chore: Update codegen

Package.swift

@@ -22,6 +22,7 @@ extension Target.Dependency {
     static var awsSDKEventStreamsAuth: Self { "AWSSDKEventStreamsAuth" }
     static var awsSDKHTTPAuth: Self { "AWSSDKHTTPAuth" }
     static var awsSDKIdentity: Self { "AWSSDKIdentity" }
+    static var awsSDKChecksums: Self { "AWSSDKChecksums" }
 
     // CRT module
     static var crt: Self { .product(name: "AwsCommonRuntimeKit", package: "aws-crt-swift") }
@@ -30,6 +31,7 @@ extension Target.Dependency {
     static var clientRuntime: Self { .product(name: "ClientRuntime", package: "smithy-swift") }
     static var smithy: Self { .product(name: "Smithy", package: "smithy-swift") }
     static var smithyChecksumsAPI: Self { .product(name: "SmithyChecksumsAPI", package: "smithy-swift") }
+    static var smithyChecksums: Self { .product(name: "SmithyChecksums", package: "smithy-swift") }
     static var smithyEventStreams: Self { .product(name: "SmithyEventStreams", package: "smithy-swift") }
     static var smithyEventStreamsAPI: Self { .product(name: "SmithyEventStreamsAPI", package: "smithy-swift") }
     static var smithyEventStreamsAuthAPI: Self { .product(name: "SmithyEventStreamsAuthAPI", package: "smithy-swift") }
@@ -41,6 +43,7 @@ extension Target.Dependency {
     static var smithyRetriesAPI: Self { .product(name: "SmithyRetriesAPI", package: "smithy-swift") }
     static var smithyWaitersAPI: Self { .product(name: "SmithyWaitersAPI", package: "smithy-swift") }
     static var smithyTestUtils: Self { .product(name: "SmithyTestUtil", package: "smithy-swift") }
+    static var smithyStreams: Self { .product(name: "SmithyStreams", package: "smithy-swift") }
 }
 
 // MARK: - Base Package
@@ -59,6 +62,7 @@ let package = Package(
         .library(name: "AWSSDKEventStreamsAuth", targets: ["AWSSDKEventStreamsAuth"]),
         .library(name: "AWSSDKHTTPAuth", targets: ["AWSSDKHTTPAuth"]),
         .library(name: "AWSSDKIdentity", targets: ["AWSSDKIdentity"]),
+        .library(name: "AWSSDKChecksums", targets: ["AWSSDKChecksums"]),
     ],
     targets: [
         .target(
@@ -96,14 +100,19 @@ let package = Package(
         ),
         .target(
             name: "AWSSDKHTTPAuth",
-            dependencies: [.crt, .smithy, .clientRuntime, .smithyHTTPAuth, "AWSSDKIdentity"],
+            dependencies: [.crt, .smithy, .clientRuntime, .smithyHTTPAuth, "AWSSDKIdentity", "AWSSDKChecksums"],
             path: "./Sources/Core/AWSSDKHTTPAuth"
         ),
         .target(
             name: "AWSSDKIdentity",
             dependencies: [.crt, .smithy, .clientRuntime, .smithyIdentity, .smithyIdentityAPI, .smithyHTTPAPI, .awsSDKCommon],
             path: "./Sources/Core/AWSSDKIdentity"
         ),
+        .target(
+            name: "AWSSDKChecksums",
+            dependencies: [.crt, .smithy, .clientRuntime, .smithyChecksumsAPI, .smithyChecksums, .smithyHTTPAPI],
+            path: "./Sources/Core/AWSSDKChecksums"
+        ),
         .testTarget(
             name: "AWSClientRuntimeTests",
             dependencies: [.awsClientRuntime, .clientRuntime, .smithyTestUtils, .awsSDKCommon],
@@ -112,7 +121,7 @@ let package = Package(
         ),
         .testTarget(
             name: "AWSSDKEventStreamsAuthTests",
-            dependencies: ["AWSClientRuntime", "AWSSDKEventStreamsAuth"],
+            dependencies: ["AWSClientRuntime", "AWSSDKEventStreamsAuth", .smithyStreams],
             path: "./Tests/Core/AWSSDKEventStreamsAuthTests"
         ),
         .testTarget(
@@ -186,11 +195,13 @@ let serviceTargetDependencies: [Target.Dependency] = [
     .smithyEventStreamsAuthAPI,
     .smithyEventStreams,
     .smithyChecksumsAPI,
+    .smithyChecksums,
     .smithyWaitersAPI,
     .awsSDKCommon,
     .awsSDKIdentity,
     .awsSDKHTTPAuth,
     .awsSDKEventStreamsAuth,
+    .awsSDKChecksums,
 ]
 
 func addServiceTarget(_ name: String) {
@@ -325,7 +336,7 @@ func addProtocolTests() {
         )
         let testTarget = protocolTest.buildOnly ? nil : Target.testTarget(
             name: "\(protocolTest.name)Tests",
-            dependencies: [.smithyTestUtils, .smithyWaitersAPI, .byNameItem(name: protocolTest.name, condition: nil)],
+            dependencies: [.smithyTestUtils, .smithyStreams, .smithyWaitersAPI, .byNameItem(name: protocolTest.name, condition: nil)],
             path: "\(protocolTest.testPath ?? protocolTest.sourcePath)/swift-codegen/Tests/\(protocolTest.name)Tests"
         )
         package.targets += [target, testTarget].compactMap { $0 }
@@ -369,11 +380,13 @@ let serviceTargets: [String] = [
     "AWSAppRunner",
     "AWSAppStream",
     "AWSAppSync",
+    "AWSAppTest",
     "AWSAppflow",
     "AWSApplicationAutoScaling",
     "AWSApplicationCostProfiler",
     "AWSApplicationDiscoveryService",
     "AWSApplicationInsights",
+    "AWSApplicationSignals",
     "AWSArtifact",
     "AWSAthena",
     "AWSAuditManager",
@@ -383,7 +396,6 @@ let serviceTargets: [String] = [
     "AWSBCMDataExports",
     "AWSBackup",
     "AWSBackupGateway",
-    "AWSBackupStorage",
     "AWSBatch",
     "AWSBedrock",
     "AWSBedrockAgent",
@@ -618,6 +630,7 @@ let serviceTargets: [String] = [
     "AWSPaymentCryptography",
     "AWSPaymentCryptographyData",
     "AWSPcaConnectorAd",
+    "AWSPcaConnectorScep",
     "AWSPersonalize",
     "AWSPersonalizeEvents",
     "AWSPersonalizeRuntime",

Sources/Core/AWSSDKForSwift/Documentation.docc/AWSSDKForSwift.md

@@ -51,6 +51,8 @@ This SDK is open-source.  Code is available on Github [here](https://github.com/
 
 [AWSAppSync](../../../../../swift/api/awsappsync/latest)
 
+[AWSAppTest](../../../../../swift/api/awsapptest/latest)
+
 [AWSAppflow](../../../../../swift/api/awsappflow/latest)
 
 [AWSApplicationAutoScaling](../../../../../swift/api/awsapplicationautoscaling/latest)
@@ -61,6 +63,8 @@ This SDK is open-source.  Code is available on Github [here](https://github.com/
 
 [AWSApplicationInsights](../../../../../swift/api/awsapplicationinsights/latest)
 
+[AWSApplicationSignals](../../../../../swift/api/awsapplicationsignals/latest)
+
 [AWSArtifact](../../../../../swift/api/awsartifact/latest)
 
 [AWSAthena](../../../../../swift/api/awsathena/latest)
@@ -79,8 +83,6 @@ This SDK is open-source.  Code is available on Github [here](https://github.com/
 
 [AWSBackupGateway](../../../../../swift/api/awsbackupgateway/latest)
 
-[AWSBackupStorage](../../../../../swift/api/awsbackupstorage/latest)
-
 [AWSBatch](../../../../../swift/api/awsbatch/latest)
 
 [AWSBedrock](../../../../../swift/api/awsbedrock/latest)
@@ -549,6 +551,8 @@ This SDK is open-source.  Code is available on Github [here](https://github.com/
 
 [AWSPcaConnectorAd](../../../../../swift/api/awspcaconnectorad/latest)
 
+[AWSPcaConnectorScep](../../../../../swift/api/awspcaconnectorscep/latest)
+
 [AWSPersonalize](../../../../../swift/api/awspersonalize/latest)
 
 [AWSPersonalizeEvents](../../../../../swift/api/awspersonalizeevents/latest)

Sources/Services/AWSACMPCA/Sources/AWSACMPCA/ACMPCAClient.swift

@@ -158,7 +158,7 @@ extension ACMPCAClient {
 extension ACMPCAClient {
     /// Performs the `CreateCertificateAuthority` operation on the `ACMPrivateCA` service.
     ///
-    /// Creates a root or subordinate private certificate authority (CA). You must specify the CA configuration, an optional configuration for Online Certificate Status Protocol (OCSP) and/or a certificate revocation list (CRL), the CA type, and an optional idempotency token to avoid accidental creation of multiple CAs. The CA configuration specifies the name of the algorithm and key size to be used to create the CA private key, the type of signing algorithm that the CA uses, and X.500 subject information. The OCSP configuration can optionally specify a custom URL for the OCSP responder. The CRL configuration specifies the CRL expiration period in days (the validity period of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3 bucket that is included in certificates issued by the CA. If successful, this action returns the Amazon Resource Name (ARN) of the CA. Both Amazon Web Services Private CA and the IAM principal must have permission to write to the S3 bucket that you specify. If the IAM principal making the call does not have permission to write to the bucket, then an exception is thrown. For more information, see [Access policies for CRLs in Amazon S3](https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#s3-policies). Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see [Encrypting Your CRLs](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption).
+    /// Creates a root or subordinate private certificate authority (CA). You must specify the CA configuration, an optional configuration for Online Certificate Status Protocol (OCSP) and/or a certificate revocation list (CRL), the CA type, and an optional idempotency token to avoid accidental creation of multiple CAs. The CA configuration specifies the name of the algorithm and key size to be used to create the CA private key, the type of signing algorithm that the CA uses, and X.500 subject information. The OCSP configuration can optionally specify a custom URL for the OCSP responder. The CRL configuration specifies the CRL expiration period in days (the validity period of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3 bucket that is included in certificates issued by the CA. If successful, this action returns the Amazon Resource Name (ARN) of the CA. Both Amazon Web Services Private CA and the IAM principal must have permission to write to the S3 bucket that you specify. If the IAM principal making the call does not have permission to write to the bucket, then an exception is thrown. For more information, see [Access policies for CRLs in Amazon S3](https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#s3-policies). Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see [Encrypting Your CRLs](https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#crl-encryption).
     ///
     /// - Parameter CreateCertificateAuthorityInput : [no documentation found]
     ///
@@ -867,44 +867,45 @@ extension ACMPCAClient {
     ///
     /// Enforcement of Critical Constraints Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA certificate or chain.
     ///
-    /// * Basic constraints (must be marked critical)
+    /// * Authority key identifier
     ///
-    /// * Subject alternative names
+    /// * Basic constraints (must be marked critical)
     ///
-    /// * Key usage
+    /// * Certificate policies
     ///
     /// * Extended key usage
     ///
-    /// * Authority key identifier
-    ///
-    /// * Subject key identifier
+    /// * Inhibit anyPolicy
     ///
     /// * Issuer alternative name
     ///
-    /// * Subject directory attributes
-    ///
-    /// * Subject information access
+    /// * Key usage
     ///
-    /// * Certificate policies
+    /// * Name constraints
     ///
     /// * Policy mappings
     ///
-    /// * Inhibit anyPolicy
+    /// * Subject alternative name
     ///
+    /// * Subject directory attributes
     ///
-    /// Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.
+    /// * Subject key identifier
     ///
-    /// * Name constraints
+    /// * Subject information access
     ///
-    /// * Policy constraints
     ///
-    /// * CRL distribution points
+    /// Amazon Web Services Private CA rejects the following extensions when they are marked critical in an imported CA certificate or chain.
     ///
     /// * Authority information access
     ///
+    /// * CRL distribution points
+    ///
     /// * Freshest CRL
     ///
-    /// * Any other extension
+    /// * Policy constraints
+    ///
+    ///
+    /// Amazon Web Services Private Certificate Authority will also reject any other extension marked as critical not contained on the preceding list of allowed extensions.
     ///
     /// - Parameter ImportCertificateAuthorityCertificateInput : [no documentation found]
     ///

Sources/Services/AWSACMPCA/Sources/AWSACMPCA/Models.swift

@@ -700,7 +700,7 @@ extension ACMPCAClientTypes {
 }
 
 extension ACMPCAClientTypes {
-    /// Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA writes CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by specifying a value for the CustomCname parameter. Your private CA by default copies the CNAME or the S3 bucket name to the CRL Distribution Points extension of each certificate it issues. If you want to configure this default behavior to be something different, you can set the CrlDistributionPointExtensionConfiguration parameter. Your S3 bucket policy must give write permission to Amazon Web Services Private CA. Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see [Encrypting Your CRLs](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption). Your private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's expiration date or when a certificate is revoked. When a certificate is revoked, it appears in the CRL until the certificate expires, and then in one additional CRL after expiration, and it always appears in the audit report. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes. CRLs contain the following fields:
+    /// Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA writes CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by specifying a value for the CustomCname parameter. Your private CA by default copies the CNAME or the S3 bucket name to the CRL Distribution Points extension of each certificate it issues. If you want to configure this default behavior to be something different, you can set the CrlDistributionPointExtensionConfiguration parameter. Your S3 bucket policy must give write permission to Amazon Web Services Private CA. Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see [Encrypting Your CRLs](https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#crl-encryption). Your private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's expiration date or when a certificate is revoked. When a certificate is revoked, it appears in the CRL until the certificate expires, and then in one additional CRL after expiration, and it always appears in the audit report. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes. CRLs contain the following fields:
     ///
     /// * Version: The current version number defined in RFC 5280 is V2. The integer value is 0x1.
     ///