Merge branch 'release-1.29.123'

* release-1.29.123:
  Bumping version to 1.29.123
  Update to latest partitions and endpoints
  Update to latest models
  Do not set_ciphers(DEFAULT_CIPHERS) if DEFAULT_CIPHERS is None (#2924)

.changes/1.29.123.json

@@ -0,0 +1,52 @@
+[
+  {
+    "category": "``appflow``",
+    "description": "Adds Jwt Support for Salesforce Credentials.",
+    "type": "api-change"
+  },
+  {
+    "category": "``athena``",
+    "description": "You can now use capacity reservations on Amazon Athena to run SQL queries on fully-managed compute capacity.",
+    "type": "api-change"
+  },
+  {
+    "category": "``directconnect``",
+    "description": "This release corrects the jumbo frames MTU from 9100 to 8500.",
+    "type": "api-change"
+  },
+  {
+    "category": "``efs``",
+    "description": "Update efs client to latest version",
+    "type": "api-change"
+  },
+  {
+    "category": "``grafana``",
+    "description": "This release adds support for the grafanaVersion parameter in CreateWorkspace.",
+    "type": "api-change"
+  },
+  {
+    "category": "``iot``",
+    "description": "This release allows AWS IoT Core users to specify a TLS security policy when creating and updating AWS IoT Domain Configurations.",
+    "type": "api-change"
+  },
+  {
+    "category": "``rekognition``",
+    "description": "Added support for aggregating moderation labels by video segment timestamps for Stored Video Content Moderation APIs and added additional information about the job to all Stored Video Get API responses.",
+    "type": "api-change"
+  },
+  {
+    "category": "``simspaceweaver``",
+    "description": "Added a new CreateSnapshot API. For the StartSimulation API, SchemaS3Location is now optional, added a new SnapshotS3Location parameter. For the DescribeSimulation API, added SNAPSHOT_IN_PROGRESS simulation state, deprecated SchemaError, added new fields: StartError and SnapshotS3Location.",
+    "type": "api-change"
+  },
+  {
+    "category": "``wafv2``",
+    "description": "You can now associate a web ACL with a Verified Access instance.",
+    "type": "api-change"
+  },
+  {
+    "category": "``workspaces``",
+    "description": "Added Windows 11 to support Microsoft_Office_2019",
+    "type": "api-change"
+  }
+]

CHANGELOG.rst

@@ -2,6 +2,21 @@
 CHANGELOG
 =========
 
+1.29.123
+========
+
+* api-change:``appflow``: Adds Jwt Support for Salesforce Credentials.
+* api-change:``athena``: You can now use capacity reservations on Amazon Athena to run SQL queries on fully-managed compute capacity.
+* api-change:``directconnect``: This release corrects the jumbo frames MTU from 9100 to 8500.
+* api-change:``efs``: Update efs client to latest version
+* api-change:``grafana``: This release adds support for the grafanaVersion parameter in CreateWorkspace.
+* api-change:``iot``: This release allows AWS IoT Core users to specify a TLS security policy when creating and updating AWS IoT Domain Configurations.
+* api-change:``rekognition``: Added support for aggregating moderation labels by video segment timestamps for Stored Video Content Moderation APIs and added additional information about the job to all Stored Video Get API responses.
+* api-change:``simspaceweaver``: Added a new CreateSnapshot API. For the StartSimulation API, SchemaS3Location is now optional, added a new SnapshotS3Location parameter. For the DescribeSimulation API, added SNAPSHOT_IN_PROGRESS simulation state, deprecated SchemaError, added new fields: StartError and SnapshotS3Location.
+* api-change:``wafv2``: You can now associate a web ACL with a Verified Access instance.
+* api-change:``workspaces``: Added Windows 11 to support Microsoft_Office_2019
+
+
 1.29.122
 ========
 

botocore/__init__.py

@@ -16,7 +16,7 @@
 import os
 import re
 
-__version__ = '1.29.122'
+__version__ = '1.29.123'
 
 
 class NullHandler(logging.Handler):

botocore/data/appflow/2020-08-23/service-2.json

@@ -3005,6 +3005,12 @@
       "exception":true
     },
     "JavaBoolean":{"type":"boolean"},
+    "JwtToken":{
+      "type":"string",
+      "max":8000,
+      "pattern":"^([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_\\-\\+\\/=]*)",
+      "sensitive":true
+    },
     "KMSArn":{
       "type":"string",
       "max":2048,
@@ -3411,7 +3417,8 @@
       "type":"string",
       "enum":[
         "CLIENT_CREDENTIALS",
-        "AUTHORIZATION_CODE"
+        "AUTHORIZATION_CODE",
+        "JWT_BEARER"
       ]
     },
     "OAuth2GrantTypeSupportedList":{
@@ -4241,6 +4248,14 @@
         "clientCredentialsArn":{
           "shape":"ClientCredentialsArn",
           "documentation":"<p> The secret manager ARN, which contains the client ID and client secret of the connected app. </p>"
+        },
+        "oAuth2GrantType":{
+          "shape":"OAuth2GrantType",
+          "documentation":"<p>Specifies the OAuth 2.0 grant type that Amazon AppFlow uses when it requests an access token from Salesforce. Amazon AppFlow requires an access token each time it attempts to access your Salesforce records.</p> <p>You can specify one of the following values:</p> <dl> <dt>AUTHORIZATION_CODE</dt> <dd> <p>Amazon AppFlow passes an authorization code when it requests the access token from Salesforce. Amazon AppFlow receives the authorization code from Salesforce after you log in to your Salesforce account and authorize Amazon AppFlow to access your records.</p> </dd> <dt>CLIENT_CREDENTIALS</dt> <dd> <p>Amazon AppFlow passes client credentials (a client ID and client secret) when it requests the access token from Salesforce. You provide these credentials to Amazon AppFlow when you define the connection to your Salesforce account.</p> </dd> <dt>JWT_BEARER</dt> <dd> <p>Amazon AppFlow passes a JSON web token (JWT) when it requests the access token from Salesforce. You provide the JWT to Amazon AppFlow when you define the connection to your Salesforce account. When you use this grant type, you don't need to log in to your Salesforce account to authorize Amazon AppFlow to access your records.</p> </dd> </dl>"
+        },
+        "jwtToken":{
+          "shape":"JwtToken",
+          "documentation":"<p>A JSON web token (JWT) that authorizes Amazon AppFlow to access your Salesforce records.</p>"
         }
       },
       "documentation":"<p> The connector-specific profile credentials required when using Salesforce. </p>"
@@ -4312,6 +4327,10 @@
         "dataTransferApis":{
           "shape":"SalesforceDataTransferApiList",
           "documentation":"<p>The Salesforce APIs that you can have Amazon AppFlow use when your flows transfers data to or from Salesforce.</p>"
+        },
+        "oauth2GrantTypesSupported":{
+          "shape":"OAuth2GrantTypeSupportedList",
+          "documentation":"<p>The OAuth 2.0 grant types that Amazon AppFlow can use when it requests an access token from Salesforce. Amazon AppFlow requires an access token each time it attempts to access your Salesforce records.</p> <dl> <dt>AUTHORIZATION_CODE</dt> <dd> <p>Amazon AppFlow passes an authorization code when it requests the access token from Salesforce. Amazon AppFlow receives the authorization code from Salesforce after you log in to your Salesforce account and authorize Amazon AppFlow to access your records.</p> </dd> <dt>CLIENT_CREDENTIALS</dt> <dd> <p>Amazon AppFlow passes client credentials (a client ID and client secret) when it requests the access token from Salesforce. You provide these credentials to Amazon AppFlow when you define the connection to your Salesforce account.</p> </dd> <dt>JWT_BEARER</dt> <dd> <p>Amazon AppFlow passes a JSON web token (JWT) when it requests the access token from Salesforce. You provide the JWT to Amazon AppFlow when you define the connection to your Salesforce account. When you use this grant type, you don't need to log in to your Salesforce account to authorize Amazon AppFlow to access your records.</p> </dd> </dl>"
         }
       },
       "documentation":"<p> The connector metadata specific to Salesforce. </p>"