModifyVpcBlockPublicAccessOptionsCommand = async (
+  input: ModifyVpcBlockPublicAccessOptionsCommandInput,
+  context: __SerdeContext
+): Promise<__HttpRequest> => {
+  const headers: __HeaderBag = SHARED_HEADERS;
+  let body: any;
+  body = buildFormUrlencodedString({
+    ...se_ModifyVpcBlockPublicAccessOptionsRequest(input, context),
+    [_A]: _MVBPAO,
+    [_V]: _,
+  });
+  return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
+
 /**
  * serializeAws_ec2ModifyVpcEndpointCommand
  */
@@ -17705,6 +17846,26 @@ export const de_CreateVpcCommand = async (
   return response;
 };
 
+/**
+ * deserializeAws_ec2CreateVpcBlockPublicAccessExclusionCommand
+ */
+export const de_CreateVpcBlockPublicAccessExclusionCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<CreateVpcBlockPublicAccessExclusionCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_CreateVpcBlockPublicAccessExclusionResult(data, context);
+  const response: CreateVpcBlockPublicAccessExclusionCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
 /**
  * deserializeAws_ec2CreateVpcEndpointCommand
  */
@@ -19154,6 +19315,26 @@ export const de_DeleteVpcCommand = async (
   return response;
 };
 
+/**
+ * deserializeAws_ec2DeleteVpcBlockPublicAccessExclusionCommand
+ */
+export const de_DeleteVpcBlockPublicAccessExclusionCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<DeleteVpcBlockPublicAccessExclusionCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_DeleteVpcBlockPublicAccessExclusionResult(data, context);
+  const response: DeleteVpcBlockPublicAccessExclusionCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
 /**
  * deserializeAws_ec2DeleteVpcEndpointConnectionNotificationsCommand
  */
@@ -22302,6 +22483,46 @@ export const de_DescribeVpcAttributeCommand = async (
   return response;
 };
 
+/**
+ * deserializeAws_ec2DescribeVpcBlockPublicAccessExclusionsCommand
+ */
+export const de_DescribeVpcBlockPublicAccessExclusionsCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<DescribeVpcBlockPublicAccessExclusionsCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_DescribeVpcBlockPublicAccessExclusionsResult(data, context);
+  const response: DescribeVpcBlockPublicAccessExclusionsCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
+/**
+ * deserializeAws_ec2DescribeVpcBlockPublicAccessOptionsCommand
+ */
+export const de_DescribeVpcBlockPublicAccessOptionsCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<DescribeVpcBlockPublicAccessOptionsCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_DescribeVpcBlockPublicAccessOptionsResult(data, context);
+  const response: DescribeVpcBlockPublicAccessOptionsCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
 /**
  * deserializeAws_ec2DescribeVpcClassicLinkCommand
  */
@@ -25971,6 +26192,46 @@ export const de_ModifyVpcAttributeCommand = async (
   return response;
 };
 
+/**
+ * deserializeAws_ec2ModifyVpcBlockPublicAccessExclusionCommand
+ */
+export const de_ModifyVpcBlockPublicAccessExclusionCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<ModifyVpcBlockPublicAccessExclusionCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_ModifyVpcBlockPublicAccessExclusionResult(data, context);
+  const response: ModifyVpcBlockPublicAccessExclusionCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
+/**
+ * deserializeAws_ec2ModifyVpcBlockPublicAccessOptionsCommand
+ */
+export const de_ModifyVpcBlockPublicAccessOptionsCommand = async (
+  output: __HttpResponse,
+  context: __SerdeContext
+): Promise<ModifyVpcBlockPublicAccessOptionsCommandOutput> => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data: any = await parseBody(output.body, context);
+  let contents: any = {};
+  contents = de_ModifyVpcBlockPublicAccessOptionsResult(data, context);
+  const response: ModifyVpcBlockPublicAccessOptionsCommandOutput = {
+    $metadata: deserializeMetadata(output),
+    ...contents,
+  };
+  return response;
+};
+
 /**
  * deserializeAws_ec2ModifyVpcEndpointCommand
  */
@@ -33162,6 +33423,36 @@ const se_CreateVolumeRequest = (input: CreateVolumeRequest, context: __SerdeCont
   return entries;
 };
 
+/**
+ * serializeAws_ec2CreateVpcBlockPublicAccessExclusionRequest
+ */
+const se_CreateVpcBlockPublicAccessExclusionRequest = (
+  input: CreateVpcBlockPublicAccessExclusionRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  if (input[_SIub] != null) {
+    entries[_SIub] = input[_SIub];
+  }
+  if (input[_VI] != null) {
+    entries[_VI] = input[_VI];
+  }
+  if (input[_IGEM] != null) {
+    entries[_IGEM] = input[_IGEM];
+  }
+  if (input[_TS] != null) {
+    const memberEntries = se_TagSpecificationList(input[_TS], context);
+    Object.entries(memberEntries).forEach(([key, value]) => {
+      const loc = `TagSpecification.${key.substring(key.indexOf(".") + 1)}`;
+      entries[loc] = value;
+    });
+  }
+  return entries;
+};
+
 /**
  * serializeAws_ec2CreateVpcEndpointConnectionNotificationRequest
  */
@@ -34725,6 +35016,23 @@ const se_DeleteVolumeRequest = (input: DeleteVolumeRequest, context: __SerdeCont
   return entries;
 };
 
+/**
+ * serializeAws_ec2DeleteVpcBlockPublicAccessExclusionRequest
+ */
+const se_DeleteVpcBlockPublicAccessExclusionRequest = (
+  input: DeleteVpcBlockPublicAccessExclusionRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  if (input[_EIxc] != null) {
+    entries[_EIxc] = input[_EIxc];
+  }
+  return entries;
+};
+
 /**
  * serializeAws_ec2DeleteVpcEndpointConnectionNotificationsRequest
  */
@@ -39483,6 +39791,54 @@ const se_DescribeVpcAttributeRequest = (input: DescribeVpcAttributeRequest, cont
   return entries;
 };
 
+/**
+ * serializeAws_ec2DescribeVpcBlockPublicAccessExclusionsRequest
+ */
+const se_DescribeVpcBlockPublicAccessExclusionsRequest = (
+  input: DescribeVpcBlockPublicAccessExclusionsRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  if (input[_Fi] != null) {
+    const memberEntries = se_FilterList(input[_Fi], context);
+    Object.entries(memberEntries).forEach(([key, value]) => {
+      const loc = `Filter.${key.substring(key.indexOf(".") + 1)}`;
+      entries[loc] = value;
+    });
+  }
+  if (input[_EIxcl] != null) {
+    const memberEntries = se_VpcBlockPublicAccessExclusionIdList(input[_EIxcl], context);
+    Object.entries(memberEntries).forEach(([key, value]) => {
+      const loc = `ExclusionId.${key.substring(key.indexOf(".") + 1)}`;
+      entries[loc] = value;
+    });
+  }
+  if (input[_NT] != null) {
+    entries[_NT] = input[_NT];
+  }
+  if (input[_MR] != null) {
+    entries[_MR] = input[_MR];
+  }
+  return entries;
+};
+
+/**
+ * serializeAws_ec2DescribeVpcBlockPublicAccessOptionsRequest
+ */
+const se_DescribeVpcBlockPublicAccessOptionsRequest = (
+  input: DescribeVpcBlockPublicAccessOptionsRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  return entries;
+};
+
 /**
  * serializeAws_ec2DescribeVpcClassicLinkDnsSupportRequest
  */
@@ -48072,6 +48428,43 @@ const se_ModifyVpcAttributeRequest = (input: ModifyVpcAttributeRequest, context:
   return entries;
 };
 
+/**
+ * serializeAws_ec2ModifyVpcBlockPublicAccessExclusionRequest
+ */
+const se_ModifyVpcBlockPublicAccessExclusionRequest = (
+  input: ModifyVpcBlockPublicAccessExclusionRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  if (input[_EIxc] != null) {
+    entries[_EIxc] = input[_EIxc];
+  }
+  if (input[_IGEM] != null) {
+    entries[_IGEM] = input[_IGEM];
+  }
+  return entries;
+};
+
+/**
+ * serializeAws_ec2ModifyVpcBlockPublicAccessOptionsRequest
+ */
+const se_ModifyVpcBlockPublicAccessOptionsRequest = (
+  input: ModifyVpcBlockPublicAccessOptionsRequest,
+  context: __SerdeContext
+): any => {
+  const entries: any = {};
+  if (input[_DRr] != null) {
+    entries[_DRr] = input[_DRr];
+  }
+  if (input[_IGBM] != null) {
+    entries[_IGBM] = input[_IGBM];
+  }
+  return entries;
+};
+
 /**
  * serializeAws_ec2ModifyVpcEndpointConnectionNotificationRequest
  */
@@ -54586,6 +54979,22 @@ const se_VolumeIdStringList = (input: string[], context: __SerdeContext): any =>
   return entries;
 };
 
+/**
+ * serializeAws_ec2VpcBlockPublicAccessExclusionIdList
+ */
+const se_VpcBlockPublicAccessExclusionIdList = (input: string[], context: __SerdeContext): any => {
+  const entries: any = {};
+  let counter = 1;
+  for (const entry of input) {
+    if (entry === null) {
+      continue;
+    }
+    entries[`Item.${counter}`] = entry;
+    counter++;
+  }
+  return entries;
+};
+
 /**
  * serializeAws_ec2VpcClassicLinkIdList
  */
@@ -55069,7 +55478,7 @@ const de_AcceptReservedInstancesExchangeQuoteResult = (
 ): AcceptReservedInstancesExchangeQuoteResult => {
   const contents: any = {};
   if (output[_eI] != null) {
-    contents[_EIxc] = __expectString(output[_eI]);
+    contents[_EIxch] = __expectString(output[_eI]);
   }
   return contents;
 };
@@ -56641,6 +57050,17 @@ const de_BlockDeviceMappingList = (output: any, context: __SerdeContext): BlockD
     });
 };
 
+/**
+ * deserializeAws_ec2BlockPublicAccessStates
+ */
+const de_BlockPublicAccessStates = (output: any, context: __SerdeContext): BlockPublicAccessStates => {
+  const contents: any = {};
+  if (output[_iGBM] != null) {
+    contents[_IGBM] = __expectString(output[_iGBM]);
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2BootModeTypeList
  */
@@ -59403,6 +59823,20 @@ const de_CreateVolumePermissionList = (output: any, context: __SerdeContext): Cr
     });
 };
 
+/**
+ * deserializeAws_ec2CreateVpcBlockPublicAccessExclusionResult
+ */
+const de_CreateVpcBlockPublicAccessExclusionResult = (
+  output: any,
+  context: __SerdeContext
+): CreateVpcBlockPublicAccessExclusionResult => {
+  const contents: any = {};
+  if (output[_vBPAE] != null) {
+    contents[_VBPAE] = de_VpcBlockPublicAccessExclusion(output[_vBPAE], context);
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2CreateVpcEndpointConnectionNotificationResult
  */
@@ -60453,6 +60887,20 @@ const de_DeleteVerifiedAccessTrustProviderResult = (
   return contents;
 };
 
+/**
+ * deserializeAws_ec2DeleteVpcBlockPublicAccessExclusionResult
+ */
+const de_DeleteVpcBlockPublicAccessExclusionResult = (
+  output: any,
+  context: __SerdeContext
+): DeleteVpcBlockPublicAccessExclusionResult => {
+  const contents: any = {};
+  if (output[_vBPAE] != null) {
+    contents[_VBPAE] = de_VpcBlockPublicAccessExclusion(output[_vBPAE], context);
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2DeleteVpcEndpointConnectionNotificationsResult
  */
@@ -63292,6 +63740,39 @@ const de_DescribeVpcAttributeResult = (output: any, context: __SerdeContext): De
   return contents;
 };
 
+/**
+ * deserializeAws_ec2DescribeVpcBlockPublicAccessExclusionsResult
+ */
+const de_DescribeVpcBlockPublicAccessExclusionsResult = (
+  output: any,
+  context: __SerdeContext
+): DescribeVpcBlockPublicAccessExclusionsResult => {
+  const contents: any = {};
+  if (output.vpcBlockPublicAccessExclusionSet === "") {
+    contents[_VBPAEp] = [];
+  } else if (output[_vBPAES] != null && output[_vBPAES][_i] != null) {
+    contents[_VBPAEp] = de_VpcBlockPublicAccessExclusionList(__getArrayIfSingleItem(output[_vBPAES][_i]), context);
+  }
+  if (output[_nTe] != null) {
+    contents[_NT] = __expectString(output[_nTe]);
+  }
+  return contents;
+};
+
+/**
+ * deserializeAws_ec2DescribeVpcBlockPublicAccessOptionsResult
+ */
+const de_DescribeVpcBlockPublicAccessOptionsResult = (
+  output: any,
+  context: __SerdeContext
+): DescribeVpcBlockPublicAccessOptionsResult => {
+  const contents: any = {};
+  if (output[_vBPAO] != null) {
+    contents[_VBPAO] = de_VpcBlockPublicAccessOptions(output[_vBPAO], context);
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2DescribeVpcClassicLinkDnsSupportResult
  */
@@ -73650,6 +74131,34 @@ const de_ModifyVolumeResult = (output: any, context: __SerdeContext): ModifyVolu
   return contents;
 };
 
+/**
+ * deserializeAws_ec2ModifyVpcBlockPublicAccessExclusionResult
+ */
+const de_ModifyVpcBlockPublicAccessExclusionResult = (
+  output: any,
+  context: __SerdeContext
+): ModifyVpcBlockPublicAccessExclusionResult => {
+  const contents: any = {};
+  if (output[_vBPAE] != null) {
+    contents[_VBPAE] = de_VpcBlockPublicAccessExclusion(output[_vBPAE], context);
+  }
+  return contents;
+};
+
+/**
+ * deserializeAws_ec2ModifyVpcBlockPublicAccessOptionsResult
+ */
+const de_ModifyVpcBlockPublicAccessOptionsResult = (
+  output: any,
+  context: __SerdeContext
+): ModifyVpcBlockPublicAccessOptionsResult => {
+  const contents: any = {};
+  if (output[_vBPAO] != null) {
+    contents[_VBPAO] = de_VpcBlockPublicAccessOptions(output[_vBPAO], context);
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2ModifyVpcEndpointConnectionNotificationResult
  */
@@ -79485,6 +79994,9 @@ const de_Subnet = (output: any, context: __SerdeContext): Subnet => {
   if (output[_pDNOOL] != null) {
     contents[_PDNOOL] = de_PrivateDnsNameOptionsOnLaunch(output[_pDNOOL], context);
   }
+  if (output[_bPAS] != null) {
+    contents[_BPAS] = de_BlockPublicAccessStates(output[_bPAS], context);
+  }
   if (output[_sIu] != null) {
     contents[_SIub] = __expectString(output[_sIu]);
   }
@@ -83042,6 +83554,9 @@ const de_Vpc = (output: any, context: __SerdeContext): Vpc => {
   } else if (output[_tS] != null && output[_tS][_i] != null) {
     contents[_Ta] = de_TagList(__getArrayIfSingleItem(output[_tS][_i]), context);
   }
+  if (output[_bPAS] != null) {
+    contents[_BPAS] = de_BlockPublicAccessStates(output[_bPAS], context);
+  }
   if (output[_vI] != null) {
     contents[_VI] = __expectString(output[_vI]);
   }
@@ -83082,6 +83597,83 @@ const de_VpcAttachmentList = (output: any, context: __SerdeContext): VpcAttachme
     });
 };
 
+/**
+ * deserializeAws_ec2VpcBlockPublicAccessExclusion
+ */
+const de_VpcBlockPublicAccessExclusion = (output: any, context: __SerdeContext): VpcBlockPublicAccessExclusion => {
+  const contents: any = {};
+  if (output[_eIx] != null) {
+    contents[_EIxc] = __expectString(output[_eIx]);
+  }
+  if (output[_iGEM] != null) {
+    contents[_IGEM] = __expectString(output[_iGEM]);
+  }
+  if (output[_rAe] != null) {
+    contents[_RAes] = __expectString(output[_rAe]);
+  }
+  if (output[_st] != null) {
+    contents[_Stat] = __expectString(output[_st]);
+  }
+  if (output[_rea] != null) {
+    contents[_Rea] = __expectString(output[_rea]);
+  }
+  if (output[_cTrea] != null) {
+    contents[_CTrea] = __expectNonNull(__parseRfc3339DateTimeWithOffset(output[_cTrea]));
+  }
+  if (output[_lUTas] != null) {
+    contents[_LUTas] = __expectNonNull(__parseRfc3339DateTimeWithOffset(output[_lUTas]));
+  }
+  if (output[_dTele] != null) {
+    contents[_DTelet] = __expectNonNull(__parseRfc3339DateTimeWithOffset(output[_dTele]));
+  }
+  if (output.tagSet === "") {
+    contents[_Ta] = [];
+  } else if (output[_tS] != null && output[_tS][_i] != null) {
+    contents[_Ta] = de_TagList(__getArrayIfSingleItem(output[_tS][_i]), context);
+  }
+  return contents;
+};
+
+/**
+ * deserializeAws_ec2VpcBlockPublicAccessExclusionList
+ */
+const de_VpcBlockPublicAccessExclusionList = (
+  output: any,
+  context: __SerdeContext
+): VpcBlockPublicAccessExclusion[] => {
+  return (output || [])
+    .filter((e: any) => e != null)
+    .map((entry: any) => {
+      return de_VpcBlockPublicAccessExclusion(entry, context);
+    });
+};
+
+/**
+ * deserializeAws_ec2VpcBlockPublicAccessOptions
+ */
+const de_VpcBlockPublicAccessOptions = (output: any, context: __SerdeContext): VpcBlockPublicAccessOptions => {
+  const contents: any = {};
+  if (output[_aAI] != null) {
+    contents[_AAI] = __expectString(output[_aAI]);
+  }
+  if (output[_aRw] != null) {
+    contents[_ARw] = __expectString(output[_aRw]);
+  }
+  if (output[_st] != null) {
+    contents[_Stat] = __expectString(output[_st]);
+  }
+  if (output[_iGBM] != null) {
+    contents[_IGBM] = __expectString(output[_iGBM]);
+  }
+  if (output[_rea] != null) {
+    contents[_Rea] = __expectString(output[_rea]);
+  }
+  if (output[_lUTas] != null) {
+    contents[_LUTas] = __expectNonNull(__parseRfc3339DateTimeWithOffset(output[_lUTas]));
+  }
+  return contents;
+};
+
 /**
  * deserializeAws_ec2VpcCidrBlockAssociation
  */
@@ -83866,6 +84458,7 @@ const _ARs = "AssociatedResource";
 const _ARss = "AssociatedRoles";
 const _ARu = "AutoRecovery";
 const _ARut = "AuthorizationRules";
+const _ARw = "AwsRegion";
 const _AS = "AllocationStrategy";
 const _ASA = "AmazonSideAsn";
 const _ASCB = "AssociateSubnetCidrBlock";
@@ -83968,6 +84561,7 @@ const _BN = "BucketName";
 const _BO = "BgpOptions";
 const _BOu = "BucketOwner";
 const _BP = "BurstablePerformance";
+const _BPAS = "BlockPublicAccessStates";
 const _BPS = "BurstablePerformanceSupported";
 const _BPi = "BillingProducts";
 const _BS = "BgpStatus";
@@ -84209,6 +84803,7 @@ const _CVAE = "CreateVerifiedAccessEndpoint";
 const _CVAG = "CreateVerifiedAccessGroup";
 const _CVAI = "CreateVerifiedAccessInstance";
 const _CVATP = "CreateVerifiedAccessTrustProvider";
+const _CVBPAE = "CreateVpcBlockPublicAccessExclusion";
 const _CVC = "CreateVpnConnection";
 const _CVCR = "CreateVpnConnectionRoute";
 const _CVE = "CreateVpcEndpoint";
@@ -84563,6 +85158,7 @@ const _DTS = "DpdTimeoutSeconds";
 const _DTe = "DescribeTags";
 const _DTel = "DeletionTime";
 const _DTele = "DeleteTime";
+const _DTelet = "DeletionTimestamp";
 const _DTep = "DeprecationTime";
 const _DTi = "DisablingTime";
 const _DTis = "DisabledTime";
@@ -84579,6 +85175,9 @@ const _DVATP = "DeleteVerifiedAccessTrustProvider";
 const _DVATPe = "DescribeVerifiedAccessTrustProviders";
 const _DVATPet = "DetachVerifiedAccessTrustProvider";
 const _DVAe = "DescribeVpcAttribute";
+const _DVBPAE = "DeleteVpcBlockPublicAccessExclusion";
+const _DVBPAEe = "DescribeVpcBlockPublicAccessExclusions";
+const _DVBPAO = "DescribeVpcBlockPublicAccessOptions";
 const _DVC = "DeleteVpnConnection";
 const _DVCB = "DisassociateVpcCidrBlock";
 const _DVCL = "DescribeVpcClassicLink";
@@ -84685,7 +85284,9 @@ const _EIf = "EfaInfo";
 const _EIv = "EventInformation";
 const _EIve = "EventId";
 const _EIx = "ExportImage";
-const _EIxc = "ExchangeId";
+const _EIxc = "ExclusionId";
+const _EIxch = "ExchangeId";
+const _EIxcl = "ExclusionIds";
 const _EKKI = "EncryptionKmsKeyId";
 const _ELADI = "EnableLniAtDeviceIndex";
 const _ELBL = "ElasticLoadBalancerListener";
@@ -84960,6 +85561,8 @@ const _IFCS = "InstanceFamilyCreditSpecification";
 const _IFR = "IamFleetRole";
 const _IFRn = "IngressFilterRules";
 const _IG = "InstanceGenerations";
+const _IGBM = "InternetGatewayBlockMode";
+const _IGEM = "InternetGatewayExclusionMode";
 const _IGI = "InternetGatewayId";
 const _IGIn = "InternetGatewayIds";
 const _IGn = "InternetGateway";
@@ -85231,6 +85834,7 @@ const _LTi = "LicenseType";
 const _LTo = "LocalTarget";
 const _LUT = "LastUpdateTime";
 const _LUTa = "LastUpdatedTime";
+const _LUTas = "LastUpdateTimestamp";
 const _LV = "LogVersion";
 const _LVN = "LatestVersionNumber";
 const _La = "Latest";
@@ -85355,6 +85959,8 @@ const _MVAI = "ModifyVerifiedAccessInstance";
 const _MVAILC = "ModifyVerifiedAccessInstanceLoggingConfiguration";
 const _MVATP = "ModifyVerifiedAccessTrustProvider";
 const _MVAo = "ModifyVpcAttribute";
+const _MVBPAE = "ModifyVpcBlockPublicAccessExclusion";
+const _MVBPAO = "ModifyVpcBlockPublicAccessOptions";
 const _MVC = "ModifyVpnConnection";
 const _MVCO = "ModifyVpnConnectionOptions";
 const _MVE = "ModifyVpcEndpoint";
@@ -85668,6 +86274,7 @@ const _RAP = "RemoveAllowedPrincipals";
 const _RART = "RemoveAllocationResourceTags";
 const _RATC = "RestoreAddressToClassic";
 const _RAe = "ResolveAlias";
+const _RAes = "ResourceArn";
 const _RAo = "RoleArn";
 const _RAu = "RuleAction";
 const _RB = "RequestedBy";
@@ -86249,6 +86856,9 @@ const _VATPI = "VerifiedAccessTrustProviderId";
 const _VATPIe = "VerifiedAccessTrustProviderIds";
 const _VATPe = "VerifiedAccessTrustProviders";
 const _VAp = "VpcAttachments";
+const _VBPAE = "VpcBlockPublicAccessExclusion";
+const _VBPAEp = "VpcBlockPublicAccessExclusions";
+const _VBPAO = "VpcBlockPublicAccessOptions";
 const _VC = "VpnConnection";
 const _VCC = "VCpuCount";
 const _VCDSC = "VpnConnectionDeviceSampleConfiguration";
@@ -86409,6 +87019,7 @@ const _aRcc = "acceptanceRequired";
 const _aRd = "addressRegion";
 const _aRs = "associatedResource";
 const _aRu = "autoRecovery";
+const _aRw = "awsRegion";
 const _aS = "associationState";
 const _aSA = "amazonSideAsn";
 const _aSS = "amdSevSnp";
@@ -86484,6 +87095,7 @@ const _bMa = "bareMetal";
 const _bN = "bucketName";
 const _bO = "bucketOwner";
 const _bP = "burstablePerformance";
+const _bPAS = "blockPublicAccessStates";
 const _bPS = "burstablePerformanceSupported";
 const _bS = "byoasnSet";
 const _bSg = "bgpStatus";
@@ -86701,6 +87313,7 @@ const _dTPT = "deviceTrustProviderType";
 const _dTS = "dpdTimeoutSeconds";
 const _dTe = "deprecationTime";
 const _dTel = "deleteTime";
+const _dTele = "deletionTimestamp";
 const _dTi = "disablingTime";
 const _dTis = "disabledTime";
 const _dV = "destinationVpc";
@@ -86759,6 +87372,7 @@ const _eIb = "ebsInfo";
 const _eIf = "efaInfo";
 const _eIv = "eventInformation";
 const _eIve = "eventId";
+const _eIx = "exclusionId";
 const _eKKI = "encryptionKmsKeyId";
 const _eLADI = "enableLniAtDeviceIndex";
 const _eLBL = "elasticLoadBalancerListener";
@@ -86948,6 +87562,8 @@ const _iFCS = "instanceFamilyCreditSpecification";
 const _iFR = "iamFleetRole";
 const _iFRS = "ingressFilterRuleSet";
 const _iG = "internetGateway";
+const _iGBM = "internetGatewayBlockMode";
+const _iGEM = "internetGatewayExclusionMode";
 const _iGI = "internetGatewayId";
 const _iGS = "internetGatewaySet";
 const _iGSn = "instanceGenerationSet";
@@ -87179,6 +87795,7 @@ const _lTi = "licenseType";
 const _lTo = "locationType";
 const _lUT = "lastUpdateTime";
 const _lUTa = "lastUpdatedTime";
+const _lUTas = "lastUpdateTimestamp";
 const _lV = "logVersion";
 const _lVN = "latestVersionNumber";
 const _lo = "location";
@@ -87479,6 +88096,7 @@ const _pu = "public";
 const _pur = "purchase";
 const _r = "return";
 const _rA = "ruleAction";
+const _rAe = "resourceArn";
 const _rB = "requestedBy";
 const _rBET = "recycleBinEnterTime";
 const _rBETe = "recycleBinExitTime";
@@ -87921,6 +88539,9 @@ const _vAIS = "verifiedAccessInstanceSet";
 const _vATP = "verifiedAccessTrustProvider";
 const _vATPI = "verifiedAccessTrustProviderId";
 const _vATPS = "verifiedAccessTrustProviderSet";
+const _vBPAE = "vpcBlockPublicAccessExclusion";
+const _vBPAES = "vpcBlockPublicAccessExclusionSet";
+const _vBPAO = "vpcBlockPublicAccessOptions";
 const _vC = "vpnConnection";
 const _vCC = "vCpuCount";
 const _vCDSC = "vpnConnectionDeviceSampleConfiguration";
diff --git a/codegen/sdk-codegen/aws-models/ec2.json b/codegen/sdk-codegen/aws-models/ec2.json
index 763f0cda06d1..3b83b0249ec0 100644
--- a/codegen/sdk-codegen/aws-models/ec2.json
+++ b/codegen/sdk-codegen/aws-models/ec2.json
@@ -2606,6 +2606,9 @@
         {
           "target": "com.amazonaws.ec2#CreateVpc"
         },
+        {
+          "target": "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusion"
+        },
         {
           "target": "com.amazonaws.ec2#CreateVpcEndpoint"
         },
@@ -2831,6 +2834,9 @@
         {
           "target": "com.amazonaws.ec2#DeleteVpc"
         },
+        {
+          "target": "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusion"
+        },
         {
           "target": "com.amazonaws.ec2#DeleteVpcEndpointConnectionNotifications"
         },
@@ -3305,6 +3311,12 @@
         {
           "target": "com.amazonaws.ec2#DescribeVpcAttribute"
         },
+        {
+          "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusions"
+        },
+        {
+          "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptions"
+        },
         {
           "target": "com.amazonaws.ec2#DescribeVpcClassicLink"
         },
@@ -3863,6 +3875,12 @@
         {
           "target": "com.amazonaws.ec2#ModifyVpcAttribute"
         },
+        {
+          "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusion"
+        },
+        {
+          "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptions"
+        },
         {
           "target": "com.amazonaws.ec2#ModifyVpcEndpoint"
         },
@@ -9385,6 +9403,45 @@
         }
       }
     },
+    "com.amazonaws.ec2#BlockPublicAccessMode": {
+      "type": "enum",
+      "members": {
+        "off": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "off"
+          }
+        },
+        "block_bidirectional": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "block-bidirectional"
+          }
+        },
+        "block_ingress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "block-ingress"
+          }
+        }
+      }
+    },
+    "com.amazonaws.ec2#BlockPublicAccessStates": {
+      "type": "structure",
+      "members": {
+        "InternetGatewayBlockMode": {
+          "target": "com.amazonaws.ec2#BlockPublicAccessMode",
+          "traits": {
+            "aws.protocols#ec2QueryName": "InternetGatewayBlockMode",
+            "smithy.api#documentation": "<p>The mode of VPC BPA.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>\n            </li>\n            <li>\n               <p>\n                  <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>\n            </li>\n         </ul>",
+            "smithy.api#xmlName": "internetGatewayBlockMode"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>The state of VPC Block Public Access (BPA).</p>"
+      }
+    },
     "com.amazonaws.ec2#Boolean": {
       "type": "boolean"
     },
@@ -9464,7 +9521,7 @@
         "target": "com.amazonaws.ec2#BundleInstanceResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Bundles an Amazon instance store-backed Windows instance.</p>\n         <p>During bundling, only the root device volume (C:\\) is bundled. Data on other instance store volumes is not preserved.</p>\n         <note>\n            <p>This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.</p>\n         </note>"
+        "smithy.api#documentation": "<p>Bundles an Amazon instance store-backed Windows instance.</p>\n         <p>During bundling, only the root device volume (C:\\) is bundled. Data on other instance\n      store volumes is not preserved.</p>\n         <note>\n            <p>This action is not applicable for Linux/Unix instances or Windows instances that are\n        backed by Amazon EBS.</p>\n         </note>"
       }
     },
     "com.amazonaws.ec2#BundleInstanceRequest": {
@@ -9482,7 +9539,7 @@
           "target": "com.amazonaws.ec2#Storage",
           "traits": {
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>",
+            "smithy.api#documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a\n      new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone\n      else, Amazon EC2 returns an error.</p>",
             "smithy.api#required": {}
           }
         },
@@ -10186,7 +10243,7 @@
         "target": "com.amazonaws.ec2#CancelImageLaunchPermissionResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Removes your Amazon Web Services account from the launch permissions for the specified AMI. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html\">\n        Cancel having an AMI shared with your Amazon Web Services account</a> in the \n      <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Removes your Amazon Web Services account from the launch permissions for the specified AMI.\n      For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html\"> Cancel having an AMI shared with\n        your Amazon Web Services account</a> in the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#CancelImageLaunchPermissionRequest": {
@@ -13895,7 +13952,7 @@
         "target": "com.amazonaws.ec2#CopyImageResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Initiates an AMI copy operation. You can copy an AMI from one Region to another, or from a\n      Region to an Outpost. You can't copy an AMI from an Outpost to a Region, from one Outpost to\n      another, or within the same Outpost. To copy an AMI to another partition, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html\">CreateStoreImageTask</a>.</p>\n         <p>When you copy an AMI from one Region to another, the destination Region is the \n     \tcurrent Region.</p>\n         <p>When you copy an AMI from a Region to an Outpost, specify the ARN of the Outpost as\n   \t  the destination. Backing snapshots copied to an Outpost are encrypted by default using \n   \t  the default encryption key for the Region or the key that you specify. Outposts do not \n   \t  support unencrypted snapshots.</p>\n         <p>For information about the prerequisites  when copying an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html\">Copy an AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+        "smithy.api#documentation": "<p>Initiates an AMI copy operation. You can copy an AMI from one Region to another, or from a\n      Region to an Outpost. You can't copy an AMI from an Outpost to a Region, from one Outpost to\n      another, or within the same Outpost. To copy an AMI to another partition, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html\">CreateStoreImageTask</a>.</p>\n         <p>When you copy an AMI from one Region to another, the destination Region is the current\n      Region.</p>\n         <p>When you copy an AMI from a Region to an Outpost, specify the ARN of the Outpost as the\n      destination. Backing snapshots copied to an Outpost are encrypted by default using the default\n      encryption key for the Region or the key that you specify. Outposts do not support unencrypted\n      snapshots.</p>\n         <p>For information about the prerequisites when copying an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html\">Copy an AMI</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>",
         "smithy.api#examples": [
           {
             "title": "To copy an AMI to another region",
@@ -13919,7 +13976,7 @@
         "ClientToken": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>Unique, case-sensitive identifier you provide to ensure\n       idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring idempotency</a> \n       in the <i>Amazon EC2 API Reference</i>.</p>"
+            "smithy.api#documentation": "<p>Unique, case-sensitive identifier you provide to ensure idempotency of the request. For\n      more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring idempotency</a>\n      in the <i>Amazon EC2 API Reference</i>.</p>"
           }
         },
         "Description": {
@@ -13932,7 +13989,7 @@
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
             "aws.protocols#ec2QueryName": "Encrypted",
-            "smithy.api#documentation": "<p>Specifies whether the destination snapshots of the copied image should be encrypted. You\n      can encrypt a copy of an unencrypted snapshot, but you cannot create an unencrypted copy of an\n      encrypted snapshot. The default KMS key for Amazon EBS is used unless you specify a non-default\n      Key Management Service (KMS) KMS key using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html\">Use encryption with \n        EBS-backed AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>Specifies whether the destination snapshots of the copied image should be encrypted. You\n      can encrypt a copy of an unencrypted snapshot, but you cannot create an unencrypted copy of an\n      encrypted snapshot. The default KMS key for Amazon EBS is used unless you specify a non-default\n      Key Management Service (KMS) KMS key using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html\">Use encryption with\n        EBS-backed AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "encrypted"
           }
         },
@@ -13940,7 +13997,7 @@
           "target": "com.amazonaws.ec2#KmsKeyId",
           "traits": {
             "aws.protocols#ec2QueryName": "KmsKeyId",
-            "smithy.api#documentation": "<p>The identifier of the symmetric Key Management Service (KMS) KMS key to use when creating\n   \t\tencrypted volumes. If this parameter is not specified, your Amazon Web Services managed KMS key for Amazon EBS is used. \n   \t\tIf you specify a KMS key, you must also set the encrypted state to <code>true</code>.</p>\n         <p>You can specify a KMS key using any of the following:</p>\n         <ul>\n            <li>\n               <p>Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.</p>\n            </li>\n            <li>\n               <p>Key alias. For example, alias/ExampleAlias.</p>\n            </li>\n            <li>\n               <p>Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.</p>\n            </li>\n            <li>\n               <p>Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.</p>\n            </li>\n         </ul>\n         <p>Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an identifier that is not valid,\n      the action can appear to complete, but eventually fails.</p>\n         <p>The specified KMS key must exist in the destination Region.</p>\n         <p>Amazon EBS does not support asymmetric KMS keys.</p>",
+            "smithy.api#documentation": "<p>The identifier of the symmetric Key Management Service (KMS) KMS key to use when creating encrypted volumes.\n      If this parameter is not specified, your Amazon Web Services managed KMS key for Amazon EBS is used. If you\n      specify a KMS key, you must also set the encrypted state to <code>true</code>.</p>\n         <p>You can specify a KMS key using any of the following:</p>\n         <ul>\n            <li>\n               <p>Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.</p>\n            </li>\n            <li>\n               <p>Key alias. For example, alias/ExampleAlias.</p>\n            </li>\n            <li>\n               <p>Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.</p>\n            </li>\n            <li>\n               <p>Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.</p>\n            </li>\n         </ul>\n         <p>Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an identifier\n      that is not valid, the action can appear to complete, but eventually fails.</p>\n         <p>The specified KMS key must exist in the destination Region.</p>\n         <p>Amazon EBS does not support asymmetric KMS keys.</p>",
             "smithy.api#xmlName": "kmsKeyId"
           }
         },
@@ -13971,19 +14028,19 @@
         "DestinationOutpostArn": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only \n  \t\tspecify this parameter when copying an AMI from an Amazon Web Services Region to an Outpost. \n  \t\tThe AMI must be in the Region of the destination Outpost. You cannot copy an \n  \t\tAMI from an Outpost to a Region, from one Outpost to another, or within the same \n  \t\tOutpost.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis\">Copy AMIs from an Amazon Web Services\n        Region to an Outpost</a> in the <i>Amazon EBS User Guide</i>.</p>"
+            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only specify this\n      parameter when copying an AMI from an Amazon Web Services Region to an Outpost. The AMI must be in the\n      Region of the destination Outpost. You cannot copy an AMI from an Outpost to a Region, from\n      one Outpost to another, or within the same Outpost.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis\">Copy AMIs from an Amazon Web Services Region\n        to an Outpost</a> in the <i>Amazon EBS User Guide</i>.</p>"
           }
         },
         "CopyImageTags": {
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
-            "smithy.api#documentation": "<p>Indicates whether to include your user-defined AMI tags when copying the AMI.</p>\n         <p>The following tags will not be copied:</p>\n         <ul>\n            <li>\n               <p>System tags (prefixed with <code>aws:</code>)</p>\n            </li>\n            <li>\n               <p>For public and shared AMIs, user-defined tags that are attached by other Amazon Web Services \n          accounts</p>\n            </li>\n         </ul>\n         <p>Default: Your user-defined AMI tags are not copied.</p>"
+            "smithy.api#documentation": "<p>Indicates whether to include your user-defined AMI tags when copying the AMI.</p>\n         <p>The following tags will not be copied:</p>\n         <ul>\n            <li>\n               <p>System tags (prefixed with <code>aws:</code>)</p>\n            </li>\n            <li>\n               <p>For public and shared AMIs, user-defined tags that are attached by other Amazon Web Services\n          accounts</p>\n            </li>\n         </ul>\n         <p>Default: Your user-defined AMI tags are not copied.</p>"
           }
         },
         "TagSpecifications": {
           "target": "com.amazonaws.ec2#TagSpecificationList",
           "traits": {
-            "smithy.api#documentation": "<p>The tags to apply to the new AMI and new snapshots. You can tag the AMI, the snapshots, or\n      both.</p>\n         <ul>\n            <li>\n               <p>To tag the new AMI, the value for <code>ResourceType</code> must be\n          <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To tag the new snapshots, the value for <code>ResourceType</code> must be\n          <code>snapshot</code>. The same tag is applied to all the new snapshots.</p>\n            </li>\n         </ul>\n         <p>If you specify other values for <code>ResourceType</code>, the request fails.</p>\n         <p>To tag an AMI or snapshot after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>",
+            "smithy.api#documentation": "<p>The tags to apply to the new AMI and new snapshots. You can tag the AMI, the snapshots, or\n      both.</p>\n         <ul>\n            <li>\n               <p>To tag the new AMI, the value for <code>ResourceType</code> must be\n          <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To tag the new snapshots, the value for <code>ResourceType</code> must be\n            <code>snapshot</code>. The same tag is applied to all the new snapshots.</p>\n            </li>\n         </ul>\n         <p>If you specify other values for <code>ResourceType</code>, the request fails.</p>\n         <p>To tag an AMI or snapshot after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>",
             "smithy.api#xmlName": "TagSpecification"
           }
         },
@@ -15976,7 +16033,7 @@
         "target": "com.amazonaws.ec2#CreateImageResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance \n     \tthat is either running or stopped.</p>\n         <p>If you customized your instance with instance store volumes or Amazon EBS volumes in addition to the root device volume, the \n     \tnew AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI, \n     \tthe instance automatically launches with those additional volumes.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html\">Create an Amazon EBS-backed Linux\n        AMI</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or\n      stopped.</p>\n         <p>If you customized your instance with instance store volumes or Amazon EBS volumes in addition\n      to the root device volume, the new AMI contains block device mapping information for those\n      volumes. When you launch an instance from this new AMI, the instance automatically launches\n      with those additional volumes.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html\">Create an Amazon EBS-backed Linux\n        AMI</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#CreateImageRequest": {
@@ -15985,7 +16042,7 @@
         "TagSpecifications": {
           "target": "com.amazonaws.ec2#TagSpecificationList",
           "traits": {
-            "smithy.api#documentation": "<p>The tags to apply to the AMI and snapshots on creation. You can tag the AMI, the\n      snapshots, or both.</p>\n         <ul>\n            <li>\n               <p>To tag the AMI, the value for <code>ResourceType</code> must be\n          <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To tag the snapshots that are created of the root volume and of other Amazon EBS volumes that\n          are attached to the instance, the value for <code>ResourceType</code> must be\n            <code>snapshot</code>. The same tag is applied to all of the snapshots that are\n          created.</p>\n            </li>\n         </ul>\n         <p>If you specify other values for <code>ResourceType</code>, the request fails.</p>\n         <p>To tag an AMI or snapshot after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>. </p>",
+            "smithy.api#documentation": "<p>The tags to apply to the AMI and snapshots on creation. You can tag the AMI, the\n      snapshots, or both.</p>\n         <ul>\n            <li>\n               <p>To tag the AMI, the value for <code>ResourceType</code> must be\n          <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To tag the snapshots that are created of the root volume and of other Amazon EBS volumes\n          that are attached to the instance, the value for <code>ResourceType</code> must be\n            <code>snapshot</code>. The same tag is applied to all of the snapshots that are\n          created.</p>\n            </li>\n         </ul>\n         <p>If you specify other values for <code>ResourceType</code>, the request fails.</p>\n         <p>To tag an AMI or snapshot after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>. </p>",
             "smithy.api#xmlName": "TagSpecification"
           }
         },
@@ -16012,7 +16069,7 @@
           "traits": {
             "aws.protocols#ec2QueryName": "Name",
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>A name for the new image.</p>\n         <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>",
+            "smithy.api#documentation": "<p>A name for the new image.</p>\n         <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces\n      ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or\n      underscores(_)</p>",
             "smithy.api#required": {},
             "smithy.api#xmlName": "name"
           }
@@ -16029,7 +16086,7 @@
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
             "aws.protocols#ec2QueryName": "NoReboot",
-            "smithy.api#documentation": "<p>Indicates whether or not the instance should be automatically rebooted before creating \n       the image. Specify one of the following values:</p>\n         <ul>\n            <li>\n               <p>\n                  <code>true</code> - The instance is not rebooted before creating the image. This \n           creates crash-consistent snapshots that include only the data that has been written \n           to the volumes at the time the snapshots are created. Buffered data and data in \n           memory that has not yet been written to the volumes is not included in the snapshots.</p>\n            </li>\n            <li>\n               <p>\n                  <code>false</code> - The instance is rebooted before creating the image. This \n           ensures that all buffered data and data in memory is written to the volumes before the \n           snapshots are created.</p>\n            </li>\n         </ul>\n         <p>Default: <code>false</code>\n         </p>",
+            "smithy.api#documentation": "<p>Indicates whether or not the instance should be automatically rebooted before creating the\n      image. Specify one of the following values:</p>\n         <ul>\n            <li>\n               <p>\n                  <code>true</code> - The instance is not rebooted before creating the image. This\n          creates crash-consistent snapshots that include only the data that has been written to the\n          volumes at the time the snapshots are created. Buffered data and data in memory that has\n          not yet been written to the volumes is not included in the snapshots.</p>\n            </li>\n            <li>\n               <p>\n                  <code>false</code> - The instance is rebooted before creating the image. This ensures\n          that all buffered data and data in memory is written to the volumes before the snapshots\n          are created.</p>\n            </li>\n         </ul>\n         <p>Default: <code>false</code>\n         </p>",
             "smithy.api#xmlName": "noReboot"
           }
         },
@@ -18604,7 +18661,7 @@
         "target": "com.amazonaws.ec2#CreateRestoreImageTaskResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Starts a task that restores an AMI from an Amazon S3 object that was previously created by using\n      <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html\">CreateStoreImageTask</a>.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n    \tAmazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Starts a task that restores an AMI from an Amazon S3 object that was previously created by\n      using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html\">CreateStoreImageTask</a>.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n        Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#CreateRestoreImageTaskRequest": {
@@ -18635,7 +18692,7 @@
         "TagSpecifications": {
           "target": "com.amazonaws.ec2#TagSpecificationList",
           "traits": {
-            "smithy.api#documentation": "<p>The tags to apply to the AMI and snapshots on restoration. You can tag the AMI, the\n      snapshots, or both.</p>\n         <ul>\n            <li>\n               <p>To tag the AMI, the value for <code>ResourceType</code> must be <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To\n          tag the snapshots, the value for <code>ResourceType</code> must be <code>snapshot</code>. The\n          same tag is applied to all of the snapshots that are created.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The tags to apply to the AMI and snapshots on restoration. You can tag the AMI, the\n      snapshots, or both.</p>\n         <ul>\n            <li>\n               <p>To tag the AMI, the value for <code>ResourceType</code> must be\n          <code>image</code>.</p>\n            </li>\n            <li>\n               <p>To tag the snapshots, the value for <code>ResourceType</code> must be\n            <code>snapshot</code>. The same tag is applied to all of the snapshots that are\n          created.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "TagSpecification"
           }
         },
@@ -19277,7 +19334,7 @@
         "target": "com.amazonaws.ec2#CreateStoreImageTaskResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Stores an AMI as a single object in an Amazon S3 bucket.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n    \tAmazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Stores an AMI as a single object in an Amazon S3 bucket.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n        Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#CreateStoreImageTaskRequest": {
@@ -21640,6 +21697,75 @@
         ]
       }
     },
+    "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusion": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusionRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusionResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Create a VPC Block Public Access (BPA) exclusion. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusionRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        },
+        "SubnetId": {
+          "target": "com.amazonaws.ec2#SubnetId",
+          "traits": {
+            "smithy.api#documentation": "<p>A subnet ID.</p>"
+          }
+        },
+        "VpcId": {
+          "target": "com.amazonaws.ec2#VpcId",
+          "traits": {
+            "smithy.api#documentation": "<p>A VPC ID.</p>"
+          }
+        },
+        "InternetGatewayExclusionMode": {
+          "target": "com.amazonaws.ec2#InternetGatewayExclusionMode",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#documentation": "<p>The exclusion mode for internet gateway traffic.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>\n            </li>\n            <li>\n               <p>\n                  <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>\n            </li>\n         </ul>",
+            "smithy.api#required": {}
+          }
+        },
+        "TagSpecifications": {
+          "target": "com.amazonaws.ec2#TagSpecificationList",
+          "traits": {
+            "smithy.api#documentation": "<p>\n            <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>",
+            "smithy.api#xmlName": "TagSpecification"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#CreateVpcBlockPublicAccessExclusionResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessExclusion": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusion",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessExclusion",
+            "smithy.api#documentation": "<p>Details about an exclusion.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessExclusion"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
     "com.amazonaws.ec2#CreateVpcEndpoint": {
       "type": "operation",
       "input": {
@@ -26662,6 +26788,56 @@
         ]
       }
     },
+    "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusion": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusionRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusionResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Delete a VPC Block Public Access (BPA) exclusion. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusionRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        },
+        "ExclusionId": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionId",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#documentation": "<p>The ID of the exclusion.</p>",
+            "smithy.api#required": {}
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#DeleteVpcBlockPublicAccessExclusionResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessExclusion": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusion",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessExclusion",
+            "smithy.api#documentation": "<p>Details about an exclusion.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessExclusion"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
     "com.amazonaws.ec2#DeleteVpcEndpointConnectionNotifications": {
       "type": "operation",
       "input": {
@@ -27252,7 +27428,7 @@
         "target": "smithy.api#Unit"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to \n       launch new instances.</p>\n         <p>If you deregister an AMI that matches a Recycle Bin retention rule, the AMI is retained\n      in the Recycle Bin for the specified retention period. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle Bin</a> in\n      the <i>Amazon EC2 User Guide</i>.</p>\n         <p>When you deregister an AMI, it doesn't affect any instances that you've already \n       launched from the AMI. You'll continue to incur usage costs for those instances until \n       you terminate them.</p>\n         <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was\n\t\t\tcreated for the root volume of the instance during the AMI creation process. When you\n\t\t\tderegister an instance store-backed AMI, it doesn't affect the files that you uploaded\n\t\t\tto Amazon S3 when you created the AMI.</p>"
+        "smithy.api#documentation": "<p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to launch new\n      instances.</p>\n         <p>If you deregister an AMI that matches a Recycle Bin retention rule, the AMI is retained in\n      the Recycle Bin for the specified retention period. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle Bin</a> in\n      the <i>Amazon EC2 User Guide</i>.</p>\n         <p>When you deregister an AMI, it doesn't affect any instances that you've already launched\n      from the AMI. You'll continue to incur usage costs for those instances until you terminate\n      them.</p>\n         <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was created\n      for the root volume of the instance during the AMI creation process. When you deregister an\n      instance store-backed AMI, it doesn't affect the files that you uploaded to Amazon S3 when you\n      created the AMI.</p>"
       }
     },
     "com.amazonaws.ec2#DeregisterImageRequest": {
@@ -28100,7 +28276,7 @@
         "target": "com.amazonaws.ec2#DescribeBundleTasksResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describes the specified bundle tasks or all of your bundle tasks.</p>\n         <note>\n            <p>Completed bundle tasks are listed for only a limited time. If your bundle task is no longer in the list, you can still register an AMI from it. Just use <code>RegisterImage</code> with the Amazon S3 bucket name and image manifest name you provided to the bundle task.</p>\n         </note>\n         <note>\n            <p>The order of the elements in the response, including those within nested\n         structures, might vary. Applications should not assume the elements appear in a\n         particular order.</p>\n         </note>",
+        "smithy.api#documentation": "<p>Describes the specified bundle tasks or all of your bundle tasks.</p>\n         <note>\n            <p>Completed bundle tasks are listed for only a limited time. If your bundle task is no\n        longer in the list, you can still register an AMI from it. Just use\n          <code>RegisterImage</code> with the Amazon S3 bucket name and image manifest name you provided\n        to the bundle task.</p>\n         </note>\n         <note>\n            <p>The order of the elements in the response, including those within nested structures,\n        might vary. Applications should not assume the elements appear in a particular order.</p>\n         </note>",
         "smithy.waiters#waitable": {
           "BundleTaskComplete": {
             "acceptors": [
@@ -28151,7 +28327,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bundle-id</code> - The ID of the bundle task.</p>\n            </li>\n            <li>\n               <p>\n                  <code>error-code</code> - If the task failed, the error code returned.</p>\n            </li>\n            <li>\n               <p>\n                  <code>error-message</code> - If the task failed, the error message returned.</p>\n            </li>\n            <li>\n               <p>\n                  <code>instance-id</code> - The ID of the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>progress</code> - The level of task completion, as a percentage (for example, 20%).</p>\n            </li>\n            <li>\n               <p>\n                  <code>s3-bucket</code> - The Amazon S3 bucket to store the AMI.</p>\n            </li>\n            <li>\n               <p>\n                  <code>s3-prefix</code> - The beginning of the AMI name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>start-time</code> - The time the task started (for example, 2013-09-15T17:15:20.000Z).</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the task (<code>pending</code> | <code>waiting-for-shutdown</code> | <code>bundling</code> |\n           <code>storing</code> | <code>cancelling</code> | <code>complete</code> | <code>failed</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>update-time</code> - The time of the most recent update for the task.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bundle-id</code> - The ID of the bundle task.</p>\n            </li>\n            <li>\n               <p>\n                  <code>error-code</code> - If the task failed, the error code returned.</p>\n            </li>\n            <li>\n               <p>\n                  <code>error-message</code> - If the task failed, the error message returned.</p>\n            </li>\n            <li>\n               <p>\n                  <code>instance-id</code> - The ID of the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>progress</code> - The level of task completion, as a percentage (for example,\n          20%).</p>\n            </li>\n            <li>\n               <p>\n                  <code>s3-bucket</code> - The Amazon S3 bucket to store the AMI.</p>\n            </li>\n            <li>\n               <p>\n                  <code>s3-prefix</code> - The beginning of the AMI name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>start-time</code> - The time the task started (for example,\n          2013-09-15T17:15:20.000Z).</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the task (<code>pending</code> |\n            <code>waiting-for-shutdown</code> | <code>bundling</code> | <code>storing</code> |\n            <code>cancelling</code> | <code>complete</code> | <code>failed</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>update-time</code> - The time of the most recent update for the task.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -28775,7 +28951,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>group-id</code> - The ID of a VPC security group that's associated with the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>instance-id</code> - The ID of the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC to which the instance is linked.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>group-id</code> - The ID of a VPC security group that's associated with the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>instance-id</code> - The ID of the instance.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC to which the instance is linked.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         },
@@ -29705,7 +29881,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>dhcp-options-id</code> - The ID of a DHCP options set.</p>\n            </li>\n            <li>\n               <p>\n                  <code>key</code> - The key for one of the options (for example, <code>domain-name</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>value</code> - The value for one of the options.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the DHCP options set.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>dhcp-options-id</code> - The ID of a DHCP options set.</p>\n            </li>\n            <li>\n               <p>\n                  <code>key</code> - The key for one of the options (for example, <code>domain-name</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>value</code> - The value for one of the options.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the DHCP options set.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -29796,7 +29972,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -30170,7 +30346,7 @@
           "target": "com.amazonaws.ec2#DescribeFastLaunchImagesSuccessSet",
           "traits": {
             "aws.protocols#ec2QueryName": "FastLaunchImageSet",
-            "smithy.api#documentation": "<p>A collection of details about the fast-launch enabled Windows images that meet \n\t\t\tthe requested criteria.</p>",
+            "smithy.api#documentation": "<p>A collection of details about the fast-launch enabled Windows images that meet the\n      requested criteria.</p>",
             "smithy.api#xmlName": "fastLaunchImageSet"
           }
         },
@@ -30202,7 +30378,7 @@
           "target": "com.amazonaws.ec2#FastLaunchResourceType",
           "traits": {
             "aws.protocols#ec2QueryName": "ResourceType",
-            "smithy.api#documentation": "<p>The resource type that Amazon EC2 uses for pre-provisioning the Windows AMI. Supported values \n\t\t\tinclude: <code>snapshot</code>.</p>",
+            "smithy.api#documentation": "<p>The resource type that Amazon EC2 uses for pre-provisioning the Windows AMI. Supported values\n      include: <code>snapshot</code>.</p>",
             "smithy.api#xmlName": "resourceType"
           }
         },
@@ -30210,7 +30386,7 @@
           "target": "com.amazonaws.ec2#FastLaunchSnapshotConfigurationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "SnapshotConfiguration",
-            "smithy.api#documentation": "<p>A group of parameters that are used for pre-provisioning the associated \n\t\t\tWindows AMI using snapshots.</p>",
+            "smithy.api#documentation": "<p>A group of parameters that are used for pre-provisioning the associated Windows AMI using\n      snapshots.</p>",
             "smithy.api#xmlName": "snapshotConfiguration"
           }
         },
@@ -30218,7 +30394,7 @@
           "target": "com.amazonaws.ec2#FastLaunchLaunchTemplateSpecificationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "LaunchTemplate",
-            "smithy.api#documentation": "<p>The launch template that the Windows fast launch enabled AMI uses when it launches \n\t\t\tWindows instances from pre-provisioned snapshots.</p>",
+            "smithy.api#documentation": "<p>The launch template that the Windows fast launch enabled AMI uses when it launches Windows\n      instances from pre-provisioned snapshots.</p>",
             "smithy.api#xmlName": "launchTemplate"
           }
         },
@@ -30226,7 +30402,7 @@
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
             "aws.protocols#ec2QueryName": "MaxParallelLaunches",
-            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create \n\t\t\tpre-provisioned snapshots for Windows fast launch.</p>",
+            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create\n      pre-provisioned snapshots for Windows fast launch.</p>",
             "smithy.api#xmlName": "maxParallelLaunches"
           }
         },
@@ -30264,7 +30440,7 @@
         }
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describe details about a Windows image with Windows fast launch enabled that meets the requested \n\t\t\tcriteria. Criteria are defined by the <code>DescribeFastLaunchImages</code> action filters.</p>"
+        "smithy.api#documentation": "<p>Describe details about a Windows image with Windows fast launch enabled that meets the\n      requested criteria. Criteria are defined by the <code>DescribeFastLaunchImages</code> action\n      filters.</p>"
       }
     },
     "com.amazonaws.ec2#DescribeFastLaunchImagesSuccessSet": {
@@ -31546,7 +31722,7 @@
         "target": "com.amazonaws.ec2#ImageAttribute"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describes the specified attribute of the specified AMI. You can specify only one attribute at a time.</p>\n         <note>\n            <p>The order of the elements in the response, including those within nested\n         structures, might vary. Applications should not assume the elements appear in a\n         particular order.</p>\n         </note>",
+        "smithy.api#documentation": "<p>Describes the specified attribute of the specified AMI. You can specify only one attribute\n      at a time.</p>\n         <note>\n            <p>The order of the elements in the response, including those within nested structures,\n        might vary. Applications should not assume the elements appear in a particular order.</p>\n         </note>",
         "smithy.api#examples": [
           {
             "title": "To describe the launch permissions for an AMI",
@@ -31574,7 +31750,7 @@
           "target": "com.amazonaws.ec2#ImageAttributeName",
           "traits": {
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>The AMI attribute.</p>\n         <p>\n            <b>Note</b>: The <code>blockDeviceMapping</code> attribute is deprecated. \n   \t    Using this attribute returns the <code>Client.AuthFailure</code> error. To get information about \n   \t    the block device mappings for an AMI, use the <a>DescribeImages</a> action.</p>",
+            "smithy.api#documentation": "<p>The AMI attribute.</p>\n         <p>\n            <b>Note</b>: The <code>blockDeviceMapping</code> attribute is\n      deprecated. Using this attribute returns the <code>Client.AuthFailure</code> error. To get\n      information about the block device mappings for an AMI, use the <a>DescribeImages</a> action.</p>",
             "smithy.api#required": {}
           }
         },
@@ -31609,7 +31785,7 @@
         "target": "com.amazonaws.ec2#DescribeImagesResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.</p>\n         <p>The images available to you include public images, private images that you own, and private images owned by other \n       Amazon Web Services accounts for which you have explicit launch permissions.</p>\n         <p>Recently deregistered images appear in the returned results for a short interval and then\n      return empty results. After all instances that reference a deregistered AMI are terminated,\n      specifying the ID of the image will eventually return an error indicating that the AMI ID\n      cannot be found.</p>\n         <important>\n            <p>We strongly recommend using only paginated requests. Unpaginated requests are\n         susceptible to throttling and timeouts.</p>\n         </important>\n         <note>\n            <p>The order of the elements in the response, including those within nested\n         structures, might vary. Applications should not assume the elements appear in a\n         particular order.</p>\n         </note>",
+        "smithy.api#documentation": "<p>Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the\n      images available to you.</p>\n         <p>The images available to you include public images, private images that you own, and\n      private images owned by other Amazon Web Services accounts for which you have explicit launch\n      permissions.</p>\n         <p>Recently deregistered images appear in the returned results for a short interval and then\n      return empty results. After all instances that reference a deregistered AMI are terminated,\n      specifying the ID of the image will eventually return an error indicating that the AMI ID\n      cannot be found.</p>\n         <important>\n            <p>We strongly recommend using only paginated requests. Unpaginated requests are\n        susceptible to throttling and timeouts.</p>\n         </important>\n         <note>\n            <p>The order of the elements in the response, including those within nested structures,\n        might vary. Applications should not assume the elements appear in a particular order.</p>\n         </note>",
         "smithy.api#examples": [
           {
             "title": "To describe an AMI",
@@ -31713,7 +31889,7 @@
         "ExecutableUsers": {
           "target": "com.amazonaws.ec2#ExecutableByStringList",
           "traits": {
-            "smithy.api#documentation": "<p>Scopes the images by users with explicit launch permissions. \n       Specify an Amazon Web Services account ID, <code>self</code> (the sender of the request),\n\t\t\t\tor <code>all</code> (public AMIs).</p>\n         <ul>\n            <li>\n               <p>If you specify an Amazon Web Services account ID that is not your own, only AMIs\n          shared with that specific Amazon Web Services account ID are returned. However, AMIs that\n          are shared with the account’s organization or organizational unit (OU) are not\n          returned.</p>\n            </li>\n            <li>\n               <p>If you specify <code>self</code> or your own Amazon Web Services account ID, AMIs\n          shared with your account are returned. In addition, AMIs that are shared with the\n          organization or OU of which you are member are also returned. </p>\n            </li>\n            <li>\n               <p>If you specify <code>all</code>, all public AMIs are returned.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>Scopes the images by users with explicit launch permissions. Specify an Amazon Web Services account ID, <code>self</code> (the sender of the request), or <code>all</code>\n      (public AMIs).</p>\n         <ul>\n            <li>\n               <p>If you specify an Amazon Web Services account ID that is not your own, only AMIs shared\n          with that specific Amazon Web Services account ID are returned. However, AMIs that are\n          shared with the account’s organization or organizational unit (OU) are not\n          returned.</p>\n            </li>\n            <li>\n               <p>If you specify <code>self</code> or your own Amazon Web Services account ID, AMIs\n          shared with your account are returned. In addition, AMIs that are shared with the\n          organization or OU of which you are member are also returned. </p>\n            </li>\n            <li>\n               <p>If you specify <code>all</code>, all public AMIs are returned.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "ExecutableBy"
           }
         },
@@ -31727,7 +31903,7 @@
         "Owners": {
           "target": "com.amazonaws.ec2#OwnerStringList",
           "traits": {
-            "smithy.api#documentation": "<p>Scopes the results to images with the specified owners. You can specify a combination of  \n      Amazon Web Services account IDs, <code>self</code>, <code>amazon</code>, <code>aws-backup-vault</code>, and <code>aws-marketplace</code>. \n      If you omit this parameter, the results include all images for which you have launch permissions, \n      regardless of ownership.</p>",
+            "smithy.api#documentation": "<p>Scopes the results to images with the specified owners. You can specify a combination of\n        Amazon Web Services account IDs, <code>self</code>, <code>amazon</code>,\n        <code>aws-backup-vault</code>, and <code>aws-marketplace</code>. If you omit this parameter,\n      the results include all images for which you have launch permissions, regardless of\n      ownership.</p>",
             "smithy.api#xmlName": "Owner"
           }
         },
@@ -31766,7 +31942,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>architecture</code> - The image architecture (<code>i386</code> | <code>x86_64</code> | \n          <code>arm64</code> | <code>x86_64_mac</code> | <code>arm64_mac</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.delete-on-termination</code> - A Boolean value that indicates\n        \twhether the Amazon EBS volume is deleted on instance termination.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for\n          example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.snapshot-id</code> - The ID of the snapshot used for the Amazon EBS\n          volume.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.volume-size</code> - The volume size of the Amazon EBS volume, in GiB.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.volume-type</code> - The volume type of the Amazon EBS volume\n            (<code>io1</code> | <code>io2</code> | <code>gp2</code> | <code>gp3</code> | <code>sc1\n          </code>| <code>st1</code> | <code>standard</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.encrypted</code> - A Boolean that indicates whether the Amazon EBS volume is encrypted.</p>\n            </li>\n            <li>\n               <p>\n                  <code>creation-date</code> - The time when the image was created, in the ISO 8601\n          format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,\n            <code>2021-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for\n          example, <code>2021-09-29T*</code>, which matches an entire day.</p>\n            </li>\n            <li>\n               <p>\n                  <code>description</code> - The description of the image (provided during image\n          creation).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ena-support</code> - A Boolean that indicates whether enhanced networking\n          with ENA is enabled.</p>\n            </li>\n            <li>\n               <p>\n                  <code>hypervisor</code> - The hypervisor type (<code>ovm</code> |\n          <code>xen</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>image-id</code> - The ID of the image.</p>\n            </li>\n            <li>\n               <p>\n                  <code>image-type</code> - The image type (<code>machine</code> | <code>kernel</code> |\n            <code>ramdisk</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>is-public</code> - A Boolean that indicates whether the image is public.</p>\n            </li>\n            <li>\n               <p>\n                  <code>kernel-id</code> - The kernel ID.</p>\n            </li>\n            <li>\n               <p>\n                  <code>manifest-location</code> - The location of the image manifest.</p>\n            </li>\n            <li>\n               <p>\n                  <code>name</code> - The name of the AMI (provided during image creation).</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-alias</code> - The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>). \n          The valid aliases are defined in an Amazon-maintained list. This is not the Amazon Web Services account alias that can be \n        \tset using the IAM console. We recommend that you use the <b>Owner</b> \n        \trequest parameter instead of this filter.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend that you use the \n      \t\t<b>Owner</b> request parameter instead of this filter.</p>\n            </li>\n            <li>\n               <p>\n                  <code>platform</code> - The platform. The only supported value is <code>windows</code>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>product-code</code> - The product code.</p>\n            </li>\n            <li>\n               <p>\n                  <code>product-code.type</code> - The type of the product code (<code>marketplace</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ramdisk-id</code> - The RAM disk ID.</p>\n            </li>\n            <li>\n               <p>\n                  <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> |\n            <code>instance-store</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>source-instance-id</code> - The ID of the instance that the AMI was created from\n          if the AMI was created using CreateImage. This filter is applicable only if the AMI was\n          created using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html\">CreateImage</a>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the image (<code>available</code> | <code>pending</code>\n          | <code>failed</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>state-reason-code</code> - The reason code for the state change.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state-reason-message</code> - The message for the state change.</p>\n            </li>\n            <li>\n               <p>\n                  <code>sriov-net-support</code> - A value of <code>simple</code> indicates\n                    that enhanced networking with the Intel 82599 VF interface is enabled.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>virtualization-type</code> - The virtualization type (<code>paravirtual</code> |\n            <code>hvm</code>).</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>architecture</code> - The image architecture (<code>i386</code> |\n            <code>x86_64</code> | <code>arm64</code> | <code>x86_64_mac</code> |\n            <code>arm64_mac</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.delete-on-termination</code> - A Boolean value that indicates\n          whether the Amazon EBS volume is deleted on instance termination.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.device-name</code> - The device name specified in the block\n          device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.snapshot-id</code> - The ID of the snapshot used for the Amazon EBS\n          volume.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.volume-size</code> - The volume size of the Amazon EBS volume, in\n          GiB.</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.volume-type</code> - The volume type of the Amazon EBS volume\n            (<code>io1</code> | <code>io2</code> | <code>gp2</code> | <code>gp3</code> | <code>sc1\n          </code>| <code>st1</code> | <code>standard</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>block-device-mapping.encrypted</code> - A Boolean that indicates whether the Amazon EBS\n          volume is encrypted.</p>\n            </li>\n            <li>\n               <p>\n                  <code>creation-date</code> - The time when the image was created, in the ISO 8601\n          format in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ), for example,\n            <code>2021-09-29T11:04:43.305Z</code>. You can use a wildcard (<code>*</code>), for\n          example, <code>2021-09-29T*</code>, which matches an entire day.</p>\n            </li>\n            <li>\n               <p>\n                  <code>description</code> - The description of the image (provided during image\n          creation).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ena-support</code> - A Boolean that indicates whether enhanced networking with\n          ENA is enabled.</p>\n            </li>\n            <li>\n               <p>\n                  <code>hypervisor</code> - The hypervisor type (<code>ovm</code> |\n          <code>xen</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>image-id</code> - The ID of the image.</p>\n            </li>\n            <li>\n               <p>\n                  <code>image-type</code> - The image type (<code>machine</code> | <code>kernel</code> |\n            <code>ramdisk</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>is-public</code> - A Boolean that indicates whether the image is public.</p>\n            </li>\n            <li>\n               <p>\n                  <code>kernel-id</code> - The kernel ID.</p>\n            </li>\n            <li>\n               <p>\n                  <code>manifest-location</code> - The location of the image manifest.</p>\n            </li>\n            <li>\n               <p>\n                  <code>name</code> - The name of the AMI (provided during image creation).</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-alias</code> - The owner alias (<code>amazon</code> |\n            <code>aws-backup-vault</code> | <code>aws-marketplace</code>). The valid aliases are\n          defined in an Amazon-maintained list. This is not the Amazon Web Services account alias\n          that can be set using the IAM console. We recommend that you use the <b>Owner</b> request parameter instead of this filter.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The Amazon Web Services account ID of the owner. We recommend\n          that you use the <b>Owner</b> request parameter instead of this\n          filter.</p>\n            </li>\n            <li>\n               <p>\n                  <code>platform</code> - The platform. The only supported value is\n          <code>windows</code>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>product-code</code> - The product code.</p>\n            </li>\n            <li>\n               <p>\n                  <code>product-code.type</code> - The type of the product code\n          (<code>marketplace</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ramdisk-id</code> - The RAM disk ID.</p>\n            </li>\n            <li>\n               <p>\n                  <code>root-device-name</code> - The device name of the root device volume (for example,\n            <code>/dev/sda1</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> |\n            <code>instance-store</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>source-instance-id</code> - The ID of the instance that the AMI was created from\n          if the AMI was created using CreateImage. This filter is applicable only if the AMI was\n          created using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html\">CreateImage</a>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the image (<code>available</code> | <code>pending</code>\n          | <code>failed</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>state-reason-code</code> - The reason code for the state change.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state-reason-message</code> - The message for the state change.</p>\n            </li>\n            <li>\n               <p>\n                  <code>sriov-net-support</code> - A value of <code>simple</code> indicates that\n          enhanced networking with the Intel 82599 VF interface is enabled.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag:<key></code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>virtualization-type</code> - The virtualization type (<code>paravirtual</code> |\n            <code>hvm</code>).</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -33314,7 +33490,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>attachment.state</code> - The current state of the attachment between the gateway\n                    and the VPC (<code>available</code>). Present only if a VPC is attached.</p>\n            </li>\n            <li>\n               <p>\n                  <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>internet-gateway-id</code> - The ID of the Internet gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the internet gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>attachment.state</code> - The current state of the attachment between the gateway\n                    and the VPC (<code>available</code>). Present only if a VPC is attached.</p>\n            </li>\n            <li>\n               <p>\n                  <code>attachment.vpc-id</code> - The ID of an attached VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>internet-gateway-id</code> - The ID of the Internet gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the internet gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -35389,7 +35565,7 @@
         "Filter": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>nat-gateway-id</code> - The ID of the NAT gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the NAT gateway (<code>pending</code> |\n              <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p>\n            </li>\n         </ul>"
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>nat-gateway-id</code> - The ID of the NAT gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the NAT gateway (<code>pending</code> |\n              <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p>\n            </li>\n         </ul>"
           }
         },
         "MaxResults": {
@@ -35542,7 +35718,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>association.association-id</code> - The ID of an association ID for the ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.network-acl-id</code> - The ID of the network ACL involved in the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>default</code> - Indicates whether the ACL is the default network ACL for the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.cidr</code> - The IPv4 CIDR range specified in the entry.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.icmp.code</code> - The ICMP code specified in the entry, if any.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.icmp.type</code> - The ICMP type specified in the entry, if any.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.ipv6-cidr</code> - The IPv6 CIDR range specified in the entry.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.port-range.from</code> - The start of the port range specified in the entry. </p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.port-range.to</code> - The end of the port range specified in the entry. </p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.protocol</code> - The protocol specified in the entry (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.rule-action</code> - Allows or denies the matching traffic (<code>allow</code> | <code>deny</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.egress</code> - A Boolean that indicates the type of rule. Specify <code>true</code> \n\t\t                for egress rules, or <code>false</code> for ingress rules.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.rule-number</code> - The number of an entry (in other words, rule) in\n                    the set of ACL entries.</p>\n            </li>\n            <li>\n               <p>\n                  <code>network-acl-id</code> - The ID of the network ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the network ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the network ACL.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>association.association-id</code> - The ID of an association ID for the ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.network-acl-id</code> - The ID of the network ACL involved in the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>default</code> - Indicates whether the ACL is the default network ACL for the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.cidr</code> - The IPv4 CIDR range specified in the entry.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.icmp.code</code> - The ICMP code specified in the entry, if any.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.icmp.type</code> - The ICMP type specified in the entry, if any.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.ipv6-cidr</code> - The IPv6 CIDR range specified in the entry.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.port-range.from</code> - The start of the port range specified in the entry. </p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.port-range.to</code> - The end of the port range specified in the entry. </p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.protocol</code> - The protocol specified in the entry (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.rule-action</code> - Allows or denies the matching traffic (<code>allow</code> | <code>deny</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.egress</code> - A Boolean that indicates the type of rule. Specify <code>true</code> \n\t\t                for egress rules, or <code>false</code> for ingress rules.</p>\n            </li>\n            <li>\n               <p>\n                  <code>entry.rule-number</code> - The number of an entry (in other words, rule) in\n                    the set of ACL entries.</p>\n            </li>\n            <li>\n               <p>\n                  <code>network-acl-id</code> - The ID of the network ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the network ACL.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the network ACL.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -37363,7 +37539,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>association.gateway-id</code> - The ID of the gateway involved in the\n\t\t                association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.route-table-association-id</code> - The ID of an association\n                    ID for the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.route-table-id</code> - The ID of the route table involved in\n                    the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.subnet-id</code> - The ID of the subnet involved in the\n                    association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.main</code> - Indicates whether the route table is the main\n                    route table for the VPC (<code>true</code> | <code>false</code>). Route tables\n                    that do not have an association ID are not returned in the response.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route-table-id</code> - The ID of the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-cidr-block</code> - The IPv4 CIDR range specified in a\n                    route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-ipv6-cidr-block</code> - The IPv6 CIDR range specified in a route in the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-prefix-list-id</code> - The ID (prefix) of the Amazon Web Services \n\t\t\t\t      service specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.egress-only-internet-gateway-id</code> - The ID of an\n                    egress-only Internet gateway specified in a route in the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.gateway-id</code> - The ID of a gateway specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.instance-id</code> - The ID of an instance specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.nat-gateway-id</code> - The ID of a NAT gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.transit-gateway-id</code> - The ID of a transit gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.origin</code> - Describes how the route was created. \n                        <code>CreateRouteTable</code> indicates that the route was automatically\n                    created when the route table was created; <code>CreateRoute</code> indicates\n                    that the route was manually added to the route table;\n                        <code>EnableVgwRoutePropagation</code> indicates that the route was\n                    propagated by route propagation.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.state</code> - The state of a route in the route table\n                        (<code>active</code> | <code>blackhole</code>). The blackhole state\n                    indicates that the route's target isn't available (for example, the specified\n                    gateway isn't attached to the VPC, the specified NAT instance has been\n                    terminated, and so on).</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.vpc-peering-connection-id</code> - The ID of a VPC peering\n\t\t                connection specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the route table.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>association.gateway-id</code> - The ID of the gateway involved in the\n\t\t                association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.route-table-association-id</code> - The ID of an association\n                    ID for the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.route-table-id</code> - The ID of the route table involved in\n                    the association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.subnet-id</code> - The ID of the subnet involved in the\n                    association.</p>\n            </li>\n            <li>\n               <p>\n                  <code>association.main</code> - Indicates whether the route table is the main\n                    route table for the VPC (<code>true</code> | <code>false</code>). Route tables\n                    that do not have an association ID are not returned in the response.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route-table-id</code> - The ID of the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-cidr-block</code> - The IPv4 CIDR range specified in a\n                    route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-ipv6-cidr-block</code> - The IPv6 CIDR range specified in a route in the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.destination-prefix-list-id</code> - The ID (prefix) of the Amazon Web Services \n\t\t\t\t      service specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.egress-only-internet-gateway-id</code> - The ID of an\n                    egress-only Internet gateway specified in a route in the route table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.gateway-id</code> - The ID of a gateway specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.instance-id</code> - The ID of an instance specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.nat-gateway-id</code> - The ID of a NAT gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.transit-gateway-id</code> - The ID of a transit gateway.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.origin</code> - Describes how the route was created. \n                        <code>CreateRouteTable</code> indicates that the route was automatically\n                    created when the route table was created; <code>CreateRoute</code> indicates\n                    that the route was manually added to the route table;\n                        <code>EnableVgwRoutePropagation</code> indicates that the route was\n                    propagated by route propagation.</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.state</code> - The state of a route in the route table\n                        (<code>active</code> | <code>blackhole</code>). The blackhole state\n                    indicates that the route's target isn't available (for example, the specified\n                    gateway isn't attached to the VPC, the specified NAT instance has been\n                    terminated, and so on).</p>\n            </li>\n            <li>\n               <p>\n                  <code>route.vpc-peering-connection-id</code> - The ID of a VPC peering\n\t\t                connection specified in a route in the table.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the route table.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -39290,7 +39466,7 @@
         "target": "com.amazonaws.ec2#DescribeStoreImageTasksResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describes the progress of the AMI store tasks. You can describe the store tasks for\n      specified AMIs. If you don't specify the AMIs, you get a paginated list of store tasks from\n      the last 31 days.</p>\n         <p>For each AMI task, the response indicates if the task is <code>InProgress</code>,\n        <code>Completed</code>, or <code>Failed</code>. For tasks <code>InProgress</code>, the\n      response shows the estimated progress as a percentage.</p>\n         <p>Tasks are listed in reverse chronological order. Currently, only tasks from the past 31\n      days can be viewed.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n    \tAmazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+        "smithy.api#documentation": "<p>Describes the progress of the AMI store tasks. You can describe the store tasks for\n      specified AMIs. If you don't specify the AMIs, you get a paginated list of store tasks from\n      the last 31 days.</p>\n         <p>For each AMI task, the response indicates if the task is <code>InProgress</code>,\n        <code>Completed</code>, or <code>Failed</code>. For tasks <code>InProgress</code>, the\n      response shows the estimated progress as a percentage.</p>\n         <p>Tasks are listed in reverse chronological order. Currently, only tasks from the past 31\n      days can be viewed.</p>\n         <p>To use this API, you must have the required permissions. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html#ami-s3-permissions\">Permissions for storing and restoring AMIs using Amazon S3</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-store-restore.html\">Store and restore an AMI using\n        Amazon S3</a> in the <i>Amazon EC2 User Guide</i>.</p>",
         "smithy.api#paginated": {
           "inputToken": "NextToken",
           "outputToken": "NextToken",
@@ -39342,7 +39518,7 @@
         "ImageIds": {
           "target": "com.amazonaws.ec2#ImageIdList",
           "traits": {
-            "smithy.api#documentation": "<p>The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a request.</p>",
+            "smithy.api#documentation": "<p>The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a\n      request.</p>",
             "smithy.api#xmlName": "ImageId"
           }
         },
@@ -39487,7 +39663,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>availability-zone</code> - The Availability Zone for the subnet. You can also use\n                    <code>availabilityZone</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>availability-zone-id</code> - The ID of the Availability Zone for the subnet.\n                    You can also use <code>availabilityZoneId</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>available-ip-address-count</code> - The number of IPv4 addresses in the\n                    subnet that are available.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block</code> - The IPv4 CIDR block of the subnet. The CIDR block\n                    you specify must exactly match the subnet's CIDR block for information to be\n                    returned for the subnet. You can also use <code>cidr</code> or\n                        <code>cidrBlock</code> as the filter names.</p>\n            </li>\n            <li>\n               <p>\n                  <code>customer-owned-ipv4-pool</code> - The customer-owned IPv4 address pool\n                    associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>default-for-az</code> - Indicates whether this is the default subnet for\n                    the Availability Zone (<code>true</code> | <code>false</code>). You can also use\n                        <code>defaultForAz</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>enable-dns64</code> - Indicates whether DNS queries made to the\n                    Amazon-provided DNS Resolver in this subnet should return synthetic IPv6\n                    addresses for IPv4-only destinations.</p>\n            </li>\n            <li>\n               <p>\n                  <code>enable-lni-at-device-index</code> - Indicates the device position for\n                    local network interfaces in this subnet. For example, <code>1</code> indicates\n                    local network interfaces in this subnet are the secondary network interface\n                    (eth1). </p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR\n                    block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.association-id</code> - An association ID\n                    for an IPv6 CIDR block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR\n                    block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-native</code> - Indicates whether this is an IPv6 only subnet\n                        (<code>true</code> | <code>false</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>map-customer-owned-ip-on-launch</code> - Indicates whether a network\n                    interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives a customer-owned IPv4 address.</p>\n            </li>\n            <li>\n               <p>\n                  <code>map-public-ip-on-launch</code> - Indicates whether instances launched in\n                    this subnet receive a public IPv4 address.</p>\n            </li>\n            <li>\n               <p>\n                  <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the\n                    subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.hostname-type</code> - The type of\n                    hostname to assign to instances in the subnet at launch. For IPv4-only and\n                    dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the\n                    instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6\n                    only subnets, an instance DNS name must be based on the instance ID\n                    (resource-name).</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.enable-resource-name-dns-a-record</code>\n                    - Indicates whether to respond to DNS queries for instance hostnames with DNS A\n                    records.</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record</code>\n                    - Indicates whether to respond to DNS queries for instance hostnames with DNS\n                    AAAA records.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the subnet (<code>pending</code> | <code>available</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-arn</code> - The Amazon Resource Name (ARN) of the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-id</code> - The ID of the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the subnet.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>availability-zone</code> - The Availability Zone for the subnet. You can also use\n                    <code>availabilityZone</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>availability-zone-id</code> - The ID of the Availability Zone for the subnet.\n                    You can also use <code>availabilityZoneId</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>available-ip-address-count</code> - The number of IPv4 addresses in the\n                    subnet that are available.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block</code> - The IPv4 CIDR block of the subnet. The CIDR block\n                    you specify must exactly match the subnet's CIDR block for information to be\n                    returned for the subnet. You can also use <code>cidr</code> or\n                        <code>cidrBlock</code> as the filter names.</p>\n            </li>\n            <li>\n               <p>\n                  <code>customer-owned-ipv4-pool</code> - The customer-owned IPv4 address pool\n                    associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>default-for-az</code> - Indicates whether this is the default subnet for\n                    the Availability Zone (<code>true</code> | <code>false</code>). You can also use\n                        <code>defaultForAz</code> as the filter name.</p>\n            </li>\n            <li>\n               <p>\n                  <code>enable-dns64</code> - Indicates whether DNS queries made to the\n                    Amazon-provided DNS Resolver in this subnet should return synthetic IPv6\n                    addresses for IPv4-only destinations.</p>\n            </li>\n            <li>\n               <p>\n                  <code>enable-lni-at-device-index</code> - Indicates the device position for\n                    local network interfaces in this subnet. For example, <code>1</code> indicates\n                    local network interfaces in this subnet are the secondary network interface\n                    (eth1). </p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR\n                    block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.association-id</code> - An association ID\n                    for an IPv6 CIDR block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR\n                    block associated with the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-native</code> - Indicates whether this is an IPv6 only subnet\n                        (<code>true</code> | <code>false</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>map-customer-owned-ip-on-launch</code> - Indicates whether a network\n                    interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives a customer-owned IPv4 address.</p>\n            </li>\n            <li>\n               <p>\n                  <code>map-public-ip-on-launch</code> - Indicates whether instances launched in\n                    this subnet receive a public IPv4 address.</p>\n            </li>\n            <li>\n               <p>\n                  <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the\n                    subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.hostname-type</code> - The type of\n                    hostname to assign to instances in the subnet at launch. For IPv4-only and\n                    dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the\n                    instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6\n                    only subnets, an instance DNS name must be based on the instance ID\n                    (resource-name).</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.enable-resource-name-dns-a-record</code>\n                    - Indicates whether to respond to DNS queries for instance hostnames with DNS A\n                    records.</p>\n            </li>\n            <li>\n               <p>\n                  <code>private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record</code>\n                    - Indicates whether to respond to DNS queries for instance hostnames with DNS\n                    AAAA records.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the subnet (<code>pending</code> | <code>available</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-arn</code> - The Amazon Resource Name (ARN) of the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>subnet-id</code> - The ID of the subnet.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC for the subnet.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         },
@@ -42010,6 +42186,133 @@
         "smithy.api#output": {}
       }
     },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusions": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Describe VPC Block Public Access (BPA) exclusions. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsMaxResults": {
+      "type": "integer",
+      "traits": {
+        "smithy.api#range": {
+          "min": 5,
+          "max": 1000
+        }
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        },
+        "Filters": {
+          "target": "com.amazonaws.ec2#FilterList",
+          "traits": {
+            "smithy.api#documentation": "<p>Filters for the request:</p>\n         <ul>\n            <li>\n               <p>\n                  <code>resource-arn</code> - The Amazon Resource Name (ARN) of a exclusion.</p>\n            </li>\n            <li>\n               <p>\n                  <code>internet-gateway-exclusion-mode</code> - The mode of a VPC BPA exclusion. Possible values: <code>bidirectional-access-allowed | egress-access-allowed</code>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of VPC BPA. Possible values: <code>create-in-progress | create-complete | update-in-progress | update-complete | delete-in-progress | deleted-complete | disable-in-progress | disable-complete</code>\n               </p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-value</code>: The value of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific value, regardless of the tag key.</p>\n            </li>\n         </ul>",
+            "smithy.api#xmlName": "Filter"
+          }
+        },
+        "ExclusionIds": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionIdList",
+          "traits": {
+            "smithy.api#documentation": "<p>IDs of exclusions.</p>",
+            "smithy.api#xmlName": "ExclusionId"
+          }
+        },
+        "NextToken": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "smithy.api#documentation": "<p>The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.</p>"
+          }
+        },
+        "MaxResults": {
+          "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsMaxResults",
+          "traits": {
+            "smithy.api#documentation": "<p>The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination\">Pagination</a>.</p>"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessExclusionsResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessExclusions": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionList",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessExclusionSet",
+            "smithy.api#documentation": "<p>Details related to the exclusions.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessExclusionSet"
+          }
+        },
+        "NextToken": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "aws.protocols#ec2QueryName": "NextToken",
+            "smithy.api#documentation": "<p>The token to include in another request to get the next page of items. This value is <code>null</code> when there are no more items to return.</p>",
+            "smithy.api#xmlName": "nextToken"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptions": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptionsRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptionsResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Describe VPC Block Public Access (BPA) options. VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptionsRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#DescribeVpcBlockPublicAccessOptionsResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessOptions": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessOptions",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessOptions",
+            "smithy.api#documentation": "<p>Details related to the options.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessOptions"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
     "com.amazonaws.ec2#DescribeVpcClassicLink": {
       "type": "operation",
       "input": {
@@ -42134,7 +42437,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>is-classic-link-enabled</code> - Whether the VPC is enabled for ClassicLink\n\t\t\t\t\t   (<code>true</code> | <code>false</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>is-classic-link-enabled</code> - Whether the VPC is enabled for ClassicLink\n\t\t\t\t\t   (<code>true</code> | <code>false</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -42747,7 +43050,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.cidr-block</code> - The IPv4 CIDR block of the accepter\n                    VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the\n                    accepter VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.vpc-id</code> - The ID of the accepter VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>expiration-time</code> - The expiration date and time for the VPC peering\n          connection.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.cidr-block</code> - The IPv4 CIDR block of the\n                    requester's VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the\n                  requester VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.vpc-id</code> - The ID of the requester VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>status-code</code> - The status of the VPC peering connection\n                        (<code>pending-acceptance</code> | <code>failed</code> |\n                        <code>expired</code> | <code>provisioning</code> | <code>active</code> |\n                        <code>deleting</code> | <code>deleted</code> |\n                    <code>rejected</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>status-message</code> - A message that provides more information about the status\n          of the VPC peering connection, if applicable.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-peering-connection-id</code> - The ID of the VPC peering connection.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.cidr-block</code> - The IPv4 CIDR block of the accepter\n                    VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the\n                    accepter VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>accepter-vpc-info.vpc-id</code> - The ID of the accepter VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>expiration-time</code> - The expiration date and time for the VPC peering\n          connection.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.cidr-block</code> - The IPv4 CIDR block of the\n                    requester's VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.owner-id</code> - The ID of the Amazon Web Services account that owns the\n                  requester VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>requester-vpc-info.vpc-id</code> - The ID of the requester VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>status-code</code> - The status of the VPC peering connection\n                        (<code>pending-acceptance</code> | <code>failed</code> |\n                        <code>expired</code> | <code>provisioning</code> | <code>active</code> |\n                        <code>deleting</code> | <code>deleted</code> |\n                    <code>rejected</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>status-message</code> - A message that provides more information about the status\n          of the VPC peering connection, if applicable.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-peering-connection-id</code> - The ID of the VPC peering connection.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         }
@@ -42875,7 +43178,7 @@
         "Filters": {
           "target": "com.amazonaws.ec2#FilterList",
           "traits": {
-            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you\n                    specify must exactly match the VPC's CIDR block for information to be returned\n                    for the VPC. Must contain the slash followed by one or two digits (for example,\n                    <code>/28</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the\n                    VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.association-id</code> - The association ID for\n                    an IPv4 CIDR block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block\n                    associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR\n                    block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-pool</code> - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.association-id</code> - The association\n                    ID for an IPv6 CIDR block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR\n                    block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>is-default</code> - Indicates whether the VPC is the default VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC.</p>\n            </li>\n         </ul>",
+            "smithy.api#documentation": "<p>The filters.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you\n                    specify must exactly match the VPC's CIDR block for information to be returned\n                    for the VPC. Must contain the slash followed by one or two digits (for example,\n                    <code>/28</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the\n                    VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.association-id</code> - The association ID for\n                    an IPv4 CIDR block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block\n                    associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR\n                    block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.ipv6-pool</code> - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.association-id</code> - The association\n                    ID for an IPv6 CIDR block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR\n                    block associated with the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>is-default</code> - Indicates whether the VPC is the default VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>owner-id</code> - The ID of the Amazon Web Services account that owns the VPC.</p>\n            </li>\n            <li>\n               <p>\n                  <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p>\n            </li>\n            <li>\n               <p>\n                  <code>vpc-id</code> - The ID of the VPC.</p>\n            </li>\n         </ul>",
             "smithy.api#xmlName": "Filter"
           }
         },
@@ -43922,7 +44225,7 @@
         "target": "com.amazonaws.ec2#DisableFastLaunchResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Discontinue Windows fast launch for a Windows AMI, and clean up existing pre-provisioned snapshots. \n\t\t\tAfter you disable Windows fast launch, the AMI uses the standard launch process for each \n\t\t\tnew instance. Amazon EC2 must remove all pre-provisioned snapshots before you can enable Windows fast launch again.</p>\n         <note>\n            <p>You can only change these settings for Windows AMIs that you own or that have been shared with you.</p>\n         </note>"
+        "smithy.api#documentation": "<p>Discontinue Windows fast launch for a Windows AMI, and clean up existing pre-provisioned\n      snapshots. After you disable Windows fast launch, the AMI uses the standard launch process for\n      each new instance. Amazon EC2 must remove all pre-provisioned snapshots before you can enable\n      Windows fast launch again.</p>\n         <note>\n            <p>You can only change these settings for Windows AMIs that you own or that have been\n        shared with you.</p>\n         </note>"
       }
     },
     "com.amazonaws.ec2#DisableFastLaunchRequest": {
@@ -43939,7 +44242,7 @@
         "Force": {
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
-            "smithy.api#documentation": "<p>Forces the image settings to turn off Windows fast launch for your Windows AMI. This parameter overrides \n\t\t\tany errors that are encountered while cleaning up resources in your account.</p>"
+            "smithy.api#documentation": "<p>Forces the image settings to turn off Windows fast launch for your Windows AMI. This\n      parameter overrides any errors that are encountered while cleaning up resources in your\n      account.</p>"
           }
         },
         "DryRun": {
@@ -43968,7 +44271,7 @@
           "target": "com.amazonaws.ec2#FastLaunchResourceType",
           "traits": {
             "aws.protocols#ec2QueryName": "ResourceType",
-            "smithy.api#documentation": "<p>The pre-provisioning resource type that must be cleaned after turning off Windows fast launch \n\t\t\tfor the Windows AMI. Supported values include: <code>snapshot</code>.</p>",
+            "smithy.api#documentation": "<p>The pre-provisioning resource type that must be cleaned after turning off Windows fast\n      launch for the Windows AMI. Supported values include: <code>snapshot</code>.</p>",
             "smithy.api#xmlName": "resourceType"
           }
         },
@@ -43976,7 +44279,7 @@
           "target": "com.amazonaws.ec2#FastLaunchSnapshotConfigurationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "SnapshotConfiguration",
-            "smithy.api#documentation": "<p>Parameters that were used for Windows fast launch for the Windows AMI before \n\t\t\tWindows fast launch was disabled. This informs the clean-up process.</p>",
+            "smithy.api#documentation": "<p>Parameters that were used for Windows fast launch for the Windows AMI before Windows fast\n      launch was disabled. This informs the clean-up process.</p>",
             "smithy.api#xmlName": "snapshotConfiguration"
           }
         },
@@ -43984,7 +44287,7 @@
           "target": "com.amazonaws.ec2#FastLaunchLaunchTemplateSpecificationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "LaunchTemplate",
-            "smithy.api#documentation": "<p>The launch template that was used to launch Windows instances from pre-provisioned snapshots.</p>",
+            "smithy.api#documentation": "<p>The launch template that was used to launch Windows instances from pre-provisioned\n      snapshots.</p>",
             "smithy.api#xmlName": "launchTemplate"
           }
         },
@@ -43992,7 +44295,7 @@
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
             "aws.protocols#ec2QueryName": "MaxParallelLaunches",
-            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to \n\t\t\tcreate pre-provisioned snapshots for Windows fast launch.</p>",
+            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create\n      pre-provisioned snapshots for Windows fast launch.</p>",
             "smithy.api#xmlName": "maxParallelLaunches"
           }
         },
@@ -44317,7 +44620,7 @@
         "target": "com.amazonaws.ec2#DisableImageBlockPublicAccessResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Disables <i>block public access for AMIs</i> at the account level in the\n      specified Amazon Web Services Region. This removes the <i>block public access</i> restriction\n      from your account. With the restriction removed, you can publicly share your AMIs in the\n      specified Amazon Web Services Region.</p>\n         <p>The API can take up to 10 minutes to configure this setting. During this time, if you run\n        <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html\">GetImageBlockPublicAccessState</a>, the response will be\n      <code>block-new-sharing</code>. When the API has completed the configuration, the response\n      will be <code>unblocked</code>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis\">Block public access to your AMIs</a> in\n      the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Disables <i>block public access for AMIs</i> at the account level in the\n      specified Amazon Web Services Region. This removes the <i>block public access</i> restriction\n      from your account. With the restriction removed, you can publicly share your AMIs in the\n      specified Amazon Web Services Region.</p>\n         <p>The API can take up to 10 minutes to configure this setting. During this time, if you run\n        <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html\">GetImageBlockPublicAccessState</a>, the response will be\n      <code>block-new-sharing</code>. When the API has completed the configuration, the response\n      will be <code>unblocked</code>.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis\">Block\n        public access to your AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#DisableImageBlockPublicAccessRequest": {
@@ -47563,7 +47866,7 @@
         "target": "com.amazonaws.ec2#EnableFastLaunchResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>When you enable Windows fast launch for a Windows AMI, images are pre-provisioned, \n\t\t\tusing snapshots to launch instances up to 65% faster. To create the optimized Windows \n\t\t\timage, Amazon EC2 launches an instance and runs through Sysprep steps, rebooting as required. \n\t\t\tThen it creates a set of reserved snapshots that are used for subsequent launches. The \n\t\t\treserved snapshots are automatically replenished as they are used, depending on your \n\t\t\tsettings for launch frequency.</p>\n         <note>\n            <p>You can only change these settings for Windows AMIs that you own or that have been shared with you.</p>\n         </note>"
+        "smithy.api#documentation": "<p>When you enable Windows fast launch for a Windows AMI, images are pre-provisioned, using\n      snapshots to launch instances up to 65% faster. To create the optimized Windows image, Amazon EC2\n      launches an instance and runs through Sysprep steps, rebooting as required. Then it creates a\n      set of reserved snapshots that are used for subsequent launches. The reserved snapshots are\n      automatically replenished as they are used, depending on your settings for launch\n      frequency.</p>\n         <note>\n            <p>You can only change these settings for Windows AMIs that you own or that have been\n        shared with you.</p>\n         </note>"
       }
     },
     "com.amazonaws.ec2#EnableFastLaunchRequest": {
@@ -47580,25 +47883,25 @@
         "ResourceType": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The type of resource to use for pre-provisioning the AMI for Windows fast launch. \n\t\t\tSupported values include: <code>snapshot</code>, which is the default value.</p>"
+            "smithy.api#documentation": "<p>The type of resource to use for pre-provisioning the AMI for Windows fast launch.\n      Supported values include: <code>snapshot</code>, which is the default value.</p>"
           }
         },
         "SnapshotConfiguration": {
           "target": "com.amazonaws.ec2#FastLaunchSnapshotConfigurationRequest",
           "traits": {
-            "smithy.api#documentation": "<p>Configuration settings for creating and managing the snapshots that are used for \n\t\t\tpre-provisioning the AMI for Windows fast launch. The associated <code>ResourceType</code> \n\t\t\tmust be <code>snapshot</code>.</p>"
+            "smithy.api#documentation": "<p>Configuration settings for creating and managing the snapshots that are used for\n      pre-provisioning the AMI for Windows fast launch. The associated <code>ResourceType</code>\n      must be <code>snapshot</code>.</p>"
           }
         },
         "LaunchTemplate": {
           "target": "com.amazonaws.ec2#FastLaunchLaunchTemplateSpecificationRequest",
           "traits": {
-            "smithy.api#documentation": "<p>The launch template to use when launching Windows instances from pre-provisioned \n\t\t\tsnapshots. Launch template parameters can include either the name or ID of the launch \n\t\t\ttemplate, but not both.</p>"
+            "smithy.api#documentation": "<p>The launch template to use when launching Windows instances from pre-provisioned\n      snapshots. Launch template parameters can include either the name or ID of the launch\n      template, but not both.</p>"
           }
         },
         "MaxParallelLaunches": {
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
-            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create \n\t\t\tpre-provisioned snapshots for Windows fast launch. Value must be \n\t\t\t<code>6</code> or greater.</p>"
+            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create\n      pre-provisioned snapshots for Windows fast launch. Value must be <code>6</code> or\n      greater.</p>"
           }
         },
         "DryRun": {
@@ -47627,7 +47930,7 @@
           "target": "com.amazonaws.ec2#FastLaunchResourceType",
           "traits": {
             "aws.protocols#ec2QueryName": "ResourceType",
-            "smithy.api#documentation": "<p>The type of resource that was defined for pre-provisioning the AMI for Windows fast launch.</p>",
+            "smithy.api#documentation": "<p>The type of resource that was defined for pre-provisioning the AMI for Windows fast\n      launch.</p>",
             "smithy.api#xmlName": "resourceType"
           }
         },
@@ -47635,7 +47938,7 @@
           "target": "com.amazonaws.ec2#FastLaunchSnapshotConfigurationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "SnapshotConfiguration",
-            "smithy.api#documentation": "<p>Settings to create and manage the pre-provisioned snapshots that Amazon EC2 uses for faster \n\t\t\tlaunches from the Windows AMI. This property is returned when the associated \n\t\t\t<code>resourceType</code> is <code>snapshot</code>.</p>",
+            "smithy.api#documentation": "<p>Settings to create and manage the pre-provisioned snapshots that Amazon EC2 uses for faster\n      launches from the Windows AMI. This property is returned when the associated\n        <code>resourceType</code> is <code>snapshot</code>.</p>",
             "smithy.api#xmlName": "snapshotConfiguration"
           }
         },
@@ -47643,7 +47946,7 @@
           "target": "com.amazonaws.ec2#FastLaunchLaunchTemplateSpecificationResponse",
           "traits": {
             "aws.protocols#ec2QueryName": "LaunchTemplate",
-            "smithy.api#documentation": "<p>The launch template that is used when launching Windows instances from pre-provisioned snapshots.</p>",
+            "smithy.api#documentation": "<p>The launch template that is used when launching Windows instances from pre-provisioned\n      snapshots.</p>",
             "smithy.api#xmlName": "launchTemplate"
           }
         },
@@ -47651,7 +47954,7 @@
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
             "aws.protocols#ec2QueryName": "MaxParallelLaunches",
-            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to \n\t\t\tcreate pre-provisioned snapshots for Windows fast launch.</p>",
+            "smithy.api#documentation": "<p>The maximum number of instances that Amazon EC2 can launch at the same time to create\n      pre-provisioned snapshots for Windows fast launch.</p>",
             "smithy.api#xmlName": "maxParallelLaunches"
           }
         },
@@ -48026,7 +48329,7 @@
         "target": "com.amazonaws.ec2#EnableImageDeprecationResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Enables deprecation of the specified AMI at the specified date and time.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deprecate.html\">Deprecate an AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Enables deprecation of the specified AMI at the specified date and time.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deprecate.html\">Deprecate an AMI</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#EnableImageDeprecationRequest": {
@@ -48044,7 +48347,7 @@
           "target": "com.amazonaws.ec2#MillisecondDateTime",
           "traits": {
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>The date and time to deprecate the AMI, in UTC, in the following format:\n        <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.\n      If you specify a value for seconds, Amazon EC2 rounds the seconds to the\n      nearest minute.</p>\n         <p>You can’t specify a date in the past. The upper limit for <code>DeprecateAt</code> is 10\n      years from now, except for public AMIs, where the upper limit is 2 years from the creation date.</p>",
+            "smithy.api#documentation": "<p>The date and time to deprecate the AMI, in UTC, in the following format:\n        <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.\n      If you specify a value for seconds, Amazon EC2 rounds the seconds to the nearest minute.</p>\n         <p>You can’t specify a date in the past. The upper limit for <code>DeprecateAt</code> is 10\n      years from now, except for public AMIs, where the upper limit is 2 years from the creation\n      date.</p>",
             "smithy.api#required": {}
           }
         },
@@ -50068,26 +50371,26 @@
         "LaunchTemplateId": {
           "target": "com.amazonaws.ec2#LaunchTemplateId",
           "traits": {
-            "smithy.api#documentation": "<p>Specify the ID of the launch template that the AMI should use for Windows fast launch.</p>"
+            "smithy.api#documentation": "<p>Specify the ID of the launch template that the AMI should use for Windows fast\n      launch.</p>"
           }
         },
         "LaunchTemplateName": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>Specify the name of the launch template that the AMI should use for Windows fast launch.</p>"
+            "smithy.api#documentation": "<p>Specify the name of the launch template that the AMI should use for Windows fast\n      launch.</p>"
           }
         },
         "Version": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>Specify the version of the launch template that the AMI should use for Windows fast launch.</p>",
+            "smithy.api#documentation": "<p>Specify the version of the launch template that the AMI should use for Windows fast\n      launch.</p>",
             "smithy.api#required": {}
           }
         }
       },
       "traits": {
-        "smithy.api#documentation": "<p>Request to create a launch template for a Windows fast launch enabled AMI.</p>\n         <note>\n            <p>Note - You can specify either the <code>LaunchTemplateName</code> or the \n\t\t\t\t<code>LaunchTemplateId</code>, but not both.</p>\n         </note>"
+        "smithy.api#documentation": "<p>Request to create a launch template for a Windows fast launch enabled AMI.</p>\n         <note>\n            <p>Note - You can specify either the <code>LaunchTemplateName</code> or the\n          <code>LaunchTemplateId</code>, but not both.</p>\n         </note>"
       }
     },
     "com.amazonaws.ec2#FastLaunchLaunchTemplateSpecificationResponse": {
@@ -50139,12 +50442,12 @@
         "TargetResourceCount": {
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
-            "smithy.api#documentation": "<p>The number of pre-provisioned snapshots to keep on hand for a Windows fast launch \n\t\t\tenabled AMI.</p>"
+            "smithy.api#documentation": "<p>The number of pre-provisioned snapshots to keep on hand for a Windows fast launch enabled\n      AMI.</p>"
           }
         }
       },
       "traits": {
-        "smithy.api#documentation": "<p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows fast launch \n\t\t\tenabled AMI.</p>"
+        "smithy.api#documentation": "<p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows\n      fast launch enabled AMI.</p>"
       }
     },
     "com.amazonaws.ec2#FastLaunchSnapshotConfigurationResponse": {
@@ -50154,13 +50457,13 @@
           "target": "com.amazonaws.ec2#Integer",
           "traits": {
             "aws.protocols#ec2QueryName": "TargetResourceCount",
-            "smithy.api#documentation": "<p>The number of pre-provisioned snapshots requested to keep on hand for a Windows fast launch \n\t\t\tenabled AMI.</p>",
+            "smithy.api#documentation": "<p>The number of pre-provisioned snapshots requested to keep on hand for a Windows fast\n      launch enabled AMI.</p>",
             "smithy.api#xmlName": "targetResourceCount"
           }
         }
       },
       "traits": {
-        "smithy.api#documentation": "<p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows fast launch \n\t\t\tenabled Windows AMI.</p>"
+        "smithy.api#documentation": "<p>Configuration settings for creating and managing pre-provisioned snapshots for a Windows\n      fast launch enabled Windows AMI.</p>"
       }
     },
     "com.amazonaws.ec2#FastLaunchStateCode": {
@@ -57048,7 +57351,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "UsageOperation",
-            "smithy.api#documentation": "<p>The operation of the Amazon EC2 instance and the billing code that is associated with the AMI.\n        <code>usageOperation</code> corresponds to the <a href=\"https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation\">lineitem/Operation</a> column on your Amazon Web Services Cost and Usage Report and in the <a href=\"https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html\">Amazon Web Services Price\n        \tList API</a>. You can view these fields on the <b>Instances</b> or \n    \t<b>AMIs</b> pages in the Amazon EC2 console, or in the responses that are \n    \treturned by the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html\">DescribeImages</a> \n    \tcommand in the Amazon EC2 API, or the <a href=\"https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html\">describe-images</a> \n    \tcommand in the CLI.</p>",
+            "smithy.api#documentation": "<p>The operation of the Amazon EC2 instance and the billing code that is associated with the AMI.\n        <code>usageOperation</code> corresponds to the <a href=\"https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation\">lineitem/Operation</a> column on your Amazon Web Services Cost and Usage Report and in the <a href=\"https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html\">Amazon Web Services Price\n        List API</a>. You can view these fields on the <b>Instances</b> or <b>AMIs</b> pages in the Amazon EC2 console,\n      or in the responses that are returned by the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html\">DescribeImages</a> command in\n      the Amazon EC2 API, or the <a href=\"https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html\">describe-images</a> command in the\n      CLI.</p>",
             "smithy.api#xmlName": "usageOperation"
           }
         },
@@ -57088,7 +57391,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "ImageOwnerAlias",
-            "smithy.api#documentation": "<p>The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>).</p>",
+            "smithy.api#documentation": "<p>The owner alias (<code>amazon</code> | <code>aws-backup-vault</code> |\n        <code>aws-marketplace</code>).</p>",
             "smithy.api#xmlName": "imageOwnerAlias"
           }
         },
@@ -57112,7 +57415,7 @@
           "target": "com.amazonaws.ec2#DeviceType",
           "traits": {
             "aws.protocols#ec2QueryName": "RootDeviceType",
-            "smithy.api#documentation": "<p>The type of root device used by the AMI. The AMI can use an Amazon EBS volume or an instance store volume.</p>",
+            "smithy.api#documentation": "<p>The type of root device used by the AMI. The AMI can use an Amazon EBS volume or an instance\n      store volume.</p>",
             "smithy.api#xmlName": "rootDeviceType"
           }
         },
@@ -57120,7 +57423,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "SriovNetSupport",
-            "smithy.api#documentation": "<p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>",
+            "smithy.api#documentation": "<p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is\n      enabled.</p>",
             "smithy.api#xmlName": "sriovNetSupport"
           }
         },
@@ -57160,7 +57463,7 @@
           "target": "com.amazonaws.ec2#TpmSupportValues",
           "traits": {
             "aws.protocols#ec2QueryName": "TpmSupport",
-            "smithy.api#documentation": "<p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>. \n      For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html\">NitroTPM</a> in the\n      <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>If the image is configured for NitroTPM support, the value is <code>v2.0</code>. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html\">NitroTPM</a> in the <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "tpmSupport"
           }
         },
@@ -57168,7 +57471,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "DeprecationTime",
-            "smithy.api#documentation": "<p>The date and time to deprecate the AMI, in UTC, in the following format: \n     <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.\n      If you specified a value for seconds, Amazon EC2 rounds the seconds to the\n      nearest minute.</p>",
+            "smithy.api#documentation": "<p>The date and time to deprecate the AMI, in UTC, in the following format:\n        <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z.\n      If you specified a value for seconds, Amazon EC2 rounds the seconds to the nearest minute.</p>",
             "smithy.api#xmlName": "deprecationTime"
           }
         },
@@ -57176,7 +57479,7 @@
           "target": "com.amazonaws.ec2#ImdsSupportValues",
           "traits": {
             "aws.protocols#ec2QueryName": "ImdsSupport",
-            "smithy.api#documentation": "<p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched\n      from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so\n      that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.\n      In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure\n        the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched\n      from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so\n      that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.\n      In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "imdsSupport"
           }
         },
@@ -57200,7 +57503,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "LastLaunchedTime",
-            "smithy.api#documentation": "<p>The date and time, in <a href=\"http://www.iso.org/iso/iso8601\">ISO 8601 date-time\n      format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used\n      to launch an instance, there is a 24-hour delay before that usage is reported.</p>\n         <note>\n            <p>\n               <code>lastLaunchedTime</code> data is available starting April 2017.</p>\n         </note>",
+            "smithy.api#documentation": "<p>The date and time, in <a href=\"http://www.iso.org/iso/iso8601\">ISO 8601 date-time\n        format</a>, when the AMI was last used to launch an EC2 instance. When the AMI is used\n      to launch an instance, there is a 24-hour delay before that usage is reported.</p>\n         <note>\n            <p>\n               <code>lastLaunchedTime</code> data is available starting April 2017.</p>\n         </note>",
             "smithy.api#xmlName": "lastLaunchedTime"
           }
         },
@@ -57240,7 +57543,7 @@
           "target": "com.amazonaws.ec2#ImageState",
           "traits": {
             "aws.protocols#ec2QueryName": "ImageState",
-            "smithy.api#documentation": "<p>The current state of the AMI. If the state is <code>available</code>, the image is successfully registered and can be used to launch an instance.</p>",
+            "smithy.api#documentation": "<p>The current state of the AMI. If the state is <code>available</code>, the image is\n      successfully registered and can be used to launch an instance.</p>",
             "smithy.api#xmlName": "imageState"
           }
         },
@@ -57264,7 +57567,7 @@
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
             "aws.protocols#ec2QueryName": "IsPublic",
-            "smithy.api#documentation": "<p>Indicates whether the image has public launch permissions. The value is <code>true</code> if\n\t\t\t\tthis image has public launch permissions or <code>false</code>\n\t\t\t\tif it has only implicit and explicit launch permissions.</p>",
+            "smithy.api#documentation": "<p>Indicates whether the image has public launch permissions. The value is <code>true</code>\n      if this image has public launch permissions or <code>false</code> if it has only implicit and\n      explicit launch permissions.</p>",
             "smithy.api#xmlName": "isPublic"
           }
         },
@@ -57352,7 +57655,7 @@
           "target": "com.amazonaws.ec2#AttributeValue",
           "traits": {
             "aws.protocols#ec2QueryName": "SriovNetSupport",
-            "smithy.api#documentation": "<p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>",
+            "smithy.api#documentation": "<p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is\n      enabled.</p>",
             "smithy.api#xmlName": "sriovNetSupport"
           }
         },
@@ -57376,7 +57679,7 @@
           "target": "com.amazonaws.ec2#AttributeValue",
           "traits": {
             "aws.protocols#ec2QueryName": "UefiData",
-            "smithy.api#documentation": "<p>Base64 representation of the non-volatile UEFI variable store. To retrieve the UEFI data,\n      use the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData\">GetInstanceUefiData</a> command. You can inspect and modify the UEFI data by using the\n      <a href=\"https://github.com/awslabs/python-uefivars\">python-uefivars tool</a> on\n      GitHub. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/uefi-secure-boot.html\">UEFI Secure Boot</a> in the\n      <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>Base64 representation of the non-volatile UEFI variable store. To retrieve the UEFI data,\n      use the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceUefiData\">GetInstanceUefiData</a> command. You can inspect and modify the UEFI data by using the\n        <a href=\"https://github.com/awslabs/python-uefivars\">python-uefivars tool</a> on\n      GitHub. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/uefi-secure-boot.html\">UEFI Secure Boot</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "uefiData"
           }
         },
@@ -57392,7 +57695,7 @@
           "target": "com.amazonaws.ec2#AttributeValue",
           "traits": {
             "aws.protocols#ec2QueryName": "ImdsSupport",
-            "smithy.api#documentation": "<p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched\n      from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so\n      that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.\n      In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure\n        the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>If <code>v2.0</code>, it indicates that IMDSv2 is specified in the AMI. Instances launched\n      from this AMI will have <code>HttpTokens</code> automatically set to <code>required</code> so\n      that, by default, the instance requires that IMDSv2 is used when requesting instance metadata.\n      In addition, <code>HttpPutResponseHopLimit</code> is set to <code>2</code>. For more\n      information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "imdsSupport"
           }
         },
@@ -57660,7 +57963,7 @@
           "target": "com.amazonaws.ec2#ImageState",
           "traits": {
             "aws.protocols#ec2QueryName": "ImageState",
-            "smithy.api#documentation": "<p>The current state of the AMI. If the state is <code>available</code>, the AMI \n      is successfully registered and can be used to launch an instance.</p>",
+            "smithy.api#documentation": "<p>The current state of the AMI. If the state is <code>available</code>, the AMI is\n      successfully registered and can be used to launch an instance.</p>",
             "smithy.api#xmlName": "imageState"
           }
         },
@@ -57668,7 +57971,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "ImageOwnerAlias",
-            "smithy.api#documentation": "<p>The alias of the AMI owner.</p>\n         <p>Valid values: <code>amazon</code> | <code>aws-backup-vault</code> | <code>aws-marketplace</code>\n         </p>",
+            "smithy.api#documentation": "<p>The alias of the AMI owner.</p>\n         <p>Valid values: <code>amazon</code> | <code>aws-backup-vault</code> |\n        <code>aws-marketplace</code>\n         </p>",
             "smithy.api#xmlName": "imageOwnerAlias"
           }
         },
@@ -68367,6 +68670,46 @@
         }
       }
     },
+    "com.amazonaws.ec2#InternetGatewayBlockMode": {
+      "type": "enum",
+      "members": {
+        "off": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "off"
+          }
+        },
+        "block_bidirectional": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "block-bidirectional"
+          }
+        },
+        "block_ingress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "block-ingress"
+          }
+        }
+      }
+    },
+    "com.amazonaws.ec2#InternetGatewayExclusionMode": {
+      "type": "enum",
+      "members": {
+        "allow_bidirectional": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "allow-bidirectional"
+          }
+        },
+        "allow_egress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "allow-egress"
+          }
+        }
+      }
+    },
     "com.amazonaws.ec2#InternetGatewayId": {
       "type": "string"
     },
@@ -72008,13 +72351,13 @@
         "Add": {
           "target": "com.amazonaws.ec2#LaunchPermissionList",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Web Services account ID, organization ARN, or OU ARN to add to the list of launch permissions for the AMI.</p>"
+            "smithy.api#documentation": "<p>The Amazon Web Services account ID, organization ARN, or OU ARN to add to the list of\n      launch permissions for the AMI.</p>"
           }
         },
         "Remove": {
           "target": "com.amazonaws.ec2#LaunchPermissionList",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Web Services account ID, organization ARN, or OU ARN to remove from the list of launch permissions for the AMI.</p>"
+            "smithy.api#documentation": "<p>The Amazon Web Services account ID, organization ARN, or OU ARN to remove from the list of\n      launch permissions for the AMI.</p>"
           }
         }
       },
@@ -73321,7 +73664,7 @@
           "target": "com.amazonaws.ec2#ConnectionTrackingSpecification",
           "traits": {
             "aws.protocols#ec2QueryName": "ConnectionTrackingSpecification",
-            "smithy.api#documentation": "<p>A security group connection tracking specification that enables you to set the timeout\n            for connection tracking on an Elastic network interface. For more information, see\n                <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts\">Idle connection tracking timeout</a> in the\n                <i>Amazon EC2 User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>A security group connection tracking specification that enables you to set the timeout\n            for connection tracking on an Elastic network interface. For more information, see\n            <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts\">Idle connection tracking timeout</a> in the\n            <i>Amazon EC2 User Guide</i>.</p>",
             "smithy.api#xmlName": "connectionTrackingSpecification"
           }
         }
@@ -73474,7 +73817,7 @@
         "ConnectionTrackingSpecification": {
           "target": "com.amazonaws.ec2#ConnectionTrackingSpecificationRequest",
           "traits": {
-            "smithy.api#documentation": "<p>A security group connection tracking specification that enables you to set the timeout\n            for connection tracking on an Elastic network interface. For more information, see\n                <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts\">Idle connection tracking timeout</a> in the\n                <i>Amazon EC2 User Guide</i>.</p>"
+            "smithy.api#documentation": "<p>A security group connection tracking specification that enables you to set the timeout\n            for connection tracking on an Elastic network interface. For more information, see\n            <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts\">Idle connection tracking timeout</a> in the\n            <i>Amazon EC2 User Guide</i>.</p>"
           }
         }
       },
@@ -74191,7 +74534,7 @@
         "target": "com.amazonaws.ec2#ListImagesInRecycleBinResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Lists one or more AMIs that are currently in the Recycle Bin. For more information, \n      see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle\n        Bin</a> in the <i>Amazon EC2 User Guide</i>.</p>",
+        "smithy.api#documentation": "<p>Lists one or more AMIs that are currently in the Recycle Bin. For more information, see\n        <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle\n        Bin</a> in the <i>Amazon EC2 User Guide</i>.</p>",
         "smithy.api#paginated": {
           "inputToken": "NextToken",
           "outputToken": "NextToken",
@@ -74215,7 +74558,7 @@
         "ImageIds": {
           "target": "com.amazonaws.ec2#ImageIdStringList",
           "traits": {
-            "smithy.api#documentation": "<p>The IDs of the AMIs to list. Omit this parameter to list all of the AMIs that \n      are in the Recycle Bin. You can specify up to 20 IDs in a single request.</p>",
+            "smithy.api#documentation": "<p>The IDs of the AMIs to list. Omit this parameter to list all of the AMIs that are in the\n      Recycle Bin. You can specify up to 20 IDs in a single request.</p>",
             "smithy.api#xmlName": "ImageId"
           }
         },
@@ -77009,7 +77352,7 @@
         "target": "smithy.api#Unit"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Modifies the specified attribute of the specified AMI. You can specify only one attribute at a time.</p>\n         <p>To specify the attribute, you can use the <code>Attribute</code> parameter, or one of the following parameters: \n       <code>Description</code>, <code>ImdsSupport</code>, or <code>LaunchPermission</code>.</p>\n         <p>Images with an Amazon Web Services Marketplace product code cannot be made public.</p>\n         <p>To enable the SriovNetSupport enhanced networking attribute of an image, enable SriovNetSupport on an instance \n       and create an AMI from the instance.</p>",
+        "smithy.api#documentation": "<p>Modifies the specified attribute of the specified AMI. You can specify only one attribute\n      at a time.</p>\n         <p>To specify the attribute, you can use the <code>Attribute</code> parameter, or one of the\n      following parameters: <code>Description</code>, <code>ImdsSupport</code>, or\n        <code>LaunchPermission</code>.</p>\n         <p>Images with an Amazon Web Services Marketplace product code cannot be made public.</p>\n         <p>To enable the SriovNetSupport enhanced networking attribute of an image, enable\n      SriovNetSupport on an instance and create an AMI from the instance.</p>",
         "smithy.api#examples": [
           {
             "title": "To grant launch permissions",
@@ -77050,7 +77393,7 @@
         "Attribute": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The name of the attribute to modify.</p>\n         <p>Valid values: <code>description</code> | <code>imdsSupport</code> | <code>launchPermission</code>\n         </p>"
+            "smithy.api#documentation": "<p>The name of the attribute to modify.</p>\n         <p>Valid values: <code>description</code> | <code>imdsSupport</code> |\n        <code>launchPermission</code>\n         </p>"
           }
         },
         "Description": {
@@ -77076,7 +77419,7 @@
         "OperationType": {
           "target": "com.amazonaws.ec2#OperationType",
           "traits": {
-            "smithy.api#documentation": "<p>The operation type. \n       This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>"
+            "smithy.api#documentation": "<p>The operation type. This parameter can be used only when the <code>Attribute</code>\n      parameter is <code>launchPermission</code>.</p>"
           }
         },
         "ProductCodes": {
@@ -77089,41 +77432,41 @@
         "UserGroups": {
           "target": "com.amazonaws.ec2#UserGroupStringList",
           "traits": {
-            "smithy.api#documentation": "<p>The user groups. \n       This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
+            "smithy.api#documentation": "<p>The user groups. This parameter can be used only when the <code>Attribute</code> parameter\n      is <code>launchPermission</code>.</p>",
             "smithy.api#xmlName": "UserGroup"
           }
         },
         "UserIds": {
           "target": "com.amazonaws.ec2#UserIdStringList",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Web Services account IDs. \n       This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
+            "smithy.api#documentation": "<p>The Amazon Web Services account IDs. This parameter can be used only when the\n        <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
             "smithy.api#xmlName": "UserId"
           }
         },
         "Value": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The value of the attribute being modified. \n       This parameter can be used only when the <code>Attribute</code> parameter is <code>description</code> or <code>imdsSupport</code>.</p>"
+            "smithy.api#documentation": "<p>The value of the attribute being modified. This parameter can be used only when the\n        <code>Attribute</code> parameter is <code>description</code> or\n      <code>imdsSupport</code>.</p>"
           }
         },
         "OrganizationArns": {
           "target": "com.amazonaws.ec2#OrganizationArnStringList",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of an organization. This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
+            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of an organization. This parameter can be used only when\n      the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
             "smithy.api#xmlName": "OrganizationArn"
           }
         },
         "OrganizationalUnitArns": {
           "target": "com.amazonaws.ec2#OrganizationalUnitArnStringList",
           "traits": {
-            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
+            "smithy.api#documentation": "<p>The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used\n      only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>",
             "smithy.api#xmlName": "OrganizationalUnitArn"
           }
         },
         "ImdsSupport": {
           "target": "com.amazonaws.ec2#AttributeValue",
           "traits": {
-            "smithy.api#documentation": "<p>Set to <code>v2.0</code> to indicate that IMDSv2 is specified in the AMI. Instances\n      launched from this AMI will have <code>HttpTokens</code> automatically set to\n      <code>required</code> so that, by default, the instance requires that IMDSv2 is used when\n      requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to\n      <code>2</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure\n        the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <important>\n            <p>Do not use this parameter unless your AMI software supports IMDSv2. After you set the value to <code>v2.0</code>, \n        you can't undo it. The only way to “reset” your AMI is to create a new AMI from the underlying snapshot.</p>\n         </important>"
+            "smithy.api#documentation": "<p>Set to <code>v2.0</code> to indicate that IMDSv2 is specified in the AMI. Instances\n      launched from this AMI will have <code>HttpTokens</code> automatically set to\n        <code>required</code> so that, by default, the instance requires that IMDSv2 is used when\n      requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to\n        <code>2</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <important>\n            <p>Do not use this parameter unless your AMI software supports IMDSv2. After you set the\n        value to <code>v2.0</code>, you can't undo it. The only way to “reset” your AMI is to create\n        a new AMI from the underlying snapshot.</p>\n         </important>"
           }
         },
         "DryRun": {
@@ -80729,6 +81072,114 @@
         "smithy.api#input": {}
       }
     },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusion": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusionRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusionResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Modify VPC Block Public Access (BPA) exclusions. A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on.</p>"
+      }
+    },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusionRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        },
+        "ExclusionId": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionId",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#documentation": "<p>The ID of an exclusion.</p>",
+            "smithy.api#required": {}
+          }
+        },
+        "InternetGatewayExclusionMode": {
+          "target": "com.amazonaws.ec2#InternetGatewayExclusionMode",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#documentation": "<p>The exclusion mode for internet gateway traffic.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>\n            </li>\n            <li>\n               <p>\n                  <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>\n            </li>\n         </ul>",
+            "smithy.api#required": {}
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessExclusionResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessExclusion": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusion",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessExclusion",
+            "smithy.api#documentation": "<p>Details related to the exclusion.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessExclusion"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptions": {
+      "type": "operation",
+      "input": {
+        "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptionsRequest"
+      },
+      "output": {
+        "target": "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptionsResult"
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>Modify VPC Block Public Access (BPA) options. VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptionsRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+          }
+        },
+        "InternetGatewayBlockMode": {
+          "target": "com.amazonaws.ec2#InternetGatewayBlockMode",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#documentation": "<p>The mode of VPC BPA.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>\n            </li>\n            <li>\n               <p>\n                  <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>\n            </li>\n         </ul>",
+            "smithy.api#required": {}
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#input": {}
+      }
+    },
+    "com.amazonaws.ec2#ModifyVpcBlockPublicAccessOptionsResult": {
+      "type": "structure",
+      "members": {
+        "VpcBlockPublicAccessOptions": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessOptions",
+          "traits": {
+            "aws.protocols#ec2QueryName": "VpcBlockPublicAccessOptions",
+            "smithy.api#documentation": "<p>Details related to the VPC Block Public Access (BPA) options.</p>",
+            "smithy.api#xmlName": "vpcBlockPublicAccessOptions"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#output": {}
+      }
+    },
     "com.amazonaws.ec2#ModifyVpcEndpoint": {
       "type": "operation",
       "input": {
@@ -88286,7 +88737,7 @@
         "target": "com.amazonaws.ec2#RegisterImageResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Registers an AMI. When you're creating an instance-store backed AMI, registering the AMI\n      is the final step in the creation process. For more information about creating AMIs, see\n        <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot\">Create an AMI from a snapshot</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-instance-store.html\">Create an instance-store\n        backed AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <note>\n            <p>For Amazon EBS-backed instances, <a>CreateImage</a> creates and registers the AMI\n        in a single request, so you don't have to register the AMI yourself. We recommend that you\n        always use <a>CreateImage</a> unless you have a specific reason to use\n        RegisterImage.</p>\n         </note>\n         <p>If needed, you can deregister an AMI at any time. Any modifications you make to an AMI\n      backed by an instance store volume invalidates its registration. If you make changes to an\n      image, deregister the previous image and register the new image.</p>\n         <p>\n            <b>Register a snapshot of a root device volume</b>\n         </p>\n         <p>You can use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from\n       a snapshot of a root device volume. You specify the snapshot using a block device mapping.\n       You can't set the encryption state of the volume using the block device mapping. If the \n       snapshot is encrypted, or encryption by default is enabled, the root volume of an instance \n       launched from the AMI is encrypted.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot\">Create an AMI from a snapshot</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html\">Use encryption with Amazon EBS-backed\n        AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <p>\n            <b>Amazon Web Services Marketplace product codes</b>\n         </p>\n         <p>If any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new\n      AMI.</p>\n         <p>In most cases, AMIs for Windows, RedHat, SUSE, and SQL Server require correct licensing\n      information to be present on the AMI. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Understand AMI billing\n        information</a> in the <i>Amazon EC2 User Guide</i>. When creating an AMI from\n      a snapshot, the <code>RegisterImage</code> operation derives the correct billing information\n      from the snapshot's metadata, but this requires the appropriate metadata to be present. To\n      verify if the correct billing information was applied, check the <code>PlatformDetails</code>\n      field on the new AMI. If the field is empty or doesn't match the expected operating system\n      code (for example, Windows, RedHat, SUSE, or SQL), the AMI creation was unsuccessful, and you\n      should discard the AMI and instead create the AMI from an instance using <a>CreateImage</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#how-to-create-ebs-ami\">Create an AMI\n        from an instance </a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <p>If you purchase a Reserved Instance to apply to an On-Demand Instance that was launched\n      from an AMI with a billing product code, make sure that the Reserved Instance has the matching\n      billing product code. If you purchase a Reserved Instance without the matching billing product\n      code, the Reserved Instance will not be applied to the On-Demand Instance. For information\n      about how to obtain the platform details and billing information of an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Understand AMI\n        billing information</a> in the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Registers an AMI. When you're creating an instance-store backed AMI, registering the AMI\n      is the final step in the creation process. For more information about creating AMIs, see\n        <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot\">Create an AMI from a snapshot</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-instance-store.html\">Create an instance-store\n        backed AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <note>\n            <p>For Amazon EBS-backed instances, <a>CreateImage</a> creates and registers the AMI\n        in a single request, so you don't have to register the AMI yourself. We recommend that you\n        always use <a>CreateImage</a> unless you have a specific reason to use\n        RegisterImage.</p>\n         </note>\n         <p>If needed, you can deregister an AMI at any time. Any modifications you make to an AMI\n      backed by an instance store volume invalidates its registration. If you make changes to an\n      image, deregister the previous image and register the new image.</p>\n         <p>\n            <b>Register a snapshot of a root device volume</b>\n         </p>\n         <p>You can use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from a snapshot\n      of a root device volume. You specify the snapshot using a block device mapping. You can't set\n      the encryption state of the volume using the block device mapping. If the snapshot is\n      encrypted, or encryption by default is enabled, the root volume of an instance launched from\n      the AMI is encrypted.</p>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot\">Create an AMI from a snapshot</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html\">Use encryption with Amazon EBS-backed\n        AMIs</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <p>\n            <b>Amazon Web Services Marketplace product codes</b>\n         </p>\n         <p>If any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new AMI.</p>\n         <p>In most cases, AMIs for Windows, RedHat, SUSE, and SQL Server require correct licensing\n      information to be present on the AMI. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Understand AMI billing\n        information</a> in the <i>Amazon EC2 User Guide</i>. When creating an AMI from\n      a snapshot, the <code>RegisterImage</code> operation derives the correct billing information\n      from the snapshot's metadata, but this requires the appropriate metadata to be present. To\n      verify if the correct billing information was applied, check the <code>PlatformDetails</code>\n      field on the new AMI. If the field is empty or doesn't match the expected operating system\n      code (for example, Windows, RedHat, SUSE, or SQL), the AMI creation was unsuccessful, and you\n      should discard the AMI and instead create the AMI from an instance using <a>CreateImage</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#how-to-create-ebs-ami\">Create an AMI\n        from an instance </a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <p>If you purchase a Reserved Instance to apply to an On-Demand Instance that was launched\n      from an AMI with a billing product code, make sure that the Reserved Instance has the matching\n      billing product code. If you purchase a Reserved Instance without the matching billing product\n      code, the Reserved Instance will not be applied to the On-Demand Instance. For information\n      about how to obtain the platform details and billing information of an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Understand AMI\n        billing information</a> in the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#RegisterImageRequest": {
@@ -88295,20 +88746,20 @@
         "ImageLocation": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The full path to your AMI manifest in Amazon S3 storage. The specified bucket must have the \n   \t\t<code>aws-exec-read</code> canned access control list (ACL) to ensure that it can be accessed \n   \t\tby Amazon EC2. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl\">Canned ACLs</a> in the \n   \t\t<i>Amazon S3 Service Developer Guide</i>.</p>"
+            "smithy.api#documentation": "<p>The full path to your AMI manifest in Amazon S3 storage. The specified bucket must have the\n        <code>aws-exec-read</code> canned access control list (ACL) to ensure that it can be\n      accessed by Amazon EC2. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl\">Canned ACLs</a> in the\n        <i>Amazon S3 Service Developer Guide</i>.</p>"
           }
         },
         "BillingProducts": {
           "target": "com.amazonaws.ec2#BillingProductList",
           "traits": {
-            "smithy.api#documentation": "<p>The billing product codes. Your account must be authorized to specify billing product codes.</p>\n         <p>If your account is not authorized to specify billing product codes, you can publish AMIs\n      that include billable software and list them on the Amazon Web Services Marketplace. You must first register as a seller\n      on the Amazon Web Services Marketplace. For more information, see <a href=\"https://docs.aws.amazon.com/marketplace/latest/userguide/user-guide-for-sellers.html\">Getting started as a\n        seller</a> and <a href=\"https://docs.aws.amazon.com/marketplace/latest/userguide/ami-products.html\">AMI-based\n        products</a> in the <i>Amazon Web Services Marketplace Seller Guide</i>.</p>",
+            "smithy.api#documentation": "<p>The billing product codes. Your account must be authorized to specify billing product\n      codes.</p>\n         <p>If your account is not authorized to specify billing product codes, you can publish AMIs\n      that include billable software and list them on the Amazon Web Services Marketplace. You must first register as a seller\n      on the Amazon Web Services Marketplace. For more information, see <a href=\"https://docs.aws.amazon.com/marketplace/latest/userguide/user-guide-for-sellers.html\">Getting started as a\n        seller</a> and <a href=\"https://docs.aws.amazon.com/marketplace/latest/userguide/ami-products.html\">AMI-based products</a> in the\n        <i>Amazon Web Services Marketplace Seller Guide</i>.</p>",
             "smithy.api#xmlName": "BillingProduct"
           }
         },
         "BootMode": {
           "target": "com.amazonaws.ec2#BootModeValues",
           "traits": {
-            "smithy.api#documentation": "<p>The boot mode of the AMI. A value of <code>uefi-preferred</code> indicates that the AMI supports both UEFI and Legacy BIOS.</p>\n         <note>\n            <p>The operating system contained in the AMI must be configured to support the specified boot mode.</p>\n         </note>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html\">Boot modes</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>"
+            "smithy.api#documentation": "<p>The boot mode of the AMI. A value of <code>uefi-preferred</code> indicates that the AMI\n      supports both UEFI and Legacy BIOS.</p>\n         <note>\n            <p>The operating system contained in the AMI must be configured to support the specified\n        boot mode.</p>\n         </note>\n         <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html\">Boot modes</a> in the\n        <i>Amazon EC2 User Guide</i>.</p>"
           }
         },
         "TpmSupport": {
@@ -88326,7 +88777,7 @@
         "ImdsSupport": {
           "target": "com.amazonaws.ec2#ImdsSupportValues",
           "traits": {
-            "smithy.api#documentation": "<p>Set to <code>v2.0</code> to indicate that IMDSv2 is specified in the AMI. Instances\n      launched from this AMI will have <code>HttpTokens</code> automatically set to\n        <code>required</code> so that, by default, the instance requires that IMDSv2 is used when\n      requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to\n        <code>2</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure\n        the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <note>\n            <p>If you set the value to <code>v2.0</code>, make sure that your AMI software can support IMDSv2.</p>\n         </note>"
+            "smithy.api#documentation": "<p>Set to <code>v2.0</code> to indicate that IMDSv2 is specified in the AMI. Instances\n      launched from this AMI will have <code>HttpTokens</code> automatically set to\n        <code>required</code> so that, by default, the instance requires that IMDSv2 is used when\n      requesting instance metadata. In addition, <code>HttpPutResponseHopLimit</code> is set to\n        <code>2</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration\">Configure the AMI</a> in the <i>Amazon EC2 User Guide</i>.</p>\n         <note>\n            <p>If you set the value to <code>v2.0</code>, make sure that your AMI software can support\n        IMDSv2.</p>\n         </note>"
           }
         },
         "TagSpecifications": {
@@ -88349,7 +88800,7 @@
           "traits": {
             "aws.protocols#ec2QueryName": "Name",
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>A name for your AMI.</p>\n         <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>",
+            "smithy.api#documentation": "<p>A name for your AMI.</p>\n         <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces\n      ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or\n      underscores(_)</p>",
             "smithy.api#required": {},
             "smithy.api#xmlName": "name"
           }
@@ -88366,7 +88817,7 @@
           "target": "com.amazonaws.ec2#ArchitectureValues",
           "traits": {
             "aws.protocols#ec2QueryName": "Architecture",
-            "smithy.api#documentation": "<p>The architecture of the AMI.</p>\n         <p>Default: For Amazon EBS-backed AMIs, <code>i386</code>.\n        For instance store-backed AMIs, the architecture specified in the manifest file.</p>",
+            "smithy.api#documentation": "<p>The architecture of the AMI.</p>\n         <p>Default: For Amazon EBS-backed AMIs, <code>i386</code>. For instance store-backed AMIs, the\n      architecture specified in the manifest file.</p>",
             "smithy.api#xmlName": "architecture"
           }
         },
@@ -88397,7 +88848,7 @@
         "BlockDeviceMappings": {
           "target": "com.amazonaws.ec2#BlockDeviceMappingRequestList",
           "traits": {
-            "smithy.api#documentation": "<p>The block device mapping entries.</p>\n         <p>If you specify an Amazon EBS volume using the ID of an Amazon EBS snapshot, you can't specify the encryption state of the volume.</p>\n         <p>If you create an AMI on an Outpost, then all backing snapshots must be on the same\n      Outpost or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can\n      be used to launch instances on the same Outpost only. For more information, <a href=\"https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami\">Amazon EBS local\n        snapshots on Outposts</a> in the <i>Amazon EBS User Guide</i>.</p>",
+            "smithy.api#documentation": "<p>The block device mapping entries.</p>\n         <p>If you specify an Amazon EBS volume using the ID of an Amazon EBS snapshot, you can't specify the\n      encryption state of the volume.</p>\n         <p>If you create an AMI on an Outpost, then all backing snapshots must be on the same Outpost\n      or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can be used\n      to launch instances on the same Outpost only. For more information, <a href=\"https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami\">Amazon EBS local\n        snapshots on Outposts</a> in the <i>Amazon EBS User Guide</i>.</p>",
             "smithy.api#xmlName": "BlockDeviceMapping"
           }
         },
@@ -88413,7 +88864,7 @@
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "SriovNetSupport",
-            "smithy.api#documentation": "<p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual Function interface for the AMI and any instances that you launch from the AMI.</p>\n         <p>There is no way to disable <code>sriovNetSupport</code> at this time.</p>\n         <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>",
+            "smithy.api#documentation": "<p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual\n      Function interface for the AMI and any instances that you launch from the AMI.</p>\n         <p>There is no way to disable <code>sriovNetSupport</code> at this time.</p>\n         <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make\n      instances launched from the AMI unreachable.</p>",
             "smithy.api#xmlName": "sriovNetSupport"
           }
         },
@@ -88421,7 +88872,7 @@
           "target": "com.amazonaws.ec2#Boolean",
           "traits": {
             "aws.protocols#ec2QueryName": "EnaSupport",
-            "smithy.api#documentation": "<p>Set to <code>true</code> to enable enhanced networking with ENA for the AMI and any instances that you launch from the AMI.</p>\n         <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>",
+            "smithy.api#documentation": "<p>Set to <code>true</code> to enable enhanced networking with ENA for the AMI and any\n      instances that you launch from the AMI.</p>\n         <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make\n      instances launched from the AMI unreachable.</p>",
             "smithy.api#xmlName": "enaSupport"
           }
         }
@@ -92079,7 +92530,7 @@
           "target": "com.amazonaws.ec2#ResetImageAttributeName",
           "traits": {
             "smithy.api#clientOptional": {},
-            "smithy.api#documentation": "<p>The attribute to reset (currently you can only reset the launch permission attribute).</p>",
+            "smithy.api#documentation": "<p>The attribute to reset (currently you can only reset the launch permission\n      attribute).</p>",
             "smithy.api#required": {}
           }
         },
@@ -93246,7 +93697,7 @@
         "target": "com.amazonaws.ec2#RestoreImageFromRecycleBinResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Restores an AMI from the Recycle Bin. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle Bin</a> in the <i>Amazon EC2 User Guide</i>.</p>"
+        "smithy.api#documentation": "<p>Restores an AMI from the Recycle Bin. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html\">Recycle Bin</a> in\n      the <i>Amazon EC2 User Guide</i>.</p>"
       }
     },
     "com.amazonaws.ec2#RestoreImageFromRecycleBinRequest": {
@@ -95036,14 +95487,14 @@
         "AWSAccessKeyId": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
-            "smithy.api#documentation": "<p>The access key ID of the owner of the bucket. Before you specify a value for your access\n       key ID, review and follow the guidance in <a href=\"https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html\">Best\n         Practices for Amazon Web Services accounts</a> in the <i>Account ManagementReference\n           Guide</i>.</p>"
+            "smithy.api#documentation": "<p>The access key ID of the owner of the bucket. Before you specify a value for your access\n      key ID, review and follow the guidance in <a href=\"https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html\">Best Practices for Amazon Web Services\n        accounts</a> in the <i>Account ManagementReference Guide</i>.</p>"
           }
         },
         "Bucket": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
             "aws.protocols#ec2QueryName": "Bucket",
-            "smithy.api#documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>",
+            "smithy.api#documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a\n      new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone\n      else, Amazon EC2 returns an error.</p>",
             "smithy.api#xmlName": "bucket"
           }
         },
@@ -95059,7 +95510,7 @@
           "target": "com.amazonaws.ec2#Blob",
           "traits": {
             "aws.protocols#ec2QueryName": "UploadPolicy",
-            "smithy.api#documentation": "<p>An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.</p>",
+            "smithy.api#documentation": "<p>An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your\n      behalf.</p>",
             "smithy.api#xmlName": "uploadPolicy"
           }
         },
@@ -95073,7 +95524,7 @@
         }
       },
       "traits": {
-        "smithy.api#documentation": "<p>Describes the storage parameters for Amazon S3 and Amazon S3 buckets for an instance store-backed AMI.</p>"
+        "smithy.api#documentation": "<p>Describes the storage parameters for Amazon S3 and Amazon S3 buckets for an instance store-backed\n      AMI.</p>"
       }
     },
     "com.amazonaws.ec2#S3StorageUploadPolicySignature": {
@@ -100183,6 +100634,14 @@
             "smithy.api#xmlName": "privateDnsNameOptionsOnLaunch"
           }
         },
+        "BlockPublicAccessStates": {
+          "target": "com.amazonaws.ec2#BlockPublicAccessStates",
+          "traits": {
+            "aws.protocols#ec2QueryName": "BlockPublicAccessStates",
+            "smithy.api#documentation": "<p>The state of VPC Block Public Access (BPA).</p>",
+            "smithy.api#xmlName": "blockPublicAccessStates"
+          }
+        },
         "SubnetId": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
@@ -108739,6 +109198,14 @@
             "smithy.api#xmlName": "tagSet"
           }
         },
+        "BlockPublicAccessStates": {
+          "target": "com.amazonaws.ec2#BlockPublicAccessStates",
+          "traits": {
+            "aws.protocols#ec2QueryName": "BlockPublicAccessStates",
+            "smithy.api#documentation": "<p>The state of VPC Block Public Access (BPA).</p>",
+            "smithy.api#xmlName": "blockPublicAccessStates"
+          }
+        },
         "VpcId": {
           "target": "com.amazonaws.ec2#String",
           "traits": {
@@ -108832,6 +109299,251 @@
         }
       }
     },
+    "com.amazonaws.ec2#VpcBlockPublicAccessExclusion": {
+      "type": "structure",
+      "members": {
+        "ExclusionId": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionId",
+          "traits": {
+            "aws.protocols#ec2QueryName": "ExclusionId",
+            "smithy.api#documentation": "<p>The ID of the exclusion.</p>",
+            "smithy.api#xmlName": "exclusionId"
+          }
+        },
+        "InternetGatewayExclusionMode": {
+          "target": "com.amazonaws.ec2#InternetGatewayExclusionMode",
+          "traits": {
+            "aws.protocols#ec2QueryName": "InternetGatewayExclusionMode",
+            "smithy.api#documentation": "<p>The exclusion mode for internet gateway traffic.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>\n            </li>\n            <li>\n               <p>\n                  <code>egress-access-allowed</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>\n            </li>\n         </ul>",
+            "smithy.api#xmlName": "internetGatewayExclusionMode"
+          }
+        },
+        "ResourceArn": {
+          "target": "com.amazonaws.ec2#ResourceArn",
+          "traits": {
+            "aws.protocols#ec2QueryName": "ResourceArn",
+            "smithy.api#documentation": "<p>The ARN of the exclusion.</p>",
+            "smithy.api#xmlName": "resourceArn"
+          }
+        },
+        "State": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionState",
+          "traits": {
+            "aws.protocols#ec2QueryName": "State",
+            "smithy.api#documentation": "<p>The state of the exclusion.</p>",
+            "smithy.api#xmlName": "state"
+          }
+        },
+        "Reason": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "aws.protocols#ec2QueryName": "Reason",
+            "smithy.api#documentation": "<p>The reason for the current exclusion state.</p>",
+            "smithy.api#xmlName": "reason"
+          }
+        },
+        "CreationTimestamp": {
+          "target": "com.amazonaws.ec2#MillisecondDateTime",
+          "traits": {
+            "aws.protocols#ec2QueryName": "CreationTimestamp",
+            "smithy.api#documentation": "<p>When the exclusion was created.</p>",
+            "smithy.api#xmlName": "creationTimestamp"
+          }
+        },
+        "LastUpdateTimestamp": {
+          "target": "com.amazonaws.ec2#MillisecondDateTime",
+          "traits": {
+            "aws.protocols#ec2QueryName": "LastUpdateTimestamp",
+            "smithy.api#documentation": "<p>When the exclusion was last updated.</p>",
+            "smithy.api#xmlName": "lastUpdateTimestamp"
+          }
+        },
+        "DeletionTimestamp": {
+          "target": "com.amazonaws.ec2#MillisecondDateTime",
+          "traits": {
+            "aws.protocols#ec2QueryName": "DeletionTimestamp",
+            "smithy.api#documentation": "<p>When the exclusion was deleted.</p>",
+            "smithy.api#xmlName": "deletionTimestamp"
+          }
+        },
+        "Tags": {
+          "target": "com.amazonaws.ec2#TagList",
+          "traits": {
+            "aws.protocols#ec2QueryName": "TagSet",
+            "smithy.api#documentation": "<p>\n            <code>tag</code> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n    For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p>",
+            "smithy.api#xmlName": "tagSet"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>A VPC BPA exclusion is a mode that can be applied to a single VPC or subnet that exempts it from the account’s BPA mode and will allow bidirectional or egress-only access. You can create BPA exclusions for VPCs and subnets even when BPA is not enabled on the account to ensure that there is no traffic disruption to the exclusions when VPC BPA is turned on. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessExclusionId": {
+      "type": "string"
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessExclusionIdList": {
+      "type": "list",
+      "member": {
+        "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusionId",
+        "traits": {
+          "smithy.api#xmlName": "item"
+        }
+      }
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessExclusionList": {
+      "type": "list",
+      "member": {
+        "target": "com.amazonaws.ec2#VpcBlockPublicAccessExclusion",
+        "traits": {
+          "smithy.api#xmlName": "item"
+        }
+      }
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessExclusionState": {
+      "type": "enum",
+      "members": {
+        "create_in_progress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "create-in-progress"
+          }
+        },
+        "create_complete": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "create-complete"
+          }
+        },
+        "create_failed": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "create-failed"
+          }
+        },
+        "update_in_progress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "update-in-progress"
+          }
+        },
+        "update_complete": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "update-complete"
+          }
+        },
+        "update_failed": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "update-failed"
+          }
+        },
+        "delete_in_progress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "delete-in-progress"
+          }
+        },
+        "delete_complete": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "delete-complete"
+          }
+        },
+        "disable_in_progress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "disable-in-progress"
+          }
+        },
+        "disable_complete": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "disable-complete"
+          }
+        }
+      }
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessOptions": {
+      "type": "structure",
+      "members": {
+        "AwsAccountId": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "aws.protocols#ec2QueryName": "AwsAccountId",
+            "smithy.api#documentation": "<p>An Amazon Web Services account ID.</p>",
+            "smithy.api#xmlName": "awsAccountId"
+          }
+        },
+        "AwsRegion": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "aws.protocols#ec2QueryName": "AwsRegion",
+            "smithy.api#documentation": "<p>An Amazon Web Services Region.</p>",
+            "smithy.api#xmlName": "awsRegion"
+          }
+        },
+        "State": {
+          "target": "com.amazonaws.ec2#VpcBlockPublicAccessState",
+          "traits": {
+            "aws.protocols#ec2QueryName": "State",
+            "smithy.api#documentation": "<p>The current state of VPC BPA.</p>",
+            "smithy.api#xmlName": "state"
+          }
+        },
+        "InternetGatewayBlockMode": {
+          "target": "com.amazonaws.ec2#InternetGatewayBlockMode",
+          "traits": {
+            "aws.protocols#ec2QueryName": "InternetGatewayBlockMode",
+            "smithy.api#documentation": "<p>The current mode of VPC BPA.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>bidirectional-access-allowed</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>\n            </li>\n            <li>\n               <p>\n                  <code>bidirectional-access-blocked</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>\n            </li>\n            <li>\n               <p>\n                  <code>ingress-access-blocked</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>\n            </li>\n         </ul>",
+            "smithy.api#xmlName": "internetGatewayBlockMode"
+          }
+        },
+        "Reason": {
+          "target": "com.amazonaws.ec2#String",
+          "traits": {
+            "aws.protocols#ec2QueryName": "Reason",
+            "smithy.api#documentation": "<p>The reason for the current state.</p>",
+            "smithy.api#xmlName": "reason"
+          }
+        },
+        "LastUpdateTimestamp": {
+          "target": "com.amazonaws.ec2#MillisecondDateTime",
+          "traits": {
+            "aws.protocols#ec2QueryName": "LastUpdateTimestamp",
+            "smithy.api#documentation": "<p>The last time the VPC BPA mode was updated.</p>",
+            "smithy.api#xmlName": "lastUpdateTimestamp"
+          }
+        }
+      },
+      "traits": {
+        "smithy.api#documentation": "<p>VPC Block public Access (BPA) enables you to block resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. To learn more about VPC BPA, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html\">Block public access to VPCs and subnets</a> in the <i>Amazon VPC User Guide</i>.</p>"
+      }
+    },
+    "com.amazonaws.ec2#VpcBlockPublicAccessState": {
+      "type": "enum",
+      "members": {
+        "default_state": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "default-state"
+          }
+        },
+        "update_in_progress": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "update-in-progress"
+          }
+        },
+        "update_complete": {
+          "target": "smithy.api#Unit",
+          "traits": {
+            "smithy.api#enumValue": "update-complete"
+          }
+        }
+      }
+    },
     "com.amazonaws.ec2#VpcCidrAssociationId": {
       "type": "string"
     },