aws/api: Update EC2 API.

* aws/api/ec2-2016-11-15.normal.json: Replace with version v2.680.0.
* aws/api/README: Update version information.

2 files changed, 7834 insertions, 768 deletions

diff --git a/aws/api/README b/aws/api/README
index c154371..5d094a6 100644
--- a/aws/api/README
+++ b/aws/api/README
@@ -1,6 +1,4 @@
-These JSON files are unmodified copies taken from v2.484.0 of the AWS
+These JSON files are unmodified copies taken from v2.680.0 of the AWS
 SDK for JavaScript: https://github.com/aws/aws-sdk-js/tree/master/apis
 
-They are covered under the Apache 2.0 license.
-
-The ECS, ECR, EFS, and EBS APIs were taken from v2.680.0.
+They are covered under the Apache 2.0 license.
\ No newline at end of file
diff --git a/aws/api/ec2-2016-11-15.normal.json b/aws/api/ec2-2016-11-15.normal.json
index cc0d566..610f745 100644
--- a/aws/api/ec2-2016-11-15.normal.json
+++ b/aws/api/ec2-2016-11-15.normal.json
@@ -26,6 +26,20 @@
       },
       "documentation": "<p>Accepts the Convertible Reserved Instance exchange quote described in the <a>GetReservedInstancesExchangeQuote</a> call.</p>"
     },
+    "AcceptTransitGatewayPeeringAttachment": {
+      "name": "AcceptTransitGatewayPeeringAttachment",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "AcceptTransitGatewayPeeringAttachmentRequest"
+      },
+      "output": {
+        "shape": "AcceptTransitGatewayPeeringAttachmentResult"
+      },
+      "documentation": "<p>Accepts a transit gateway peering attachment request. The peering attachment must be in the <code>pendingAcceptance</code> state.</p>"
+    },
     "AcceptTransitGatewayVpcAttachment": {
       "name": "AcceptTransitGatewayVpcAttachment",
       "http": {
@@ -80,7 +94,7 @@
       "output": {
         "shape": "AdvertiseByoipCidrResult"
       },
-      "documentation": "<p>Advertises an IPv4 address range that is provisioned for use with your AWS resources through bring your own IP addresses (BYOIP).</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>We recommend that you stop advertising the BYOIP CIDR from other locations when you advertise it from AWS. To minimize down time, you can configure your AWS resources to use an address from a BYOIP CIDR before it is advertised, and then simultaneously stop advertising it from the current location and start advertising it through AWS.</p> <p>It can take a few minutes before traffic to the specified addresses starts routing to AWS because of BGP propagation delays.</p> <p>To stop advertising the BYOIP CIDR, use <a>WithdrawByoipCidr</a>.</p>"
+      "documentation": "<p>Advertises an IPv4 or IPv6 address range that is provisioned for use with your AWS resources through bring your own IP addresses (BYOIP).</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>We recommend that you stop advertising the BYOIP CIDR from other locations when you advertise it from AWS. To minimize down time, you can configure your AWS resources to use an address from a BYOIP CIDR before it is advertised, and then simultaneously stop advertising it from the current location and start advertising it through AWS.</p> <p>It can take a few minutes before traffic to the specified addresses starts routing to AWS because of BGP propagation delays.</p> <p>To stop advertising the BYOIP CIDR, use <a>WithdrawByoipCidr</a>.</p>"
     },
     "AllocateAddress": {
       "name": "AllocateAddress",
@@ -108,7 +122,7 @@
       "output": {
         "shape": "AllocateHostsResult"
       },
-      "documentation": "<p>Allocates a Dedicated Host to your account. At a minimum, specify the instance size type, Availability Zone, and quantity of hosts to allocate.</p>"
+      "documentation": "<p>Allocates a Dedicated Host to your account. At a minimum, specify the supported instance type or instance family, the Availability Zone in which to allocate the host, and the number of hosts to allocate.</p>"
     },
     "ApplySecurityGroupsToClientVpnTargetNetwork": {
       "name": "ApplySecurityGroupsToClientVpnTargetNetwork",
@@ -136,7 +150,7 @@
       "output": {
         "shape": "AssignIpv6AddressesResult"
       },
-      "documentation": "<p>Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI\">IP Addresses Per Network Interface Per Instance Type</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI\">IP Addresses Per Network Interface Per Instance Type</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You must specify either the IPv6 addresses or the IPv6 address count in the request.</p>"
     },
     "AssignPrivateIpAddresses": {
       "name": "AssignPrivateIpAddresses",
@@ -147,7 +161,10 @@
       "input": {
         "shape": "AssignPrivateIpAddressesRequest"
       },
-      "documentation": "<p>Assigns one or more secondary private IP addresses to the specified network interface.</p> <p>You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For more information about Elastic IP addresses, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.</p> <p>Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check <code>network/interfaces/macs/mac/local-ipv4s</code> in the instance metadata to confirm that the remapping is complete.</p>"
+      "output": {
+        "shape": "AssignPrivateIpAddressesResult"
+      },
+      "documentation": "<p>Assigns one or more secondary private IP addresses to the specified network interface.</p> <p>You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For more information about Elastic IP addresses, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.</p> <p>Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check <code>network/interfaces/macs/mac/local-ipv4s</code> in the instance metadata to confirm that the remapping is complete.</p> <p>You must specify either the IP addresses or the IP address count in the request.</p>"
     },
     "AssociateAddress": {
       "name": "AssociateAddress",
@@ -161,7 +178,7 @@
       "output": {
         "shape": "AssociateAddressResult"
       },
-      "documentation": "<p>Associates an Elastic IP address with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.</p> <p>[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.</p> <important> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the <i>Elastic IP Addresses</i> section of <a href=\"http://aws.amazon.com/ec2/pricing/\">Amazon EC2 Pricing</a>.</p> </important>"
+      "documentation": "<p>Associates an Elastic IP address with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.</p> <p>[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.</p> <p>You cannot associate an Elastic IP address with an interface in a different network border group.</p> <important> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the <i>Elastic IP Addresses</i> section of <a href=\"http://aws.amazon.com/ec2/pricing/\">Amazon EC2 Pricing</a>.</p> </important>"
     },
     "AssociateClientVpnTargetNetwork": {
       "name": "AssociateClientVpnTargetNetwork",
@@ -175,7 +192,7 @@
       "output": {
         "shape": "AssociateClientVpnTargetNetworkResult"
       },
-      "documentation": "<p>Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.</p>"
+      "documentation": "<p>Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.</p> <p>If you specified a VPC when you created the Client VPN endpoint or if you have previous subnet associations, the specified subnet must be in the same VPC. To specify a subnet that's in a different VPC, you must first modify the Client VPN endpoint (<a>ModifyClientVpnEndpoint</a>) and change the VPC that's associated with it.</p>"
     },
     "AssociateDhcpOptions": {
       "name": "AssociateDhcpOptions",
@@ -214,7 +231,7 @@
       "output": {
         "shape": "AssociateRouteTableResult"
       },
-      "documentation": "<p>Associates a subnet with a route table. The subnet and route table must be in the same VPC. This association causes traffic originating from the subnet to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table from the subnet later. A route table can be associated with multiple subnets.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Associates a subnet in your VPC or an internet gateway or virtual private gateway attached to your VPC with a route table in your VPC. This association causes traffic from the subnet or gateway to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table later. A route table can be associated with multiple subnets.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "AssociateSubnetCidrBlock": {
       "name": "AssociateSubnetCidrBlock",
@@ -230,6 +247,20 @@
       },
       "documentation": "<p>Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length of /64.</p>"
     },
+    "AssociateTransitGatewayMulticastDomain": {
+      "name": "AssociateTransitGatewayMulticastDomain",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "AssociateTransitGatewayMulticastDomainRequest"
+      },
+      "output": {
+        "shape": "AssociateTransitGatewayMulticastDomainResult"
+      },
+      "documentation": "<p>Associates the specified subnets and transit gateway attachments with the specified transit gateway multicast domain.</p> <p>The transit gateway attachment must be in the available state before you can add a resource. Use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html\">DescribeTransitGatewayAttachments</a> to see the state of the attachment.</p>"
+    },
     "AssociateTransitGatewayRouteTable": {
       "name": "AssociateTransitGatewayRouteTable",
       "http": {
@@ -256,7 +287,7 @@
       "output": {
         "shape": "AssociateVpcCidrBlockResult"
       },
-      "documentation": "<p>Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, or you can associate an Amazon-provided IPv6 CIDR block. The IPv6 CIDR block size is fixed at /56.</p> <p>For more information about associating CIDR blocks with your VPC and applicable restrictions, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing\">VPC and Subnet Sizing</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (<a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">BYOIP</a>). The IPv6 CIDR block size is fixed at /56.</p> <p>You must specify one of the following in the request: an IPv4 CIDR block, an IPv6 pool, or an Amazon-provided IPv6 CIDR block.</p> <p>For more information about associating CIDR blocks with your VPC and applicable restrictions, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing\">VPC and Subnet Sizing</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "AttachClassicLinkVpc": {
       "name": "AttachClassicLinkVpc",
@@ -281,7 +312,7 @@
       "input": {
         "shape": "AttachInternetGatewayRequest"
       },
-      "documentation": "<p>Attaches an internet gateway to a VPC, enabling connectivity between the internet and the VPC. For more information about your VPC and internet gateway, see the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/\">Amazon Virtual Private Cloud User Guide</a>.</p>"
+      "documentation": "<p>Attaches an internet gateway or a virtual private gateway to a VPC, enabling connectivity between the internet and the VPC. For more information about your VPC and internet gateway, see the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/\">Amazon Virtual Private Cloud User Guide</a>.</p>"
     },
     "AttachNetworkInterface": {
       "name": "AttachNetworkInterface",
@@ -591,7 +622,7 @@
       "output": {
         "shape": "CreateCustomerGatewayResult"
       },
-      "documentation": "<p>Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and may be behind a device performing network address translation (NAT).</p> <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).</p> <note> <p>Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the <code>us-east-1</code> Region, and 9059, which is reserved in the <code>eu-west-1</code> Region.</p> </note> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <important> <p>You cannot create more than one customer gateway with the same VPN type, IP address, and BGP ASN parameter values. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources.</p> </important>"
+      "documentation": "<p>Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT).</p> <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).</p> <note> <p>Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the <code>us-east-1</code> Region, and 9059, which is reserved in the <code>eu-west-1</code> Region.</p> </note> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <important> <p>To create more than one customer gateway with the same VPN type, IP address, and BGP ASN, specify a unique device name for each customer gateway. Identical requests return information about the existing customer gateway and do not create new customer gateways.</p> </important>"
     },
     "CreateDefaultSubnet": {
       "name": "CreateDefaultSubnet",
@@ -633,7 +664,7 @@
       "output": {
         "shape": "CreateDhcpOptionsResult"
       },
-      "documentation": "<p>Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> <ul> <li> <p> <code>domain-name-servers</code> - The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. ITo have your instance to receive a custom DNS hostname as specified in <code>domain-name</code>, you must set <code>domain-name-servers</code> to a custom DNS server.</p> </li> <li> <p> <code>domain-name</code> - If you're using AmazonProvidedDNS in <code>us-east-1</code>, specify <code>ec2.internal</code>. If you're using AmazonProvidedDNS in another Region, specify <code>region.compute.internal</code> (for example, <code>ap-northeast-1.compute.internal</code>). Otherwise, specify a domain name (for example, <code>MyCompany.com</code>). This value is used to complete unqualified DNS hostnames. <b>Important</b>: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.</p> </li> <li> <p> <code>ntp-servers</code> - The IP addresses of up to four Network Time Protocol (NTP) servers.</p> </li> <li> <p> <code>netbios-name-servers</code> - The IP addresses of up to four NetBIOS name servers.</p> </li> <li> <p> <code>netbios-node-type</code> - The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> </li> </ul> <p>Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the <code>domain-name-servers</code> option either to <code>AmazonProvidedDNS</code> or to a domain name server of your choice. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> <ul> <li> <p> <code>domain-name-servers</code> - The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. To have your instance receive a custom DNS hostname as specified in <code>domain-name</code>, you must set <code>domain-name-servers</code> to a custom DNS server.</p> </li> <li> <p> <code>domain-name</code> - If you're using AmazonProvidedDNS in <code>us-east-1</code>, specify <code>ec2.internal</code>. If you're using AmazonProvidedDNS in another Region, specify <code>region.compute.internal</code> (for example, <code>ap-northeast-1.compute.internal</code>). Otherwise, specify a domain name (for example, <code>MyCompany.com</code>). This value is used to complete unqualified DNS hostnames. <b>Important</b>: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.</p> </li> <li> <p> <code>ntp-servers</code> - The IP addresses of up to four Network Time Protocol (NTP) servers.</p> </li> <li> <p> <code>netbios-name-servers</code> - The IP addresses of up to four NetBIOS name servers.</p> </li> <li> <p> <code>netbios-node-type</code> - The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> </li> </ul> <p>Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the <code>domain-name-servers</code> option either to <code>AmazonProvidedDNS</code> or to a domain name server of your choice. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "CreateEgressOnlyInternetGateway": {
       "name": "CreateEgressOnlyInternetGateway",
@@ -759,7 +790,7 @@
       "output": {
         "shape": "CreateLaunchTemplateResult"
       },
-      "documentation": "<p>Creates a launch template. A launch template contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify a launch template instead of providing the launch parameters in the request.</p>"
+      "documentation": "<p>Creates a launch template. A launch template contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify a launch template instead of providing the launch parameters in the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html\">Launching an instance from a launch template</a>in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "CreateLaunchTemplateVersion": {
       "name": "CreateLaunchTemplateVersion",
@@ -773,7 +804,35 @@
       "output": {
         "shape": "CreateLaunchTemplateVersionResult"
       },
-      "documentation": "<p>Creates a new version for a launch template. You can specify an existing version of launch template from which to base the new version.</p> <p>Launch template versions are numbered in the order in which they are created. You cannot specify, change, or replace the numbering of launch template versions.</p>"
+      "documentation": "<p>Creates a new version for a launch template. You can specify an existing version of launch template from which to base the new version.</p> <p>Launch template versions are numbered in the order in which they are created. You cannot specify, change, or replace the numbering of launch template versions.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#manage-launch-template-versions\">Managing launch template versions</a>in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
+    "CreateLocalGatewayRoute": {
+      "name": "CreateLocalGatewayRoute",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "CreateLocalGatewayRouteRequest"
+      },
+      "output": {
+        "shape": "CreateLocalGatewayRouteResult"
+      },
+      "documentation": "<p>Creates a static route for the specified local gateway route table.</p>"
+    },
+    "CreateLocalGatewayRouteTableVpcAssociation": {
+      "name": "CreateLocalGatewayRouteTableVpcAssociation",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "CreateLocalGatewayRouteTableVpcAssociationRequest"
+      },
+      "output": {
+        "shape": "CreateLocalGatewayRouteTableVpcAssociationResult"
+      },
+      "documentation": "<p>Associates the specified VPC with the specified local gateway route table.</p>"
     },
     "CreateNatGateway": {
       "name": "CreateNatGateway",
@@ -851,6 +910,9 @@
       "input": {
         "shape": "CreatePlacementGroupRequest"
       },
+      "output": {
+        "shape": "CreatePlacementGroupResult"
+      },
       "documentation": "<p>Creates a placement group in which to launch instances. The strategy of the placement group determines how the instances are organized within the group. </p> <p>A <code>cluster</code> placement group is a logical grouping of instances within a single Availability Zone that benefit from low network latency, high network throughput. A <code>spread</code> placement group places instances on distinct hardware. A <code>partition</code> placement group places groups of instances in different partitions, where instances in one partition do not share the same hardware with instances in another partition.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">Placement Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "CreateReservedInstancesListing": {
@@ -879,7 +941,7 @@
       "output": {
         "shape": "CreateRouteResult"
       },
-      "documentation": "<p>Creates a route in a route table within a VPC.</p> <p>You must specify one of the following targets: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, or egress-only internet gateway.</p> <p>When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address <code>192.0.2.3</code>, and the route table includes the following two IPv4 routes:</p> <ul> <li> <p> <code>192.0.2.0/24</code> (goes to some target A)</p> </li> <li> <p> <code>192.0.2.0/28</code> (goes to some target B)</p> </li> </ul> <p>Both routes apply to the traffic destined for <code>192.0.2.3</code>. However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.</p> <p>For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Creates a route in a route table within a VPC.</p> <p>You must specify one of the following targets: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.</p> <p>When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address <code>192.0.2.3</code>, and the route table includes the following two IPv4 routes:</p> <ul> <li> <p> <code>192.0.2.0/24</code> (goes to some target A)</p> </li> <li> <p> <code>192.0.2.0/28</code> (goes to some target B)</p> </li> </ul> <p>Both routes apply to the traffic destined for <code>192.0.2.3</code>. However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.</p> <p>For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "CreateRouteTable": {
       "name": "CreateRouteTable",
@@ -935,7 +997,7 @@
       "output": {
         "shape": "CreateSnapshotsResult"
       },
-      "documentation": "<p>Creates crash-consistent snapshots of multiple EBS volumes and stores the data in S3. Volumes are chosen by specifying an instance. Any attached volumes will produce one snapshot each that is crash-consistent across the instance. Boot volumes can be excluded by changing the paramaters. </p>"
+      "documentation": "<p>Creates crash-consistent snapshots of multiple EBS volumes and stores the data in S3. Volumes are chosen by specifying an instance. Any attached volumes will produce one snapshot each that is crash-consistent across the instance. Boot volumes can be excluded by changing the parameters. </p>"
     },
     "CreateSpotDatafeedSubscription": {
       "name": "CreateSpotDatafeedSubscription",
@@ -988,7 +1050,7 @@
       "output": {
         "shape": "CreateTrafficMirrorFilterResult"
       },
-      "documentation": "<p>Creates a Traffic Mirror filter.</p> <p>A Traffic Mirror filter is a set of rules that defines the traffic to mirror.</p> <p>By default, no traffic is mirrored. To mirror traffic, use <a>CreateTrafficMirrorFilterRule</a> to add Traffic Mirror rules to the filter. The rules you add define what traffic gets mirrored. You can also use <a>ModifyTrafficMirrorFilterNetworkServices</a> to mirror supported network services.</p>"
+      "documentation": "<p>Creates a Traffic Mirror filter.</p> <p>A Traffic Mirror filter is a set of rules that defines the traffic to mirror.</p> <p>By default, no traffic is mirrored. To mirror traffic, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilterRule.htm\">CreateTrafficMirrorFilterRule</a> to add Traffic Mirror rules to the filter. The rules you add define what traffic gets mirrored. You can also use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterNetworkServices.html\">ModifyTrafficMirrorFilterNetworkServices</a> to mirror supported network services.</p>"
     },
     "CreateTrafficMirrorFilterRule": {
       "name": "CreateTrafficMirrorFilterRule",
@@ -1002,7 +1064,7 @@
       "output": {
         "shape": "CreateTrafficMirrorFilterRuleResult"
       },
-      "documentation": "<p>Creates a Traffic Mirror rule. </p> <p>A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror.</p> <p>You need the Traffic Mirror filter ID when you create the rule.</p>"
+      "documentation": "<p>Creates a Traffic Mirror filter rule. </p> <p>A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror.</p> <p>You need the Traffic Mirror filter ID when you create the rule.</p>"
     },
     "CreateTrafficMirrorSession": {
       "name": "CreateTrafficMirrorSession",
@@ -1016,7 +1078,7 @@
       "output": {
         "shape": "CreateTrafficMirrorSessionResult"
       },
-      "documentation": "<p>Creates a Traffic Mirror session.</p> <p>A Traffic Mirror session actively copies packets from a Traffic Mirror source to a Traffic Mirror target. Create a filter, and then assign it to the session to define a subset of the traffic to mirror, for example all TCP traffic.</p> <p>The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in a different VPC connected via VPC peering or a transit gateway. </p> <p>By default, no traffic is mirrored. Use <a>CreateTrafficMirrorFilter</a> to create filter rules that specify the traffic to mirror.</p>"
+      "documentation": "<p>Creates a Traffic Mirror session.</p> <p>A Traffic Mirror session actively copies packets from a Traffic Mirror source to a Traffic Mirror target. Create a filter, and then assign it to the session to define a subset of the traffic to mirror, for example all TCP traffic.</p> <p>The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in a different VPC connected via VPC peering or a transit gateway. </p> <p>By default, no traffic is mirrored. Use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilter.htm\">CreateTrafficMirrorFilter</a> to create filter rules that specify the traffic to mirror.</p>"
     },
     "CreateTrafficMirrorTarget": {
       "name": "CreateTrafficMirrorTarget",
@@ -1030,7 +1092,7 @@
       "output": {
         "shape": "CreateTrafficMirrorTargetResult"
       },
-      "documentation": "<p>Creates a target for your Traffic Mirror session.</p> <p>A Traffic Mirror target is the destination for mirrored traffic. The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in different VPCs connected via VPC peering or a transit gateway.</p> <p>A Traffic Mirror target can be a network interface, or a Network Load Balancer.</p> <p>To use the target in a Traffic Mirror session, use <a>CreateTrafficMirrorSession</a>.</p>"
+      "documentation": "<p>Creates a target for your Traffic Mirror session.</p> <p>A Traffic Mirror target is the destination for mirrored traffic. The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in different VPCs connected via VPC peering or a transit gateway.</p> <p>A Traffic Mirror target can be a network interface, or a Network Load Balancer.</p> <p>To use the target in a Traffic Mirror session, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorSession.htm\">CreateTrafficMirrorSession</a>.</p>"
     },
     "CreateTransitGateway": {
       "name": "CreateTransitGateway",
@@ -1046,6 +1108,34 @@
       },
       "documentation": "<p>Creates a transit gateway.</p> <p>You can use a transit gateway to interconnect your virtual private clouds (VPC) and on-premises networks. After the transit gateway enters the <code>available</code> state, you can attach your VPCs and VPN connections to the transit gateway.</p> <p>To attach your VPCs, use <a>CreateTransitGatewayVpcAttachment</a>.</p> <p>To attach a VPN connection, use <a>CreateCustomerGateway</a> to create a customer gateway and specify the ID of the customer gateway and the ID of the transit gateway in a call to <a>CreateVpnConnection</a>.</p> <p>When you create a transit gateway, we create a default transit gateway route table and use it as the default association route table and the default propagation route table. You can use <a>CreateTransitGatewayRouteTable</a> to create additional transit gateway route tables. If you disable automatic route propagation, we do not create a default transit gateway route table. You can use <a>EnableTransitGatewayRouteTablePropagation</a> to propagate routes from a resource attachment to a transit gateway route table. If you disable automatic associations, you can use <a>AssociateTransitGatewayRouteTable</a> to associate a resource attachment with a transit gateway route table.</p>"
     },
+    "CreateTransitGatewayMulticastDomain": {
+      "name": "CreateTransitGatewayMulticastDomain",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "CreateTransitGatewayMulticastDomainRequest"
+      },
+      "output": {
+        "shape": "CreateTransitGatewayMulticastDomainResult"
+      },
+      "documentation": "<p>Creates a multicast domain using the specified transit gateway.</p> <p>The transit gateway must be in the available state before you create a domain. Use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html\">DescribeTransitGateways</a> to see the state of transit gateway.</p>"
+    },
+    "CreateTransitGatewayPeeringAttachment": {
+      "name": "CreateTransitGatewayPeeringAttachment",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "CreateTransitGatewayPeeringAttachmentRequest"
+      },
+      "output": {
+        "shape": "CreateTransitGatewayPeeringAttachmentResult"
+      },
+      "documentation": "<p>Requests a transit gateway peering attachment between the specified transit gateway (requester) and a peer transit gateway (accepter). The transit gateways must be in different Regions. The peer transit gateway can be in your account or a different AWS account. </p> <p>After you create the peering attachment, the owner of the accepter transit gateway must accept the attachment request.</p>"
+    },
     "CreateTransitGatewayRoute": {
       "name": "CreateTransitGatewayRoute",
       "http": {
@@ -1114,7 +1204,7 @@
       "output": {
         "shape": "CreateVpcResult"
       },
-      "documentation": "<p>Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html\">Your VPC and Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. The IPv6 CIDR block uses a /56 prefix length, and is allocated from Amazon's pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC.</p> <p>By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html\">Dedicated Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html\">Your VPC and Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (<a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">BYOIP</a>).</p> <p>By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html\">Dedicated Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "CreateVpcEndpoint": {
       "name": "CreateVpcEndpoint",
@@ -1128,7 +1218,7 @@
       "output": {
         "shape": "CreateVpcEndpointResult"
       },
-      "documentation": "<p>Creates a VPC endpoint for a specified service. An endpoint enables you to create a private connection between your VPC and the service. The service may be provided by AWS, an AWS Marketplace partner, or another AWS account. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html\">VPC Endpoints</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>A <code>gateway</code> endpoint serves as a target for a route in your route table for traffic destined for the AWS service. You can specify an endpoint policy to attach to the endpoint that will control access to the service from your VPC. You can also specify the VPC route tables that use the endpoint.</p> <p>An <code>interface</code> endpoint is a network interface in your subnet that serves as an endpoint for communicating with the specified service. You can specify the subnets in which to create an endpoint, and the security groups to associate with the endpoint network interface.</p> <p>Use <a>DescribeVpcEndpointServices</a> to get a list of supported services.</p>"
+      "documentation": "<p>Creates a VPC endpoint for a specified service. An endpoint enables you to create a private connection between your VPC and the service. The service may be provided by AWS, an AWS Marketplace Partner, or another AWS account. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html\">VPC Endpoints</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>A <code>gateway</code> endpoint serves as a target for a route in your route table for traffic destined for the AWS service. You can specify an endpoint policy to attach to the endpoint, which will control access to the service from your VPC. You can also specify the VPC route tables that use the endpoint.</p> <p>An <code>interface</code> endpoint is a network interface in your subnet that serves as an endpoint for communicating with the specified service. You can specify the subnets in which to create an endpoint, and the security groups to associate with the endpoint network interface.</p> <p>Use <a>DescribeVpcEndpointServices</a> to get a list of supported services.</p>"
     },
     "CreateVpcEndpointConnectionNotification": {
       "name": "CreateVpcEndpointConnectionNotification",
@@ -1156,7 +1246,7 @@
       "output": {
         "shape": "CreateVpcEndpointServiceConfigurationResult"
       },
-      "documentation": "<p>Creates a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect. Service consumers can create an interface VPC endpoint to connect to your service.</p> <p>To create an endpoint service configuration, you must first create a Network Load Balancer for your service. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html\">VPC Endpoint Services</a> in the <i>Amazon Virtual Private Cloud User Guide</i>. </p>"
+      "documentation": "<p>Creates a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect. Service consumers can create an interface VPC endpoint to connect to your service.</p> <p>To create an endpoint service configuration, you must first create a Network Load Balancer for your service. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html\">VPC Endpoint Services</a> in the <i>Amazon Virtual Private Cloud User Guide</i>. </p> <p>If you set the private DNS name, you must prove that you own the private DNS domain name. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html\">VPC Endpoint Service Private DNS Name Verification</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "CreateVpcPeeringConnection": {
       "name": "CreateVpcPeeringConnection",
@@ -1184,7 +1274,7 @@
       "output": {
         "shape": "CreateVpnConnectionResult"
       },
-      "documentation": "<p>Creates a VPN connection between an existing virtual private gateway and a VPN customer gateway. The supported connection types is <code>ipsec.1</code>.</p> <p>The response includes information that you need to give to your network administrator to configure your customer gateway.</p> <important> <p>We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway.</p> </important> <p>If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.</p> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>"
+      "documentation": "<p>Creates a VPN connection between an existing virtual private gateway and a VPN customer gateway. The supported connection type is <code>ipsec.1</code>.</p> <p>The response includes information that you need to give to your network administrator to configure your customer gateway.</p> <important> <p>We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway.</p> </important> <p>If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.</p> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>"
     },
     "CreateVpnConnectionRoute": {
       "name": "CreateVpnConnectionRoute",
@@ -1367,6 +1457,34 @@
       },
       "documentation": "<p>Deletes one or more versions of a launch template. You cannot delete the default version of a launch template; you must first assign a different version as the default. If the default version is the only version for the launch template, you must delete the entire launch template using <a>DeleteLaunchTemplate</a>.</p>"
     },
+    "DeleteLocalGatewayRoute": {
+      "name": "DeleteLocalGatewayRoute",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeleteLocalGatewayRouteRequest"
+      },
+      "output": {
+        "shape": "DeleteLocalGatewayRouteResult"
+      },
+      "documentation": "<p>Deletes the specified route from the specified local gateway route table.</p>"
+    },
+    "DeleteLocalGatewayRouteTableVpcAssociation": {
+      "name": "DeleteLocalGatewayRouteTableVpcAssociation",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeleteLocalGatewayRouteTableVpcAssociationRequest"
+      },
+      "output": {
+        "shape": "DeleteLocalGatewayRouteTableVpcAssociationResult"
+      },
+      "documentation": "<p>Deletes the specified association between a VPC and local gateway route table.</p>"
+    },
     "DeleteNatGateway": {
       "name": "DeleteNatGateway",
       "http": {
@@ -1439,6 +1557,20 @@
       },
       "documentation": "<p>Deletes the specified placement group. You must terminate all instances in the placement group before you can delete the placement group. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">Placement Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
+    "DeleteQueuedReservedInstances": {
+      "name": "DeleteQueuedReservedInstances",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeleteQueuedReservedInstancesRequest"
+      },
+      "output": {
+        "shape": "DeleteQueuedReservedInstancesResult"
+      },
+      "documentation": "<p>Deletes the queued purchases for the specified Reserved Instances.</p>"
+    },
     "DeleteRoute": {
       "name": "DeleteRoute",
       "http": {
@@ -1586,6 +1718,34 @@
       },
       "documentation": "<p>Deletes the specified transit gateway.</p>"
     },
+    "DeleteTransitGatewayMulticastDomain": {
+      "name": "DeleteTransitGatewayMulticastDomain",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeleteTransitGatewayMulticastDomainRequest"
+      },
+      "output": {
+        "shape": "DeleteTransitGatewayMulticastDomainResult"
+      },
+      "documentation": "<p>Deletes the specified transit gateway multicast domain.</p>"
+    },
+    "DeleteTransitGatewayPeeringAttachment": {
+      "name": "DeleteTransitGatewayPeeringAttachment",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeleteTransitGatewayPeeringAttachmentRequest"
+      },
+      "output": {
+        "shape": "DeleteTransitGatewayPeeringAttachmentResult"
+      },
+      "documentation": "<p>Deletes a transit gateway peering attachment.</p>"
+    },
     "DeleteTransitGatewayRoute": {
       "name": "DeleteTransitGatewayRoute",
       "http": {
@@ -1715,7 +1875,7 @@
       "input": {
         "shape": "DeleteVpnConnectionRequest"
       },
-      "documentation": "<p>Deletes the specified VPN connection.</p> <p>If you're deleting the VPC and its associated components, we recommend that you detach the virtual private gateway from the VPC and delete the VPC before deleting the VPN connection. If you believe that the tunnel credentials for your VPN connection have been compromised, you can delete the VPN connection and create a new one that has new keys, without needing to delete the VPC or virtual private gateway. If you create a new VPN connection, you must reconfigure the customer gateway using the new configuration information returned with the new VPN connection ID.</p>"
+      "documentation": "<p>Deletes the specified VPN connection.</p> <p>If you're deleting the VPC and its associated components, we recommend that you detach the virtual private gateway from the VPC and delete the VPC before deleting the VPN connection. If you believe that the tunnel credentials for your VPN connection have been compromised, you can delete the VPN connection and create a new one that has new keys, without needing to delete the VPC or virtual private gateway. If you create a new VPN connection, you must reconfigure the customer gateway device using the new configuration information returned with the new VPN connection ID.</p> <p>For certificate-based authentication, delete all AWS Certificate Manager (ACM) private certificates used for the AWS-side tunnel endpoints for the VPN connection before deleting the VPN connection.</p>"
     },
     "DeleteVpnConnectionRoute": {
       "name": "DeleteVpnConnectionRoute",
@@ -1737,7 +1897,7 @@
       "input": {
         "shape": "DeleteVpnGatewayRequest"
       },
-      "documentation": "<p>Deletes the specified virtual private gateway. We recommend that before you delete a virtual private gateway, you detach it from the VPC and delete the VPN connection. Note that you don't need to delete the virtual private gateway if you plan to delete and recreate the VPN connection between your VPC and your network.</p>"
+      "documentation": "<p>Deletes the specified virtual private gateway. You must first detach the virtual private gateway from the VPC. Note that you don't need to delete the virtual private gateway if you plan to delete and recreate the VPN connection between your VPC and your network.</p>"
     },
     "DeprovisionByoipCidr": {
       "name": "DeprovisionByoipCidr",
@@ -1764,6 +1924,48 @@
       },
       "documentation": "<p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to launch new instances; however, it doesn't affect any instances that you've already launched from the AMI. You'll continue to incur usage costs for those instances until you terminate them.</p> <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was created for the root volume of the instance during the AMI creation process. When you deregister an instance store-backed AMI, it doesn't affect the files that you uploaded to Amazon S3 when you created the AMI.</p>"
     },
+    "DeregisterInstanceEventNotificationAttributes": {
+      "name": "DeregisterInstanceEventNotificationAttributes",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeregisterInstanceEventNotificationAttributesRequest"
+      },
+      "output": {
+        "shape": "DeregisterInstanceEventNotificationAttributesResult"
+      },
+      "documentation": "<p>Deregisters tag keys to prevent tags that have the specified tag keys from being included in scheduled event notifications for resources in the Region.</p>"
+    },
+    "DeregisterTransitGatewayMulticastGroupMembers": {
+      "name": "DeregisterTransitGatewayMulticastGroupMembers",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeregisterTransitGatewayMulticastGroupMembersRequest"
+      },
+      "output": {
+        "shape": "DeregisterTransitGatewayMulticastGroupMembersResult"
+      },
+      "documentation": "<p>Deregisters the specified members (network interfaces) from the transit gateway multicast group.</p>"
+    },
+    "DeregisterTransitGatewayMulticastGroupSources": {
+      "name": "DeregisterTransitGatewayMulticastGroupSources",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DeregisterTransitGatewayMulticastGroupSourcesRequest"
+      },
+      "output": {
+        "shape": "DeregisterTransitGatewayMulticastGroupSourcesResult"
+      },
+      "documentation": "<p>Deregisters the specified sources (network interfaces) from the transit gateway multicast group.</p>"
+    },
     "DescribeAccountAttributes": {
       "name": "DescribeAccountAttributes",
       "http": {
@@ -1776,7 +1978,7 @@
       "output": {
         "shape": "DescribeAccountAttributesResult"
       },
-      "documentation": "<p>Describes attributes of your AWS account. The following are the supported account attributes:</p> <ul> <li> <p> <code>supported-platforms</code>: Indicates whether your account can launch instances into EC2-Classic and EC2-VPC, or only into EC2-VPC.</p> </li> <li> <p> <code>default-vpc</code>: The ID of the default VPC for your account, or <code>none</code>.</p> </li> <li> <p> <code>max-instances</code>: The maximum number of On-Demand Instances that you can run.</p> </li> <li> <p> <code>vpc-max-security-groups-per-interface</code>: The maximum number of security groups that you can assign to a network interface.</p> </li> <li> <p> <code>max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-Classic. </p> </li> <li> <p> <code>vpc-max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-VPC.</p> </li> </ul>"
+      "documentation": "<p>Describes attributes of your AWS account. The following are the supported account attributes:</p> <ul> <li> <p> <code>supported-platforms</code>: Indicates whether your account can launch instances into EC2-Classic and EC2-VPC, or only into EC2-VPC.</p> </li> <li> <p> <code>default-vpc</code>: The ID of the default VPC for your account, or <code>none</code>.</p> </li> <li> <p> <code>max-instances</code>: This attribute is no longer supported. The returned value does not reflect your actual vCPU limit for running On-Demand Instances. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-on-demand-instances.html#ec2-on-demand-instances-limits\">On-Demand Instance Limits</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> <li> <p> <code>vpc-max-security-groups-per-interface</code>: The maximum number of security groups that you can assign to a network interface.</p> </li> <li> <p> <code>max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-Classic. </p> </li> <li> <p> <code>vpc-max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-VPC.</p> </li> </ul>"
     },
     "DescribeAddresses": {
       "name": "DescribeAddresses",
@@ -1818,7 +2020,7 @@
       "output": {
         "shape": "DescribeAvailabilityZonesResult"
       },
-      "documentation": "<p>Describes the Availability Zones that are available to you. The results include zones only for the Region you're currently using. If there is an event impacting an Availability Zone, you can use this request to view the state and any provided message for that Availability Zone.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\">Regions and Availability Zones</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Describes the Availability Zones and Local Zones that are available to you. If there is an event impacting an Availability Zone or Local Zone, you can use this request to view the state and any provided messages for that Availability Zone or Local Zone.</p> <p>For more information about Availability Zones and Local Zones, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\">Regions and Availability Zones</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "DescribeBundleTasks": {
       "name": "DescribeBundleTasks",
@@ -1846,7 +2048,7 @@
       "output": {
         "shape": "DescribeByoipCidrsResult"
       },
-      "documentation": "<p>Describes the IP address ranges that were specified in calls to <a>ProvisionByoipCidr</a>.</p> <p>To describe the address pools that were created when you provisioned the address ranges, use <a>DescribePublicIpv4Pools</a>.</p>"
+      "documentation": "<p>Describes the IP address ranges that were specified in calls to <a>ProvisionByoipCidr</a>.</p> <p>To describe the address pools that were created when you provisioned the address ranges, use <a>DescribePublicIpv4Pools</a> or <a>DescribeIpv6Pools</a>.</p>"
     },
     "DescribeCapacityReservations": {
       "name": "DescribeCapacityReservations",
@@ -1946,6 +2148,20 @@
       },
       "documentation": "<p>Describes the target networks associated with the specified Client VPN endpoint.</p>"
     },
+    "DescribeCoipPools": {
+      "name": "DescribeCoipPools",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeCoipPoolsRequest"
+      },
+      "output": {
+        "shape": "DescribeCoipPoolsResult"
+      },
+      "documentation": "<p>Describes the specified customer-owned address pools or all of your customer-owned address pools.</p>"
+    },
     "DescribeConversionTasks": {
       "name": "DescribeConversionTasks",
       "http": {
@@ -2016,6 +2232,20 @@
       },
       "documentation": "<p>Describes the Elastic Graphics accelerator associated with your instances. For more information about Elastic Graphics, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html\">Amazon Elastic Graphics</a>.</p>"
     },
+    "DescribeExportImageTasks": {
+      "name": "DescribeExportImageTasks",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeExportImageTasksRequest"
+      },
+      "output": {
+        "shape": "DescribeExportImageTasksResult"
+      },
+      "documentation": "<p>Describes the specified export image tasks or all your export image tasks.</p>"
+    },
     "DescribeExportTasks": {
       "name": "DescribeExportTasks",
       "http": {
@@ -2028,7 +2258,21 @@
       "output": {
         "shape": "DescribeExportTasksResult"
       },
-      "documentation": "<p>Describes the specified export tasks or all your export tasks.</p>"
+      "documentation": "<p>Describes the specified export instance tasks or all your export instance tasks.</p>"
+    },
+    "DescribeFastSnapshotRestores": {
+      "name": "DescribeFastSnapshotRestores",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeFastSnapshotRestoresRequest"
+      },
+      "output": {
+        "shape": "DescribeFastSnapshotRestoresResult"
+      },
+      "documentation": "<p>Describes the state of fast snapshot restores for your snapshots.</p>"
     },
     "DescribeFleetHistory": {
       "name": "DescribeFleetHistory",
@@ -2042,7 +2286,7 @@
       "output": {
         "shape": "DescribeFleetHistoryResult"
       },
-      "documentation": "<p>Describes the events for the specified EC2 Fleet during the specified time.</p>"
+      "documentation": "<p>Describes the events for the specified EC2 Fleet during the specified time.</p> <p>EC2 Fleet events are delayed by up to 30 seconds before they can be described. This ensures that you can query by the last evaluated time and not miss a recorded event. EC2 Fleet events are available for 48 hours.</p>"
     },
     "DescribeFleetInstances": {
       "name": "DescribeFleetInstances",
@@ -2070,7 +2314,7 @@
       "output": {
         "shape": "DescribeFleetsResult"
       },
-      "documentation": "<p>Describes the specified EC2 Fleets or all your EC2 Fleets.</p>"
+      "documentation": "<p>Describes the specified EC2 Fleets or all of your EC2 Fleets.</p>"
     },
     "DescribeFlowLogs": {
       "name": "DescribeFlowLogs",
@@ -2126,7 +2370,7 @@
       "output": {
         "shape": "DescribeHostReservationOfferingsResult"
       },
-      "documentation": "<p>Describes the Dedicated Host reservations that are available to purchase.</p> <p>The results describe all the Dedicated Host reservation offerings, including offerings that may not match the instance family and Region of your Dedicated Hosts. When purchasing an offering, ensure that the instance family and Region of the offering matches that of the Dedicated Hosts with which it is to be associated. For more information about supported instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html\">Dedicated Hosts Overview</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. </p>"
+      "documentation": "<p>Describes the Dedicated Host reservations that are available to purchase.</p> <p>The results describe all of the Dedicated Host reservation offerings, including offerings that might not match the instance family and Region of your Dedicated Hosts. When purchasing an offering, ensure that the instance family and Region of the offering matches that of the Dedicated Hosts with which it is to be associated. For more information about supported instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html\">Dedicated Hosts Overview</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. </p>"
     },
     "DescribeHostReservations": {
       "name": "DescribeHostReservations",
@@ -2280,7 +2524,21 @@
       "output": {
         "shape": "DescribeInstanceCreditSpecificationsResult"
       },
-      "documentation": "<p>Describes the credit option for CPU usage of the specified T2 or T3 instances. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>If you do not specify an instance ID, Amazon EC2 returns T2 and T3 instances with the <code>unlimited</code> credit option, as well as instances that were previously configured as T2 or T3 with the <code>unlimited</code> credit option. For example, if you resize a T2 instance, while it is configured as <code>unlimited</code>, to an M4 instance, Amazon EC2 returns the M4 instance.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns the credit option (<code>standard</code> or <code>unlimited</code>) of those instances. If you specify an instance ID that is not valid, such as an instance that is not a T2 or T3 instance, an error is returned.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If an Availability Zone is experiencing a service disruption and you specify instance IDs in the affected zone, or do not specify any instance IDs at all, the call fails. If you specify only instance IDs in an unaffected zone, the call works normally.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Describes the credit option for CPU usage of the specified burstable performance instances. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>If you do not specify an instance ID, Amazon EC2 returns burstable performance instances with the <code>unlimited</code> credit option, as well as instances that were previously configured as T2, T3, and T3a with the <code>unlimited</code> credit option. For example, if you resize a T2 instance, while it is configured as <code>unlimited</code>, to an M4 instance, Amazon EC2 returns the M4 instance.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns the credit option (<code>standard</code> or <code>unlimited</code>) of those instances. If you specify an instance ID that is not valid, such as an instance that is not a burstable performance instance, an error is returned.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If an Availability Zone is experiencing a service disruption and you specify instance IDs in the affected zone, or do not specify any instance IDs at all, the call fails. If you specify only instance IDs in an unaffected zone, the call works normally.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
+    "DescribeInstanceEventNotificationAttributes": {
+      "name": "DescribeInstanceEventNotificationAttributes",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeInstanceEventNotificationAttributesRequest"
+      },
+      "output": {
+        "shape": "DescribeInstanceEventNotificationAttributesResult"
+      },
+      "documentation": "<p>Describes the tag keys that are registered to appear in scheduled event notifications for resources in the current Region.</p>"
     },
     "DescribeInstanceStatus": {
       "name": "DescribeInstanceStatus",
@@ -2296,6 +2554,34 @@
       },
       "documentation": "<p>Describes the status of the specified instances or all of your instances. By default, only running instances are described, unless you specifically indicate to return the status of all instances.</p> <p>Instance status includes the following components:</p> <ul> <li> <p> <b>Status checks</b> - Amazon EC2 performs status checks on running EC2 instances to identify hardware and software issues. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html\">Status Checks for Your Instances</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html\">Troubleshooting Instances with Failed Status Checks</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> <li> <p> <b>Scheduled events</b> - Amazon EC2 can schedule events (such as reboot, stop, or terminate) for your instances related to hardware issues, software updates, or system maintenance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html\">Scheduled Events for Your Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> <li> <p> <b>Instance state</b> - You can manage your instances from the moment you launch them through their termination. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> </ul>"
     },
+    "DescribeInstanceTypeOfferings": {
+      "name": "DescribeInstanceTypeOfferings",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeInstanceTypeOfferingsRequest"
+      },
+      "output": {
+        "shape": "DescribeInstanceTypeOfferingsResult"
+      },
+      "documentation": "<p>Returns a list of all instance types offered. The results can be filtered by location (Region or Availability Zone). If no location is specified, the instance types offered in the current Region are returned.</p>"
+    },
+    "DescribeInstanceTypes": {
+      "name": "DescribeInstanceTypes",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeInstanceTypesRequest"
+      },
+      "output": {
+        "shape": "DescribeInstanceTypesResult"
+      },
+      "documentation": "<p>Returns a list of all instance types offered in your current AWS Region. The results can be filtered by the attributes of the instance types.</p>"
+    },
     "DescribeInstances": {
       "name": "DescribeInstances",
       "http": {
@@ -2308,7 +2594,7 @@
       "output": {
         "shape": "DescribeInstancesResult"
       },
-      "documentation": "<p>Describes the specified instances or all of your instances.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns information for those instances. If you do not specify instance IDs, Amazon EC2 returns information for all relevant instances. If you specify an instance ID that is not valid, an error is returned. If you specify an instance that you do not own, it is not included in the returned results.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If you describe instances in the rare case where an Availability Zone is experiencing a service disruption and you specify instance IDs that are in the affected zone, or do not specify any instance IDs at all, the call fails. If you describe instances and specify only instance IDs that are in an unaffected zone, the call works normally.</p>"
+      "documentation": "<p>Describes the specified instances or all of AWS account's instances.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns information for those instances. If you do not specify instance IDs, Amazon EC2 returns information for all relevant instances. If you specify an instance ID that is not valid, an error is returned. If you specify an instance that you do not own, it is not included in the returned results.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If you describe instances in the rare case where an Availability Zone is experiencing a service disruption and you specify instance IDs that are in the affected zone, or do not specify any instance IDs at all, the call fails. If you describe instances and specify only instance IDs that are in an unaffected zone, the call works normally.</p>"
     },
     "DescribeInternetGateways": {
       "name": "DescribeInternetGateways",
@@ -2324,6 +2610,20 @@
       },
       "documentation": "<p>Describes one or more of your internet gateways.</p>"
     },
+    "DescribeIpv6Pools": {
+      "name": "DescribeIpv6Pools",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeIpv6PoolsRequest"
+      },
+      "output": {
+        "shape": "DescribeIpv6PoolsResult"
+      },
+      "documentation": "<p>Describes your IPv6 address pools.</p>"
+    },
     "DescribeKeyPairs": {
       "name": "DescribeKeyPairs",
       "http": {
@@ -2366,6 +2666,90 @@
       },
       "documentation": "<p>Describes one or more launch templates.</p>"
     },
+    "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations": {
+      "name": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult"
+      },
+      "documentation": "<p>Describes the associations between virtual interface groups and local gateway route tables.</p>"
+    },
+    "DescribeLocalGatewayRouteTableVpcAssociations": {
+      "name": "DescribeLocalGatewayRouteTableVpcAssociations",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewayRouteTableVpcAssociationsRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewayRouteTableVpcAssociationsResult"
+      },
+      "documentation": "<p>Describes the specified associations between VPCs and local gateway route tables.</p>"
+    },
+    "DescribeLocalGatewayRouteTables": {
+      "name": "DescribeLocalGatewayRouteTables",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewayRouteTablesRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewayRouteTablesResult"
+      },
+      "documentation": "<p>Describes one or more local gateway route tables. By default, all local gateway route tables are described. Alternatively, you can filter the results.</p>"
+    },
+    "DescribeLocalGatewayVirtualInterfaceGroups": {
+      "name": "DescribeLocalGatewayVirtualInterfaceGroups",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewayVirtualInterfaceGroupsRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewayVirtualInterfaceGroupsResult"
+      },
+      "documentation": "<p>Describes the specified local gateway virtual interface groups.</p>"
+    },
+    "DescribeLocalGatewayVirtualInterfaces": {
+      "name": "DescribeLocalGatewayVirtualInterfaces",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewayVirtualInterfacesRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewayVirtualInterfacesResult"
+      },
+      "documentation": "<p>Describes the specified local gateway virtual interfaces.</p>"
+    },
+    "DescribeLocalGateways": {
+      "name": "DescribeLocalGateways",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeLocalGatewaysRequest"
+      },
+      "output": {
+        "shape": "DescribeLocalGatewaysResult"
+      },
+      "documentation": "<p>Describes one or more local gateways. By default, all local gateways are described. Alternatively, you can filter the results.</p>"
+    },
     "DescribeMovingAddresses": {
       "name": "DescribeMovingAddresses",
       "http": {
@@ -2518,7 +2902,7 @@
       "output": {
         "shape": "DescribeRegionsResult"
       },
-      "documentation": "<p>Describes the Regions that are currently available to you. The API returns a list of all the Regions, including Regions that are disabled for your account. For information about enabling Regions for your account, see <a href=\"https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/manage-account-payment.html#manage-account-payment-enable-disable-regions\">Enabling and Disabling Regions</a> in the <i>AWS Billing and Cost Management User Guide</i>.</p> <p>For a list of the Regions supported by Amazon EC2, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region\"> Regions and Endpoints</a>.</p>"
+      "documentation": "<p>Describes the Regions that are enabled for your account, or all Regions.</p> <p>For a list of the Regions supported by Amazon EC2, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region\"> Regions and Endpoints</a>.</p> <p>For information about enabling and disabling Regions for your account, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/rande-manage.html\">Managing AWS Regions</a> in the <i>AWS General Reference</i>.</p>"
     },
     "DescribeReservedInstances": {
       "name": "DescribeReservedInstances",
@@ -2672,7 +3056,7 @@
       "output": {
         "shape": "DescribeSnapshotsResult"
       },
-      "documentation": "<p>Describes the specified EBS snapshots available to you or all of the EBS snapshots available to you.</p> <p>The snapshots available to you include public snapshots, private snapshots that you own, and private snapshots owned by other AWS accounts for which you have explicit create volume permissions.</p> <p>The create volume permissions fall into the following categories:</p> <ul> <li> <p> <i>public</i>: The owner of the snapshot granted create volume permissions for the snapshot to the <code>all</code> group. All AWS accounts have create volume permissions for these snapshots.</p> </li> <li> <p> <i>explicit</i>: The owner of the snapshot granted create volume permissions to a specific AWS account.</p> </li> <li> <p> <i>implicit</i>: An AWS account has implicit create volume permissions for all snapshots it owns.</p> </li> </ul> <p>The list of snapshots returned can be modified by specifying snapshot IDs, snapshot owners, or AWS accounts with create volume permissions. If no options are specified, Amazon EC2 returns all snapshots for which you have create volume permissions.</p> <p>If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned. If you specify an invalid snapshot ID, an error is returned. If you specify a snapshot ID for which you do not have access, it is not included in the returned results.</p> <p>If you specify one or more snapshot owners using the <code>OwnerIds</code> option, only snapshots from the specified owners and for which you have access are returned. The results can include the AWS account IDs of the specified owners, <code>amazon</code> for snapshots owned by Amazon, or <code>self</code> for snapshots that you own.</p> <p>If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned. You can specify AWS account IDs (if you own the snapshots), <code>self</code> for snapshots for which you own or have explicit permissions, or <code>all</code> for public snapshots.</p> <p>If you are describing a long list of snapshots, you can paginate the output to make the list more manageable. The <code>MaxResults</code> parameter sets the maximum number of results returned in a single page. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSnapshots</code> request to retrieve the remaining results.</p> <p>For more information about EBS snapshots, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html\">Amazon EBS Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Describes the specified EBS snapshots available to you or all of the EBS snapshots available to you.</p> <p>The snapshots available to you include public snapshots, private snapshots that you own, and private snapshots owned by other AWS accounts for which you have explicit create volume permissions.</p> <p>The create volume permissions fall into the following categories:</p> <ul> <li> <p> <i>public</i>: The owner of the snapshot granted create volume permissions for the snapshot to the <code>all</code> group. All AWS accounts have create volume permissions for these snapshots.</p> </li> <li> <p> <i>explicit</i>: The owner of the snapshot granted create volume permissions to a specific AWS account.</p> </li> <li> <p> <i>implicit</i>: An AWS account has implicit create volume permissions for all snapshots it owns.</p> </li> </ul> <p>The list of snapshots returned can be filtered by specifying snapshot IDs, snapshot owners, or AWS accounts with create volume permissions. If no options are specified, Amazon EC2 returns all snapshots for which you have create volume permissions.</p> <p>If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned. If you specify an invalid snapshot ID, an error is returned. If you specify a snapshot ID for which you do not have access, it is not included in the returned results.</p> <p>If you specify one or more snapshot owners using the <code>OwnerIds</code> option, only snapshots from the specified owners and for which you have access are returned. The results can include the AWS account IDs of the specified owners, <code>amazon</code> for snapshots owned by Amazon, or <code>self</code> for snapshots that you own.</p> <p>If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned. You can specify AWS account IDs (if you own the snapshots), <code>self</code> for snapshots for which you own or have explicit permissions, or <code>all</code> for public snapshots.</p> <p>If you are describing a long list of snapshots, you can paginate the output to make the list more manageable. The <code>MaxResults</code> parameter sets the maximum number of results returned in a single page. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSnapshots</code> request to retrieve the remaining results.</p> <p>To get the state of fast snapshot restores for a snapshot, use <a>DescribeFastSnapshotRestores</a>.</p> <p>For more information about EBS snapshots, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html\">Amazon EBS Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "DescribeSpotDatafeedSubscription": {
       "name": "DescribeSpotDatafeedSubscription",
@@ -2742,7 +3126,7 @@
       "output": {
         "shape": "DescribeSpotInstanceRequestsResult"
       },
-      "documentation": "<p>Describes the specified Spot Instance requests.</p> <p>You can use <code>DescribeSpotInstanceRequests</code> to find a running Spot Instance by examining the response. If the status of the Spot Instance is <code>fulfilled</code>, the instance ID appears in the response and contains the identifier of the instance. Alternatively, you can use <a>DescribeInstances</a> with a filter to look for instances where the instance lifecycle is <code>spot</code>.</p> <p>We recommend that you set <code>MaxResults</code> to a value between 5 and 1000 to limit the number of results returned. This paginates the output, which makes the list more manageable and returns the results faster. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSpotInstanceRequests</code> request to retrieve the remaining results.</p> <p>Spot Instance requests are deleted four hours after they are canceled and their instances are terminated.</p>"
+      "documentation": "<p>Describes the specified Spot Instance requests.</p> <p>You can use <code>DescribeSpotInstanceRequests</code> to find a running Spot Instance by examining the response. If the status of the Spot Instance is <code>fulfilled</code>, the instance ID appears in the response and contains the identifier of the instance. Alternatively, you can use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances\">DescribeInstances</a> with a filter to look for instances where the instance lifecycle is <code>spot</code>.</p> <p>We recommend that you set <code>MaxResults</code> to a value between 5 and 1000 to limit the number of results returned. This paginates the output, which makes the list more manageable and returns the results faster. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSpotInstanceRequests</code> request to retrieve the remaining results.</p> <p>Spot Instance requests are deleted four hours after they are canceled and their instances are terminated.</p>"
     },
     "DescribeSpotPriceHistory": {
       "name": "DescribeSpotPriceHistory",
@@ -2856,6 +3240,34 @@
       },
       "documentation": "<p>Describes one or more attachments between resources and transit gateways. By default, all attachments are described. Alternatively, you can filter the results by attachment ID, attachment state, resource ID, or resource owner.</p>"
     },
+    "DescribeTransitGatewayMulticastDomains": {
+      "name": "DescribeTransitGatewayMulticastDomains",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeTransitGatewayMulticastDomainsRequest"
+      },
+      "output": {
+        "shape": "DescribeTransitGatewayMulticastDomainsResult"
+      },
+      "documentation": "<p>Describes one or more transit gateway multicast domains.</p>"
+    },
+    "DescribeTransitGatewayPeeringAttachments": {
+      "name": "DescribeTransitGatewayPeeringAttachments",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DescribeTransitGatewayPeeringAttachmentsRequest"
+      },
+      "output": {
+        "shape": "DescribeTransitGatewayPeeringAttachmentsResult"
+      },
+      "documentation": "<p>Describes your transit gateway peering attachments.</p>"
+    },
     "DescribeTransitGatewayRouteTables": {
       "name": "DescribeTransitGatewayRouteTables",
       "http": {
@@ -3211,6 +3623,20 @@
       },
       "documentation": "<p>Disables EBS encryption by default for your account in the current Region.</p> <p>After you disable encryption by default, you can still create encrypted volumes by enabling encryption when you create each volume.</p> <p>Disabling encryption by default does not change the encryption status of your existing volumes.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
+    "DisableFastSnapshotRestores": {
+      "name": "DisableFastSnapshotRestores",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DisableFastSnapshotRestoresRequest"
+      },
+      "output": {
+        "shape": "DisableFastSnapshotRestoresResult"
+      },
+      "documentation": "<p>Disables fast snapshot restores for the specified snapshots in the specified Availability Zones.</p>"
+    },
     "DisableTransitGatewayRouteTablePropagation": {
       "name": "DisableTransitGatewayRouteTablePropagation",
       "http": {
@@ -3262,7 +3688,7 @@
       "output": {
         "shape": "DisableVpcClassicLinkDnsSupportResult"
       },
-      "documentation": "<p>Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You must specify a VPC ID in the request.</p>"
     },
     "DisassociateAddress": {
       "name": "DisassociateAddress",
@@ -3312,7 +3738,7 @@
       "input": {
         "shape": "DisassociateRouteTableRequest"
       },
-      "documentation": "<p>Disassociates a subnet from a route table.</p> <p>After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Disassociates a subnet or gateway from a route table.</p> <p>After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "DisassociateSubnetCidrBlock": {
       "name": "DisassociateSubnetCidrBlock",
@@ -3328,6 +3754,20 @@
       },
       "documentation": "<p>Disassociates a CIDR block from a subnet. Currently, you can disassociate an IPv6 CIDR block only. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it. </p>"
     },
+    "DisassociateTransitGatewayMulticastDomain": {
+      "name": "DisassociateTransitGatewayMulticastDomain",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "DisassociateTransitGatewayMulticastDomainRequest"
+      },
+      "output": {
+        "shape": "DisassociateTransitGatewayMulticastDomainResult"
+      },
+      "documentation": "<p>Disassociates the specified subnets from the transit gateway multicast domain. </p>"
+    },
     "DisassociateTransitGatewayRouteTable": {
       "name": "DisassociateTransitGatewayRouteTable",
       "http": {
@@ -3370,6 +3810,20 @@
       },
       "documentation": "<p>Enables EBS encryption by default for your account in the current Region.</p> <p>After you enable encryption by default, the EBS volumes that you create are are always encrypted, either using the default CMK or the CMK that you specified when you created each volume. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can specify the default CMK for encryption by default using <a>ModifyEbsDefaultKmsKeyId</a> or <a>ResetEbsDefaultKmsKeyId</a>.</p> <p>Enabling encryption by default has no effect on the encryption status of your existing volumes.</p> <p>After you enable encryption by default, you can no longer launch instances using instance types that do not support encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p>"
     },
+    "EnableFastSnapshotRestores": {
+      "name": "EnableFastSnapshotRestores",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "EnableFastSnapshotRestoresRequest"
+      },
+      "output": {
+        "shape": "EnableFastSnapshotRestoresResult"
+      },
+      "documentation": "<p>Enables fast snapshot restores for the specified snapshots in the specified Availability Zones.</p> <p>You get the full benefit of fast snapshot restores after they enter the <code>enabled</code> state. To get the current state of fast snapshot restores, use <a>DescribeFastSnapshotRestores</a>. To disable fast snapshot restores, use <a>DisableFastSnapshotRestores</a>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-fast-snapshot-restore.html\">Amazon EBS Fast Snapshot Restore</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
     "EnableTransitGatewayRouteTablePropagation": {
       "name": "EnableTransitGatewayRouteTablePropagation",
       "http": {
@@ -3432,7 +3886,7 @@
       "output": {
         "shape": "EnableVpcClassicLinkDnsSupportResult"
       },
-      "documentation": "<p>Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You must specify a VPC ID in the request.</p>"
     },
     "ExportClientVpnClientCertificateRevocationList": {
       "name": "ExportClientVpnClientCertificateRevocationList",
@@ -3462,6 +3916,20 @@
       },
       "documentation": "<p>Downloads the contents of the Client VPN endpoint configuration file for the specified Client VPN endpoint. The Client VPN endpoint configuration file includes the Client VPN endpoint and certificate information clients need to establish a connection with the Client VPN endpoint.</p>"
     },
+    "ExportImage": {
+      "name": "ExportImage",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ExportImageRequest"
+      },
+      "output": {
+        "shape": "ExportImageResult"
+      },
+      "documentation": "<p>Exports an Amazon Machine Image (AMI) to a VM file. For more information, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport_image.html\">Exporting a VM Directory from an Amazon Machine Image (AMI)</a> in the <i>VM Import/Export User Guide</i>.</p>"
+    },
     "ExportTransitGatewayRoutes": {
       "name": "ExportTransitGatewayRoutes",
       "http": {
@@ -3474,7 +3942,49 @@
       "output": {
         "shape": "ExportTransitGatewayRoutesResult"
       },
-      "documentation": "<p>Exports routes from the specified transit gateway route table to the specified S3 bucket. By default, all routes are exported. Alternatively, you can filter by CIDR range.</p>"
+      "documentation": "<p>Exports routes from the specified transit gateway route table to the specified S3 bucket. By default, all routes are exported. Alternatively, you can filter by CIDR range.</p> <p>The routes are saved to the specified bucket in a JSON file. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/tgw/tgw-route-tables.html#tgw-export-route-tables\">Export Route Tables to Amazon S3</a> in <i>Transit Gateways</i>.</p>"
+    },
+    "GetAssociatedIpv6PoolCidrs": {
+      "name": "GetAssociatedIpv6PoolCidrs",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "GetAssociatedIpv6PoolCidrsRequest"
+      },
+      "output": {
+        "shape": "GetAssociatedIpv6PoolCidrsResult"
+      },
+      "documentation": "<p>Gets information about the IPv6 CIDR block associations for a specified IPv6 address pool.</p>"
+    },
+    "GetCapacityReservationUsage": {
+      "name": "GetCapacityReservationUsage",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "GetCapacityReservationUsageRequest"
+      },
+      "output": {
+        "shape": "GetCapacityReservationUsageResult"
+      },
+      "documentation": "<p>Gets usage information about a Capacity Reservation. If the Capacity Reservation is shared, it shows usage information for the Capacity Reservation owner and each AWS account that is currently using the shared capacity. If the Capacity Reservation is not shared, it shows only the Capacity Reservation owner's usage.</p>"
+    },
+    "GetCoipPoolUsage": {
+      "name": "GetCoipPoolUsage",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "GetCoipPoolUsageRequest"
+      },
+      "output": {
+        "shape": "GetCoipPoolUsageResult"
+      },
+      "documentation": "<p>Describes the allocations from the specified customer-owned address pool.</p>"
     },
     "GetConsoleOutput": {
       "name": "GetConsoleOutput",
@@ -3504,6 +4014,20 @@
       },
       "documentation": "<p>Retrieve a JPG-format screenshot of a running instance to help with troubleshooting.</p> <p>The returned content is Base64-encoded.</p>"
     },
+    "GetDefaultCreditSpecification": {
+      "name": "GetDefaultCreditSpecification",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "GetDefaultCreditSpecificationRequest"
+      },
+      "output": {
+        "shape": "GetDefaultCreditSpecificationResult"
+      },
+      "documentation": "<p>Describes the default credit option for CPU usage of a burstable performance instance family.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
     "GetEbsDefaultKmsKeyId": {
       "name": "GetEbsDefaultKmsKeyId",
       "http": {
@@ -3602,6 +4126,20 @@
       },
       "documentation": "<p>Lists the route tables to which the specified resource attachment propagates routes.</p>"
     },
+    "GetTransitGatewayMulticastDomainAssociations": {
+      "name": "GetTransitGatewayMulticastDomainAssociations",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "GetTransitGatewayMulticastDomainAssociationsRequest"
+      },
+      "output": {
+        "shape": "GetTransitGatewayMulticastDomainAssociationsResult"
+      },
+      "documentation": "<p>Gets information about the associations for the transit gateway multicast domain.</p>"
+    },
     "GetTransitGatewayRouteTableAssociations": {
       "name": "GetTransitGatewayRouteTableAssociations",
       "http": {
@@ -3714,6 +4252,20 @@
       },
       "documentation": "<p>Creates an import volume task using metadata from the specified disk image.For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/importing-your-volumes-into-amazon-ebs.html\">Importing Disks to Amazon EBS</a>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>"
     },
+    "ModifyAvailabilityZoneGroup": {
+      "name": "ModifyAvailabilityZoneGroup",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ModifyAvailabilityZoneGroupRequest"
+      },
+      "output": {
+        "shape": "ModifyAvailabilityZoneGroupResult"
+      },
+      "documentation": "<p>Enables or disables an Availability Zone group for your account.</p> <p>Use <a href=\"https://docs.aws.amazon.com/AWSEC2ApiDocReef/build/server-root/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html\">describe-availability-zones</a> to view the value for <code>GroupName</code>.</p>"
+    },
     "ModifyCapacityReservation": {
       "name": "ModifyCapacityReservation",
       "http": {
@@ -3740,7 +4292,21 @@
       "output": {
         "shape": "ModifyClientVpnEndpointResult"
       },
-      "documentation": "<p>Modifies the specified Client VPN endpoint. You can only modify an endpoint's server certificate information, client connection logging information, DNS server, and description. Modifying the DNS server resets existing client connections.</p>"
+      "documentation": "<p>Modifies the specified Client VPN endpoint. Modifying the DNS server resets existing client connections.</p>"
+    },
+    "ModifyDefaultCreditSpecification": {
+      "name": "ModifyDefaultCreditSpecification",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ModifyDefaultCreditSpecificationRequest"
+      },
+      "output": {
+        "shape": "ModifyDefaultCreditSpecificationResult"
+      },
+      "documentation": "<p>Modifies the default credit option for CPU usage of burstable performance instances. The default credit option is set at the account level per AWS Region, and is specified per instance family. All new burstable performance instances in the account launch using the default credit option.</p> <p> <code>ModifyDefaultCreditSpecification</code> is an asynchronous operation, which works at an AWS Region level and modifies the credit option for each Availability Zone. All zones in a Region are updated within five minutes. But if instances are launched during this operation, they might not get the new credit option until the zone is updated. To verify whether the update has occurred, you can call <code>GetDefaultCreditSpecification</code> and check <code>DefaultCreditSpecification</code> for updates.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "ModifyEbsDefaultKmsKeyId": {
       "name": "ModifyEbsDefaultKmsKeyId",
@@ -3754,7 +4320,7 @@
       "output": {
         "shape": "ModifyEbsDefaultKmsKeyIdResult"
       },
-      "documentation": "<p>Changes the default customer master key (CMK) for EBS encryption by default for your account in this Region.</p> <p>AWS creates a unique AWS managed CMK in each Region for use with encryption by default. If you change the default CMK to a customer managed CMK, it is used instead of the AWS managed CMK. To reset the default CMK to the AWS managed CMK for EBS, use <a>ResetEbsDefaultKmsKeyId</a>.</p> <p>If you delete or disable the customer managed CMK that you specified for use with encryption by default, your instances will fail to launch.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Changes the default customer master key (CMK) for EBS encryption by default for your account in this Region.</p> <p>AWS creates a unique AWS managed CMK in each Region for use with encryption by default. If you change the default CMK to a symmetric customer managed CMK, it is used instead of the AWS managed CMK. To reset the default CMK to the AWS managed CMK for EBS, use <a>ResetEbsDefaultKmsKeyId</a>. Amazon EBS does not support asymmetric CMKs.</p> <p>If you delete or disable the customer managed CMK that you specified for use with encryption by default, your instances will fail to launch.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "ModifyFleet": {
       "name": "ModifyFleet",
@@ -3768,7 +4334,7 @@
       "output": {
         "shape": "ModifyFleetResult"
       },
-      "documentation": "<p>Modifies the specified EC2 Fleet.</p> <p>While the EC2 Fleet is being modified, it is in the <code>modifying</code> state.</p>"
+      "documentation": "<p>Modifies the specified EC2 Fleet.</p> <p>You can only modify an EC2 Fleet request of type <code>maintain</code>.</p> <p>While the EC2 Fleet is being modified, it is in the <code>modifying</code> state.</p> <p>To scale up your EC2 Fleet, increase its target capacity. The EC2 Fleet launches the additional Spot Instances according to the allocation strategy for the EC2 Fleet request. If the allocation strategy is <code>lowest-price</code>, the EC2 Fleet launches instances using the Spot Instance pool with the lowest price. If the allocation strategy is <code>diversified</code>, the EC2 Fleet distributes the instances across the Spot Instance pools. If the allocation strategy is <code>capacity-optimized</code>, EC2 Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.</p> <p>To scale down your EC2 Fleet, decrease its target capacity. First, the EC2 Fleet cancels any open requests that exceed the new target capacity. You can request that the EC2 Fleet terminate Spot Instances until the size of the fleet no longer exceeds the new target capacity. If the allocation strategy is <code>lowest-price</code>, the EC2 Fleet terminates the instances with the highest price per unit. If the allocation strategy is <code>capacity-optimized</code>, the EC2 Fleet terminates the instances in the Spot Instance pools that have the least available Spot Instance capacity. If the allocation strategy is <code>diversified</code>, the EC2 Fleet terminates instances across the Spot Instance pools. Alternatively, you can request that the EC2 Fleet keep the fleet at its current size, but not replace any Spot Instances that are interrupted or that you terminate manually.</p> <p>If you are finished with your EC2 Fleet for now, but will use it again later, you can set the target capacity to 0.</p>"
     },
     "ModifyFpgaImageAttribute": {
       "name": "ModifyFpgaImageAttribute",
@@ -3796,7 +4362,7 @@
       "output": {
         "shape": "ModifyHostsResult"
       },
-      "documentation": "<p>Modify the auto-placement setting of a Dedicated Host. When auto-placement is enabled, any instances that you launch with a tenancy of <code>host</code> but without a specific host ID are placed onto any available Dedicated Host in your account that has auto-placement enabled. When auto-placement is disabled, you need to provide a host ID to have the instance launch onto a specific host. If no host ID is provided, the instance is launched onto a suitable host with auto-placement enabled.</p>"
+      "documentation": "<p>Modify the auto-placement setting of a Dedicated Host. When auto-placement is enabled, any instances that you launch with a tenancy of <code>host</code> but without a specific host ID are placed onto any available Dedicated Host in your account that has auto-placement enabled. When auto-placement is disabled, you need to provide a host ID to have the instance launch onto a specific host. If no host ID is provided, the instance is launched onto a suitable host with auto-placement enabled.</p> <p>You can also use this API action to modify a Dedicated Host to support either multiple instance types in an instance family, or to support a specific instance type only.</p>"
     },
     "ModifyIdFormat": {
       "name": "ModifyIdFormat",
@@ -3868,7 +4434,7 @@
       "output": {
         "shape": "ModifyInstanceCreditSpecificationResult"
       },
-      "documentation": "<p>Modifies the credit option for CPU usage on a running or stopped T2 or T3 instance. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Modifies the credit option for CPU usage on a running or stopped burstable performance instance. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "ModifyInstanceEventStartTime": {
       "name": "ModifyInstanceEventStartTime",
@@ -3884,6 +4450,20 @@
       },
       "documentation": "<p>Modifies the start time for a scheduled Amazon EC2 instance event.</p>"
     },
+    "ModifyInstanceMetadataOptions": {
+      "name": "ModifyInstanceMetadataOptions",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ModifyInstanceMetadataOptionsRequest"
+      },
+      "output": {
+        "shape": "ModifyInstanceMetadataOptionsResult"
+      },
+      "documentation": "<p>Modify the instance metadata parameters on a running or stopped instance. When you modify the parameters on a stopped instance, they are applied when the instance is started. When you modify the parameters on a running instance, the API responds with a state of “pending”. After the parameter modifications are successfully applied to the instance, the state of the modifications changes from “pending” to “applied” in subsequent describe-instances API calls. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a>.</p>"
+    },
     "ModifyInstancePlacement": {
       "name": "ModifyInstancePlacement",
       "http": {
@@ -3946,7 +4526,7 @@
       "input": {
         "shape": "ModifySnapshotAttributeRequest"
       },
-      "documentation": "<p>Adds or removes permission settings for the specified snapshot. You may add or remove specified AWS account IDs from a snapshot's list of create volume permissions, but you cannot do both in a single operation. If you need to both add and remove account IDs for a snapshot, you must use multiple operations.</p> <p>Encrypted snapshots and snapshots with AWS Marketplace product codes cannot be made public. Snapshots encrypted with your default CMK cannot be shared with other accounts.</p> <p>For more information about modifying snapshot permissions, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html\">Sharing Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Adds or removes permission settings for the specified snapshot. You may add or remove specified AWS account IDs from a snapshot's list of create volume permissions, but you cannot do both in a single operation. If you need to both add and remove account IDs for a snapshot, you must use multiple operations. You can make up to 500 modifications to a snapshot in a single operation.</p> <p>Encrypted snapshots and snapshots with AWS Marketplace product codes cannot be made public. Snapshots encrypted with your default CMK cannot be shared with other accounts.</p> <p>For more information about modifying snapshot permissions, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html\">Sharing Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "ModifySpotFleetRequest": {
       "name": "ModifySpotFleetRequest",
@@ -3960,7 +4540,7 @@
       "output": {
         "shape": "ModifySpotFleetRequestResponse"
       },
-      "documentation": "<p>Modifies the specified Spot Fleet request.</p> <p>You can only modify a Spot Fleet request of type <code>maintain</code>.</p> <p>While the Spot Fleet request is being modified, it is in the <code>modifying</code> state.</p> <p>To scale up your Spot Fleet, increase its target capacity. The Spot Fleet launches the additional Spot Instances according to the allocation strategy for the Spot Fleet request. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet launches instances using the Spot pool with the lowest price. If the allocation strategy is <code>diversified</code>, the Spot Fleet distributes the instances across the Spot pools.</p> <p>To scale down your Spot Fleet, decrease its target capacity. First, the Spot Fleet cancels any open requests that exceed the new target capacity. You can request that the Spot Fleet terminate Spot Instances until the size of the fleet no longer exceeds the new target capacity. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet terminates the instances with the highest price per unit. If the allocation strategy is <code>diversified</code>, the Spot Fleet terminates instances across the Spot pools. Alternatively, you can request that the Spot Fleet keep the fleet at its current size, but not replace any Spot Instances that are interrupted or that you terminate manually.</p> <p>If you are finished with your Spot Fleet for now, but will use it again later, you can set the target capacity to 0.</p>"
+      "documentation": "<p>Modifies the specified Spot Fleet request.</p> <p>You can only modify a Spot Fleet request of type <code>maintain</code>.</p> <p>While the Spot Fleet request is being modified, it is in the <code>modifying</code> state.</p> <p>To scale up your Spot Fleet, increase its target capacity. The Spot Fleet launches the additional Spot Instances according to the allocation strategy for the Spot Fleet request. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet launches instances using the Spot Instance pool with the lowest price. If the allocation strategy is <code>diversified</code>, the Spot Fleet distributes the instances across the Spot Instance pools. If the allocation strategy is <code>capacityOptimized</code>, Spot Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.</p> <p>To scale down your Spot Fleet, decrease its target capacity. First, the Spot Fleet cancels any open requests that exceed the new target capacity. You can request that the Spot Fleet terminate Spot Instances until the size of the fleet no longer exceeds the new target capacity. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet terminates the instances with the highest price per unit. If the allocation strategy is <code>capacityOptimized</code>, the Spot Fleet terminates the instances in the Spot Instance pools that have the least available Spot Instance capacity. If the allocation strategy is <code>diversified</code>, the Spot Fleet terminates instances across the Spot Instance pools. Alternatively, you can request that the Spot Fleet keep the fleet at its current size, but not replace any Spot Instances that are interrupted or that you terminate manually.</p> <p>If you are finished with your Spot Fleet for now, but will use it again later, you can set the target capacity to 0.</p>"
     },
     "ModifySubnetAttribute": {
       "name": "ModifySubnetAttribute",
@@ -3985,7 +4565,7 @@
       "output": {
         "shape": "ModifyTrafficMirrorFilterNetworkServicesResult"
       },
-      "documentation": "<p>Allows or restricts mirroring network services.</p> <p> By default, Amazon DNS network services are not eligible for Traffic Mirror. Use <code>AddNetworkServices</code> to add network services to a Traffic Mirror filter. When a network service is added to the Traffic Mirror filter, all traffic related to that network service will be mirrored. When you no longer want to mirror network services, use <code>RemoveNetworkServices</code> to remove the network services from the Traffic Mirror filter. </p> <p>FFor information about filter rule properties, see <a href=\"https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html#traffic-mirroring-network-services\">Network Services</a> in the <i>Traffic Mirroring User Guide </i>.</p>"
+      "documentation": "<p>Allows or restricts mirroring network services.</p> <p> By default, Amazon DNS network services are not eligible for Traffic Mirror. Use <code>AddNetworkServices</code> to add network services to a Traffic Mirror filter. When a network service is added to the Traffic Mirror filter, all traffic related to that network service will be mirrored. When you no longer want to mirror network services, use <code>RemoveNetworkServices</code> to remove the network services from the Traffic Mirror filter. </p> <p>For information about filter rule properties, see <a href=\"https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html\">Network Services</a> in the <i>Traffic Mirroring User Guide </i>.</p>"
     },
     "ModifyTrafficMirrorFilterRule": {
       "name": "ModifyTrafficMirrorFilterRule",
@@ -4105,7 +4685,7 @@
       "output": {
         "shape": "ModifyVpcEndpointServiceConfigurationResult"
       },
-      "documentation": "<p>Modifies the attributes of your VPC endpoint service configuration. You can change the Network Load Balancers for your service, and you can specify whether acceptance is required for requests to connect to your endpoint service through an interface VPC endpoint.</p>"
+      "documentation": "<p>Modifies the attributes of your VPC endpoint service configuration. You can change the Network Load Balancers for your service, and you can specify whether acceptance is required for requests to connect to your endpoint service through an interface VPC endpoint.</p> <p>If you set or modify the private DNS name, you must prove that you own the private DNS domain name. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html\">VPC Endpoint Service Private DNS Name Verification</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "ModifyVpcEndpointServicePermissions": {
       "name": "ModifyVpcEndpointServicePermissions",
@@ -4161,7 +4741,35 @@
       "output": {
         "shape": "ModifyVpnConnectionResult"
       },
-      "documentation": "<p>Modifies the target gateway of a AWS Site-to-Site VPN connection. The following migration options are available:</p> <ul> <li> <p>An existing virtual private gateway to a new virtual private gateway</p> </li> <li> <p>An existing virtual private gateway to a transit gateway</p> </li> <li> <p>An existing transit gateway to a new transit gateway</p> </li> <li> <p>An existing transit gateway to a virtual private gateway</p> </li> </ul> <p>Before you perform the migration to the new gateway, you must configure the new gateway. Use <a>CreateVpnGateway</a> to create a virtual private gateway, or <a>CreateTransitGateway</a> to create a transit gateway.</p> <p>This step is required when you migrate from a virtual private gateway with static routes to a transit gateway. </p> <p>You must delete the static routes before you migrate to the new gateway.</p> <p>Keep a copy of the static route before you delete it. You will need to add back these routes to the transit gateway after the VPN connection migration is complete.</p> <p>After you migrate to the new gateway, you might need to modify your VPC route table. Use <a>CreateRoute</a> and <a>DeleteRoute</a> to make the changes described in <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/modify-vpn-target.html#step-update-routing\">VPN Gateway Target Modification Required VPC Route Table Updates</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <p> When the new gateway is a transit gateway, modify the transit gateway route table to allow traffic between the VPC and the AWS Site-to-Site VPN connection. Use <a>CreateTransitGatewayRoute</a> to add the routes.</p> <p> If you deleted VPN static routes, you must add the static routes to the transit gateway route table.</p> <p>After you perform this operation, the AWS VPN endpoint's IP addresses on the AWS side and the tunnel options remain intact. Your s2slong; connection will be temporarily unavailable for approximately 10 minutes while we provision the new endpoints </p>"
+      "documentation": "<p>Modifies the customer gateway or the target gateway of an AWS Site-to-Site VPN connection. To modify the target gateway, the following migration options are available:</p> <ul> <li> <p>An existing virtual private gateway to a new virtual private gateway</p> </li> <li> <p>An existing virtual private gateway to a transit gateway</p> </li> <li> <p>An existing transit gateway to a new transit gateway</p> </li> <li> <p>An existing transit gateway to a virtual private gateway</p> </li> </ul> <p>Before you perform the migration to the new gateway, you must configure the new gateway. Use <a>CreateVpnGateway</a> to create a virtual private gateway, or <a>CreateTransitGateway</a> to create a transit gateway.</p> <p>This step is required when you migrate from a virtual private gateway with static routes to a transit gateway. </p> <p>You must delete the static routes before you migrate to the new gateway.</p> <p>Keep a copy of the static route before you delete it. You will need to add back these routes to the transit gateway after the VPN connection migration is complete.</p> <p>After you migrate to the new gateway, you might need to modify your VPC route table. Use <a>CreateRoute</a> and <a>DeleteRoute</a> to make the changes described in <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/modify-vpn-target.html#step-update-routing\">VPN Gateway Target Modification Required VPC Route Table Updates</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <p> When the new gateway is a transit gateway, modify the transit gateway route table to allow traffic between the VPC and the AWS Site-to-Site VPN connection. Use <a>CreateTransitGatewayRoute</a> to add the routes.</p> <p> If you deleted VPN static routes, you must add the static routes to the transit gateway route table.</p> <p>After you perform this operation, the AWS VPN endpoint's IP addresses on the AWS side and the tunnel options remain intact. Your AWS Site-to-Site VPN connection will be temporarily unavailable for a brief period while we provision the new endpoints.</p>"
+    },
+    "ModifyVpnTunnelCertificate": {
+      "name": "ModifyVpnTunnelCertificate",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ModifyVpnTunnelCertificateRequest"
+      },
+      "output": {
+        "shape": "ModifyVpnTunnelCertificateResult"
+      },
+      "documentation": "<p>Modifies the VPN tunnel endpoint certificate.</p>"
+    },
+    "ModifyVpnTunnelOptions": {
+      "name": "ModifyVpnTunnelOptions",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "ModifyVpnTunnelOptionsRequest"
+      },
+      "output": {
+        "shape": "ModifyVpnTunnelOptionsResult"
+      },
+      "documentation": "<p>Modifies the options for a VPN tunnel in an AWS Site-to-Site VPN connection. You can modify multiple options for a tunnel in a single request, but you can only modify one tunnel at a time. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNTunnels.html\">Site-to-Site VPN Tunnel Options for Your Site-to-Site VPN Connection</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>"
     },
     "MonitorInstances": {
       "name": "MonitorInstances",
@@ -4203,7 +4811,7 @@
       "output": {
         "shape": "ProvisionByoipCidrResult"
       },
-      "documentation": "<p>Provisions an address range for use with your AWS resources through bring your own IP addresses (BYOIP) and creates a corresponding address pool. After the address range is provisioned, it is ready to be advertised using <a>AdvertiseByoipCidr</a>.</p> <p>AWS verifies that you own the address range and are authorized to advertise it. You must ensure that the address range is registered to you and that you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise the address range. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">Bring Your Own IP Addresses (BYOIP)</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Provisioning an address range is an asynchronous operation, so the call returns immediately, but the address range is not ready to use until its status changes from <code>pending-provision</code> to <code>provisioned</code>. To monitor the status of an address range, use <a>DescribeByoipCidrs</a>. To allocate an Elastic IP address from your address pool, use <a>AllocateAddress</a> with either the specific address from the address pool or the ID of the address pool.</p>"
+      "documentation": "<p>Provisions an IPv4 or IPv6 address range for use with your AWS resources through bring your own IP addresses (BYOIP) and creates a corresponding address pool. After the address range is provisioned, it is ready to be advertised using <a>AdvertiseByoipCidr</a>.</p> <p>AWS verifies that you own the address range and are authorized to advertise it. You must ensure that the address range is registered to you and that you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise the address range. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">Bring Your Own IP Addresses (BYOIP)</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Provisioning an address range is an asynchronous operation, so the call returns immediately, but the address range is not ready to use until its status changes from <code>pending-provision</code> to <code>provisioned</code>. To monitor the status of an address range, use <a>DescribeByoipCidrs</a>. To allocate an Elastic IP address from your IPv4 address pool, use <a>AllocateAddress</a> with either the specific address from the address pool or the ID of the address pool.</p>"
     },
     "PurchaseHostReservation": {
       "name": "PurchaseHostReservation",
@@ -4231,7 +4839,7 @@
       "output": {
         "shape": "PurchaseReservedInstancesOfferingResult"
       },
-      "documentation": "<p>Purchases a Reserved Instance for use with your account. With Reserved Instances, you pay a lower hourly rate compared to On-Demand instance pricing.</p> <p>Use <a>DescribeReservedInstancesOfferings</a> to get a list of Reserved Instance offerings that match your specifications. After you've purchased a Reserved Instance, you can check for your new Reserved Instance with <a>DescribeReservedInstances</a>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html\">Reserved Instances</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Purchases a Reserved Instance for use with your account. With Reserved Instances, you pay a lower hourly rate compared to On-Demand instance pricing.</p> <p>Use <a>DescribeReservedInstancesOfferings</a> to get a list of Reserved Instance offerings that match your specifications. After you've purchased a Reserved Instance, you can check for your new Reserved Instance with <a>DescribeReservedInstances</a>.</p> <p>To queue a purchase for a future date and time, specify a purchase time. If you do not specify a purchase time, the default is the current time.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html\">Reserved Instances</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "PurchaseScheduledInstances": {
       "name": "PurchaseScheduledInstances",
@@ -4270,7 +4878,63 @@
       "output": {
         "shape": "RegisterImageResult"
       },
-      "documentation": "<p>Registers an AMI. When you're creating an AMI, this is the final step you must complete before you can launch an instance from the AMI. For more information about creating AMIs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html\">Creating Your Own AMIs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <note> <p>For Amazon EBS-backed instances, <a>CreateImage</a> creates and registers the AMI in a single request, so you don't have to register the AMI yourself.</p> </note> <p>You can also use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from a snapshot of a root device volume. You specify the snapshot using the block device mapping. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html\">Launching a Linux Instance from a Backup</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can't register an image where a secondary (non-root) snapshot has AWS Marketplace product codes.</p> <p>Some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code associated with an AMI to verify the subscription status for package updates. Creating an AMI from an EBS snapshot does not maintain this billing code, and instances launched from such an AMI are not able to connect to package update infrastructure. If you purchase a Reserved Instance offering for one of these Linux distributions and launch instances using an AMI that does not contain the required billing code, your Reserved Instance is not applied to these instances.</p> <p>To create an AMI for operating systems that require a billing code, see <a>CreateImage</a>.</p> <p>If needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. If you make changes to an image, deregister the previous image and register the new image.</p>"
+      "documentation": "<p>Registers an AMI. When you're creating an AMI, this is the final step you must complete before you can launch an instance from the AMI. For more information about creating AMIs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html\">Creating Your Own AMIs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <note> <p>For Amazon EBS-backed instances, <a>CreateImage</a> creates and registers the AMI in a single request, so you don't have to register the AMI yourself.</p> </note> <p>You can also use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from a snapshot of a root device volume. You specify the snapshot using the block device mapping. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html\">Launching a Linux Instance from a Backup</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can't register an image where a secondary (non-root) snapshot has AWS Marketplace product codes.</p> <p>Windows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code associated with an AMI to verify the subscription status for package updates. To create a new AMI for operating systems that require a billing product code, instead of registering the AMI, do the following to preserve the billing product code association:</p> <ol> <li> <p>Launch an instance from an existing AMI with that billing product code.</p> </li> <li> <p>Customize the instance.</p> </li> <li> <p>Create an AMI from the instance using <a>CreateImage</a>.</p> </li> </ol> <p>If you purchase a Reserved Instance to apply to an On-Demand Instance that was launched from an AMI with a billing product code, make sure that the Reserved Instance has the matching billing product code. If you purchase a Reserved Instance without the matching billing product code, the Reserved Instance will not be applied to the On-Demand Instance. For information about how to obtain the platform details and billing information of an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Obtaining Billing Information</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>If needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. If you make changes to an image, deregister the previous image and register the new image.</p>"
+    },
+    "RegisterInstanceEventNotificationAttributes": {
+      "name": "RegisterInstanceEventNotificationAttributes",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "RegisterInstanceEventNotificationAttributesRequest"
+      },
+      "output": {
+        "shape": "RegisterInstanceEventNotificationAttributesResult"
+      },
+      "documentation": "<p>Registers a set of tag keys to include in scheduled event notifications for your resources. </p> <p>To remove tags, use .</p>"
+    },
+    "RegisterTransitGatewayMulticastGroupMembers": {
+      "name": "RegisterTransitGatewayMulticastGroupMembers",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "RegisterTransitGatewayMulticastGroupMembersRequest"
+      },
+      "output": {
+        "shape": "RegisterTransitGatewayMulticastGroupMembersResult"
+      },
+      "documentation": "<p>Registers members (network interfaces) with the transit gateway multicast group. A member is a network interface associated with a supported EC2 instance that receives multicast traffic. For information about supported instances, see <a href=\"https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-limits.html#multicast-limits\">Multicast Consideration</a> in <i>Amazon VPC Transit Gateways</i>.</p> <p>After you add the members, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html\">SearchTransitGatewayMulticastGroups</a> to verify that the members were added to the transit gateway multicast group.</p>"
+    },
+    "RegisterTransitGatewayMulticastGroupSources": {
+      "name": "RegisterTransitGatewayMulticastGroupSources",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "RegisterTransitGatewayMulticastGroupSourcesRequest"
+      },
+      "output": {
+        "shape": "RegisterTransitGatewayMulticastGroupSourcesResult"
+      },
+      "documentation": "<p>Registers sources (network interfaces) with the specified transit gateway multicast group.</p> <p>A multicast source is a network interface attached to a supported instance that sends multicast traffic. For information about supported instances, see <a href=\"https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-limits.html#multicast-limits\">Multicast Considerations</a> in <i>Amazon VPC Transit Gateways</i>.</p> <p>After you add the source, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html\">SearchTransitGatewayMulticastGroups</a> to verify that the source was added to the multicast group.</p>"
+    },
+    "RejectTransitGatewayPeeringAttachment": {
+      "name": "RejectTransitGatewayPeeringAttachment",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "RejectTransitGatewayPeeringAttachmentRequest"
+      },
+      "output": {
+        "shape": "RejectTransitGatewayPeeringAttachmentResult"
+      },
+      "documentation": "<p>Rejects a transit gateway peering attachment request.</p>"
     },
     "RejectTransitGatewayVpcAttachment": {
       "name": "RejectTransitGatewayVpcAttachment",
@@ -4387,7 +5051,7 @@
       "input": {
         "shape": "ReplaceRouteRequest"
       },
-      "documentation": "<p>Replaces an existing route within a route table in a VPC. You must provide only one of the following: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, or egress-only internet gateway.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+      "documentation": "<p>Replaces an existing route within a route table in a VPC. You must provide only one of the following: internet gateway, virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
     },
     "ReplaceRouteTableAssociation": {
       "name": "ReplaceRouteTableAssociation",
@@ -4401,7 +5065,7 @@
       "output": {
         "shape": "ReplaceRouteTableAssociationResult"
       },
-      "documentation": "<p>Changes the route table associated with a given subnet in a VPC. After the operation completes, the subnet uses the routes in the new route table it's associated with. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can also use ReplaceRouteTableAssociation to change which table is the main route table in the VPC. You just specify the main route table's association ID and the route table to be the new main route table.</p>"
+      "documentation": "<p>Changes the route table associated with a given subnet, internet gateway, or virtual private gateway in a VPC. After the operation completes, the subnet or gateway uses the routes in the new route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can also use this operation to change which table is the main route table in the VPC. Specify the main route table's association ID and the route table ID of the new main route table.</p>"
     },
     "ReplaceTransitGatewayRoute": {
       "name": "ReplaceTransitGatewayRoute",
@@ -4440,7 +5104,7 @@
       "output": {
         "shape": "RequestSpotFleetResponse"
       },
-      "documentation": "<p>Creates a Spot Fleet request.</p> <p>The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.</p> <p>You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.</p> <p>By default, the Spot Fleet requests Spot Instances in the Spot pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.</p> <p>Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.</p> <p>You can specify tags for the Spot Instances. You cannot tag other resource types in a Spot Fleet request because only the <code>instance</code> resource type is supported.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html\">Spot Fleet Requests</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>"
+      "documentation": "<p>Creates a Spot Fleet request.</p> <p>The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.</p> <p>You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.</p> <p>By default, the Spot Fleet requests Spot Instances in the Spot Instance pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.</p> <p>Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.</p> <p>You can specify tags for the Spot Fleet request and instances launched by the fleet. You cannot tag other resource types in a Spot Fleet request because only the <code>spot-fleet-request</code> and <code>instance</code> resource types are supported.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html\">Spot Fleet Requests</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>"
     },
     "RequestSpotInstances": {
       "name": "RequestSpotInstances",
@@ -4590,7 +5254,7 @@
       "output": {
         "shape": "Reservation"
       },
-      "documentation": "<p>Launches the specified number of instances using an AMI for which you have permissions. </p> <p>You can specify a number of options, or leave the default options. The following rules apply:</p> <ul> <li> <p>[EC2-VPC] If you don't specify a subnet ID, we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.</p> </li> <li> <p>[EC2-Classic] If don't specify an Availability Zone, we choose one for you.</p> </li> <li> <p>Some instance types must be launched into a VPC. If you do not have a default VPC, or if you do not specify a subnet ID, the request fails. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types\">Instance Types Available Only in a VPC</a>.</p> </li> <li> <p>[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.</p> </li> <li> <p>Not all instance types support IPv6 addresses. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a>.</p> </li> <li> <p>If you don't specify a security group ID, we use the default security group. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html\">Security Groups</a>.</p> </li> <li> <p>If any of the AMIs have a product code attached for which the user has not subscribed, the request fails.</p> </li> </ul> <p>You can create a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html\">launch template</a>, which is a resource that contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify the launch template instead of specifying the launch parameters.</p> <p>To ensure faster instance launches, break up large requests into smaller batches. For example, create five separate launch requests for 100 instances each instead of one launch request for 500 instances.</p> <p>An instance is ready for you to use when it's in the <code>running</code> state. You can check the state of your instance using <a>DescribeInstances</a>. You can tag instances and EBS volumes during launch, after launch, or both. For more information, see <a>CreateTags</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Amazon EC2 Resources</a>.</p> <p>Linux instances have access to the public key of the key pair at boot. You can use this key to provide secure access to the instance. Amazon EC2 public images use this feature to provide secure access without passwords. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For troubleshooting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html\">What To Do If An Instance Immediately Terminates</a>, and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html\">Troubleshooting Connecting to Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Launches the specified number of instances using an AMI for which you have permissions.</p> <p>You can specify a number of options, or leave the default options. The following rules apply:</p> <ul> <li> <p>[EC2-VPC] If you don't specify a subnet ID, we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.</p> </li> <li> <p>[EC2-Classic] If don't specify an Availability Zone, we choose one for you.</p> </li> <li> <p>Some instance types must be launched into a VPC. If you do not have a default VPC, or if you do not specify a subnet ID, the request fails. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types\">Instance Types Available Only in a VPC</a>.</p> </li> <li> <p>[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.</p> </li> <li> <p>Not all instance types support IPv6 addresses. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a>.</p> </li> <li> <p>If you don't specify a security group ID, we use the default security group. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html\">Security Groups</a>.</p> </li> <li> <p>If any of the AMIs have a product code attached for which the user has not subscribed, the request fails.</p> </li> </ul> <p>You can create a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html\">launch template</a>, which is a resource that contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify the launch template instead of specifying the launch parameters.</p> <p>To ensure faster instance launches, break up large requests into smaller batches. For example, create five separate launch requests for 100 instances each instead of one launch request for 500 instances.</p> <p>An instance is ready for you to use when it's in the <code>running</code> state. You can check the state of your instance using <a>DescribeInstances</a>. You can tag instances and EBS volumes during launch, after launch, or both. For more information, see <a>CreateTags</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Amazon EC2 Resources</a>.</p> <p>Linux instances have access to the public key of the key pair at boot. You can use this key to provide secure access to the instance. Amazon EC2 public images use this feature to provide secure access without passwords. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For troubleshooting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html\">What To Do If An Instance Immediately Terminates</a>, and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html\">Troubleshooting Connecting to Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "RunScheduledInstances": {
       "name": "RunScheduledInstances",
@@ -4606,6 +5270,34 @@
       },
       "documentation": "<p>Launches the specified Scheduled Instances.</p> <p>Before you can launch a Scheduled Instance, you must purchase it and obtain an identifier using <a>PurchaseScheduledInstances</a>.</p> <p>You must launch a Scheduled Instance during its scheduled time period. You can't stop or reboot a Scheduled Instance, but you can terminate it as needed. If you terminate a Scheduled Instance before the current scheduled time period ends, you can launch it again after a few minutes. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html\">Scheduled Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
+    "SearchLocalGatewayRoutes": {
+      "name": "SearchLocalGatewayRoutes",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "SearchLocalGatewayRoutesRequest"
+      },
+      "output": {
+        "shape": "SearchLocalGatewayRoutesResult"
+      },
+      "documentation": "<p>Searches for routes in the specified local gateway route table.</p>"
+    },
+    "SearchTransitGatewayMulticastGroups": {
+      "name": "SearchTransitGatewayMulticastGroups",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "SearchTransitGatewayMulticastGroupsRequest"
+      },
+      "output": {
+        "shape": "SearchTransitGatewayMulticastGroupsResult"
+      },
+      "documentation": "<p>Searches one or more transit gateway multicast groups and returns the group membership information.</p>"
+    },
     "SearchTransitGatewayRoutes": {
       "name": "SearchTransitGatewayRoutes",
       "http": {
@@ -4620,6 +5312,17 @@
       },
       "documentation": "<p>Searches for routes in the specified transit gateway route table.</p>"
     },
+    "SendDiagnosticInterrupt": {
+      "name": "SendDiagnosticInterrupt",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "SendDiagnosticInterruptRequest"
+      },
+      "documentation": "<p>Sends a diagnostic interrupt to the specified Amazon EC2 instance to trigger a <i>kernel panic</i> (on Linux instances), or a <i>blue screen</i>/<i>stop error</i> (on Windows instances). For instances based on Intel and AMD processors, the interrupt is received as a <i>non-maskable interrupt</i> (NMI).</p> <p>In general, the operating system crashes and reboots when a kernel panic or stop error is triggered. The operating system can also be configured to perform diagnostic tasks, such as generating a memory dump file, loading a secondary kernel, or obtaining a call trace.</p> <p>Before sending a diagnostic interrupt to your instance, ensure that its operating system is configured to perform the required diagnostic tasks.</p> <p>For more information about configuring your operating system to generate a crash dump when a kernel panic or stop error occurs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html\">Send a Diagnostic Interrupt</a> (Linux instances) or <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/diagnostic-interrupt.html\">Send a Diagnostic Interrupt</a> (Windows instances).</p>"
+    },
     "StartInstances": {
       "name": "StartInstances",
       "http": {
@@ -4634,6 +5337,20 @@
       },
       "documentation": "<p>Starts an Amazon EBS-backed instance that you've previously stopped.</p> <p>Instances that use Amazon EBS volumes as their root devices can be quickly stopped and started. When an instance is stopped, the compute resources are released and you are not billed for instance usage. However, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. You can restart your instance at any time. Every time you start your Windows instance, Amazon EC2 charges you for a full instance hour. If you stop and restart your Windows instance, a new instance hour begins and Amazon EC2 charges you for another full instance hour even if you are still within the same 60-minute period when it was stopped. Every time you start your Linux instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>Before stopping an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM.</p> <p>Performing this operation on an instance that uses an instance store as its root device returns an error.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html\">Stopping Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
+    "StartVpcEndpointServicePrivateDnsVerification": {
+      "name": "StartVpcEndpointServicePrivateDnsVerification",
+      "http": {
+        "method": "POST",
+        "requestUri": "/"
+      },
+      "input": {
+        "shape": "StartVpcEndpointServicePrivateDnsVerificationRequest"
+      },
+      "output": {
+        "shape": "StartVpcEndpointServicePrivateDnsVerificationResult"
+      },
+      "documentation": "<p>Initiates the verification process to prove that the service provider owns the private DNS name domain for the endpoint service.</p> <p>The service provider must successfully perform the verification before the consumer can use the name to access the service.</p> <p>Before the service provider runs this command, they must add a record to the DNS server. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html#add-dns-txt-record\">Adding a TXT Record to Your Domain's DNS Server </a> in the <i>Amazon VPC User Guide</i>.</p>"
+    },
     "StopInstances": {
       "name": "StopInstances",
       "http": {
@@ -4646,7 +5363,7 @@
       "output": {
         "shape": "StopInstancesResult"
       },
-      "documentation": "<p>Stops an Amazon EBS-backed instance.</p> <p>You can use the Stop action to hibernate an instance if the instance is <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation\">enabled for hibernation</a> and it meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>We don't charge usage for a stopped instance, or data transfer fees; however, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. Every time you start your Windows instance, Amazon EC2 charges you for a full instance hour. If you stop and restart your Windows instance, a new instance hour begins and Amazon EC2 charges you for another full instance hour even if you are still within the same 60-minute period when it was stopped. Every time you start your Linux instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>You can't start, stop, or hibernate Spot Instances, and you can't stop or hibernate instance store-backed instances. For information about using hibernation for Spot Instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances\">Hibernating Interrupted Spot Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop or hibernate an instance, we shut it down. You can restart your instance at any time. Before stopping or hibernating an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM, but hibernating an instance does preserve data stored in RAM. If an instance cannot hibernate successfully, a normal shutdown occurs.</p> <p>Stopping and hibernating an instance is different to rebooting or terminating it. For example, when you stop or hibernate an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, the root device and any other devices attached during the instance launch are automatically deleted. For more information about the differences between rebooting, stopping, hibernating, and terminating instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop an instance, we attempt to shut it down forcibly after a short while. If your instance appears stuck in the stopping state after a period of time, there may be an issue with the underlying host computer. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html\">Troubleshooting Stopping Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Stops an Amazon EBS-backed instance.</p> <p>You can use the Stop action to hibernate an instance if the instance is <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation\">enabled for hibernation</a> and it meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>We don't charge usage for a stopped instance, or data transfer fees; however, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. Every time you start your Windows instance, Amazon EC2 charges you for a full instance hour. If you stop and restart your Windows instance, a new instance hour begins and Amazon EC2 charges you for another full instance hour even if you are still within the same 60-minute period when it was stopped. Every time you start your Linux instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>You can't stop or hibernate instance store-backed instances. You can't use the Stop action to hibernate Spot Instances, but you can specify that Amazon EC2 should hibernate Spot Instances when they are interrupted. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances\">Hibernating Interrupted Spot Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop or hibernate an instance, we shut it down. You can restart your instance at any time. Before stopping or hibernating an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM, but hibernating an instance does preserve data stored in RAM. If an instance cannot hibernate successfully, a normal shutdown occurs.</p> <p>Stopping and hibernating an instance is different to rebooting or terminating it. For example, when you stop or hibernate an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, the root device and any other devices attached during the instance launch are automatically deleted. For more information about the differences between rebooting, stopping, hibernating, and terminating instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop an instance, we attempt to shut it down forcibly after a short while. If your instance appears stuck in the stopping state after a period of time, there may be an issue with the underlying host computer. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html\">Troubleshooting Stopping Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "TerminateClientVpnConnections": {
       "name": "TerminateClientVpnConnections",
@@ -4755,7 +5472,7 @@
       "output": {
         "shape": "WithdrawByoipCidrResult"
       },
-      "documentation": "<p>Stops advertising an IPv4 address range that is provisioned as an address pool.</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>It can take a few minutes before traffic to the specified addresses stops routing to AWS because of BGP propagation delays.</p>"
+      "documentation": "<p>Stops advertising an address range that is provisioned as an address pool.</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>It can take a few minutes before traffic to the specified addresses stops routing to AWS because of BGP propagation delays.</p>"
     }
   },
   "shapes": {
@@ -4793,6 +5510,32 @@
       },
       "documentation": "<p>The result of the exchange and whether it was <code>successful</code>.</p>"
     },
+    "AcceptTransitGatewayPeeringAttachmentRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayAttachmentId"
+      ],
+      "members": {
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
+          "documentation": "<p>The ID of the transit gateway attachment.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "AcceptTransitGatewayPeeringAttachmentResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayPeeringAttachment": {
+          "shape": "TransitGatewayPeeringAttachment",
+          "documentation": "<p>The transit gateway peering attachment.</p>",
+          "locationName": "transitGatewayPeeringAttachment"
+        }
+      }
+    },
     "AcceptTransitGatewayVpcAttachmentRequest": {
       "type": "structure",
       "required": [
@@ -4800,7 +5543,7 @@
       ],
       "members": {
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -4831,11 +5574,11 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
-          "documentation": "<p>The ID of the endpoint service.</p>"
+          "shape": "VpcEndpointServiceId",
+          "documentation": "<p>The ID of the VPC endpoint service.</p>"
         },
         "VpcEndpointIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointIdList",
           "documentation": "<p>The IDs of one or more interface VPC endpoints.</p>",
           "locationName": "VpcEndpointId"
         }
@@ -4860,7 +5603,7 @@
           "locationName": "dryRun"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of the VPC peering connection. You must specify this parameter in the request.</p>",
           "locationName": "vpcPeeringConnectionId"
         }
@@ -5025,6 +5768,21 @@
           "shape": "String",
           "documentation": "<p>The ID of an address pool.</p>",
           "locationName": "publicIpv4Pool"
+        },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The name of the location from which the IP address is advertised.</p>",
+          "locationName": "networkBorderGroup"
+        },
+        "CustomerOwnedIp": {
+          "shape": "String",
+          "documentation": "<p>The customer-owned IP address.</p>",
+          "locationName": "customerOwnedIp"
+        },
+        "CustomerOwnedIpv4Pool": {
+          "shape": "String",
+          "documentation": "<p>The ID of the customer-owned address pool.</p>",
+          "locationName": "customerOwnedIpv4Pool"
         }
       },
       "documentation": "<p>Describes an Elastic IP address.</p>"
@@ -5044,7 +5802,7 @@
       "members": {
         "Cidr": {
           "shape": "String",
-          "documentation": "<p>The IPv4 address range, in CIDR notation. This must be the exact range that you provisioned. You can't advertise only a portion of the provisioned range.</p>"
+          "documentation": "<p>The address range, in CIDR notation. This must be the exact range that you provisioned. You can't advertise only a portion of the provisioned range.</p>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -5084,6 +5842,14 @@
           "shape": "String",
           "documentation": "<p>The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool. To specify a specific address from the address pool, use the <code>Address</code> parameter instead.</p>"
         },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The location from which the IP address is advertised. Use this parameter to limit the address to this location.</p> <p>A network border group is a unique set of Availability Zones or Local Zones from where AWS advertises IP addresses and limits the addresses to the group. IP addresses cannot move between network border groups.</p> <p>Use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html\">DescribeAvailabilityZones</a> to view the network border groups.</p> <note> <p>You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 classic, you will receive an <code>InvalidParameterCombination</code> error. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html\">Error Codes</a>.</p> </note>"
+        },
+        "CustomerOwnedIpv4Pool": {
+          "shape": "String",
+          "documentation": "<p>The ID of a customer-owned address pool. Use this parameter to let Amazon EC2 select an address from the address pool. Alternatively, specify a specific address from the address pool.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -5109,10 +5875,25 @@
           "documentation": "<p>The ID of an address pool.</p>",
           "locationName": "publicIpv4Pool"
         },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The location from which the IP address is advertised.</p>",
+          "locationName": "networkBorderGroup"
+        },
         "Domain": {
           "shape": "DomainType",
           "documentation": "<p>Indicates whether this Elastic IP address is for use with instances in EC2-Classic (<code>standard</code>) or instances in a VPC (<code>vpc</code>).</p>",
           "locationName": "domain"
+        },
+        "CustomerOwnedIp": {
+          "shape": "String",
+          "documentation": "<p>The customer-owned IP address.</p>",
+          "locationName": "customerOwnedIp"
+        },
+        "CustomerOwnedIpv4Pool": {
+          "shape": "String",
+          "documentation": "<p>The ID of the customer-owned address pool.</p>",
+          "locationName": "customerOwnedIpv4Pool"
         }
       }
     },
@@ -5120,7 +5901,6 @@
       "type": "structure",
       "required": [
         "AvailabilityZone",
-        "InstanceType",
         "Quantity"
       ],
       "members": {
@@ -5141,9 +5921,13 @@
         },
         "InstanceType": {
           "shape": "String",
-          "documentation": "<p>Specifies the instance type for which to configure your Dedicated Hosts. When you specify the instance type, that is the only instance type that you can launch onto that host.</p>",
+          "documentation": "<p>Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.</p> <p>If you want the Dedicated Hosts to support multiple instance types in a specific instance family, omit this parameter and specify <b>InstanceFamily</b> instead. You cannot specify <b>InstanceType</b> and <b>InstanceFamily</b> in the same request.</p>",
           "locationName": "instanceType"
         },
+        "InstanceFamily": {
+          "shape": "String",
+          "documentation": "<p>Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family.</p> <p>If you want the Dedicated Hosts to support a specific instance type only, omit this parameter and specify <b>InstanceType</b> instead. You cannot specify <b>InstanceFamily</b> and <b>InstanceType</b> in the same request.</p>"
+        },
         "Quantity": {
           "shape": "Integer",
           "documentation": "<p>The number of Dedicated Hosts to allocate to your account with these parameters.</p>",
@@ -5171,10 +5955,13 @@
       },
       "documentation": "<p>Contains the output of AllocateHosts.</p>"
     },
+    "AllocationId": {
+      "type": "string"
+    },
     "AllocationIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "AllocationId",
         "locationName": "AllocationId"
       }
     },
@@ -5193,7 +5980,8 @@
       "type": "string",
       "enum": [
         "lowestPrice",
-        "diversified"
+        "diversified",
+        "capacityOptimized"
       ]
     },
     "AllowedPrincipal": {
@@ -5219,6 +6007,13 @@
         "locationName": "item"
       }
     },
+    "AllowsMultipleInstanceTypes": {
+      "type": "string",
+      "enum": [
+        "on",
+        "off"
+      ]
+    },
     "ApplySecurityGroupsToClientVpnTargetNetworkRequest": {
       "type": "structure",
       "required": [
@@ -5228,11 +6023,11 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC in which the associated target network is located.</p>"
         },
         "SecurityGroupIds": {
@@ -5256,6 +6051,21 @@
         }
       }
     },
+    "ArchitectureType": {
+      "type": "string",
+      "enum": [
+        "i386",
+        "x86_64",
+        "arm64"
+      ]
+    },
+    "ArchitectureTypeList": {
+      "type": "list",
+      "member": {
+        "shape": "ArchitectureType",
+        "locationName": "item"
+      }
+    },
     "ArchitectureValues": {
       "type": "string",
       "enum": [
@@ -5281,7 +6091,7 @@
           "locationName": "ipv6Addresses"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         }
@@ -5314,7 +6124,7 @@
           "locationName": "allowReassignment"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
@@ -5331,15 +6141,48 @@
       },
       "documentation": "<p>Contains the parameters for AssignPrivateIpAddresses.</p>"
     },
+    "AssignPrivateIpAddressesResult": {
+      "type": "structure",
+      "members": {
+        "NetworkInterfaceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the network interface.</p>",
+          "locationName": "networkInterfaceId"
+        },
+        "AssignedPrivateIpAddresses": {
+          "shape": "AssignedPrivateIpAddressList",
+          "documentation": "<p>The private IP addresses assigned to the network interface.</p>",
+          "locationName": "assignedPrivateIpAddressesSet"
+        }
+      }
+    },
+    "AssignedPrivateIpAddress": {
+      "type": "structure",
+      "members": {
+        "PrivateIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The private IP address assigned to the network interface.</p>",
+          "locationName": "privateIpAddress"
+        }
+      },
+      "documentation": "<p>Describes the private IP addresses assigned to a network interface.</p>"
+    },
+    "AssignedPrivateIpAddressList": {
+      "type": "list",
+      "member": {
+        "shape": "AssignedPrivateIpAddress",
+        "locationName": "item"
+      }
+    },
     "AssociateAddressRequest": {
       "type": "structure",
       "members": {
         "AllocationId": {
-          "shape": "String",
+          "shape": "AllocationId",
           "documentation": "<p>[EC2-VPC] The allocation ID. This is required for EC2-VPC.</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.</p>"
         },
         "PublicIp": {
@@ -5357,7 +6200,7 @@
           "locationName": "dryRun"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>[EC2-VPC] The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.</p> <p>For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. </p>",
           "locationName": "networkInterfaceId"
         },
@@ -5386,11 +6229,11 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet to associate with the Client VPN endpoint.</p>"
         },
         "ClientToken": {
@@ -5427,11 +6270,11 @@
       ],
       "members": {
         "DhcpOptionsId": {
-          "shape": "String",
+          "shape": "DefaultingDhcpOptionsId",
           "documentation": "<p>The ID of the DHCP options set, or <code>default</code> to associate no DHCP options with the VPC.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "DryRun": {
@@ -5453,7 +6296,7 @@
           "documentation": "<p>The IAM instance profile.</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         }
       }
@@ -5471,8 +6314,7 @@
     "AssociateRouteTableRequest": {
       "type": "structure",
       "required": [
-        "RouteTableId",
-        "SubnetId"
+        "RouteTableId"
       ],
       "members": {
         "DryRun": {
@@ -5481,14 +6323,18 @@
           "locationName": "dryRun"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table.</p>",
           "locationName": "routeTableId"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet.</p>",
           "locationName": "subnetId"
+        },
+        "GatewayId": {
+          "shape": "RouteGatewayId",
+          "documentation": "<p>The ID of the internet gateway or virtual private gateway.</p>"
         }
       }
     },
@@ -5499,6 +6345,11 @@
           "shape": "String",
           "documentation": "<p>The route table association ID. This ID is required for disassociating the route table.</p>",
           "locationName": "associationId"
+        },
+        "AssociationState": {
+          "shape": "RouteTableAssociationState",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "associationState"
         }
       }
     },
@@ -5515,7 +6366,7 @@
           "locationName": "ipv6CidrBlock"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of your subnet.</p>",
           "locationName": "subnetId"
         }
@@ -5536,6 +6387,37 @@
         }
       }
     },
+    "AssociateTransitGatewayMulticastDomainRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
+          "documentation": "<p>The ID of the transit gateway attachment to associate with the transit gateway multicast domain.</p>"
+        },
+        "SubnetIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The IDs of the subnets to associate with the transit gateway multicast domain.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "AssociateTransitGatewayMulticastDomainResult": {
+      "type": "structure",
+      "members": {
+        "Associations": {
+          "shape": "TransitGatewayMulticastDomainAssociations",
+          "documentation": "<p>Information about the transit gateway multicast domain associations.</p>",
+          "locationName": "associations"
+        }
+      }
+    },
     "AssociateTransitGatewayRouteTableRequest": {
       "type": "structure",
       "required": [
@@ -5544,11 +6426,11 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -5583,9 +6465,21 @@
           "documentation": "<p>An IPv4 CIDR block to associate with the VPC.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
+        },
+        "Ipv6CidrBlockNetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CiDR block to this location.</p> <p> You must set <code>AmazonProvidedIpv6CidrBlock</code> to <code>true</code> to use this parameter.</p> <p> You can have one IPv6 CIDR block association per network border group.</p>"
+        },
+        "Ipv6Pool": {
+          "shape": "Ipv6PoolEc2Id",
+          "documentation": "<p>The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.</p>"
+        },
+        "Ipv6CidrBlock": {
+          "shape": "String",
+          "documentation": "<p>An IPv6 CIDR block from the IPv6 address pool. You must also specify <code>Ipv6Pool</code> in the request.</p> <p>To let Amazon choose the IPv6 CIDR block for you, omit this parameter.</p>"
         }
       }
     },
@@ -5641,7 +6535,7 @@
     "AssociationIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "IamInstanceProfileAssociationId",
         "locationName": "AssociationId"
       }
     },
@@ -5690,12 +6584,12 @@
           "locationName": "SecurityGroupId"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC.</p>",
           "locationName": "instanceId"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of a ClassicLink-enabled VPC.</p>",
           "locationName": "vpcId"
         }
@@ -5724,12 +6618,12 @@
           "locationName": "dryRun"
         },
         "InternetGatewayId": {
-          "shape": "String",
+          "shape": "InternetGatewayId",
           "documentation": "<p>The ID of the internet gateway.</p>",
           "locationName": "internetGatewayId"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -5754,12 +6648,12 @@
           "locationName": "dryRun"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         }
@@ -5790,11 +6684,11 @@
           "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the EBS volume. The volume and instance must be within the same Availability Zone.</p>"
         },
         "DryRun": {
@@ -5802,8 +6696,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for AttachVolume.</p>"
+      }
     },
     "AttachVpnGatewayRequest": {
       "type": "structure",
@@ -5813,11 +6706,11 @@
       ],
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "VpnGatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway.</p>"
         },
         "DryRun": {
@@ -5921,7 +6814,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "TargetNetworkCidr": {
@@ -5930,7 +6823,7 @@
         },
         "AccessGroupId": {
           "shape": "String",
-          "documentation": "<p>The ID of the Active Directory group to grant access.</p>"
+          "documentation": "<p>The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group.</p>"
         },
         "AuthorizeAllGroups": {
           "shape": "Boolean",
@@ -5973,7 +6866,7 @@
           "locationName": "dryRun"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group.</p>",
           "locationName": "groupId"
         },
@@ -6026,11 +6919,11 @@
           "documentation": "<p>The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use <code>-1</code> to specify all types. If you specify all ICMP types, you must specify all codes.</p> <p>Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.</p>"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "SecurityGroupName",
           "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>"
         },
         "IpPermissions": {
@@ -6074,17 +6967,25 @@
         "off"
       ]
     },
+    "AutoRecoveryFlag": {
+      "type": "boolean"
+    },
     "AvailabilityZone": {
       "type": "structure",
       "members": {
         "State": {
           "shape": "AvailabilityZoneState",
-          "documentation": "<p>The state of the Availability Zone.</p>",
+          "documentation": "<p>The state of the Availability Zone or Local Zone.</p>",
           "locationName": "zoneState"
         },
+        "OptInStatus": {
+          "shape": "AvailabilityZoneOptInStatus",
+          "documentation": "<p> For Availability Zones, this parameter always has the value of <code>opt-in-not-required</code>.</p> <p>For Local Zones, this parameter is the opt in status. The possible values are <code>opted-in</code>, and <code>not-opted-in</code>.</p>",
+          "locationName": "optInStatus"
+        },
         "Messages": {
           "shape": "AvailabilityZoneMessageList",
-          "documentation": "<p>Any messages about the Availability Zone.</p>",
+          "documentation": "<p>Any messages about the Availability Zone or Local Zone.</p>",
           "locationName": "messageSet"
         },
         "RegionName": {
@@ -6094,16 +6995,26 @@
         },
         "ZoneName": {
           "shape": "String",
-          "documentation": "<p>The name of the Availability Zone.</p>",
+          "documentation": "<p>The name of the Availability Zone or Local Zone.</p>",
           "locationName": "zoneName"
         },
         "ZoneId": {
           "shape": "String",
-          "documentation": "<p>The ID of the Availability Zone.</p>",
+          "documentation": "<p>The ID of the Availability Zone or Local Zone.</p>",
           "locationName": "zoneId"
+        },
+        "GroupName": {
+          "shape": "String",
+          "documentation": "<p> For Availability Zones, this parameter has the same value as the Region name.</p> <p>For Local Zones, the name of the associated group, for example <code>us-west-2-lax-1</code>.</p>",
+          "locationName": "groupName"
+        },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The name of the location from which the address is advertised.</p>",
+          "locationName": "networkBorderGroup"
         }
       },
-      "documentation": "<p>Describes an Availability Zone.</p>"
+      "documentation": "<p>Describes an Availability Zone or Local Zone.</p>"
     },
     "AvailabilityZoneList": {
       "type": "list",
@@ -6117,11 +7028,11 @@
       "members": {
         "Message": {
           "shape": "String",
-          "documentation": "<p>The message about the Availability Zone.</p>",
+          "documentation": "<p>The message about the Availability Zone or Local Zone.</p>",
           "locationName": "message"
         }
       },
-      "documentation": "<p>Describes a message about an Availability Zone.</p>"
+      "documentation": "<p>Describes a message about an Availability Zone or Local Zone.</p>"
     },
     "AvailabilityZoneMessageList": {
       "type": "list",
@@ -6130,6 +7041,14 @@
         "locationName": "item"
       }
     },
+    "AvailabilityZoneOptInStatus": {
+      "type": "string",
+      "enum": [
+        "opt-in-not-required",
+        "opted-in",
+        "not-opted-in"
+      ]
+    },
     "AvailabilityZoneState": {
       "type": "string",
       "enum": [
@@ -6139,21 +7058,28 @@
         "unavailable"
       ]
     },
+    "AvailabilityZoneStringList": {
+      "type": "list",
+      "member": {
+        "shape": "String",
+        "locationName": "AvailabilityZone"
+      }
+    },
     "AvailableCapacity": {
       "type": "structure",
       "members": {
         "AvailableInstanceCapacity": {
           "shape": "AvailableInstanceCapacityList",
-          "documentation": "<p>The total number of instances supported by the Dedicated Host.</p>",
+          "documentation": "<p>The number of instances that can be launched onto the Dedicated Host depending on the host's available capacity. For Dedicated Hosts that support multiple instance types, this parameter represents the number of instances for each instance size that is supported on the host.</p>",
           "locationName": "availableInstanceCapacity"
         },
         "AvailableVCpus": {
           "shape": "Integer",
-          "documentation": "<p>The number of vCPUs available on the Dedicated Host.</p>",
+          "documentation": "<p>The number of vCPUs available for launching instances onto the Dedicated Host.</p>",
           "locationName": "availableVCpus"
         }
       },
-      "documentation": "<p>The capacity information for instances launched onto the Dedicated Host.</p>"
+      "documentation": "<p>The capacity information for instances that can be launched onto the Dedicated Host. </p>"
     },
     "AvailableInstanceCapacityList": {
       "type": "list",
@@ -6162,6 +7088,9 @@
         "locationName": "item"
       }
     },
+    "BareMetalFlag": {
+      "type": "boolean"
+    },
     "BatchState": {
       "type": "string",
       "enum": [
@@ -6236,10 +7165,13 @@
     "Boolean": {
       "type": "boolean"
     },
+    "BundleId": {
+      "type": "string"
+    },
     "BundleIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "BundleId",
         "locationName": "BundleId"
       }
     },
@@ -6251,7 +7183,7 @@
       ],
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance to bundle.</p> <p>Type: String</p> <p>Default: None</p> <p>Required: Yes</p>"
         },
         "Storage": {
@@ -6358,12 +7290,15 @@
         "failed"
       ]
     },
+    "BurstablePerformanceFlag": {
+      "type": "boolean"
+    },
     "ByoipCidr": {
       "type": "structure",
       "members": {
         "Cidr": {
           "shape": "String",
-          "documentation": "<p>The public IPv4 address range, in CIDR notation.</p>",
+          "documentation": "<p>The address range, in CIDR notation.</p>",
           "locationName": "cidr"
         },
         "Description": {
@@ -6400,7 +7335,8 @@
         "failed-provision",
         "pending-deprovision",
         "pending-provision",
-        "provisioned"
+        "provisioned",
+        "provisioned-not-publicly-advertisable"
       ]
     },
     "CancelBatchErrorCode": {
@@ -6419,7 +7355,7 @@
       ],
       "members": {
         "BundleId": {
-          "shape": "String",
+          "shape": "BundleId",
           "documentation": "<p>The ID of the bundle task.</p>"
         },
         "DryRun": {
@@ -6448,7 +7384,7 @@
       ],
       "members": {
         "CapacityReservationId": {
-          "shape": "String",
+          "shape": "CapacityReservationId",
           "documentation": "<p>The ID of the Capacity Reservation to be cancelled.</p>"
         },
         "DryRun": {
@@ -6474,7 +7410,7 @@
       ],
       "members": {
         "ConversionTaskId": {
-          "shape": "String",
+          "shape": "ConversionTaskId",
           "documentation": "<p>The ID of the conversion task.</p>",
           "locationName": "conversionTaskId"
         },
@@ -6497,7 +7433,7 @@
       ],
       "members": {
         "ExportTaskId": {
-          "shape": "String",
+          "shape": "ExportVmTaskId",
           "documentation": "<p>The ID of the export task. This is the ID returned by <code>CreateInstanceExportTask</code>.</p>",
           "locationName": "exportTaskId"
         }
@@ -6515,7 +7451,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ImportTaskId": {
-          "shape": "String",
+          "shape": "ImportTaskId",
           "documentation": "<p>The ID of the import image or import snapshot task to be canceled.</p>"
         }
       }
@@ -6547,7 +7483,7 @@
       ],
       "members": {
         "ReservedInstancesListingId": {
-          "shape": "String",
+          "shape": "ReservedInstancesListingId",
           "documentation": "<p>The ID of the Reserved Instance listing.</p>",
           "locationName": "reservedInstancesListingId"
         }
@@ -6617,7 +7553,7 @@
           "locationName": "dryRun"
         },
         "SpotFleetRequestIds": {
-          "shape": "ValueStringList",
+          "shape": "SpotFleetRequestIdList",
           "documentation": "<p>The IDs of the Spot Fleet requests.</p>",
           "locationName": "spotFleetRequestId"
         },
@@ -6744,6 +7680,21 @@
           "documentation": "<p>The ID of the Capacity Reservation.</p>",
           "locationName": "capacityReservationId"
         },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the Capacity Reservation.</p>",
+          "locationName": "ownerId"
+        },
+        "CapacityReservationArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Capacity Reservation.</p>",
+          "locationName": "capacityReservationArn"
+        },
+        "AvailabilityZoneId": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone ID of the Capacity Reservation.</p>",
+          "locationName": "availabilityZoneId"
+        },
         "InstanceType": {
           "shape": "String",
           "documentation": "<p>The type of instance for which the Capacity Reservation reserves capacity.</p>",
@@ -6766,7 +7717,7 @@
         },
         "TotalInstanceCount": {
           "shape": "Integer",
-          "documentation": "<p>The number of instances for which the Capacity Reservation reserves capacity.</p>",
+          "documentation": "<p>The total number of instances for which the Capacity Reservation reserves capacity.</p>",
           "locationName": "totalInstanceCount"
         },
         "AvailableInstanceCount": {
@@ -6786,7 +7737,7 @@
         },
         "State": {
           "shape": "CapacityReservationState",
-          "documentation": "<p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p> <ul> <li> <p> <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p> </li> <li> <p> <code>cancelled</code> - The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>expired</code> - The Capacity Reservation was manually cancelled. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>pending</code> - The Capacity Reservation request was successful but the capacity provisioning is still pending.</p> </li> <li> <p> <code>failed</code> - The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.</p> </li> </ul>",
+          "documentation": "<p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p> <ul> <li> <p> <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p> </li> <li> <p> <code>expired</code> - The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>cancelled</code> - The Capacity Reservation was manually cancelled. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>pending</code> - The Capacity Reservation request was successful but the capacity provisioning is still pending.</p> </li> <li> <p> <code>failed</code> - The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.</p> </li> </ul>",
           "locationName": "state"
         },
         "EndDate": {
@@ -6817,10 +7768,13 @@
       },
       "documentation": "<p>Describes a Capacity Reservation.</p>"
     },
+    "CapacityReservationId": {
+      "type": "string"
+    },
     "CapacityReservationIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "CapacityReservationId",
         "locationName": "item"
       }
     },
@@ -6840,6 +7794,27 @@
         "Linux with SQL Server Enterprise"
       ]
     },
+    "CapacityReservationOptions": {
+      "type": "structure",
+      "members": {
+        "UsageStrategy": {
+          "shape": "FleetCapacityReservationUsageStrategy",
+          "documentation": "<p>Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.</p> <p>If you specify <code>use-capacity-reservations-first</code>, the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy (<code>lowest-price</code> or <code>prioritized</code>) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy (<code>lowest-price</code> or <code>prioritized</code>).</p> <p>If you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.</p>",
+          "locationName": "usageStrategy"
+        }
+      },
+      "documentation": "<p>Describes the strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.</p> <note> <p>This strategy can only be used if the EC2 Fleet is of type <code>instant</code>.</p> </note> <p>For more information about Capacity Reservations, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html\">On-Demand Capacity Reservations</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For examples of using Capacity Reservations in an EC2 Fleet, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html\">EC2 Fleet Example Configurations</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
+    "CapacityReservationOptionsRequest": {
+      "type": "structure",
+      "members": {
+        "UsageStrategy": {
+          "shape": "FleetCapacityReservationUsageStrategy",
+          "documentation": "<p>Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.</p> <p>If you specify <code>use-capacity-reservations-first</code>, the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy (<code>lowest-price</code> or <code>prioritized</code>) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy (<code>lowest-price</code> or <code>prioritized</code>).</p> <p>If you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.</p>"
+        }
+      },
+      "documentation": "<p>Describes the strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.</p> <note> <p>This strategy can only be used if the EC2 Fleet is of type <code>instant</code>.</p> </note> <p>For more information about Capacity Reservations, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html\">On-Demand Capacity Reservations</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For examples of using Capacity Reservations in an EC2 Fleet, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html\">EC2 Fleet Example Configurations</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
     "CapacityReservationPreference": {
       "type": "string",
       "enum": [
@@ -6898,7 +7873,7 @@
       "type": "structure",
       "members": {
         "CapacityReservationId": {
-          "shape": "String",
+          "shape": "CapacityReservationId",
           "documentation": "<p>The ID of the Capacity Reservation.</p>"
         }
       },
@@ -7111,6 +8086,9 @@
       },
       "documentation": "<p>Describes the client-specific data.</p>"
     },
+    "ClientVpnAssociationId": {
+      "type": "string"
+    },
     "ClientVpnAuthentication": {
       "type": "structure",
       "members": {
@@ -7128,9 +8106,14 @@
           "shape": "CertificateAuthentication",
           "documentation": "<p>Information about the authentication certificates, if applicable.</p>",
           "locationName": "mutualAuthentication"
+        },
+        "FederatedAuthentication": {
+          "shape": "FederatedAuthentication",
+          "documentation": "<p>Information about the IAM SAML identity provider, if applicable.</p>",
+          "locationName": "federatedAuthentication"
         }
       },
-      "documentation": "<p>Describes the authentication methods used by a Client VPN endpoint. Client VPN supports Active Directory and mutual authentication. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
+      "documentation": "<p>Describes the authentication methods used by a Client VPN endpoint. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
     },
     "ClientVpnAuthenticationList": {
       "type": "list",
@@ -7144,7 +8127,7 @@
       "members": {
         "Type": {
           "shape": "ClientVpnAuthenticationType",
-          "documentation": "<p>The type of client authentication to be used. Specify <code>certificate-authentication</code> to use certificate-based authentication, or <code>directory-service-authentication</code> to use Active Directory authentication.</p>"
+          "documentation": "<p>The type of client authentication to be used.</p>"
         },
         "ActiveDirectory": {
           "shape": "DirectoryServiceAuthenticationRequest",
@@ -7153,9 +8136,13 @@
         "MutualAuthentication": {
           "shape": "CertificateAuthenticationRequest",
           "documentation": "<p>Information about the authentication certificates to be used, if applicable. You must provide this information if <b>Type</b> is <code>certificate-authentication</code>.</p>"
+        },
+        "FederatedAuthentication": {
+          "shape": "FederatedAuthenticationRequest",
+          "documentation": "<p>Information about the IAM SAML identity provider to be used, if applicable. You must provide this information if <b>Type</b> is <code>federated-authentication</code>.</p>"
         }
       },
-      "documentation": "<p>Describes the authentication method to be used by a Client VPN endpoint. Client VPN supports Active Directory and mutual authentication. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
+      "documentation": "<p>Describes the authentication method to be used by a Client VPN endpoint. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
     },
     "ClientVpnAuthenticationRequestList": {
       "type": "list",
@@ -7167,7 +8154,8 @@
       "type": "string",
       "enum": [
         "certificate-authentication",
-        "directory-service-authentication"
+        "directory-service-authentication",
+        "federated-authentication"
       ]
     },
     "ClientVpnAuthorizationRuleStatus": {
@@ -7343,7 +8331,7 @@
         },
         "SplitTunnel": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates whether VPN split tunneling is supported.</p>",
+          "documentation": "<p>Indicates whether split-tunnel is enabled in the AWS Client VPN endpoint.</p> <p>For information about split-tunnel VPN endpoints, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html\">Split-Tunnel AWS Client VPN Endpoint</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>",
           "locationName": "splitTunnel"
         },
         "VpnProtocol": {
@@ -7356,6 +8344,11 @@
           "documentation": "<p>The transport protocol used by the Client VPN endpoint.</p>",
           "locationName": "transportProtocol"
         },
+        "VpnPort": {
+          "shape": "Integer",
+          "documentation": "<p>The port number for the Client VPN endpoint.</p>",
+          "locationName": "vpnPort"
+        },
         "AssociatedTargetNetworks": {
           "shape": "AssociatedTargetNetworkSet",
           "documentation": "<p>Information about the associated target networks. A target network is a subnet in a VPC.</p>",
@@ -7382,10 +8375,30 @@
           "shape": "TagList",
           "documentation": "<p>Any tags assigned to the Client VPN endpoint.</p>",
           "locationName": "tagSet"
+        },
+        "SecurityGroupIds": {
+          "shape": "ClientVpnSecurityGroupIdSet",
+          "documentation": "<p>The IDs of the security groups for the target network.</p>",
+          "locationName": "securityGroupIdSet"
+        },
+        "VpcId": {
+          "shape": "VpcId",
+          "documentation": "<p>The ID of the VPC.</p>",
+          "locationName": "vpcId"
         }
       },
       "documentation": "<p>Describes a Client VPN endpoint.</p>"
     },
+    "ClientVpnEndpointId": {
+      "type": "string"
+    },
+    "ClientVpnEndpointIdList": {
+      "type": "list",
+      "member": {
+        "shape": "ClientVpnEndpointId",
+        "locationName": "item"
+      }
+    },
     "ClientVpnEndpointStatus": {
       "type": "structure",
       "members": {
@@ -7487,7 +8500,88 @@
     "ClientVpnSecurityGroupIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupId",
+        "locationName": "item"
+      }
+    },
+    "CoipAddressUsage": {
+      "type": "structure",
+      "members": {
+        "AllocationId": {
+          "shape": "String",
+          "documentation": "<p>The allocation ID of the address.</p>",
+          "locationName": "allocationId"
+        },
+        "AwsAccountId": {
+          "shape": "String",
+          "documentation": "<p>The AWS account ID.</p>",
+          "locationName": "awsAccountId"
+        },
+        "AwsService": {
+          "shape": "String",
+          "documentation": "<p>The AWS service.</p>",
+          "locationName": "awsService"
+        },
+        "CoIp": {
+          "shape": "String",
+          "documentation": "<p>The customer-owned IP address.</p>",
+          "locationName": "coIp"
+        }
+      },
+      "documentation": "<p>Describes address usage for a customer-owned address pool.</p>"
+    },
+    "CoipAddressUsageSet": {
+      "type": "list",
+      "member": {
+        "shape": "CoipAddressUsage",
+        "locationName": "item"
+      }
+    },
+    "CoipPool": {
+      "type": "structure",
+      "members": {
+        "PoolId": {
+          "shape": "CoipPoolId",
+          "documentation": "<p>The ID of the address pool.</p>",
+          "locationName": "poolId"
+        },
+        "PoolCidrs": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The address ranges of the address pool.</p>",
+          "locationName": "poolCidrSet"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes a customer-owned address pool.</p>"
+    },
+    "CoipPoolId": {
+      "type": "string"
+    },
+    "CoipPoolIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "CoipPoolId",
+        "locationName": "item"
+      }
+    },
+    "CoipPoolMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
+    "CoipPoolSet": {
+      "type": "list",
+      "member": {
+        "shape": "CoipPool",
         "locationName": "item"
       }
     },
@@ -7499,7 +8593,7 @@
       ],
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         },
         "ProductCode": {
@@ -7605,6 +8699,9 @@
       },
       "documentation": "<p>Describes a connection notification for a VPC endpoint or VPC endpoint service.</p>"
     },
+    "ConnectionNotificationId": {
+      "type": "string"
+    },
     "ConnectionNotificationSet": {
       "type": "list",
       "member": {
@@ -7634,7 +8731,7 @@
     "ConversionIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ConversionTaskId",
         "locationName": "item"
       }
     },
@@ -7679,6 +8776,9 @@
       },
       "documentation": "<p>Describes a conversion task.</p>"
     },
+    "ConversionTaskId": {
+      "type": "string"
+    },
     "ConversionTaskState": {
       "type": "string",
       "enum": [
@@ -7700,7 +8800,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "SourceFpgaImageId": {
-          "shape": "String",
+          "shape": "FpgaImageId",
           "documentation": "<p>The ID of the source AFI.</p>"
         },
         "Description": {
@@ -7753,8 +8853,8 @@
           "locationName": "encrypted"
         },
         "KmsKeyId": {
-          "shape": "String",
-          "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". For example:</p> <ul> <li> <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Alias name: <code>alias/ExampleAlias</code> </p> </li> <li> <p>Alias ARN: <code>arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias</code> </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to. </p>",
+          "shape": "KmsKeyId",
+          "documentation": "<p>An identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". For example:</p> <ul> <li> <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Alias name: <code>alias/ExampleAlias</code> </p> </li> <li> <p>Alias ARN: <code>arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias</code> </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to. </p> <p>Amazon EBS does not support asymmetric CMKs.</p>",
           "locationName": "kmsKeyId"
         },
         "Name": {
@@ -7806,11 +8906,11 @@
         },
         "Encrypted": {
           "shape": "Boolean",
-          "documentation": "<p>Specifies whether the destination snapshot should be encrypted. You can encrypt a copy of an unencrypted snapshot, but you cannot use it to create an unencrypted copy of an encrypted snapshot. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "documentation": "<p>To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Otherwise, omit this parameter. Encrypted snapshots are encrypted, even if you omit this parameter and encryption by default is not enabled. You cannot set this parameter to false. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
           "locationName": "encrypted"
         },
         "KmsKeyId": {
-          "shape": "String",
+          "shape": "KmsKeyId",
           "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>",
           "locationName": "kmsKeyId"
         },
@@ -7827,13 +8927,17 @@
           "shape": "String",
           "documentation": "<p>The ID of the EBS snapshot to copy.</p>"
         },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the new snapshot.</p>",
+          "locationName": "TagSpecification"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for CopySnapshot.</p>"
+      }
     },
     "CopySnapshotResult": {
       "type": "structure",
@@ -7842,9 +8946,13 @@
           "shape": "String",
           "documentation": "<p>The ID of the new snapshot.</p>",
           "locationName": "snapshotId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags applied to the new snapshot.</p>",
+          "locationName": "tagSet"
         }
-      },
-      "documentation": "<p>Contains the output of CopySnapshot.</p>"
+      }
     },
     "CopyTagsFromSource": {
       "type": "string",
@@ -7852,6 +8960,16 @@
         "volume"
       ]
     },
+    "CoreCount": {
+      "type": "integer"
+    },
+    "CoreCountList": {
+      "type": "list",
+      "member": {
+        "shape": "CoreCount",
+        "locationName": "item"
+      }
+    },
     "CpuOptions": {
       "type": "structure",
       "members": {
@@ -7877,7 +8995,7 @@
         },
         "ThreadsPerCore": {
           "shape": "Integer",
-          "documentation": "<p>The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of <code>1</code>. Otherwise, specify the default value of <code>2</code>.</p>"
+          "documentation": "<p>The number of threads per CPU core. To disable multithreading for the instance, specify a value of <code>1</code>. Otherwise, specify the default value of <code>2</code>.</p>"
         }
       },
       "documentation": "<p>The CPU options for the instance. Both the core count and threads per core must be specified in the request.</p>"
@@ -7887,7 +9005,6 @@
       "required": [
         "InstanceType",
         "InstancePlatform",
-        "AvailabilityZone",
         "InstanceCount"
       ],
       "members": {
@@ -7907,6 +9024,10 @@
           "shape": "String",
           "documentation": "<p>The Availability Zone in which to create the Capacity Reservation.</p>"
         },
+        "AvailabilityZoneId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the Availability Zone in which to create the Capacity Reservation.</p>"
+        },
         "Tenancy": {
           "shape": "CapacityReservationTenancy",
           "documentation": "<p>Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:</p> <ul> <li> <p> <code>default</code> - The Capacity Reservation is created on hardware that is shared with other AWS accounts.</p> </li> <li> <p> <code>dedicated</code> - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account.</p> </li> </ul>"
@@ -7983,16 +9104,24 @@
         },
         "DnsServers": {
           "shape": "ValueStringList",
-          "documentation": "<p>Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.</p>"
+          "documentation": "<p>Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.</p>"
         },
         "TransportProtocol": {
           "shape": "TransportProtocol",
           "documentation": "<p>The transport protocol to be used by the VPN session.</p> <p>Default value: <code>udp</code> </p>"
         },
+        "VpnPort": {
+          "shape": "Integer",
+          "documentation": "<p>The port number to assign to the Client VPN endpoint for TCP and UDP traffic.</p> <p>Valid Values: <code>443</code> | <code>1194</code> </p> <p>Default Value: <code>443</code> </p>"
+        },
         "Description": {
           "shape": "String",
           "documentation": "<p>A brief description of the Client VPN endpoint.</p>"
         },
+        "SplitTunnel": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.</p> <p>By default, split-tunnel on a VPN endpoint is disabled.</p> <p>For information about split-tunnel VPN endpoints, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html\">Split-Tunnel AWS Client VPN Endpoint</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
@@ -8006,6 +9135,15 @@
           "shape": "TagSpecificationList",
           "documentation": "<p>The tags to apply to the Client VPN endpoint during creation.</p>",
           "locationName": "TagSpecification"
+        },
+        "SecurityGroupIds": {
+          "shape": "ClientVpnSecurityGroupIdSet",
+          "documentation": "<p>The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.</p>",
+          "locationName": "SecurityGroupId"
+        },
+        "VpcId": {
+          "shape": "VpcId",
+          "documentation": "<p>The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.</p>"
         }
       }
     },
@@ -8038,7 +9176,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint to which to add the route.</p>"
         },
         "DestinationCidrBlock": {
@@ -8046,7 +9184,7 @@
           "documentation": "<p>The IPv4 address range, in CIDR notation, of the route destination. For example:</p> <ul> <li> <p>To add a route for Internet access, enter <code>0.0.0.0/0</code> </p> </li> <li> <p>To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range</p> </li> <li> <p>To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range</p> </li> </ul> <p>Route address ranges cannot overlap with the CIDR range specified for client allocation.</p>"
         },
         "TargetVpcSubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.</p>"
         },
         "Description": {
@@ -8078,7 +9216,6 @@
       "type": "structure",
       "required": [
         "BgpAsn",
-        "PublicIp",
         "Type"
       ],
       "members": {
@@ -8091,10 +9228,18 @@
           "documentation": "<p>The Internet-routable IP address for the customer gateway's outside interface. The address must be static.</p>",
           "locationName": "IpAddress"
         },
+        "CertificateArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) for the customer gateway certificate.</p>"
+        },
         "Type": {
           "shape": "GatewayType",
           "documentation": "<p>The type of VPN connection that this customer gateway supports (<code>ipsec.1</code>).</p>"
         },
+        "DeviceName": {
+          "shape": "String",
+          "documentation": "<p>A name for the customer gateway device.</p> <p>Length Constraints: Up to 255 characters.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -8202,7 +9347,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC for which to create the egress-only internet gateway.</p>"
         }
       }
@@ -8227,7 +9372,7 @@
       "members": {
         "LaunchTemplateAndOverrides": {
           "shape": "LaunchTemplateAndOverridesResponse",
-          "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>",
+          "documentation": "<p>The launch templates and overrides that were used for launching the instances. The values that you specify in the Overrides replace the values in the launch template.</p>",
           "locationName": "launchTemplateAndOverrides"
         },
         "Lifecycle": {
@@ -8242,7 +9387,7 @@
         },
         "ErrorMessage": {
           "shape": "String",
-          "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see ee <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
+          "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
           "locationName": "errorMessage"
         }
       },
@@ -8260,7 +9405,7 @@
       "members": {
         "LaunchTemplateAndOverrides": {
           "shape": "LaunchTemplateAndOverridesResponse",
-          "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>",
+          "documentation": "<p>The launch templates and overrides that were used for launching the instances. The values that you specify in the Overrides replace the values in the launch template.</p>",
           "locationName": "launchTemplateAndOverrides"
         },
         "Lifecycle": {
@@ -8280,7 +9425,7 @@
         },
         "Platform": {
           "shape": "PlatformValues",
-          "documentation": "<p>The value is <code>Windows</code> for Windows instances; otherwise blank.</p>",
+          "documentation": "<p>The value is <code>Windows</code> for Windows instances. Otherwise, the value is blank.</p>",
           "locationName": "platform"
         }
       },
@@ -8306,7 +9451,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>"
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>"
         },
         "SpotOptions": {
           "shape": "SpotOptionsRequest",
@@ -8314,7 +9459,7 @@
         },
         "OnDemandOptions": {
           "shape": "OnDemandOptionsRequest",
-          "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>"
+          "documentation": "<p>Describes the configuration of On-Demand Instances in an EC2 Fleet.</p>"
         },
         "ExcessCapacityTerminationPolicy": {
           "shape": "FleetExcessCapacityTerminationPolicy",
@@ -8326,7 +9471,7 @@
         },
         "TargetCapacitySpecification": {
           "shape": "TargetCapacitySpecificationRequest",
-          "documentation": "<p>The <code>TotalTargetCapacity</code>, <code>OnDemandTargetCapacity</code>, <code>SpotTargetCapacity</code>, and <code>DefaultCapacityType</code> structure.</p>"
+          "documentation": "<p>The number of units to request.</p>"
         },
         "TerminateInstancesWithExpiration": {
           "shape": "Boolean",
@@ -8359,7 +9504,7 @@
       "type": "structure",
       "members": {
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>",
           "locationName": "fleetId"
         },
@@ -8400,7 +9545,7 @@
           "documentation": "<p>The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p>"
         },
         "ResourceIds": {
-          "shape": "ValueStringList",
+          "shape": "FlowLogResourceIds",
           "documentation": "<p>The ID of the subnet, network interface, or VPC for which you want to create a flow log.</p> <p>Constraints: Maximum of 1000 resources</p>",
           "locationName": "ResourceId"
         },
@@ -8418,7 +9563,20 @@
         },
         "LogDestination": {
           "shape": "String",
-          "documentation": "<p>Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for <code>LogDestinationType</code>.</p> <p>If LogDestinationType is not specified or <code>cloud-watch-logs</code>, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group.</p> <p>If LogDestinationType is <code>s3</code>, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: <code>bucket_ARN/subfolder_name/</code>. For example, to specify a subfolder named <code>my-logs</code> in a bucket named <code>my-bucket</code>, use the following ARN: <code>arn:aws:s3:::my-bucket/my-logs/</code>. You cannot use <code>AWSLogs</code> as a subfolder name. This is a reserved term.</p>"
+          "documentation": "<p>Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for <code>LogDestinationType</code>.</p> <p>If <code>LogDestinationType</code> is not specified or <code>cloud-watch-logs</code>, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish to a log group called <code>my-logs</code>, specify <code>arn:aws:logs:us-east-1:123456789012:log-group:my-logs</code>. Alternatively, use <code>LogGroupName</code> instead.</p> <p>If LogDestinationType is <code>s3</code>, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: <code>bucket_ARN/subfolder_name/</code>. For example, to specify a subfolder named <code>my-logs</code> in a bucket named <code>my-bucket</code>, use the following ARN: <code>arn:aws:s3:::my-bucket/my-logs/</code>. You cannot use <code>AWSLogs</code> as a subfolder name. This is a reserved term.</p>"
+        },
+        "LogFormat": {
+          "shape": "String",
+          "documentation": "<p>The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records\">Flow Log Records</a>. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field.</p> <p>Specify the fields using the <code>${field-id}</code> format, separated by spaces. For the AWS CLI, use single quotation marks (' ') to surround the parameter value.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the flow logs.</p>",
+          "locationName": "TagSpecification"
+        },
+        "MaxAggregationInterval": {
+          "shape": "Integer",
+          "documentation": "<p>The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes).</p> <p>When a network interface is attached to a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instance</a>, the aggregation interval is always 60 seconds or less, regardless of the value that you specify.</p> <p>Default: 600</p>"
         }
       }
     },
@@ -8471,6 +9629,11 @@
         "ClientToken": {
           "shape": "String",
           "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the FPGA image during creation.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -8512,7 +9675,7 @@
           "locationName": "dryRun"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         },
@@ -8555,7 +9718,7 @@
           "locationName": "exportToS3"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         },
@@ -8610,6 +9773,11 @@
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the new key pair.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -8639,6 +9807,11 @@
         "LaunchTemplateData": {
           "shape": "RequestLaunchTemplateData",
           "documentation": "<p>The information for the launch template.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the launch template during creation.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -8649,6 +9822,11 @@
           "shape": "LaunchTemplate",
           "documentation": "<p>Information about the launch template.</p>",
           "locationName": "launchTemplate"
+        },
+        "Warning": {
+          "shape": "ValidationWarning",
+          "documentation": "<p>If the launch template contains parameters or parameter combinations that are not valid, an error code and an error message are returned for each issue that's found.</p>",
+          "locationName": "warning"
         }
       }
     },
@@ -8667,7 +9845,7 @@
           "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraint: Maximum 128 ASCII characters.</p>"
         },
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>"
         },
         "LaunchTemplateName": {
@@ -8676,7 +9854,7 @@
         },
         "SourceVersion": {
           "shape": "String",
-          "documentation": "<p>The version number of the launch template version on which to base the new version. The new version inherits the same launch parameters as the source version, except for parameters that you specify in LaunchTemplateData.</p>"
+          "documentation": "<p>The version number of the launch template version on which to base the new version. The new version inherits the same launch parameters as the source version, except for parameters that you specify in <code>LaunchTemplateData</code>. Snapshots applied to the block device mapping are ignored when creating a new version unless they are explicitly included.</p>"
         },
         "VersionDescription": {
           "shape": "VersionDescription",
@@ -8695,6 +9873,83 @@
           "shape": "LaunchTemplateVersion",
           "documentation": "<p>Information about the launch template version.</p>",
           "locationName": "launchTemplateVersion"
+        },
+        "Warning": {
+          "shape": "ValidationWarning",
+          "documentation": "<p>If the new version of the launch template contains parameters or parameter combinations that are not valid, an error code and an error message are returned for each issue that's found.</p>",
+          "locationName": "warning"
+        }
+      }
+    },
+    "CreateLocalGatewayRouteRequest": {
+      "type": "structure",
+      "required": [
+        "DestinationCidrBlock",
+        "LocalGatewayRouteTableId",
+        "LocalGatewayVirtualInterfaceGroupId"
+      ],
+      "members": {
+        "DestinationCidrBlock": {
+          "shape": "String",
+          "documentation": "<p>The CIDR range used for destination matches. Routing decisions are based on the most specific match.</p>"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>"
+        },
+        "LocalGatewayVirtualInterfaceGroupId": {
+          "shape": "LocalGatewayVirtualInterfaceGroupId",
+          "documentation": "<p>The ID of the virtual interface group.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "CreateLocalGatewayRouteResult": {
+      "type": "structure",
+      "members": {
+        "Route": {
+          "shape": "LocalGatewayRoute",
+          "documentation": "<p>Information about the route.</p>",
+          "locationName": "route"
+        }
+      }
+    },
+    "CreateLocalGatewayRouteTableVpcAssociationRequest": {
+      "type": "structure",
+      "required": [
+        "LocalGatewayRouteTableId",
+        "VpcId"
+      ],
+      "members": {
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>"
+        },
+        "VpcId": {
+          "shape": "VpcId",
+          "documentation": "<p>The ID of the VPC.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to assign to the local gateway route table VPC association.</p>",
+          "locationName": "TagSpecification"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "CreateLocalGatewayRouteTableVpcAssociationResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVpcAssociation": {
+          "shape": "LocalGatewayRouteTableVpcAssociation",
+          "documentation": "<p>Information about the association.</p>",
+          "locationName": "localGatewayRouteTableVpcAssociation"
         }
       }
     },
@@ -8706,16 +9961,26 @@
       ],
       "members": {
         "AllocationId": {
-          "shape": "String",
+          "shape": "AllocationId",
           "documentation": "<p>The allocation ID of an Elastic IP address to associate with the NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.</p>"
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p> <p>Constraint: Maximum 64 ASCII characters.</p>"
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p> <p>Constraint: Maximum 64 ASCII characters.</p>",
+          "idempotencyToken": true
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The subnet in which to create the NAT gateway.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to assign to the NAT gateway.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -8770,7 +10035,7 @@
           "locationName": "ipv6CidrBlock"
         },
         "NetworkAclId": {
-          "shape": "String",
+          "shape": "NetworkAclId",
           "documentation": "<p>The ID of the network ACL.</p>",
           "locationName": "networkAclId"
         },
@@ -8808,7 +10073,7 @@
           "locationName": "dryRun"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -8832,7 +10097,7 @@
       ],
       "members": {
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>"
         },
         "AwsAccountId": {
@@ -8913,10 +10178,10 @@
         },
         "InterfaceType": {
           "shape": "NetworkInterfaceCreationType",
-          "documentation": "<p>Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify <code>efa</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html\"> Elastic Fabric Adapter</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>If you are not creating an EFA, specify <code>interface</code> or omit this parameter.</p>"
+          "documentation": "<p>Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify <code>efa</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html\"> Elastic Fabric Adapter</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet to associate with the network interface.</p>",
           "locationName": "subnetId"
         }
@@ -8955,6 +10220,20 @@
         "PartitionCount": {
           "shape": "Integer",
           "documentation": "<p>The number of partitions. Valid only when <b>Strategy</b> is set to <code>partition</code>.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the new placement group.</p>",
+          "locationName": "TagSpecification"
+        }
+      }
+    },
+    "CreatePlacementGroupResult": {
+      "type": "structure",
+      "members": {
+        "PlacementGroup": {
+          "shape": "PlacementGroup",
+          "locationName": "placementGroup"
         }
       }
     },
@@ -8983,7 +10262,7 @@
           "locationName": "priceSchedules"
         },
         "ReservedInstancesId": {
-          "shape": "String",
+          "shape": "ReservationId",
           "documentation": "<p>The ID of the active Standard Reserved Instance.</p>",
           "locationName": "reservedInstancesId"
         }
@@ -9023,41 +10302,45 @@
           "locationName": "dryRun"
         },
         "EgressOnlyInternetGatewayId": {
-          "shape": "String",
+          "shape": "EgressOnlyInternetGatewayId",
           "documentation": "<p>[IPv6 traffic only] The ID of an egress-only internet gateway.</p>",
           "locationName": "egressOnlyInternetGatewayId"
         },
         "GatewayId": {
-          "shape": "String",
+          "shape": "RouteGatewayId",
           "documentation": "<p>The ID of an internet gateway or virtual private gateway attached to your VPC.</p>",
           "locationName": "gatewayId"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.</p>",
           "locationName": "instanceId"
         },
         "NatGatewayId": {
-          "shape": "String",
+          "shape": "NatGatewayId",
           "documentation": "<p>[IPv4 traffic only] The ID of a NAT gateway.</p>",
           "locationName": "natGatewayId"
         },
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of a transit gateway.</p>"
         },
+        "LocalGatewayId": {
+          "shape": "LocalGatewayId",
+          "documentation": "<p>The ID of the local gateway.</p>"
+        },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of a network interface.</p>",
           "locationName": "networkInterfaceId"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table for the route.</p>",
           "locationName": "routeTableId"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of a VPC peering connection.</p>",
           "locationName": "vpcPeeringConnectionId"
         }
@@ -9085,7 +10368,7 @@
           "locationName": "dryRun"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -9118,7 +10401,7 @@
           "documentation": "<p>The name of the security group.</p> <p>Constraints: Up to 255 characters in length. Cannot start with <code>sg-</code>.</p> <p>Constraints for EC2-Classic: ASCII characters</p> <p>Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&amp;;{}!$*</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>[EC2-VPC] The ID of the VPC. Required for EC2-VPC.</p>"
         },
         "DryRun": {
@@ -9149,7 +10432,7 @@
           "documentation": "<p>A description for the snapshot.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the EBS volume.</p>"
         },
         "TagSpecifications": {
@@ -9162,8 +10445,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for CreateSnapshot.</p>"
+      }
     },
     "CreateSnapshotsRequest": {
       "type": "structure",
@@ -9186,11 +10468,11 @@
         },
         "DryRun": {
           "shape": "Boolean",
-          "documentation": "<p>Checks whether you have the required permissions for the action without actually making the request. Provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.</p>"
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "CopyTagsFromSource": {
           "shape": "CopyTagsFromSource",
-          "documentation": "<p>Copies the tags from the specified instance to all snapshots.</p>"
+          "documentation": "<p>Copies the tags from the specified volume to corresponding snapshot.</p>"
         }
       }
     },
@@ -9248,11 +10530,11 @@
       "members": {
         "AvailabilityZone": {
           "shape": "String",
-          "documentation": "<p>The Availability Zone for the subnet.</p> <p>Default: AWS selects one for you. If you create more than one subnet in your VPC, we may not necessarily select a different zone for each subnet.</p>"
+          "documentation": "<p>The Availability Zone or Local Zone for the subnet.</p> <p>Default: AWS selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet.</p> <p>To create a subnet in a Local Zone, set this value to the Local Zone ID, for example <code>us-west-2-lax-1a</code>. For information about the Regions that support Local Zones, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions\">Available Regions</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.</p>"
         },
         "AvailabilityZoneId": {
           "shape": "String",
-          "documentation": "<p>The AZ ID of the subnet.</p>"
+          "documentation": "<p>The AZ ID or the Local Zone ID of the subnet.</p>"
         },
         "CidrBlock": {
           "shape": "String",
@@ -9262,8 +10544,12 @@
           "shape": "String",
           "documentation": "<p>The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.</p>"
         },
-        "VpcId": {
+        "OutpostArn": {
           "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost ARN, you must also specify the Availability Zone of the Outpost subnet.</p>"
+        },
+        "VpcId": {
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "DryRun": {
@@ -9357,7 +10643,7 @@
       ],
       "members": {
         "TrafficMirrorFilterId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterId",
           "documentation": "<p>The ID of the filter that this rule is associated with.</p>"
         },
         "TrafficDirection": {
@@ -9432,20 +10718,20 @@
       ],
       "members": {
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the source network interface.</p>"
         },
         "TrafficMirrorTargetId": {
-          "shape": "String",
+          "shape": "TrafficMirrorTargetId",
           "documentation": "<p>The ID of the Traffic Mirror target.</p>"
         },
         "TrafficMirrorFilterId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterId",
           "documentation": "<p>The ID of the Traffic Mirror filter.</p>"
         },
         "PacketLength": {
           "shape": "Integer",
-          "documentation": "<p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 1network0, then the first 100 bytes that meet the filter criteria are copied to the target.</p> <p>If you do not want to mirror the entire packet, use the <code>PacketLength</code> parameter to specify the number of bytes in each packet to mirror.</p>"
+          "documentation": "<p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.</p> <p>If you do not want to mirror the entire packet, use the <code>PacketLength</code> parameter to specify the number of bytes in each packet to mirror.</p>"
         },
         "SessionNumber": {
           "shape": "Integer",
@@ -9494,7 +10780,7 @@
       "type": "structure",
       "members": {
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The network interface ID that is associated with the target.</p>"
         },
         "NetworkLoadBalancerArn": {
@@ -9536,6 +10822,83 @@
         }
       }
     },
+    "CreateTransitGatewayMulticastDomainRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayId"
+      ],
+      "members": {
+        "TransitGatewayId": {
+          "shape": "TransitGatewayId",
+          "documentation": "<p>The ID of the transit gateway.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags for the transit gateway multicast domain.</p>",
+          "locationName": "TagSpecification"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "CreateTransitGatewayMulticastDomainResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomain": {
+          "shape": "TransitGatewayMulticastDomain",
+          "documentation": "<p>Information about the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomain"
+        }
+      }
+    },
+    "CreateTransitGatewayPeeringAttachmentRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayId",
+        "PeerTransitGatewayId",
+        "PeerAccountId",
+        "PeerRegion"
+      ],
+      "members": {
+        "TransitGatewayId": {
+          "shape": "TransitGatewayId",
+          "documentation": "<p>The ID of the transit gateway.</p>"
+        },
+        "PeerTransitGatewayId": {
+          "shape": "TransitAssociationGatewayId",
+          "documentation": "<p>The ID of the peer transit gateway with which to create the peering attachment.</p>"
+        },
+        "PeerAccountId": {
+          "shape": "String",
+          "documentation": "<p>The AWS account ID of the owner of the peer transit gateway.</p>"
+        },
+        "PeerRegion": {
+          "shape": "String",
+          "documentation": "<p>The Region where the peer transit gateway is located.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the transit gateway peering attachment.</p>",
+          "locationName": "TagSpecification"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "CreateTransitGatewayPeeringAttachmentResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayPeeringAttachment": {
+          "shape": "TransitGatewayPeeringAttachment",
+          "documentation": "<p>The transit gateway peering attachment.</p>",
+          "locationName": "transitGatewayPeeringAttachment"
+        }
+      }
+    },
     "CreateTransitGatewayRequest": {
       "type": "structure",
       "members": {
@@ -9580,11 +10943,11 @@
           "documentation": "<p>The CIDR range used for destination matches. Routing decisions are based on the most specific match.</p>"
         },
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "Blackhole": {
@@ -9614,7 +10977,7 @@
       ],
       "members": {
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of the transit gateway.</p>"
         },
         "TagSpecifications": {
@@ -9646,15 +11009,15 @@
       ],
       "members": {
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of the transit gateway.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "SubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "TransitGatewaySubnetIdList",
           "documentation": "<p>The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.</p>"
         },
         "Options": {
@@ -9752,20 +11115,24 @@
           "documentation": "<p>The number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum IOPS of 64,000 is guaranteed only on <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instances</a>. Other instance families guarantee performance up to 32,000 IOPS. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>This parameter is valid only for Provisioned IOPS SSD (io1) volumes.</p>"
         },
         "KmsKeyId": {
-          "shape": "String",
+          "shape": "KmsKeyId",
           "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>"
+        },
         "Size": {
           "shape": "Integer",
-          "documentation": "<p>The size of the volume, in GiBs.</p> <p>Constraints: 1-16,384 for <code>gp2</code>, 4-16,384 for <code>io1</code>, 500-16,384 for <code>st1</code>, 500-16,384 for <code>sc1</code>, and 1-1,024 for <code>standard</code>. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p> <note> <p>At least one of Size or SnapshotId is required.</p> </note>"
+          "documentation": "<p>The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.</p> <p>Constraints: 1-16,384 for <code>gp2</code>, 4-16,384 for <code>io1</code>, 500-16,384 for <code>st1</code>, 500-16,384 for <code>sc1</code>, and 1-1,024 for <code>standard</code>. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
-          "documentation": "<p>The snapshot from which to create the volume.</p> <note> <p>At least one of Size or SnapshotId are required.</p> </note>"
+          "shape": "SnapshotId",
+          "documentation": "<p>The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.</p>"
         },
         "VolumeType": {
           "shape": "VolumeType",
-          "documentation": "<p>The volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> <p>Defaults: If no volume type is specified, the default is <code>standard</code> in us-east-1, eu-west-1, eu-central-1, us-west-2, us-west-1, sa-east-1, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, us-gov-west-1, and cn-north-1. In all other Regions, EBS defaults to <code>gp2</code>.</p>"
+          "documentation": "<p>The volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> <p>Default: <code>gp2</code> </p>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -9776,9 +11143,12 @@
           "shape": "TagSpecificationList",
           "documentation": "<p>The tags to apply to the volume during creation.</p>",
           "locationName": "TagSpecification"
+        },
+        "MultiAttachEnabled": {
+          "shape": "Boolean",
+          "documentation": "<p>Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the volume to up to 16 <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instances</a> in the same Availability Zone. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html\"> Amazon EBS Multi-Attach</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
         }
-      },
-      "documentation": "<p>Contains the parameters for CreateVolume.</p>"
+      }
     },
     "CreateVpcEndpointConnectionNotificationRequest": {
       "type": "structure",
@@ -9792,12 +11162,12 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
+          "shape": "VpcEndpointServiceId",
           "documentation": "<p>The ID of the endpoint service.</p>"
         },
         "VpcEndpointId": {
-          "shape": "String",
-          "documentation": "<p>The ID of the endpoint. </p>"
+          "shape": "VpcEndpointId",
+          "documentation": "<p>The ID of the endpoint.</p>"
         },
         "ConnectionNotificationArn": {
           "shape": "String",
@@ -9809,7 +11179,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
         }
       }
     },
@@ -9823,7 +11193,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>",
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>",
           "locationName": "clientToken"
         }
       }
@@ -9844,7 +11214,7 @@
           "documentation": "<p>The type of endpoint.</p> <p>Default: Gateway</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC in which the endpoint will be used.</p>"
         },
         "ServiceName": {
@@ -9856,27 +11226,32 @@
           "documentation": "<p>A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.</p>"
         },
         "RouteTableIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointRouteTableIdList",
           "documentation": "<p>(Gateway endpoint) One or more route table IDs.</p>",
           "locationName": "RouteTableId"
         },
         "SubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSubnetIdList",
           "documentation": "<p>(Interface endpoint) The ID of one or more subnets in which to create an endpoint network interface.</p>",
           "locationName": "SubnetId"
         },
         "SecurityGroupIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSecurityGroupIdList",
           "documentation": "<p>(Interface endpoint) The ID of one or more security groups to associate with the endpoint network interface.</p>",
           "locationName": "SecurityGroupId"
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
         },
         "PrivateDnsEnabled": {
           "shape": "Boolean",
-          "documentation": "<p>(Interface endpoint) Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, <code>kinesis.us-east-1.amazonaws.com</code>) which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.</p> <p>To use a private hosted zone, you must set the following VPC attributes to <code>true</code>: <code>enableDnsHostnames</code> and <code>enableDnsSupport</code>. Use <a>ModifyVpcAttribute</a> to set the VPC attributes.</p> <p>Default: <code>true</code> </p>"
+          "documentation": "<p>(Interface endpoint) Indicates whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, <code>kinesis.us-east-1.amazonaws.com</code>), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.</p> <p>To use a private hosted zone, you must set the following VPC attributes to <code>true</code>: <code>enableDnsHostnames</code> and <code>enableDnsSupport</code>. Use <a>ModifyVpcAttribute</a> to set the VPC attributes.</p> <p>Default: <code>true</code> </p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to associate with the endpoint.</p>",
+          "locationName": "TagSpecification"
         }
       },
       "documentation": "<p>Contains the parameters for CreateVpcEndpoint.</p>"
@@ -9891,7 +11266,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>",
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>",
           "locationName": "clientToken"
         }
       },
@@ -9909,7 +11284,11 @@
         },
         "AcceptanceRequired": {
           "shape": "Boolean",
-          "documentation": "<p>Indicate whether requests from service consumers to create an endpoint to your service must be accepted. To accept a request, use <a>AcceptVpcEndpointConnections</a>.</p>"
+          "documentation": "<p>Indicates whether requests from service consumers to create an endpoint to your service must be accepted. To accept a request, use <a>AcceptVpcEndpointConnections</a>.</p>"
+        },
+        "PrivateDnsName": {
+          "shape": "String",
+          "documentation": "<p>The private DNS name to assign to the VPC endpoint service.</p>"
         },
         "NetworkLoadBalancerArns": {
           "shape": "ValueStringList",
@@ -9918,7 +11297,12 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to associate with the service.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -9932,7 +11316,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>",
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>",
           "locationName": "clientToken"
         }
       }
@@ -9956,7 +11340,7 @@
           "locationName": "peerVpcId"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the requester VPC. You must specify this parameter in the request.</p>",
           "locationName": "vpcId"
         },
@@ -9991,6 +11375,14 @@
           "documentation": "<p>Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.</p>",
           "locationName": "amazonProvidedIpv6CidrBlock"
         },
+        "Ipv6Pool": {
+          "shape": "Ipv6PoolEc2Id",
+          "documentation": "<p>The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.</p>"
+        },
+        "Ipv6CidrBlock": {
+          "shape": "String",
+          "documentation": "<p>The IPv6 CIDR block from the IPv6 address pool. You must also specify <code>Ipv6Pool</code> in the request.</p> <p>To let Amazon choose the IPv6 CIDR block for you, omit this parameter.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -10000,6 +11392,10 @@
           "shape": "Tenancy",
           "documentation": "<p>The tenancy options for instances launched into the VPC. For <code>default</code>, instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For <code>dedicated</code>, instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of <code>dedicated</code> or <code>host</code> into a dedicated tenancy VPC. </p> <p> <b>Important:</b> The <code>host</code> value cannot be used with this parameter. Use the <code>default</code> or <code>dedicated</code> values only.</p> <p>Default: <code>default</code> </p>",
           "locationName": "instanceTenancy"
+        },
+        "Ipv6CidrBlockNetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the address to this location.</p> <p> You must set <code>AmazonProvidedIpv6CidrBlock</code> to <code>true</code> to use this parameter.</p>"
         }
       }
     },
@@ -10021,7 +11417,7 @@
       ],
       "members": {
         "CustomerGatewayId": {
-          "shape": "String",
+          "shape": "CustomerGatewayId",
           "documentation": "<p>The ID of the customer gateway.</p>"
         },
         "Type": {
@@ -10029,11 +11425,11 @@
           "documentation": "<p>The type of VPN connection (<code>ipsec.1</code>).</p>"
         },
         "VpnGatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway. If you specify a virtual private gateway, you cannot specify a transit gateway.</p>"
         },
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of the transit gateway. If you specify a transit gateway, you cannot specify a virtual private gateway.</p>"
         },
         "DryRun": {
@@ -10072,7 +11468,7 @@
           "documentation": "<p>The CIDR block associated with the local subnet of the customer network.</p>"
         },
         "VpnConnectionId": {
-          "shape": "String",
+          "shape": "VpnConnectionId",
           "documentation": "<p>The ID of the VPN connection.</p>"
         }
       },
@@ -10145,6 +11541,9 @@
         "USD"
       ]
     },
+    "CurrentGenerationFlag": {
+      "type": "boolean"
+    },
     "CustomerGateway": {
       "type": "structure",
       "members": {
@@ -10163,6 +11562,11 @@
           "documentation": "<p>The Internet-routable IP address of the customer gateway's outside interface.</p>",
           "locationName": "ipAddress"
         },
+        "CertificateArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) for the customer gateway certificate.</p>",
+          "locationName": "certificateArn"
+        },
         "State": {
           "shape": "String",
           "documentation": "<p>The current state of the customer gateway (<code>pending | available | deleting | deleted</code>).</p>",
@@ -10173,6 +11577,11 @@
           "documentation": "<p>The type of VPN connection the customer gateway supports (<code>ipsec.1</code>).</p>",
           "locationName": "type"
         },
+        "DeviceName": {
+          "shape": "String",
+          "documentation": "<p>The name of customer gateway device.</p>",
+          "locationName": "deviceName"
+        },
         "Tags": {
           "shape": "TagList",
           "documentation": "<p>Any tags assigned to the customer gateway.</p>",
@@ -10181,10 +11590,13 @@
       },
       "documentation": "<p>Describes a customer gateway.</p>"
     },
+    "CustomerGatewayId": {
+      "type": "string"
+    },
     "CustomerGatewayIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "CustomerGatewayId",
         "locationName": "CustomerGatewayId"
       }
     },
@@ -10195,6 +11607,16 @@
         "locationName": "item"
       }
     },
+    "DITMaxResults": {
+      "type": "integer",
+      "max": 100,
+      "min": 5
+    },
+    "DITOMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DatafeedSubscriptionState": {
       "type": "string",
       "enum": [
@@ -10205,6 +11627,12 @@
     "DateTime": {
       "type": "timestamp"
     },
+    "DedicatedHostFlag": {
+      "type": "boolean"
+    },
+    "DedicatedHostId": {
+      "type": "string"
+    },
     "DefaultRouteTableAssociationValue": {
       "type": "string",
       "enum": [
@@ -10226,6 +11654,9 @@
         "on-demand"
       ]
     },
+    "DefaultingDhcpOptionsId": {
+      "type": "string"
+    },
     "DeleteClientVpnEndpointRequest": {
       "type": "structure",
       "required": [
@@ -10233,7 +11664,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN to be deleted.</p>"
         },
         "DryRun": {
@@ -10260,11 +11691,11 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint from which the route is to be deleted.</p>"
         },
         "TargetVpcSubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the target subnet used by the route.</p>"
         },
         "DestinationCidrBlock": {
@@ -10294,7 +11725,7 @@
       ],
       "members": {
         "CustomerGatewayId": {
-          "shape": "String",
+          "shape": "CustomerGatewayId",
           "documentation": "<p>The ID of the customer gateway.</p>"
         },
         "DryRun": {
@@ -10312,7 +11743,7 @@
       ],
       "members": {
         "DhcpOptionsId": {
-          "shape": "String",
+          "shape": "DhcpOptionsId",
           "documentation": "<p>The ID of the DHCP options set.</p>"
         },
         "DryRun": {
@@ -10382,7 +11813,7 @@
           "locationName": "error"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>",
           "locationName": "fleetId"
         }
@@ -10410,7 +11841,7 @@
           "locationName": "previousFleetState"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>",
           "locationName": "fleetId"
         }
@@ -10472,7 +11903,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "FlowLogIds": {
-          "shape": "ValueStringList",
+          "shape": "FlowLogIdList",
           "documentation": "<p>One or more flow log IDs.</p> <p>Constraint: Maximum of 1000 flow log IDs.</p>",
           "locationName": "FlowLogId"
         }
@@ -10499,7 +11930,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "FpgaImageId": {
-          "shape": "String",
+          "shape": "FpgaImageId",
           "documentation": "<p>The ID of the AFI.</p>"
         }
       }
@@ -10526,7 +11957,7 @@
           "locationName": "dryRun"
         },
         "InternetGatewayId": {
-          "shape": "String",
+          "shape": "InternetGatewayId",
           "documentation": "<p>The ID of the internet gateway.</p>",
           "locationName": "internetGatewayId"
         }
@@ -10534,14 +11965,15 @@
     },
     "DeleteKeyPairRequest": {
       "type": "structure",
-      "required": [
-        "KeyName"
-      ],
       "members": {
         "KeyName": {
-          "shape": "String",
+          "shape": "KeyPairName",
           "documentation": "<p>The name of the key pair.</p>"
         },
+        "KeyPairId": {
+          "shape": "KeyPairId",
+          "documentation": "<p>The ID of the key pair.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -10557,7 +11989,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>"
         },
         "LaunchTemplateName": {
@@ -10587,7 +12019,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>"
         },
         "LaunchTemplateName": {
@@ -10677,14 +12109,75 @@
         }
       }
     },
+    "DeleteLocalGatewayRouteRequest": {
+      "type": "structure",
+      "required": [
+        "DestinationCidrBlock",
+        "LocalGatewayRouteTableId"
+      ],
+      "members": {
+        "DestinationCidrBlock": {
+          "shape": "String",
+          "documentation": "<p>The CIDR range for the route. This must match the CIDR for the route exactly.</p>"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeleteLocalGatewayRouteResult": {
+      "type": "structure",
+      "members": {
+        "Route": {
+          "shape": "LocalGatewayRoute",
+          "documentation": "<p>Information about the route.</p>",
+          "locationName": "route"
+        }
+      }
+    },
+    "DeleteLocalGatewayRouteTableVpcAssociationRequest": {
+      "type": "structure",
+      "required": [
+        "LocalGatewayRouteTableVpcAssociationId"
+      ],
+      "members": {
+        "LocalGatewayRouteTableVpcAssociationId": {
+          "shape": "LocalGatewayRouteTableVpcAssociationId",
+          "documentation": "<p>The ID of the association.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeleteLocalGatewayRouteTableVpcAssociationResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVpcAssociation": {
+          "shape": "LocalGatewayRouteTableVpcAssociation",
+          "documentation": "<p>Information about the association.</p>",
+          "locationName": "localGatewayRouteTableVpcAssociation"
+        }
+      }
+    },
     "DeleteNatGatewayRequest": {
       "type": "structure",
       "required": [
         "NatGatewayId"
       ],
       "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
         "NatGatewayId": {
-          "shape": "String",
+          "shape": "NatGatewayId",
           "documentation": "<p>The ID of the NAT gateway.</p>"
         }
       }
@@ -10718,7 +12211,7 @@
           "locationName": "egress"
         },
         "NetworkAclId": {
-          "shape": "String",
+          "shape": "NetworkAclId",
           "documentation": "<p>The ID of the network ACL.</p>",
           "locationName": "networkAclId"
         },
@@ -10741,7 +12234,7 @@
           "locationName": "dryRun"
         },
         "NetworkAclId": {
-          "shape": "String",
+          "shape": "NetworkAclId",
           "documentation": "<p>The ID of the network ACL.</p>",
           "locationName": "networkAclId"
         }
@@ -10754,7 +12247,7 @@
       ],
       "members": {
         "NetworkInterfacePermissionId": {
-          "shape": "String",
+          "shape": "NetworkInterfacePermissionId",
           "documentation": "<p>The ID of the network interface permission.</p>"
         },
         "Force": {
@@ -10791,7 +12284,7 @@
           "locationName": "dryRun"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         }
@@ -10810,12 +12303,77 @@
           "locationName": "dryRun"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "PlacementGroupName",
           "documentation": "<p>The name of the placement group.</p>",
           "locationName": "groupName"
         }
       }
     },
+    "DeleteQueuedReservedInstancesError": {
+      "type": "structure",
+      "members": {
+        "Code": {
+          "shape": "DeleteQueuedReservedInstancesErrorCode",
+          "documentation": "<p>The error code.</p>",
+          "locationName": "code"
+        },
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The error message.</p>",
+          "locationName": "message"
+        }
+      },
+      "documentation": "<p>Describes the error for a Reserved Instance whose queued purchase could not be deleted.</p>"
+    },
+    "DeleteQueuedReservedInstancesErrorCode": {
+      "type": "string",
+      "enum": [
+        "reserved-instances-id-invalid",
+        "reserved-instances-not-in-queued-state",
+        "unexpected-error"
+      ]
+    },
+    "DeleteQueuedReservedInstancesIdList": {
+      "type": "list",
+      "member": {
+        "shape": "ReservationId",
+        "locationName": "item"
+      },
+      "max": 100,
+      "min": 1
+    },
+    "DeleteQueuedReservedInstancesRequest": {
+      "type": "structure",
+      "required": [
+        "ReservedInstancesIds"
+      ],
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "ReservedInstancesIds": {
+          "shape": "DeleteQueuedReservedInstancesIdList",
+          "documentation": "<p>The IDs of the Reserved Instances.</p>",
+          "locationName": "ReservedInstancesId"
+        }
+      }
+    },
+    "DeleteQueuedReservedInstancesResult": {
+      "type": "structure",
+      "members": {
+        "SuccessfulQueuedPurchaseDeletions": {
+          "shape": "SuccessfulQueuedPurchaseDeletionSet",
+          "documentation": "<p>Information about the queued purchases that were successfully deleted.</p>",
+          "locationName": "successfulQueuedPurchaseDeletionSet"
+        },
+        "FailedQueuedPurchaseDeletions": {
+          "shape": "FailedQueuedPurchaseDeletionSet",
+          "documentation": "<p>Information about the queued purchases that could not be deleted.</p>",
+          "locationName": "failedQueuedPurchaseDeletionSet"
+        }
+      }
+    },
     "DeleteRouteRequest": {
       "type": "structure",
       "required": [
@@ -10838,7 +12396,7 @@
           "locationName": "dryRun"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table.</p>",
           "locationName": "routeTableId"
         }
@@ -10856,7 +12414,7 @@
           "locationName": "dryRun"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table.</p>",
           "locationName": "routeTableId"
         }
@@ -10866,11 +12424,11 @@
       "type": "structure",
       "members": {
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group. Required for a nondefault VPC.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "SecurityGroupName",
           "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You can specify either the security group name or the security group ID.</p>"
         },
         "DryRun": {
@@ -10887,7 +12445,7 @@
       ],
       "members": {
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the EBS snapshot.</p>"
         },
         "DryRun": {
@@ -10895,8 +12453,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for DeleteSnapshot.</p>"
+      }
     },
     "DeleteSpotDatafeedSubscriptionRequest": {
       "type": "structure",
@@ -10916,7 +12473,7 @@
       ],
       "members": {
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet.</p>"
         },
         "DryRun": {
@@ -10956,7 +12513,7 @@
       ],
       "members": {
         "TrafficMirrorFilterId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterId",
           "documentation": "<p>The ID of the Traffic Mirror filter.</p>"
         },
         "DryRun": {
@@ -10982,7 +12539,7 @@
       ],
       "members": {
         "TrafficMirrorFilterRuleId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterRuleId",
           "documentation": "<p>The ID of the Traffic Mirror rule.</p>"
         },
         "DryRun": {
@@ -11008,7 +12565,7 @@
       ],
       "members": {
         "TrafficMirrorSessionId": {
-          "shape": "String",
+          "shape": "TrafficMirrorSessionId",
           "documentation": "<p>The ID of the Traffic Mirror session.</p>"
         },
         "DryRun": {
@@ -11034,7 +12591,7 @@
       ],
       "members": {
         "TrafficMirrorTargetId": {
-          "shape": "String",
+          "shape": "TrafficMirrorTargetId",
           "documentation": "<p>The ID of the Traffic Mirror target.</p>"
         },
         "DryRun": {
@@ -11053,6 +12610,58 @@
         }
       }
     },
+    "DeleteTransitGatewayMulticastDomainRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayMulticastDomainId"
+      ],
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeleteTransitGatewayMulticastDomainResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomain": {
+          "shape": "TransitGatewayMulticastDomain",
+          "documentation": "<p>Information about the deleted transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomain"
+        }
+      }
+    },
+    "DeleteTransitGatewayPeeringAttachmentRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayAttachmentId"
+      ],
+      "members": {
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
+          "documentation": "<p>The ID of the transit gateway peering attachment.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeleteTransitGatewayPeeringAttachmentResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayPeeringAttachment": {
+          "shape": "TransitGatewayPeeringAttachment",
+          "documentation": "<p>The transit gateway peering attachment.</p>",
+          "locationName": "transitGatewayPeeringAttachment"
+        }
+      }
+    },
     "DeleteTransitGatewayRequest": {
       "type": "structure",
       "required": [
@@ -11060,7 +12669,7 @@
       ],
       "members": {
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of the transit gateway.</p>"
         },
         "DryRun": {
@@ -11087,7 +12696,7 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "DestinationCidrBlock": {
@@ -11117,7 +12726,7 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "DryRun": {
@@ -11143,7 +12752,7 @@
       ],
       "members": {
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -11169,7 +12778,7 @@
       ],
       "members": {
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>"
         },
         "DryRun": {
@@ -11177,8 +12786,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for DeleteVolume.</p>"
+      }
     },
     "DeleteVpcEndpointConnectionNotificationsRequest": {
       "type": "structure",
@@ -11218,7 +12826,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointServiceIdList",
           "documentation": "<p>The IDs of one or more services.</p>",
           "locationName": "ServiceId"
         }
@@ -11245,7 +12853,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "VpcEndpointIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointIdList",
           "documentation": "<p>One or more VPC endpoint IDs.</p>",
           "locationName": "VpcEndpointId"
         }
@@ -11275,7 +12883,7 @@
           "locationName": "dryRun"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of the VPC peering connection.</p>",
           "locationName": "vpcPeeringConnectionId"
         }
@@ -11298,7 +12906,7 @@
       ],
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "DryRun": {
@@ -11315,7 +12923,7 @@
       ],
       "members": {
         "VpnConnectionId": {
-          "shape": "String",
+          "shape": "VpnConnectionId",
           "documentation": "<p>The ID of the VPN connection.</p>"
         },
         "DryRun": {
@@ -11338,7 +12946,7 @@
           "documentation": "<p>The CIDR block associated with the local subnet of the customer network.</p>"
         },
         "VpnConnectionId": {
-          "shape": "String",
+          "shape": "VpnConnectionId",
           "documentation": "<p>The ID of the VPN connection.</p>"
         }
       },
@@ -11351,7 +12959,7 @@
       ],
       "members": {
         "VpnGatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway.</p>"
         },
         "DryRun": {
@@ -11370,7 +12978,7 @@
       "members": {
         "Cidr": {
           "shape": "String",
-          "documentation": "<p>The public IPv4 address range, in CIDR notation. The prefix must be the same prefix that you specified when you provisioned the address range.</p>"
+          "documentation": "<p>The address range, in CIDR notation. The prefix must be the same prefix that you specified when you provisioned the address range.</p>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -11395,7 +13003,7 @@
       ],
       "members": {
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>"
         },
         "DryRun": {
@@ -11406,6 +13014,106 @@
       },
       "documentation": "<p>Contains the parameters for DeregisterImage.</p>"
     },
+    "DeregisterInstanceEventNotificationAttributesRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "InstanceTagAttribute": {
+          "shape": "DeregisterInstanceTagAttributeRequest",
+          "documentation": "<p>Information about the tag keys to deregister.</p>"
+        }
+      }
+    },
+    "DeregisterInstanceEventNotificationAttributesResult": {
+      "type": "structure",
+      "members": {
+        "InstanceTagAttribute": {
+          "shape": "InstanceTagNotificationAttribute",
+          "documentation": "<p>The resulting set of tag keys.</p>",
+          "locationName": "instanceTagAttribute"
+        }
+      }
+    },
+    "DeregisterInstanceTagAttributeRequest": {
+      "type": "structure",
+      "members": {
+        "IncludeAllTagsOfInstance": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether to deregister all tag keys in the current Region. Specify <code>false</code> to deregister all tag keys.</p>"
+        },
+        "InstanceTagKeys": {
+          "shape": "InstanceTagKeySet",
+          "documentation": "<p>Information about the tag keys to deregister.</p>",
+          "locationName": "InstanceTagKey"
+        }
+      },
+      "documentation": "<p>Information about the tag keys to deregister for the current Region. You can either specify individual tag keys or deregister all tag keys in the current Region. You must specify either <code>IncludeAllTagsOfInstance</code> or <code>InstanceTagKeys</code> in the request</p>"
+    },
+    "DeregisterTransitGatewayMulticastGroupMembersRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>"
+        },
+        "NetworkInterfaceIds": {
+          "shape": "TransitGatewayNetworkInterfaceIdList",
+          "documentation": "<p>The IDs of the group members' network interfaces.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeregisterTransitGatewayMulticastGroupMembersResult": {
+      "type": "structure",
+      "members": {
+        "DeregisteredMulticastGroupMembers": {
+          "shape": "TransitGatewayMulticastDeregisteredGroupMembers",
+          "documentation": "<p>Information about the deregistered members.</p>",
+          "locationName": "deregisteredMulticastGroupMembers"
+        }
+      }
+    },
+    "DeregisterTransitGatewayMulticastGroupSourcesRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>"
+        },
+        "NetworkInterfaceIds": {
+          "shape": "TransitGatewayNetworkInterfaceIdList",
+          "documentation": "<p>The IDs of the group sources' network interfaces.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DeregisterTransitGatewayMulticastGroupSourcesResult": {
+      "type": "structure",
+      "members": {
+        "DeregisteredMulticastGroupSources": {
+          "shape": "TransitGatewayMulticastDeregisteredGroupSources",
+          "documentation": "<p>Information about the deregistered group sources.</p>",
+          "locationName": "deregisteredMulticastGroupSources"
+        }
+      }
+    },
     "DescribeAccountAttributesRequest": {
       "type": "structure",
       "members": {
@@ -11436,7 +13144,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>allocation-id</code> - [EC2-VPC] The allocation ID for the address.</p> </li> <li> <p> <code>association-id</code> - [EC2-VPC] The association ID for the address.</p> </li> <li> <p> <code>domain</code> - Indicates whether the address is for use in EC2-Classic (<code>standard</code>) or in a VPC (<code>vpc</code>).</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance the address is associated with, if any.</p> </li> <li> <p> <code>network-interface-id</code> - [EC2-VPC] The ID of the network interface that the address is associated with, if any.</p> </li> <li> <p> <code>network-interface-owner-id</code> - The AWS account ID of the owner.</p> </li> <li> <p> <code>private-ip-address</code> - [EC2-VPC] The private IP address associated with the Elastic IP address.</p> </li> <li> <p> <code>public-ip</code> - The Elastic IP address.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>allocation-id</code> - [EC2-VPC] The allocation ID for the address.</p> </li> <li> <p> <code>association-id</code> - [EC2-VPC] The association ID for the address.</p> </li> <li> <p> <code>domain</code> - Indicates whether the address is for use in EC2-Classic (<code>standard</code>) or in a VPC (<code>vpc</code>).</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance the address is associated with, if any.</p> </li> <li> <p> <code>network-border-group</code> - The location from where the IP address is advertised.</p> </li> <li> <p> <code>network-interface-id</code> - [EC2-VPC] The ID of the network interface that the address is associated with, if any.</p> </li> <li> <p> <code>network-interface-owner-id</code> - The AWS account ID of the owner.</p> </li> <li> <p> <code>private-ip-address</code> - [EC2-VPC] The private IP address associated with the Elastic IP address.</p> </li> <li> <p> <code>public-ip</code> - The Elastic IP address.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "PublicIps": {
@@ -11495,19 +13203,23 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>message</code> - Information about the Availability Zone.</p> </li> <li> <p> <code>region-name</code> - The name of the Region for the Availability Zone (for example, <code>us-east-1</code>).</p> </li> <li> <p> <code>state</code> - The state of the Availability Zone (<code>available</code> | <code>information</code> | <code>impaired</code> | <code>unavailable</code>).</p> </li> <li> <p> <code>zone-id</code> - The ID of the Availability Zone (for example, <code>use1-az1</code>).</p> </li> <li> <p> <code>zone-name</code> - The name of the Availability Zone (for example, <code>us-east-1a</code>).</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>group-name</code> - For Availability Zones, use the Region name. For Local Zones, use the name of the group associated with the Local Zone (for example, <code>us-west-2-lax-1</code>).</p> </li> <li> <p> <code>message</code> - The Availability Zone or Local Zone message.</p> </li> <li> <p> <code>opt-in-status</code> - The opt in status (<code>opted-in</code>, and <code>not-opted-in</code> | <code>opt-in-not-required</code>).</p> </li> <li> <p> <code>region-name</code> - The name of the Region for the Availability Zone or Local Zone (for example, <code>us-east-1</code>).</p> </li> <li> <p> <code>state</code> - The state of the Availability Zone or Local Zone (<code>available</code> | <code>information</code> | <code>impaired</code> | <code>unavailable</code>).</p> </li> <li> <p> <code>zone-id</code> - The ID of the Availability Zone (for example, <code>use1-az1</code>) or the Local Zone (for example, use <code>usw2-lax1-az1</code>).</p> </li> <li> <p> <code>zone-name</code> - The name of the Availability Zone (for example, <code>us-east-1a</code>) or the Local Zone (for example, use <code>us-west-2-lax-1a</code>).</p> </li> </ul>",
           "locationName": "Filter"
         },
         "ZoneNames": {
           "shape": "ZoneNameStringList",
-          "documentation": "<p>The names of the Availability Zones.</p>",
+          "documentation": "<p>The names of the Availability Zones and Local Zones.</p>",
           "locationName": "ZoneName"
         },
         "ZoneIds": {
           "shape": "ZoneIdStringList",
-          "documentation": "<p>The IDs of the Availability Zones.</p>",
+          "documentation": "<p>The IDs of the Availability Zones and Local Zones.</p>",
           "locationName": "ZoneId"
         },
+        "AllAvailabilityZones": {
+          "shape": "Boolean",
+          "documentation": "<p>Include all Availability Zones and Local Zones regardless of your opt in status.</p> <p>If you do not use this parameter, the results include only the zones for the Regions where you have chosen the option to opt in.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -11520,7 +13232,7 @@
       "members": {
         "AvailabilityZones": {
           "shape": "AvailabilityZoneList",
-          "documentation": "<p>Information about the Availability Zones.</p>",
+          "documentation": "<p>Information about the Availability Zones and Local Zones.</p>",
           "locationName": "availabilityZoneInfo"
         }
       }
@@ -11555,6 +13267,11 @@
         }
       }
     },
+    "DescribeByoipCidrsMaxResults": {
+      "type": "integer",
+      "max": 100,
+      "min": 1
+    },
     "DescribeByoipCidrsRequest": {
       "type": "structure",
       "required": [
@@ -11566,7 +13283,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeByoipCidrsMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
         },
         "NextToken": {
@@ -11613,7 +13330,7 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>instance-type</code> - The type of instance for which the Capacity Reservation reserves capacity.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the Capacity Reservation.</p> </li> <li> <p> <code>availability-zone-id</code> - The Availability Zone ID of the Capacity Reservation.</p> </li> <li> <p> <code>instance-platform</code> - The type of operating system for which the Capacity Reservation reserves capacity.</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone ID of the Capacity Reservation.</p> </li> <li> <p> <code>tenancy</code> - Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:</p> <ul> <li> <p> <code>default</code> - The Capacity Reservation is created on hardware that is shared with other AWS accounts.</p> </li> <li> <p> <code>dedicated</code> - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account.</p> </li> </ul> </li> <li> <p> <code>state</code> - The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p> <ul> <li> <p> <code>active</code>- The Capacity Reservation is active and the capacity is available for your use.</p> </li> <li> <p> <code>expired</code> - The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>cancelled</code> - The Capacity Reservation was manually cancelled. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>pending</code> - The Capacity Reservation request was successful but the capacity provisioning is still pending.</p> </li> <li> <p> <code>failed</code> - The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.</p> </li> </ul> </li> <li> <p> <code>end-date</code> - The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to expired when it reaches its end date and time.</p> </li> <li> <p> <code>end-date-type</code> - Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:</p> <ul> <li> <p> <code>unlimited</code> - The Capacity Reservation remains active until you explicitly cancel it.</p> </li> <li> <p> <code>limited</code> - The Capacity Reservation expires automatically at a specified date and time.</p> </li> </ul> </li> <li> <p> <code>instance-match-criteria</code> - Indicates the type of instance launches that the Capacity Reservation accepts. The options include:</p> <ul> <li> <p> <code>open</code> - The Capacity Reservation accepts all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes launch into the Capacity Reservation automatically without specifying any additional parameters.</p> </li> <li> <p> <code>targeted</code> - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.</p> </li> </ul> </li> </ul>",
           "locationName": "Filter"
         },
         "DryRun": {
@@ -11637,6 +13354,11 @@
         }
       }
     },
+    "DescribeClassicLinkInstancesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClassicLinkInstancesRequest": {
       "type": "structure",
       "members": {
@@ -11656,7 +13378,7 @@
           "locationName": "InstanceId"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeClassicLinkInstancesMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>",
           "locationName": "maxResults"
         },
@@ -11682,6 +13404,11 @@
         }
       }
     },
+    "DescribeClientVpnAuthorizationRulesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClientVpnAuthorizationRulesRequest": {
       "type": "structure",
       "required": [
@@ -11689,7 +13416,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "DryRun": {
@@ -11702,11 +13429,11 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>description</code> - The description of the authorization rule.</p> </li> <li> <p> <code>destination-cidr</code> - The CIDR of the network to which the authorization rule applies.</p> </li> <li> <p> <code>group-id</code> - The ID of the Active Directory group to which the authorization rule grants access.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeClientVpnAuthorizationRulesMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>"
         }
       }
@@ -11726,6 +13453,11 @@
         }
       }
     },
+    "DescribeClientVpnConnectionsMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClientVpnConnectionsRequest": {
       "type": "structure",
       "required": [
@@ -11733,12 +13465,12 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>connection-id</code> - The ID of the connection.</p> </li> <li> <p> <code>username</code> - For Active Directory client authentication, the user name of the client who established the client connection.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "NextToken": {
@@ -11746,7 +13478,7 @@
           "documentation": "<p>The token to retrieve the next page of results.</p>"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeClientVpnConnectionsMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>"
         },
         "DryRun": {
@@ -11770,16 +13502,21 @@
         }
       }
     },
+    "DescribeClientVpnEndpointMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClientVpnEndpointsRequest": {
       "type": "structure",
       "members": {
         "ClientVpnEndpointIds": {
-          "shape": "ValueStringList",
+          "shape": "ClientVpnEndpointIdList",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>",
           "locationName": "ClientVpnEndpointId"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeClientVpnEndpointMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>"
         },
         "NextToken": {
@@ -11788,7 +13525,7 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>endpoint-id</code> - The ID of the Client VPN endpoint.</p> </li> <li> <p> <code>transport-protocol</code> - The transport protocol (<code>tcp</code> | <code>udp</code>).</p> </li> </ul>",
           "locationName": "Filter"
         },
         "DryRun": {
@@ -11812,6 +13549,11 @@
         }
       }
     },
+    "DescribeClientVpnRoutesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClientVpnRoutesRequest": {
       "type": "structure",
       "required": [
@@ -11819,16 +13561,16 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>destination-cidr</code> - The CIDR of the route destination.</p> </li> <li> <p> <code>origin</code> - How the route was associated with the Client VPN endpoint (<code>associate</code> | <code>add-route</code>).</p> </li> <li> <p> <code>target-subnet</code> - The ID of the subnet through which traffic is routed.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeClientVpnRoutesMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>"
         },
         "NextToken": {
@@ -11856,6 +13598,11 @@
         }
       }
     },
+    "DescribeClientVpnTargetNetworksMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeClientVpnTargetNetworksRequest": {
       "type": "structure",
       "required": [
@@ -11863,7 +13610,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "AssociationIds": {
@@ -11871,7 +13618,7 @@
           "documentation": "<p>The IDs of the target network associations.</p>"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeClientVpnTargetNetworksMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>"
         },
         "NextToken": {
@@ -11880,7 +13627,7 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>association-id</code> - The ID of the association.</p> </li> <li> <p> <code>target-network-id</code> - The ID of the subnet specified as the target network.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC in which the target network is located.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "DryRun": {
@@ -11904,6 +13651,48 @@
         }
       }
     },
+    "DescribeCoipPoolsRequest": {
+      "type": "structure",
+      "members": {
+        "PoolIds": {
+          "shape": "CoipPoolIdSet",
+          "documentation": "<p>The IDs of the address pools.</p>",
+          "locationName": "PoolId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>The filters. The following are the possible values:</p> <ul> <li> <p> <code>coip-pool.pool-id</code> </p> </li> </ul> <ul> <li> <p> <code>coip-pool.local-gateway-route-table-id</code> </p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "CoipPoolMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeCoipPoolsResult": {
+      "type": "structure",
+      "members": {
+        "CoipPools": {
+          "shape": "CoipPoolSet",
+          "documentation": "<p>Information about the address pools.</p>",
+          "locationName": "coipPoolSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeConversionTaskList": {
       "type": "list",
       "member": {
@@ -12016,6 +13805,11 @@
         }
       }
     },
+    "DescribeEgressOnlyInternetGatewaysMaxResults": {
+      "type": "integer",
+      "max": 255,
+      "min": 5
+    },
     "DescribeEgressOnlyInternetGatewaysRequest": {
       "type": "structure",
       "members": {
@@ -12029,12 +13823,17 @@
           "locationName": "EgressOnlyInternetGatewayId"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeEgressOnlyInternetGatewaysMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
         },
         "NextToken": {
           "shape": "String",
           "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "locationName": "Filter"
         }
       }
     },
@@ -12105,6 +13904,53 @@
         }
       }
     },
+    "DescribeExportImageTasksMaxResults": {
+      "type": "integer",
+      "max": 500,
+      "min": 1
+    },
+    "DescribeExportImageTasksRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>Filter tasks using the <code>task-state</code> filter and one of the following values: <code>active</code>, <code>completed</code>, <code>deleting</code>, or <code>deleted</code>.</p>",
+          "locationName": "Filter"
+        },
+        "ExportImageTaskIds": {
+          "shape": "ExportImageTaskIdList",
+          "documentation": "<p>The IDs of the export image tasks.</p>",
+          "locationName": "ExportImageTaskId"
+        },
+        "MaxResults": {
+          "shape": "DescribeExportImageTasksMaxResults",
+          "documentation": "<p>The maximum number of results to return in a single call.</p>"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>A token that indicates the next page of results.</p>"
+        }
+      }
+    },
+    "DescribeExportImageTasksResult": {
+      "type": "structure",
+      "members": {
+        "ExportImageTasks": {
+          "shape": "ExportImageTaskList",
+          "documentation": "<p>Information about the export image tasks.</p>",
+          "locationName": "exportImageTaskSet"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeExportTasksRequest": {
       "type": "structure",
       "members": {
@@ -12112,6 +13958,11 @@
           "shape": "ExportTaskIdStringList",
           "documentation": "<p>The export task IDs.</p>",
           "locationName": "exportTaskId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>the filters for the export tasks.</p>",
+          "locationName": "Filter"
         }
       }
     },
@@ -12125,12 +13976,122 @@
         }
       }
     },
+    "DescribeFastSnapshotRestoreSuccessItem": {
+      "type": "structure",
+      "members": {
+        "SnapshotId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the snapshot.</p>",
+          "locationName": "snapshotId"
+        },
+        "AvailabilityZone": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone.</p>",
+          "locationName": "availabilityZone"
+        },
+        "State": {
+          "shape": "FastSnapshotRestoreStateCode",
+          "documentation": "<p>The state of fast snapshot restores.</p>",
+          "locationName": "state"
+        },
+        "StateTransitionReason": {
+          "shape": "String",
+          "documentation": "<p>The reason for the state transition. The possible values are as follows:</p> <ul> <li> <p> <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or <code>disabling</code>.</p> </li> <li> <p> <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p> </li> </ul>",
+          "locationName": "stateTransitionReason"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the snapshot.</p>",
+          "locationName": "ownerId"
+        },
+        "OwnerAlias": {
+          "shape": "String",
+          "documentation": "<p>The alias of the snapshot owner.</p>",
+          "locationName": "ownerAlias"
+        },
+        "EnablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>",
+          "locationName": "enablingTime"
+        },
+        "OptimizingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>",
+          "locationName": "optimizingTime"
+        },
+        "EnabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>",
+          "locationName": "enabledTime"
+        },
+        "DisablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>",
+          "locationName": "disablingTime"
+        },
+        "DisabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>",
+          "locationName": "disabledTime"
+        }
+      },
+      "documentation": "<p>Describes fast snapshot restores for a snapshot.</p>"
+    },
+    "DescribeFastSnapshotRestoreSuccessSet": {
+      "type": "list",
+      "member": {
+        "shape": "DescribeFastSnapshotRestoreSuccessItem",
+        "locationName": "item"
+      }
+    },
+    "DescribeFastSnapshotRestoresMaxResults": {
+      "type": "integer",
+      "max": 200,
+      "min": 0
+    },
+    "DescribeFastSnapshotRestoresRequest": {
+      "type": "structure",
+      "members": {
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>The filters. The possible values are:</p> <ul> <li> <p> <code>availability-zone</code>: The Availability Zone of the snapshot.</p> </li> <li> <p> <code>owner-id</code>: The ID of the AWS account that owns the snapshot.</p> </li> <li> <p> <code>snapshot-id</code>: The ID of the snapshot.</p> </li> <li> <p> <code>state</code>: The state of fast snapshot restores for the snapshot (<code>enabling</code> | <code>optimizing</code> | <code>enabled</code> | <code>disabling</code> | <code>disabled</code>).</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "DescribeFastSnapshotRestoresMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeFastSnapshotRestoresResult": {
+      "type": "structure",
+      "members": {
+        "FastSnapshotRestores": {
+          "shape": "DescribeFastSnapshotRestoreSuccessSet",
+          "documentation": "<p>Information about the state of fast snapshot restores.</p>",
+          "locationName": "fastSnapshotRestoreSet"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeFleetError": {
       "type": "structure",
       "members": {
         "LaunchTemplateAndOverrides": {
           "shape": "LaunchTemplateAndOverridesResponse",
-          "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>",
+          "documentation": "<p>The launch templates and overrides that were used for launching the instances. The values that you specify in the Overrides replace the values in the launch template.</p>",
           "locationName": "launchTemplateAndOverrides"
         },
         "Lifecycle": {
@@ -12145,7 +14106,7 @@
         },
         "ErrorMessage": {
           "shape": "String",
-          "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see ee <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
+          "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
           "locationName": "errorMessage"
         }
       },
@@ -12175,7 +14136,7 @@
           "documentation": "<p>The token for the next set of results.</p>"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>"
         },
         "StartTime": {
@@ -12203,7 +14164,7 @@
           "locationName": "nextToken"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC Fleet.</p>",
           "locationName": "fleetId"
         },
@@ -12233,7 +14194,7 @@
           "documentation": "<p>The token for the next set of results.</p>"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>"
         },
         "Filters": {
@@ -12257,7 +14218,7 @@
           "locationName": "nextToken"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>",
           "locationName": "fleetId"
         }
@@ -12275,7 +14236,7 @@
       "members": {
         "LaunchTemplateAndOverrides": {
           "shape": "LaunchTemplateAndOverridesResponse",
-          "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>",
+          "documentation": "<p>The launch templates and overrides that were used for launching the instances. The values that you specify in the Overrides replace the values in the launch template.</p>",
           "locationName": "launchTemplateAndOverrides"
         },
         "Lifecycle": {
@@ -12295,7 +14256,7 @@
         },
         "Platform": {
           "shape": "PlatformValues",
-          "documentation": "<p>The value is <code>Windows</code> for Windows instances; otherwise blank.</p>",
+          "documentation": "<p>The value is <code>Windows</code> for Windows instances. Otherwise, the value is blank.</p>",
           "locationName": "platform"
         }
       },
@@ -12359,10 +14320,10 @@
         },
         "Filter": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>deliver-log-status</code> - The status of the logs delivery (<code>SUCCESS</code> | <code>FAILED</code>).</p> </li> <li> <p> <code>log-destination-type</code> - The type of destination to which the flow log publishes data. Possible destination types include <code>cloud-watch-logs</code> and <code>S3</code>.</p> </li> <li> <p> <code>flow-log-id</code> - The ID of the flow log.</p> </li> <li> <p> <code>log-group-name</code> - The name of the log group.</p> </li> <li> <p> <code>resource-id</code> - The ID of the VPC, subnet, or network interface.</p> </li> <li> <p> <code>traffic-type</code> - The type of traffic (<code>ACCEPT</code> | <code>REJECT</code> | <code>ALL</code>).</p> </li> </ul>"
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>deliver-log-status</code> - The status of the logs delivery (<code>SUCCESS</code> | <code>FAILED</code>).</p> </li> <li> <p> <code>log-destination-type</code> - The type of destination to which the flow log publishes data. Possible destination types include <code>cloud-watch-logs</code> and <code>S3</code>.</p> </li> <li> <p> <code>flow-log-id</code> - The ID of the flow log.</p> </li> <li> <p> <code>log-group-name</code> - The name of the log group.</p> </li> <li> <p> <code>resource-id</code> - The ID of the VPC, subnet, or network interface.</p> </li> <li> <p> <code>traffic-type</code> - The type of traffic (<code>ACCEPT</code> | <code>REJECT</code> | <code>ALL</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>"
         },
         "FlowLogIds": {
-          "shape": "ValueStringList",
+          "shape": "FlowLogIdList",
           "documentation": "<p>One or more flow log IDs.</p> <p>Constraint: Maximum of 1000 flow log IDs.</p>",
           "locationName": "FlowLogId"
         },
@@ -12403,7 +14364,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "FpgaImageId": {
-          "shape": "String",
+          "shape": "FpgaImageId",
           "documentation": "<p>The ID of the AFI.</p>"
         },
         "Attribute": {
@@ -12422,6 +14383,11 @@
         }
       }
     },
+    "DescribeFpgaImagesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeFpgaImagesRequest": {
       "type": "structure",
       "members": {
@@ -12449,7 +14415,7 @@
           "documentation": "<p>The token to retrieve the next page of results.</p>"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeFpgaImagesMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call.</p>"
         }
       }
@@ -12493,7 +14459,7 @@
           "documentation": "<p>The token to use to retrieve the next page of results.</p>"
         },
         "OfferingId": {
-          "shape": "String",
+          "shape": "OfferingId",
           "documentation": "<p>The ID of the reservation offering.</p>"
         }
       }
@@ -12594,6 +14560,11 @@
         }
       }
     },
+    "DescribeIamInstanceProfileAssociationsMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeIamInstanceProfileAssociationsRequest": {
       "type": "structure",
       "members": {
@@ -12604,11 +14575,11 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>state</code> - The state of the association (<code>associating</code> | <code>associated</code> | <code>disassociating</code> | <code>disassociated</code>).</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>state</code> - The state of the association (<code>associating</code> | <code>associated</code> | <code>disassociating</code>).</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeIamInstanceProfileAssociationsMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>"
         },
         "NextToken": {
@@ -12691,7 +14662,7 @@
           "documentation": "<p>The AMI attribute.</p> <p> <b>Note</b>: Depending on your account privileges, the <code>blockDeviceMapping</code> attribute may return a <code>Client.AuthFailure</code> error. If this happens, use <a>DescribeImages</a> to get information about the block device mapping for the AMI.</p>"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>"
         },
         "DryRun": {
@@ -12751,16 +14722,16 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>Filter tasks using the <code>task-state</code> filter and one of the following values: active, completed, deleting, deleted.</p>"
+          "documentation": "<p>Filter tasks using the <code>task-state</code> filter and one of the following values: <code>active</code>, <code>completed</code>, <code>deleting</code>, or <code>deleted</code>.</p>"
         },
         "ImportTaskIds": {
           "shape": "ImportTaskIdList",
-          "documentation": "<p>A list of import image task IDs.</p>",
+          "documentation": "<p>The IDs of the import image tasks.</p>",
           "locationName": "ImportTaskId"
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>"
+          "documentation": "<p>The maximum number of results to return in a single call.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -12795,7 +14766,7 @@
           "documentation": "<p>The filters.</p>"
         },
         "ImportTaskIds": {
-          "shape": "ImportTaskIdList",
+          "shape": "ImportSnapshotTaskIdList",
           "documentation": "<p>A list of import snapshot task IDs.</p>",
           "locationName": "ImportTaskId"
         },
@@ -12842,7 +14813,7 @@
           "locationName": "dryRun"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         }
@@ -12895,6 +14866,25 @@
         }
       }
     },
+    "DescribeInstanceEventNotificationAttributesRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeInstanceEventNotificationAttributesResult": {
+      "type": "structure",
+      "members": {
+        "InstanceTagAttribute": {
+          "shape": "InstanceTagNotificationAttribute",
+          "documentation": "<p>Information about the registered tag keys.</p>",
+          "locationName": "instanceTagAttribute"
+        }
+      }
+    },
     "DescribeInstanceStatusRequest": {
       "type": "structure",
       "members": {
@@ -12943,12 +14933,95 @@
         }
       }
     },
+    "DescribeInstanceTypeOfferingsRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "LocationType": {
+          "shape": "LocationType",
+          "documentation": "<p>The location type.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>location</code> - This depends on the location type. For example, if the location type is <code>region</code> (default), the location is the Region code (for example, <code>us-east-2</code>.)</p> </li> <li> <p> <code>instance-type</code> - The instance type.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "DITOMaxResults",
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the next token value.</p>"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to retrieve the next page of results.</p>"
+        }
+      }
+    },
+    "DescribeInstanceTypeOfferingsResult": {
+      "type": "structure",
+      "members": {
+        "InstanceTypeOfferings": {
+          "shape": "InstanceTypeOfferingsList",
+          "documentation": "<p>The instance types offered.</p>",
+          "locationName": "instanceTypeOfferingSet"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeInstanceTypesRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "InstanceTypes": {
+          "shape": "RequestInstanceTypeList",
+          "documentation": "<p>The instance types. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "InstanceType"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>auto-recovery-supported</code> - Indicates whether auto recovery is supported. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>bare-metal</code> - Indicates whether it is a bare metal instance type. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>burstable-performance-supported</code> - Indicates whether it is a burstable performance instance type. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>current-generation</code> - Indicates whether this instance type is the latest generation instance type of an instance family. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>ebs-info.ebs-optimized-support</code> - Indicates whether the instance type is EBS-optimized. (<code>supported</code> | <code>unsupported</code> | <code>default</code>)</p> </li> <li> <p> <code>ebs-info.encryption-support</code> - Indicates whether EBS encryption is supported. (<code>supported</code> | <code>unsupported</code>)</p> </li> <li> <p> <code>free-tier-eligible</code> - Indicates whether the instance type is eligible to use in the free tier. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>hibernation-supported</code> - Indicates whether On-Demand hibernation is supported. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>hypervisor</code> - The hypervisor used. (<code>nitro</code> | <code>xen</code>)</p> </li> <li> <p> <code>instance-storage-info.disk.count</code> - The number of local disks.</p> </li> <li> <p> <code>instance-storage-info.disk.size-in-gb</code> - The storage size of each instance storage disk, in GB.</p> </li> <li> <p> <code>instance-storage-info.disk.type</code> - The storage technology for the local instance storage disks. (<code>hdd</code> | <code>ssd</code>)</p> </li> <li> <p> <code>instance-storage-info.total-size-in-gb</code> - The total amount of storage available from all local instance storage, in GB.</p> </li> <li> <p> <code>instance-storage-supported</code> - Indicates whether the instance type has local instance storage. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>memory-info.size-in-mib</code> - The memory size.</p> </li> <li> <p> <code>network-info.ena-support</code> - Indicates whether Elastic Network Adapter (ENA) is supported or required. (<code>required</code> | <code>supported</code> | <code>unsupported</code>)</p> </li> <li> <p> <code>network-info.ipv4-addresses-per-interface</code> - The maximum number of private IPv4 addresses per network interface.</p> </li> <li> <p> <code>network-info.ipv6-addresses-per-interface</code> - The maximum number of private IPv6 addresses per network interface.</p> </li> <li> <p> <code>network-info.ipv6-supported</code> - Indicates whether the instance type supports IPv6. (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>network-info.maximum-network-interfaces</code> - The maximum number of network interfaces per instance.</p> </li> <li> <p> <code>network-info.network-performance</code> - Describes the network performance.</p> </li> <li> <p> <code>processor-info.sustained-clock-speed-in-ghz</code> - The CPU clock speed, in GHz.</p> </li> <li> <p> <code>vcpu-info.default-cores</code> - The default number of cores for the instance type.</p> </li> <li> <p> <code>vcpu-info.default-threads-per-core</code> - The default number of threads per core for the instance type.</p> </li> <li> <p> <code>vcpu-info.default-vcpus</code> - The default number of vCPUs for the instance type.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "DITMaxResults",
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the next token value.</p>"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to retrieve the next page of results.</p>"
+        }
+      }
+    },
+    "DescribeInstanceTypesResult": {
+      "type": "structure",
+      "members": {
+        "InstanceTypes": {
+          "shape": "InstanceTypeInfoList",
+          "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "instanceTypeSet"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeInstancesRequest": {
       "type": "structure",
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>affinity</code> - The affinity setting for an instance running on a Dedicated Host (<code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>architecture</code> - The instance architecture (<code>i386</code> | <code>x86_64</code> | <code>arm64</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the instance.</p> </li> <li> <p> <code>block-device-mapping.attach-time</code> - The attach time for an EBS volume mapped to the instance, for example, <code>2010-09-15T17:15:20.000Z</code>.</p> </li> <li> <p> <code>block-device-mapping.delete-on-termination</code> - A Boolean that indicates whether the EBS volume is deleted on instance termination.</p> </li> <li> <p> <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p> </li> <li> <p> <code>block-device-mapping.status</code> - The status for the EBS volume (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>block-device-mapping.volume-id</code> - The volume ID of the EBS volume.</p> </li> <li> <p> <code>client-token</code> - The idempotency token you provided when you launched the instance.</p> </li> <li> <p> <code>dns-name</code> - The public DNS name of the instance.</p> </li> <li> <p> <code>group-id</code> - The ID of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>group-name</code> - The name of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>hibernation-options.configured</code> - A Boolean that indicates whether the instance is enabled for hibernation. A value of <code>true</code> means that the instance is enabled for hibernation. </p> </li> <li> <p> <code>host-id</code> - The ID of the Dedicated Host on which the instance is running, if applicable.</p> </li> <li> <p> <code>hypervisor</code> - The hypervisor type of the instance (<code>ovm</code> | <code>xen</code>).</p> </li> <li> <p> <code>iam-instance-profile.arn</code> - The instance profile associated with the instance. Specified as an ARN.</p> </li> <li> <p> <code>image-id</code> - The ID of the image used to launch the instance.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>instance-lifecycle</code> - Indicates whether this is a Spot Instance or a Scheduled Instance (<code>spot</code> | <code>scheduled</code>).</p> </li> <li> <p> <code>instance-state-code</code> - The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).</p> </li> <li> <p> <code>instance-state-name</code> - The state of the instance (<code>pending</code> | <code>running</code> | <code>shutting-down</code> | <code>terminated</code> | <code>stopping</code> | <code>stopped</code>).</p> </li> <li> <p> <code>instance-type</code> - The type of instance (for example, <code>t2.micro</code>).</p> </li> <li> <p> <code>instance.group-id</code> - The ID of the security group for the instance. </p> </li> <li> <p> <code>instance.group-name</code> - The name of the security group for the instance. </p> </li> <li> <p> <code>ip-address</code> - The public IPv4 address of the instance.</p> </li> <li> <p> <code>kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair used when the instance was launched.</p> </li> <li> <p> <code>launch-index</code> - When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on). </p> </li> <li> <p> <code>launch-time</code> - The time when the instance was launched.</p> </li> <li> <p> <code>monitoring-state</code> - Indicates whether detailed monitoring is enabled (<code>disabled</code> | <code>enabled</code>).</p> </li> <li> <p> <code>network-interface.addresses.private-ip-address</code> - The private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.addresses.primary</code> - Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.</p> </li> <li> <p> <code>network-interface.addresses.association.public-ip</code> - The ID of the association of an Elastic IP address (IPv4) with a network interface.</p> </li> <li> <p> <code>network-interface.addresses.association.ip-owner-id</code> - The owner ID of the private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>network-interface.association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>network-interface.association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>network-interface.attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>network-interface.attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>network-interface.attachment.attach-time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>network-interface.attachment.delete-on-termination</code> - Specifies whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>network-interface.availability-zone</code> - The Availability Zone for the network interface.</p> </li> <li> <p> <code>network-interface.description</code> - The description of the network interface.</p> </li> <li> <p> <code>network-interface.group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.ipv6-addresses.ipv6-address</code> - The IPv6 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface.network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>network-interface.owner-id</code> - The ID of the owner of the network interface.</p> </li> <li> <p> <code>network-interface.private-dns-name</code> - The private DNS name of the network interface.</p> </li> <li> <p> <code>network-interface.requester-id</code> - The requester ID for the network interface.</p> </li> <li> <p> <code>network-interface.requester-managed</code> - Indicates whether the network interface is being managed by AWS.</p> </li> <li> <p> <code>network-interface.status</code> - The status of the network interface (<code>available</code>) | <code>in-use</code>).</p> </li> <li> <p> <code>network-interface.source-dest-check</code> - Whether the network interface performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC.</p> </li> <li> <p> <code>network-interface.subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>network-interface.vpc-id</code> - The ID of the VPC for the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the instance owner.</p> </li> <li> <p> <code>placement-group-name</code> - The name of the placement group for the instance.</p> </li> <li> <p> <code>placement-partition-number</code> - The partition in which the instance is located.</p> </li> <li> <p> <code>platform</code> - The platform. To list only Windows instances, use <code>windows</code>.</p> </li> <li> <p> <code>private-dns-name</code> - The private IPv4 DNS name of the instance.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address of the instance.</p> </li> <li> <p> <code>product-code</code> - The product code associated with the AMI used to launch the instance.</p> </li> <li> <p> <code>product-code.type</code> - The type of product code (<code>devpay</code> | <code>marketplace</code>).</p> </li> <li> <p> <code>ramdisk-id</code> - The RAM disk ID.</p> </li> <li> <p> <code>reason</code> - The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>reservation-id</code> - The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.</p> </li> <li> <p> <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> | <code>instance-store</code>).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the instance performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the instance to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>spot-instance-request-id</code> - The ID of the Spot Instance request.</p> </li> <li> <p> <code>state-reason-code</code> - The reason code for the state change.</p> </li> <li> <p> <code>state-reason-message</code> - A message that describes the state change.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the instance.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>tenancy</code> - The tenancy of an instance (<code>dedicated</code> | <code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>virtualization-type</code> - The virtualization type of the instance (<code>paravirtual</code> | <code>hvm</code>).</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC that the instance is running in.</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>affinity</code> - The affinity setting for an instance running on a Dedicated Host (<code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>architecture</code> - The instance architecture (<code>i386</code> | <code>x86_64</code> | <code>arm64</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the instance.</p> </li> <li> <p> <code>block-device-mapping.attach-time</code> - The attach time for an EBS volume mapped to the instance, for example, <code>2010-09-15T17:15:20.000Z</code>.</p> </li> <li> <p> <code>block-device-mapping.delete-on-termination</code> - A Boolean that indicates whether the EBS volume is deleted on instance termination.</p> </li> <li> <p> <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p> </li> <li> <p> <code>block-device-mapping.status</code> - The status for the EBS volume (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>block-device-mapping.volume-id</code> - The volume ID of the EBS volume.</p> </li> <li> <p> <code>client-token</code> - The idempotency token you provided when you launched the instance.</p> </li> <li> <p> <code>dns-name</code> - The public DNS name of the instance.</p> </li> <li> <p> <code>group-id</code> - The ID of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>group-name</code> - The name of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>hibernation-options.configured</code> - A Boolean that indicates whether the instance is enabled for hibernation. A value of <code>true</code> means that the instance is enabled for hibernation. </p> </li> <li> <p> <code>host-id</code> - The ID of the Dedicated Host on which the instance is running, if applicable.</p> </li> <li> <p> <code>hypervisor</code> - The hypervisor type of the instance (<code>ovm</code> | <code>xen</code>). The value <code>xen</code> is used for both Xen and Nitro hypervisors.</p> </li> <li> <p> <code>iam-instance-profile.arn</code> - The instance profile associated with the instance. Specified as an ARN.</p> </li> <li> <p> <code>image-id</code> - The ID of the image used to launch the instance.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>instance-lifecycle</code> - Indicates whether this is a Spot Instance or a Scheduled Instance (<code>spot</code> | <code>scheduled</code>).</p> </li> <li> <p> <code>instance-state-code</code> - The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).</p> </li> <li> <p> <code>instance-state-name</code> - The state of the instance (<code>pending</code> | <code>running</code> | <code>shutting-down</code> | <code>terminated</code> | <code>stopping</code> | <code>stopped</code>).</p> </li> <li> <p> <code>instance-type</code> - The type of instance (for example, <code>t2.micro</code>).</p> </li> <li> <p> <code>instance.group-id</code> - The ID of the security group for the instance. </p> </li> <li> <p> <code>instance.group-name</code> - The name of the security group for the instance. </p> </li> <li> <p> <code>ip-address</code> - The public IPv4 address of the instance.</p> </li> <li> <p> <code>kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair used when the instance was launched.</p> </li> <li> <p> <code>launch-index</code> - When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on). </p> </li> <li> <p> <code>launch-time</code> - The time when the instance was launched.</p> </li> <li> <p> <code>metadata-options.http-tokens</code> - The metadata request authorization state (<code>optional</code> | <code>required</code>)</p> </li> <li> <p> <code>metadata-options.http-put-response-hop-limit</code> - The http metadata request put response hop limit (integer, possible values <code>1</code> to <code>64</code>)</p> </li> <li> <p> <code>metadata-options.http-endpoint</code> - Enable or disable metadata access on http endpoint (<code>enabled</code> | <code>disabled</code>)</p> </li> <li> <p> <code>monitoring-state</code> - Indicates whether detailed monitoring is enabled (<code>disabled</code> | <code>enabled</code>).</p> </li> <li> <p> <code>network-interface.addresses.private-ip-address</code> - The private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.addresses.primary</code> - Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.</p> </li> <li> <p> <code>network-interface.addresses.association.public-ip</code> - The ID of the association of an Elastic IP address (IPv4) with a network interface.</p> </li> <li> <p> <code>network-interface.addresses.association.ip-owner-id</code> - The owner ID of the private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>network-interface.association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>network-interface.association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>network-interface.attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>network-interface.attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>network-interface.attachment.attach-time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>network-interface.attachment.delete-on-termination</code> - Specifies whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>network-interface.availability-zone</code> - The Availability Zone for the network interface.</p> </li> <li> <p> <code>network-interface.description</code> - The description of the network interface.</p> </li> <li> <p> <code>network-interface.group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.ipv6-addresses.ipv6-address</code> - The IPv6 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface.network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>network-interface.owner-id</code> - The ID of the owner of the network interface.</p> </li> <li> <p> <code>network-interface.private-dns-name</code> - The private DNS name of the network interface.</p> </li> <li> <p> <code>network-interface.requester-id</code> - The requester ID for the network interface.</p> </li> <li> <p> <code>network-interface.requester-managed</code> - Indicates whether the network interface is being managed by AWS.</p> </li> <li> <p> <code>network-interface.status</code> - The status of the network interface (<code>available</code>) | <code>in-use</code>).</p> </li> <li> <p> <code>network-interface.source-dest-check</code> - Whether the network interface performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC.</p> </li> <li> <p> <code>network-interface.subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>network-interface.vpc-id</code> - The ID of the VPC for the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the instance owner.</p> </li> <li> <p> <code>placement-group-name</code> - The name of the placement group for the instance.</p> </li> <li> <p> <code>placement-partition-number</code> - The partition in which the instance is located.</p> </li> <li> <p> <code>platform</code> - The platform. To list only Windows instances, use <code>windows</code>.</p> </li> <li> <p> <code>private-dns-name</code> - The private IPv4 DNS name of the instance.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address of the instance.</p> </li> <li> <p> <code>product-code</code> - The product code associated with the AMI used to launch the instance.</p> </li> <li> <p> <code>product-code.type</code> - The type of product code (<code>devpay</code> | <code>marketplace</code>).</p> </li> <li> <p> <code>ramdisk-id</code> - The RAM disk ID.</p> </li> <li> <p> <code>reason</code> - The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>reservation-id</code> - The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.</p> </li> <li> <p> <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> | <code>instance-store</code>).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the instance performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the instance to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>spot-instance-request-id</code> - The ID of the Spot Instance request.</p> </li> <li> <p> <code>state-reason-code</code> - The reason code for the state change.</p> </li> <li> <p> <code>state-reason-message</code> - A message that describes the state change.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the instance.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>tenancy</code> - The tenancy of an instance (<code>dedicated</code> | <code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>virtualization-type</code> - The virtualization type of the instance (<code>paravirtual</code> | <code>hvm</code>).</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC that the instance is running in.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "InstanceIds": {
@@ -13007,7 +15080,7 @@
           "locationName": "dryRun"
         },
         "InternetGatewayIds": {
-          "shape": "ValueStringList",
+          "shape": "InternetGatewayIdList",
           "documentation": "<p>One or more internet gateway IDs.</p> <p>Default: Describes all your internet gateways.</p>",
           "locationName": "internetGatewayId"
         },
@@ -13036,12 +15109,54 @@
         }
       }
     },
+    "DescribeIpv6PoolsRequest": {
+      "type": "structure",
+      "members": {
+        "PoolIds": {
+          "shape": "Ipv6PoolIdList",
+          "documentation": "<p>The IDs of the IPv6 address pools.</p>",
+          "locationName": "PoolId"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "MaxResults": {
+          "shape": "Ipv6PoolMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "locationName": "Filter"
+        }
+      }
+    },
+    "DescribeIpv6PoolsResult": {
+      "type": "structure",
+      "members": {
+        "Ipv6Pools": {
+          "shape": "Ipv6PoolSet",
+          "documentation": "<p>Information about the IPv6 address pools.</p>",
+          "locationName": "ipv6PoolSet"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeKeyPairsRequest": {
       "type": "structure",
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>fingerprint</code> - The fingerprint of the key pair.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair.</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>key-pair-id</code> - The ID of the key pair.</p> </li> <li> <p> <code>fingerprint</code> - The fingerprint of the key pair.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "KeyNames": {
@@ -13049,6 +15164,11 @@
           "documentation": "<p>The key pair names.</p> <p>Default: Describes all your key pairs.</p>",
           "locationName": "KeyName"
         },
+        "KeyPairIds": {
+          "shape": "KeyPairIdStringList",
+          "documentation": "<p>The IDs of the key pairs.</p>",
+          "locationName": "KeyPairId"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -13074,7 +15194,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>"
         },
         "LaunchTemplateName": {
@@ -13137,7 +15257,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "LaunchTemplateIds": {
-          "shape": "ValueStringList",
+          "shape": "LaunchTemplateIdStringList",
           "documentation": "<p>One or more launch template IDs.</p>",
           "locationName": "LaunchTemplateId"
         },
@@ -13176,6 +15296,263 @@
         }
       }
     },
+    "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds": {
+          "shape": "LocalGatewayRouteTableVirtualInterfaceGroupAssociationIdSet",
+          "documentation": "<p>The IDs of the associations.</p>",
+          "locationName": "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>local-gateway-id</code> - The ID of a local gateway.</p> </li> <li> <p> <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p> </li> <li> <p> <code>local-gateway-route-table-virtual-interface-group-association-id</code> - The ID of the association.</p> </li> <li> <p> <code>local-gateway-route-table-virtual-interface-group-id</code> - The ID of the virtual interface group.</p> </li> <li> <p> <code>state</code> - The state of the association.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVirtualInterfaceGroupAssociations": {
+          "shape": "LocalGatewayRouteTableVirtualInterfaceGroupAssociationSet",
+          "documentation": "<p>Information about the associations.</p>",
+          "locationName": "localGatewayRouteTableVirtualInterfaceGroupAssociationSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeLocalGatewayRouteTableVpcAssociationsRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVpcAssociationIds": {
+          "shape": "LocalGatewayRouteTableVpcAssociationIdSet",
+          "documentation": "<p>The IDs of the associations.</p>",
+          "locationName": "LocalGatewayRouteTableVpcAssociationId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>local-gateway-id</code> - The ID of a local gateway.</p> </li> <li> <p> <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p> </li> <li> <p> <code>local-gateway-route-table-vpc-association-id</code> - The ID of the association.</p> </li> <li> <p> <code>state</code> - The state of the association.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewayRouteTableVpcAssociationsResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVpcAssociations": {
+          "shape": "LocalGatewayRouteTableVpcAssociationSet",
+          "documentation": "<p>Information about the associations.</p>",
+          "locationName": "localGatewayRouteTableVpcAssociationSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeLocalGatewayRouteTablesRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableIds": {
+          "shape": "LocalGatewayRouteTableIdSet",
+          "documentation": "<p>The IDs of the local gateway route tables.</p>",
+          "locationName": "LocalGatewayRouteTableId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>local-gateway-id</code> - The ID of a local gateway.</p> </li> <li> <p> <code>local-gateway-route-table-id</code> - The ID of a local gateway route table.</p> </li> <li> <p> <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p> </li> <li> <p> <code>state</code> - The state of the local gateway route table.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewayRouteTablesResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTables": {
+          "shape": "LocalGatewayRouteTableSet",
+          "documentation": "<p>Information about the local gateway route tables.</p>",
+          "locationName": "localGatewayRouteTableSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeLocalGatewayVirtualInterfaceGroupsRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaceGroupIds": {
+          "shape": "LocalGatewayVirtualInterfaceGroupIdSet",
+          "documentation": "<p>The IDs of the virtual interface groups.</p>",
+          "locationName": "LocalGatewayVirtualInterfaceGroupId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>local-gateway-id</code> - The ID of a local gateway.</p> </li> <li> <p> <code>local-gateway-virtual-interface-id</code> - The ID of the virtual interface.</p> </li> <li> <p> <code>local-gateway-virtual-interface-group-id</code> - The ID of the virtual interface group.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewayVirtualInterfaceGroupsResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaceGroups": {
+          "shape": "LocalGatewayVirtualInterfaceGroupSet",
+          "documentation": "<p>The virtual interface groups.</p>",
+          "locationName": "localGatewayVirtualInterfaceGroupSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeLocalGatewayVirtualInterfacesRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaceIds": {
+          "shape": "LocalGatewayVirtualInterfaceIdSet",
+          "documentation": "<p>The IDs of the virtual interfaces.</p>",
+          "locationName": "LocalGatewayVirtualInterfaceId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewayVirtualInterfacesResult": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaces": {
+          "shape": "LocalGatewayVirtualInterfaceSet",
+          "documentation": "<p>Information about the virtual interfaces.</p>",
+          "locationName": "localGatewayVirtualInterfaceSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeLocalGatewaysRequest": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayIds": {
+          "shape": "LocalGatewayIdSet",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>local-gateway-id</code> - The ID of a local gateway.</p> </li> <li> <p> <code>local-gateway-route-table-id</code> - The ID of the local gateway route table.</p> </li> <li> <p> <code>local-gateway-route-table-virtual-interface-group-association-id</code> - The ID of the association.</p> </li> <li> <p> <code>local-gateway-route-table-virtual-interface-group-id</code> - The ID of the virtual interface group.</p> </li> <li> <p> <code>outpost-arn</code> - The Amazon Resource Name (ARN) of the Outpost.</p> </li> <li> <p> <code>state</code> - The state of the association.</p> </li> </ul>",
+          "locationName": "LocalGatewayId"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "LocalGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeLocalGatewaysResult": {
+      "type": "structure",
+      "members": {
+        "LocalGateways": {
+          "shape": "LocalGatewaySet",
+          "documentation": "<p>Information about the local gateways.</p>",
+          "locationName": "localGatewaySet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeMovingAddressesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeMovingAddressesRequest": {
       "type": "structure",
       "members": {
@@ -13190,7 +15567,7 @@
           "locationName": "dryRun"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeMovingAddressesMaxResults",
           "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value outside of this range, an error is returned.</p> <p>Default: If no value is provided, the default is 1000.</p>",
           "locationName": "maxResults"
         },
@@ -13221,19 +15598,28 @@
         }
       }
     },
+    "DescribeNatGatewaysMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
     "DescribeNatGatewaysRequest": {
       "type": "structure",
       "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
         "Filter": {
           "shape": "FilterList",
           "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>nat-gateway-id</code> - The ID of the NAT gateway.</p> </li> <li> <p> <code>state</code> - The state of the NAT gateway (<code>pending</code> | <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p> </li> </ul>"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeNatGatewaysMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
         },
         "NatGatewayIds": {
-          "shape": "ValueStringList",
+          "shape": "NatGatewayIdStringList",
           "documentation": "<p>One or more NAT gateway IDs.</p>",
           "locationName": "NatGatewayId"
         },
@@ -13277,7 +15663,7 @@
           "locationName": "dryRun"
         },
         "NetworkAclIds": {
-          "shape": "ValueStringList",
+          "shape": "NetworkAclIdStringList",
           "documentation": "<p>One or more network ACL IDs.</p> <p>Default: Describes all your network ACLs.</p>",
           "locationName": "NetworkAclId"
         },
@@ -13323,7 +15709,7 @@
           "locationName": "dryRun"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         }
@@ -13416,7 +15802,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>addresses.private-ip-address</code> - The private IPv4 addresses associated with the network interface.</p> </li> <li> <p> <code>addresses.primary</code> - Whether the private IPv4 address is the primary IP address associated with the network interface. </p> </li> <li> <p> <code>addresses.association.public-ip</code> - The association ID returned when the network interface was associated with the Elastic IP address (IPv4).</p> </li> <li> <p> <code>addresses.association.owner-id</code> - The owner ID of the addresses associated with the network interface.</p> </li> <li> <p> <code>association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>association.public-dns-name</code> - The public DNS name for the network interface (IPv4).</p> </li> <li> <p> <code>attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>attachment.attach.time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Indicates whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.nat-gateway-id</code> - The ID of the NAT gateway to which the network interface is attached.</p> </li> <li> <p> <code>attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the network interface.</p> </li> <li> <p> <code>description</code> - The description of the network interface.</p> </li> <li> <p> <code>group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>ipv6-addresses.ipv6-address</code> - An IPv6 address associated with the network interface.</p> </li> <li> <p> <code>mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the network interface owner.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address or addresses of the network interface.</p> </li> <li> <p> <code>private-dns-name</code> - The private DNS name of the network interface (IPv4).</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>requester-managed</code> - Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the network interface performs source/destination checking. A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>status</code> - The status of the network interface. If the network interface is not attached to an instance, the status is <code>available</code>; if a network interface is attached to an instance the status is <code>in-use</code>.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the network interface.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>addresses.private-ip-address</code> - The private IPv4 addresses associated with the network interface.</p> </li> <li> <p> <code>addresses.primary</code> - Whether the private IPv4 address is the primary IP address associated with the network interface. </p> </li> <li> <p> <code>addresses.association.public-ip</code> - The association ID returned when the network interface was associated with the Elastic IP address (IPv4).</p> </li> <li> <p> <code>addresses.association.owner-id</code> - The owner ID of the addresses associated with the network interface.</p> </li> <li> <p> <code>association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>association.public-dns-name</code> - The public DNS name for the network interface (IPv4).</p> </li> <li> <p> <code>attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>attachment.attach-time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Indicates whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.nat-gateway-id</code> - The ID of the NAT gateway to which the network interface is attached.</p> </li> <li> <p> <code>attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the network interface.</p> </li> <li> <p> <code>description</code> - The description of the network interface.</p> </li> <li> <p> <code>group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>ipv6-addresses.ipv6-address</code> - An IPv6 address associated with the network interface.</p> </li> <li> <p> <code>mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the network interface owner.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address or addresses of the network interface.</p> </li> <li> <p> <code>private-dns-name</code> - The private DNS name of the network interface (IPv4).</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>requester-managed</code> - Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the network interface performs source/destination checking. A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>status</code> - The status of the network interface. If the network interface is not attached to an instance, the status is <code>available</code>; if a network interface is attached to an instance the status is <code>in-use</code>.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the network interface.</p> </li> </ul>",
           "locationName": "filter"
         },
         "DryRun": {
@@ -13435,7 +15821,7 @@
         },
         "MaxResults": {
           "shape": "DescribeNetworkInterfacesMaxResults",
-          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>"
+          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results. You cannot specify this parameter and the network interface IDs parameter in the same request.</p>"
         }
       },
       "documentation": "<p>Contains the parameters for DescribeNetworkInterfaces.</p>"
@@ -13461,7 +15847,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>group-name</code> - The name of the placement group.</p> </li> <li> <p> <code>state</code> - The state of the placement group (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>strategy</code> - The strategy of the placement group (<code>cluster</code> | <code>spread</code> | <code>partition</code>).</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>group-name</code> - The name of the placement group.</p> </li> <li> <p> <code>state</code> - The state of the placement group (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>strategy</code> - The strategy of the placement group (<code>cluster</code> | <code>spread</code> | <code>partition</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "DryRun": {
@@ -13473,6 +15859,11 @@
           "shape": "PlacementGroupStringList",
           "documentation": "<p>The names of the placement groups.</p> <p>Default: Describes all your placement groups, or only those otherwise specified.</p>",
           "locationName": "groupName"
+        },
+        "GroupIds": {
+          "shape": "PlacementGroupIdStringList",
+          "documentation": "<p>The IDs of the placement groups.</p>",
+          "locationName": "GroupId"
         }
       }
     },
@@ -13507,7 +15898,7 @@
           "documentation": "<p>The token for the next page of results.</p>"
         },
         "PrefixListIds": {
-          "shape": "ValueStringList",
+          "shape": "PrefixListResourceIdStringList",
           "documentation": "<p>One or more prefix list IDs.</p>",
           "locationName": "PrefixListId"
         }
@@ -13528,6 +15919,11 @@
         }
       }
     },
+    "DescribePrincipalIdFormatMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 1
+    },
     "DescribePrincipalIdFormatRequest": {
       "type": "structure",
       "members": {
@@ -13541,7 +15937,7 @@
           "locationName": "Resource"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribePrincipalIdFormatMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. </p>"
         },
         "NextToken": {
@@ -13569,7 +15965,7 @@
       "type": "structure",
       "members": {
         "PoolIds": {
-          "shape": "ValueStringList",
+          "shape": "PublicIpv4PoolIdStringList",
           "documentation": "<p>The IDs of the address pools.</p>",
           "locationName": "PoolId"
         },
@@ -13580,6 +15976,11 @@
         "MaxResults": {
           "shape": "PoolMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "locationName": "Filter"
         }
       }
     },
@@ -13603,18 +16004,22 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>endpoint</code> - The endpoint of the Region (for example, <code>ec2.us-east-1.amazonaws.com</code>).</p> </li> <li> <p> <code>region-name</code> - The name of the Region (for example, <code>us-east-1</code>).</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>endpoint</code> - The endpoint of the Region (for example, <code>ec2.us-east-1.amazonaws.com</code>).</p> </li> <li> <p> <code>opt-in-status</code> - The opt-in status of the Region (<code>opt-in-not-required</code> | <code>opted-in</code> | <code>not-opted-in</code>).</p> </li> <li> <p> <code>region-name</code> - The name of the Region (for example, <code>us-east-1</code>).</p> </li> </ul>",
           "locationName": "Filter"
         },
         "RegionNames": {
           "shape": "RegionNameStringList",
-          "documentation": "<p>The names of the Regions.</p>",
+          "documentation": "<p>The names of the Regions. You can specify any Regions, whether they are enabled and disabled for your account.</p>",
           "locationName": "RegionName"
         },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
+        },
+        "AllRegions": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether to display all Regions, including Regions that are disabled for your account.</p>"
         }
       }
     },
@@ -13637,12 +16042,12 @@
           "locationName": "Filter"
         },
         "ReservedInstancesId": {
-          "shape": "String",
+          "shape": "ReservationId",
           "documentation": "<p>One or more Reserved Instance IDs.</p>",
           "locationName": "reservedInstancesId"
         },
         "ReservedInstancesListingId": {
-          "shape": "String",
+          "shape": "ReservedInstancesListingId",
           "documentation": "<p>One or more Reserved Instance listing IDs.</p>",
           "locationName": "reservedInstancesListingId"
         }
@@ -13846,7 +16251,7 @@
           "locationName": "dryRun"
         },
         "RouteTableIds": {
-          "shape": "ValueStringList",
+          "shape": "RouteTableIdStringList",
           "documentation": "<p>One or more route table IDs.</p> <p>Default: Describes all your route tables.</p>",
           "locationName": "RouteTableId"
         },
@@ -13876,6 +16281,11 @@
       },
       "documentation": "<p>Contains the output of DescribeRouteTables.</p>"
     },
+    "DescribeScheduledInstanceAvailabilityMaxResults": {
+      "type": "integer",
+      "max": 300,
+      "min": 5
+    },
     "DescribeScheduledInstanceAvailabilityRequest": {
       "type": "structure",
       "required": [
@@ -13897,7 +16307,7 @@
           "documentation": "<p>The time period for the first schedule to start.</p>"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeScheduledInstanceAvailabilityMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call. This value can be between 5 and 300. The default value is 300. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>"
         },
         "MaxSlotDurationInHours": {
@@ -14074,7 +16484,7 @@
           "documentation": "<p>The snapshot attribute you would like to view.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the EBS snapshot.</p>"
         },
         "DryRun": {
@@ -14082,8 +16492,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for DescribeSnapshotAttribute.</p>"
+      }
     },
     "DescribeSnapshotAttributeResult": {
       "type": "structure",
@@ -14103,8 +16512,7 @@
           "documentation": "<p>The ID of the EBS snapshot.</p>",
           "locationName": "snapshotId"
         }
-      },
-      "documentation": "<p>Contains the output of DescribeSnapshotAttribute.</p>"
+      }
     },
     "DescribeSnapshotsRequest": {
       "type": "structure",
@@ -14181,6 +16589,11 @@
       },
       "documentation": "<p>Contains the output of DescribeSpotDatafeedSubscription.</p>"
     },
+    "DescribeSpotFleetInstancesMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 1
+    },
     "DescribeSpotFleetInstancesRequest": {
       "type": "structure",
       "required": [
@@ -14193,7 +16606,7 @@
           "locationName": "dryRun"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeSpotFleetInstancesMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>",
           "locationName": "maxResults"
         },
@@ -14203,7 +16616,7 @@
           "locationName": "nextToken"
         },
         "SpotFleetRequestId": {
-          "shape": "String",
+          "shape": "SpotFleetRequestId",
           "documentation": "<p>The ID of the Spot Fleet request.</p>",
           "locationName": "spotFleetRequestId"
         }
@@ -14231,6 +16644,11 @@
       },
       "documentation": "<p>Contains the output of DescribeSpotFleetInstances.</p>"
     },
+    "DescribeSpotFleetRequestHistoryMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 1
+    },
     "DescribeSpotFleetRequestHistoryRequest": {
       "type": "structure",
       "required": [
@@ -14249,7 +16667,7 @@
           "locationName": "eventType"
         },
         "MaxResults": {
-          "shape": "Integer",
+          "shape": "DescribeSpotFleetRequestHistoryMaxResults",
           "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>",
           "locationName": "maxResults"
         },
@@ -14259,7 +16677,7 @@
           "locationName": "nextToken"
         },
         "SpotFleetRequestId": {
-          "shape": "String",
+          "shape": "SpotFleetRequestId",
           "documentation": "<p>The ID of the Spot Fleet request.</p>",
           "locationName": "spotFleetRequestId"
         },
@@ -14321,7 +16739,7 @@
           "locationName": "nextToken"
         },
         "SpotFleetRequestIds": {
-          "shape": "ValueStringList",
+          "shape": "SpotFleetRequestIdList",
           "documentation": "<p>The IDs of the Spot Fleet requests.</p>",
           "locationName": "spotFleetRequestId"
         }
@@ -14485,7 +16903,7 @@
           "documentation": "<p>The token for the next set of items to return. (You received this token from a prior call.)</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         }
       }
@@ -14563,7 +16981,7 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>key</code> - The tag key.</p> </li> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>customer-gateway</code> | <code>dedicated-host</code> | <code>dhcp-options</code> | <code>elastic-ip</code> | <code>fleet</code> | <code>fpga-image</code> | <code>image</code> | <code>instance</code> | <code>host-reservation</code> | <code>internet-gateway</code> | <code>launch-template</code> | <code>natgateway</code> | <code>network-acl</code> | <code>network-interface</code> | <code>reserved-instances</code> | <code>route-table</code> | <code>security-group</code> | <code>snapshot</code> | <code>spot-instances-request</code> | <code>subnet</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of the tag. For example, specify \"tag:Owner\" for the filter name and \"TeamA\" for the filter value to find resources with the tag \"Owner=TeamA\".</p> </li> <li> <p> <code>value</code> - The tag value.</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>key</code> - The tag key.</p> </li> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>customer-gateway</code> | <code>dedicated-host</code> | <code>dhcp-options</code> | <code>elastic-ip</code> | <code>fleet</code> | <code>fpga-image</code> | <code>host-reservation</code> | <code>image</code> | <code>instance</code> | <code>internet-gateway</code> | <code>key-pair</code> | <code>launch-template</code> | <code>natgateway</code> | <code>network-acl</code> | <code>network-interface</code> | <code>placement-group</code> | <code>reserved-instances</code> | <code>route-table</code> | <code>security-group</code> | <code>snapshot</code> | <code>spot-instances-request</code> | <code>subnet</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-endpoint</code> | <code>vpc-endpoint-service</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of the tag. For example, specify \"tag:Owner\" for the filter name and \"TeamA\" for the filter value to find resources with the tag \"Owner=TeamA\".</p> </li> <li> <p> <code>value</code> - The tag value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
@@ -14597,7 +17015,7 @@
       "type": "structure",
       "members": {
         "TrafficMirrorFilterIds": {
-          "shape": "ValueStringList",
+          "shape": "TrafficMirrorFilterIdList",
           "documentation": "<p>The ID of the Traffic Mirror filter.</p>",
           "locationName": "TrafficMirrorFilterId"
         },
@@ -14639,7 +17057,7 @@
       "type": "structure",
       "members": {
         "TrafficMirrorSessionIds": {
-          "shape": "ValueStringList",
+          "shape": "TrafficMirrorSessionIdList",
           "documentation": "<p>The ID of the Traffic Mirror session.</p>",
           "locationName": "TrafficMirrorSessionId"
         },
@@ -14681,7 +17099,7 @@
       "type": "structure",
       "members": {
         "TrafficMirrorTargetIds": {
-          "shape": "ValueStringList",
+          "shape": "TrafficMirrorTargetIdList",
           "documentation": "<p>The ID of the Traffic Mirror targets.</p>",
           "locationName": "TrafficMirrorTargetId"
         },
@@ -14760,6 +17178,88 @@
         }
       }
     },
+    "DescribeTransitGatewayMulticastDomainsRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainIds": {
+          "shape": "TransitGatewayMulticastDomainIdStringList",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>state</code> - The state of the transit gateway multicast domain. Valid values are <code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>.</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> <li> <p> <code>transit-gateway-multicast-domain-id</code> - The ID of the transit gateway multicast domain.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "TransitGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeTransitGatewayMulticastDomainsResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomains": {
+          "shape": "TransitGatewayMulticastDomainList",
+          "documentation": "<p>Information about the transit gateway multicast domains.</p>",
+          "locationName": "transitGatewayMulticastDomains"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "DescribeTransitGatewayPeeringAttachmentsRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayAttachmentIds": {
+          "shape": "TransitGatewayAttachmentIdStringList",
+          "documentation": "<p>One or more IDs of the transit gateway peering attachments.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>transit-gateway-attachment-id</code> - The ID of the transit gateway attachment.</p> </li> <li> <p> <code>local-owner-id</code> - The ID of your AWS account.</p> </li> <li> <p> <code>remote-owner-id</code> - The ID of the AWS account in the remote Region that owns the transit gateway.</p> </li> <li> <p> <code>state</code> - The state of the peering attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "TransitGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DescribeTransitGatewayPeeringAttachmentsResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayPeeringAttachments": {
+          "shape": "TransitGatewayPeeringAttachmentList",
+          "documentation": "<p>The transit gateway peering attachments.</p>",
+          "locationName": "transitGatewayPeeringAttachments"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "DescribeTransitGatewayRouteTablesRequest": {
       "type": "structure",
       "members": {
@@ -14895,7 +17395,7 @@
           "documentation": "<p>The attribute of the volume. This parameter is required.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>"
         },
         "DryRun": {
@@ -14903,8 +17403,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for DescribeVolumeAttribute.</p>"
+      }
     },
     "DescribeVolumeAttributeResult": {
       "type": "structure",
@@ -14924,8 +17423,7 @@
           "documentation": "<p>The ID of the volume.</p>",
           "locationName": "volumeId"
         }
-      },
-      "documentation": "<p>Contains the output of DescribeVolumeAttribute.</p>"
+      }
     },
     "DescribeVolumeStatusRequest": {
       "type": "structure",
@@ -14984,7 +17482,7 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters. Supported filters: <code>volume-id</code>, <code>modification-state</code>, <code>target-size</code>, <code>target-iops</code>, <code>target-volume-type</code>, <code>original-size</code>, <code>original-iops</code>, <code>original-volume-type</code>, <code>start-time</code>. </p>",
+          "documentation": "<p>The filters. Supported filters: <code>volume-id</code> | <code>modification-state</code> | <code>target-size</code> | <code>target-iops</code> | <code>target-volume-type</code> | <code>original-size</code> | <code>original-iops</code> | <code>original-volume-type</code> | <code>start-time</code> | <code>originalMultiAttachEnabled</code> | <code>targetMultiAttachEnabled</code>. </p>",
           "locationName": "Filter"
         },
         "NextToken": {
@@ -15017,7 +17515,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>attachment.attach-time</code> - The time stamp when the attachment initiated.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Whether the volume is deleted on instance termination.</p> </li> <li> <p> <code>attachment.device</code> - The device name specified in the block device mapping (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance the volume is attached to.</p> </li> <li> <p> <code>attachment.status</code> - The attachment state (<code>attaching</code> | <code>attached</code> | <code>detaching</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone in which the volume was created.</p> </li> <li> <p> <code>create-time</code> - The time stamp when the volume was created.</p> </li> <li> <p> <code>encrypted</code> - Indicates whether the volume is encrypted (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>size</code> - The size of the volume, in GiB.</p> </li> <li> <p> <code>snapshot-id</code> - The snapshot from which the volume was created.</p> </li> <li> <p> <code>status</code> - The status of the volume (<code>creating</code> | <code>available</code> | <code>in-use</code> | <code>deleting</code> | <code>deleted</code> | <code>error</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>volume-id</code> - The volume ID.</p> </li> <li> <p> <code>volume-type</code> - The Amazon EBS volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> </li> </ul>",
+          "documentation": "<p>The filters.</p> <ul> <li> <p> <code>attachment.attach-time</code> - The time stamp when the attachment initiated.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Whether the volume is deleted on instance termination.</p> </li> <li> <p> <code>attachment.device</code> - The device name specified in the block device mapping (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance the volume is attached to.</p> </li> <li> <p> <code>attachment.status</code> - The attachment state (<code>attaching</code> | <code>attached</code> | <code>detaching</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone in which the volume was created.</p> </li> <li> <p> <code>create-time</code> - The time stamp when the volume was created.</p> </li> <li> <p> <code>encrypted</code> - Indicates whether the volume is encrypted (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>multi-attach-enabled</code> - Indicates whether the volume is enabled for Multi-Attach (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>fast-restored</code> - Indicates whether the volume was created from a snapshot that is enabled for fast snapshot restore (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>size</code> - The size of the volume, in GiB.</p> </li> <li> <p> <code>snapshot-id</code> - The snapshot from which the volume was created.</p> </li> <li> <p> <code>status</code> - The status of the volume (<code>creating</code> | <code>available</code> | <code>in-use</code> | <code>deleting</code> | <code>deleted</code> | <code>error</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>volume-id</code> - The volume ID.</p> </li> <li> <p> <code>volume-type</code> - The Amazon EBS volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "VolumeIds": {
@@ -15069,7 +17567,7 @@
           "documentation": "<p>The VPC attribute.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "DryRun": {
@@ -15099,16 +17597,26 @@
         }
       }
     },
+    "DescribeVpcClassicLinkDnsSupportMaxResults": {
+      "type": "integer",
+      "max": 255,
+      "min": 5
+    },
+    "DescribeVpcClassicLinkDnsSupportNextToken": {
+      "type": "string",
+      "max": 1024,
+      "min": 1
+    },
     "DescribeVpcClassicLinkDnsSupportRequest": {
       "type": "structure",
       "members": {
         "MaxResults": {
-          "shape": "MaxResults",
+          "shape": "DescribeVpcClassicLinkDnsSupportMaxResults",
           "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>",
           "locationName": "maxResults"
         },
         "NextToken": {
-          "shape": "NextToken",
+          "shape": "DescribeVpcClassicLinkDnsSupportNextToken",
           "documentation": "<p>The token for the next page of results.</p>",
           "locationName": "nextToken"
         },
@@ -15122,7 +17630,7 @@
       "type": "structure",
       "members": {
         "NextToken": {
-          "shape": "NextToken",
+          "shape": "DescribeVpcClassicLinkDnsSupportNextToken",
           "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
           "locationName": "nextToken"
         },
@@ -15171,12 +17679,12 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ConnectionNotificationId": {
-          "shape": "String",
+          "shape": "ConnectionNotificationId",
           "documentation": "<p>The ID of the notification.</p>"
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>connection-notification-arn</code> - The ARN of SNS topic for the notification.</p> </li> <li> <p> <code>connection-notification-id</code> - The ID of the notification.</p> </li> <li> <p> <code>connection-notification-state</code> - The state of the notification (<code>Enabled</code> | <code>Disabled</code>).</p> </li> <li> <p> <code>connection-notification-type</code> - The type of notification (<code>Topic</code>).</p> </li> <li> <p> <code>service-id</code> - The ID of the endpoint service.</p> </li> <li> <p> <code>vpc-endpoint-id</code> - The ID of the VPC endpoint.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>connection-notification-arn</code> - The ARN of the SNS topic for the notification.</p> </li> <li> <p> <code>connection-notification-id</code> - The ID of the notification.</p> </li> <li> <p> <code>connection-notification-state</code> - The state of the notification (<code>Enabled</code> | <code>Disabled</code>).</p> </li> <li> <p> <code>connection-notification-type</code> - The type of notification (<code>Topic</code>).</p> </li> <li> <p> <code>service-id</code> - The ID of the endpoint service.</p> </li> <li> <p> <code>vpc-endpoint-id</code> - The ID of the VPC endpoint.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
@@ -15218,7 +17726,7 @@
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>"
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1,000; if <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are returned.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -15249,7 +17757,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointServiceIdList",
           "documentation": "<p>The IDs of one or more services.</p>",
           "locationName": "ServiceId"
         },
@@ -15260,7 +17768,7 @@
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>"
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1,000; if <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are returned.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -15294,7 +17802,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
+          "shape": "VpcEndpointServiceId",
           "documentation": "<p>The ID of the service.</p>"
         },
         "Filters": {
@@ -15304,7 +17812,7 @@
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>"
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1,000; if <code>MaxResults</code> is given a value larger than 1,000, only 1,000 results are returned.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -15341,12 +17849,12 @@
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code>: The name of the service.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code> - The name of the service.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>"
+          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -15384,18 +17892,18 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "VpcEndpointIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointIdList",
           "documentation": "<p>One or more endpoint IDs.</p>",
           "locationName": "VpcEndpointId"
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code>: The name of the service.</p> </li> <li> <p> <code>vpc-id</code>: The ID of the VPC in which the endpoint resides.</p> </li> <li> <p> <code>vpc-endpoint-id</code>: The ID of the endpoint.</p> </li> <li> <p> <code>vpc-endpoint-state</code>: The state of the endpoint. (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>)</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code> - The name of the service.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC in which the endpoint resides.</p> </li> <li> <p> <code>vpc-endpoint-id</code> - The ID of the endpoint.</p> </li> <li> <p> <code>vpc-endpoint-state</code> - The state of the endpoint (<code>pendingAcceptance</code> | <code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code> | <code>rejected</code> | <code>failed</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>"
+          "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1,000, we return only 1,000 items.</p>"
         },
         "NextToken": {
           "shape": "String",
@@ -15439,7 +17947,7 @@
           "locationName": "dryRun"
         },
         "VpcPeeringConnectionIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcPeeringConnectionIdList",
           "documentation": "<p>One or more VPC peering connection IDs.</p> <p>Default: Describes all your VPC peering connections.</p>",
           "locationName": "VpcPeeringConnectionId"
         },
@@ -15478,7 +17986,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, <code>/28</code>).</p> </li> <li> <p> <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.association-id</code> - The association ID for an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p> </li> <li> <p> <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.association-id</code> - The association ID for an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>isDefault</code> - Indicates whether the VPC is the default VPC.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the VPC.</p> </li> <li> <p> <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, <code>/28</code>).</p> </li> <li> <p> <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.association-id</code> - The association ID for an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p> </li> <li> <p> <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.ipv6-pool</code> - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p> </li> <li> <p> <code>ipv6-cidr-block-association.association-id</code> - The association ID for an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>isDefault</code> - Indicates whether the VPC is the default VPC.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the VPC.</p> </li> <li> <p> <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "VpcIds": {
@@ -15521,7 +18029,7 @@
       "members": {
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>customer-gateway-configuration</code> - The configuration information for the customer gateway.</p> </li> <li> <p> <code>customer-gateway-id</code> - The ID of a customer gateway associated with the VPN connection.</p> </li> <li> <p> <code>state</code> - The state of the VPN connection (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>option.static-routes-only</code> - Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).</p> </li> <li> <p> <code>route.destination-cidr-block</code> - The destination CIDR block. This corresponds to the subnet used in a customer data center.</p> </li> <li> <p> <code>bgp-asn</code> - The BGP Autonomous System Number (ASN) associated with a BGP device.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>type</code> - The type of VPN connection. Currently the only supported type is <code>ipsec.1</code>.</p> </li> <li> <p> <code>vpn-connection-id</code> - The ID of the VPN connection.</p> </li> <li> <p> <code>vpn-gateway-id</code> - The ID of a virtual private gateway associated with the VPN connection.</p> </li> </ul>",
+          "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>customer-gateway-configuration</code> - The configuration information for the customer gateway.</p> </li> <li> <p> <code>customer-gateway-id</code> - The ID of a customer gateway associated with the VPN connection.</p> </li> <li> <p> <code>state</code> - The state of the VPN connection (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>option.static-routes-only</code> - Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).</p> </li> <li> <p> <code>route.destination-cidr-block</code> - The destination CIDR block. This corresponds to the subnet used in a customer data center.</p> </li> <li> <p> <code>bgp-asn</code> - The BGP Autonomous System Number (ASN) associated with a BGP device.</p> </li> <li> <p> <code>tag</code>:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>type</code> - The type of VPN connection. Currently the only supported type is <code>ipsec.1</code>.</p> </li> <li> <p> <code>vpn-connection-id</code> - The ID of the VPN connection.</p> </li> <li> <p> <code>vpn-gateway-id</code> - The ID of a virtual private gateway associated with the VPN connection.</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of a transit gateway associated with the VPN connection.</p> </li> </ul>",
           "locationName": "Filter"
         },
         "VpnConnectionIds": {
@@ -15593,12 +18101,12 @@
           "locationName": "dryRun"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance to unlink from the VPC.</p>",
           "locationName": "instanceId"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC to which the instance is linked.</p>",
           "locationName": "vpcId"
         }
@@ -15627,12 +18135,12 @@
           "locationName": "dryRun"
         },
         "InternetGatewayId": {
-          "shape": "String",
+          "shape": "InternetGatewayId",
           "documentation": "<p>The ID of the internet gateway.</p>",
           "locationName": "internetGatewayId"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -15645,7 +18153,7 @@
       ],
       "members": {
         "AttachmentId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>",
           "locationName": "attachmentId"
         },
@@ -15656,7 +18164,7 @@
         },
         "Force": {
           "shape": "Boolean",
-          "documentation": "<p>Specifies whether to force a detachment.</p>",
+          "documentation": "<p>Specifies whether to force a detachment.</p> <note> <ul> <li> <p>Use the <code>Force</code> parameter only as a last resort to detach a network interface from a failed instance. </p> </li> <li> <p>If you use the <code>Force</code> parameter to detach a network interface, you might not be able to attach a different network interface to the same index on the instance without first stopping and starting the instance.</p> </li> <li> <p>If you force the detachment of a network interface, the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">instance metadata</a> might not get updated. This means that the attributes associated with the detached network interface might still be visible. The instance metadata will get updated when you stop and start the instance.</p> </li> </ul> </note>",
           "locationName": "force"
         }
       },
@@ -15677,11 +18185,11 @@
           "documentation": "<p>Forces detachment if the previous detachment attempt did not occur cleanly (for example, logging into an instance, unmounting the volume, and detaching normally). This option can lead to data loss or a corrupted file system. Use this option only as a last resort to detach a volume from a failed instance. The instance won't have an opportunity to flush file system caches or file system metadata. If you use this option, you must perform file system check and repair procedures.</p>"
         },
         "InstanceId": {
-          "shape": "String",
-          "documentation": "<p>The ID of the instance.</p>"
+          "shape": "InstanceId",
+          "documentation": "<p>The ID of the instance. If you are detaching a Multi-Attach enabled volume, you must specify an instance ID.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>"
         },
         "DryRun": {
@@ -15689,8 +18197,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for DetachVolume.</p>"
+      }
     },
     "DetachVpnGatewayRequest": {
       "type": "structure",
@@ -15700,11 +18207,11 @@
       ],
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "VpnGatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway.</p>"
         },
         "DryRun": {
@@ -15778,10 +18285,13 @@
       },
       "documentation": "<p>Describes a set of DHCP options.</p>"
     },
+    "DhcpOptionsId": {
+      "type": "string"
+    },
     "DhcpOptionsIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "DhcpOptionsId",
         "locationName": "DhcpOptionsId"
       }
     },
@@ -15818,7 +18328,7 @@
       "members": {
         "DryRun": {
           "shape": "Boolean",
-          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>. </p>"
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         }
       }
     },
@@ -15832,6 +18342,174 @@
         }
       }
     },
+    "DisableFastSnapshotRestoreErrorItem": {
+      "type": "structure",
+      "members": {
+        "SnapshotId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the snapshot.</p>",
+          "locationName": "snapshotId"
+        },
+        "FastSnapshotRestoreStateErrors": {
+          "shape": "DisableFastSnapshotRestoreStateErrorSet",
+          "documentation": "<p>The errors.</p>",
+          "locationName": "fastSnapshotRestoreStateErrorSet"
+        }
+      },
+      "documentation": "<p>Contains information about the errors that occurred when disabling fast snapshot restores.</p>"
+    },
+    "DisableFastSnapshotRestoreErrorSet": {
+      "type": "list",
+      "member": {
+        "shape": "DisableFastSnapshotRestoreErrorItem",
+        "locationName": "item"
+      }
+    },
+    "DisableFastSnapshotRestoreStateError": {
+      "type": "structure",
+      "members": {
+        "Code": {
+          "shape": "String",
+          "documentation": "<p>The error code.</p>",
+          "locationName": "code"
+        },
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The error message.</p>",
+          "locationName": "message"
+        }
+      },
+      "documentation": "<p>Describes an error that occurred when disabling fast snapshot restores.</p>"
+    },
+    "DisableFastSnapshotRestoreStateErrorItem": {
+      "type": "structure",
+      "members": {
+        "AvailabilityZone": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone.</p>",
+          "locationName": "availabilityZone"
+        },
+        "Error": {
+          "shape": "DisableFastSnapshotRestoreStateError",
+          "documentation": "<p>The error.</p>",
+          "locationName": "error"
+        }
+      },
+      "documentation": "<p>Contains information about an error that occurred when disabling fast snapshot restores.</p>"
+    },
+    "DisableFastSnapshotRestoreStateErrorSet": {
+      "type": "list",
+      "member": {
+        "shape": "DisableFastSnapshotRestoreStateErrorItem",
+        "locationName": "item"
+      }
+    },
+    "DisableFastSnapshotRestoreSuccessItem": {
+      "type": "structure",
+      "members": {
+        "SnapshotId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the snapshot.</p>",
+          "locationName": "snapshotId"
+        },
+        "AvailabilityZone": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone.</p>",
+          "locationName": "availabilityZone"
+        },
+        "State": {
+          "shape": "FastSnapshotRestoreStateCode",
+          "documentation": "<p>The state of fast snapshot restores for the snapshot.</p>",
+          "locationName": "state"
+        },
+        "StateTransitionReason": {
+          "shape": "String",
+          "documentation": "<p>The reason for the state transition. The possible values are as follows:</p> <ul> <li> <p> <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or <code>disabling</code>.</p> </li> <li> <p> <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p> </li> </ul>",
+          "locationName": "stateTransitionReason"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the snapshot.</p>",
+          "locationName": "ownerId"
+        },
+        "OwnerAlias": {
+          "shape": "String",
+          "documentation": "<p>The alias of the snapshot owner.</p>",
+          "locationName": "ownerAlias"
+        },
+        "EnablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>",
+          "locationName": "enablingTime"
+        },
+        "OptimizingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>",
+          "locationName": "optimizingTime"
+        },
+        "EnabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>",
+          "locationName": "enabledTime"
+        },
+        "DisablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>",
+          "locationName": "disablingTime"
+        },
+        "DisabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>",
+          "locationName": "disabledTime"
+        }
+      },
+      "documentation": "<p>Describes fast snapshot restores that were successfully disabled.</p>"
+    },
+    "DisableFastSnapshotRestoreSuccessSet": {
+      "type": "list",
+      "member": {
+        "shape": "DisableFastSnapshotRestoreSuccessItem",
+        "locationName": "item"
+      }
+    },
+    "DisableFastSnapshotRestoresRequest": {
+      "type": "structure",
+      "required": [
+        "AvailabilityZones",
+        "SourceSnapshotIds"
+      ],
+      "members": {
+        "AvailabilityZones": {
+          "shape": "AvailabilityZoneStringList",
+          "documentation": "<p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>",
+          "locationName": "AvailabilityZone"
+        },
+        "SourceSnapshotIds": {
+          "shape": "SnapshotIdStringList",
+          "documentation": "<p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>.</p>",
+          "locationName": "SourceSnapshotId"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DisableFastSnapshotRestoresResult": {
+      "type": "structure",
+      "members": {
+        "Successful": {
+          "shape": "DisableFastSnapshotRestoreSuccessSet",
+          "documentation": "<p>Information about the snapshots for which fast snapshot restores were successfully disabled.</p>",
+          "locationName": "successful"
+        },
+        "Unsuccessful": {
+          "shape": "DisableFastSnapshotRestoreErrorSet",
+          "documentation": "<p>Information about the snapshots for which fast snapshot restores could not be disabled.</p>",
+          "locationName": "unsuccessful"
+        }
+      }
+    },
     "DisableTransitGatewayRouteTablePropagationRequest": {
       "type": "structure",
       "required": [
@@ -15840,11 +18518,11 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the propagation route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -15871,12 +18549,16 @@
       ],
       "members": {
         "GatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway.</p>"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         }
       },
       "documentation": "<p>Contains the parameters for DisableVgwRoutePropagation.</p>"
@@ -15885,7 +18567,7 @@
       "type": "structure",
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         }
       }
@@ -15912,7 +18594,7 @@
           "locationName": "dryRun"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -15932,7 +18614,7 @@
       "type": "structure",
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "ElasticIpAssociationId",
           "documentation": "<p>[EC2-VPC] The association ID. Required for EC2-VPC.</p>"
         },
         "PublicIp": {
@@ -15954,11 +18636,11 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint from which to disassociate the target network.</p>"
         },
         "AssociationId": {
-          "shape": "String",
+          "shape": "ClientVpnAssociationId",
           "documentation": "<p>The ID of the target network association.</p>"
         },
         "DryRun": {
@@ -15989,7 +18671,7 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "IamInstanceProfileAssociationId",
           "documentation": "<p>The ID of the IAM instance profile association.</p>"
         }
       }
@@ -16011,8 +18693,8 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
-          "documentation": "<p>The association ID representing the current association between the route table and subnet.</p>",
+          "shape": "RouteTableAssociationId",
+          "documentation": "<p>The association ID representing the current association between the route table and subnet or gateway.</p>",
           "locationName": "associationId"
         },
         "DryRun": {
@@ -16029,7 +18711,7 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "SubnetCidrAssociationId",
           "documentation": "<p>The association ID for the CIDR block.</p>",
           "locationName": "associationId"
         }
@@ -16050,6 +18732,37 @@
         }
       }
     },
+    "DisassociateTransitGatewayMulticastDomainRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
+          "documentation": "<p>The ID of the attachment.</p>"
+        },
+        "SubnetIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The IDs of the subnets;</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "DisassociateTransitGatewayMulticastDomainResult": {
+      "type": "structure",
+      "members": {
+        "Associations": {
+          "shape": "TransitGatewayMulticastDomainAssociations",
+          "documentation": "<p>Information about the association.</p>",
+          "locationName": "associations"
+        }
+      }
+    },
     "DisassociateTransitGatewayRouteTableRequest": {
       "type": "structure",
       "required": [
@@ -16058,11 +18771,11 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -16088,7 +18801,7 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "VpcCidrAssociationId",
           "documentation": "<p>The association ID for the CIDR block.</p>",
           "locationName": "associationId"
         }
@@ -16114,6 +18827,9 @@
         }
       }
     },
+    "DiskCount": {
+      "type": "integer"
+    },
     "DiskImage": {
       "type": "structure",
       "members": {
@@ -16214,6 +18930,44 @@
       },
       "documentation": "<p>Describes a disk image volume.</p>"
     },
+    "DiskInfo": {
+      "type": "structure",
+      "members": {
+        "SizeInGB": {
+          "shape": "DiskSize",
+          "documentation": "<p>The size of the disk in GB.</p>",
+          "locationName": "sizeInGB"
+        },
+        "Count": {
+          "shape": "DiskCount",
+          "documentation": "<p>The number of disks with this configuration.</p>",
+          "locationName": "count"
+        },
+        "Type": {
+          "shape": "DiskType",
+          "documentation": "<p>The type of disk.</p>",
+          "locationName": "type"
+        }
+      },
+      "documentation": "<p>Describes the disk.</p>"
+    },
+    "DiskInfoList": {
+      "type": "list",
+      "member": {
+        "shape": "DiskInfo",
+        "locationName": "item"
+      }
+    },
+    "DiskSize": {
+      "type": "long"
+    },
+    "DiskType": {
+      "type": "string",
+      "enum": [
+        "hdd",
+        "ssd"
+      ]
+    },
     "DnsEntry": {
       "type": "structure",
       "members": {
@@ -16237,6 +18991,14 @@
         "locationName": "item"
       }
     },
+    "DnsNameState": {
+      "type": "string",
+      "enum": [
+        "pendingVerification",
+        "verified",
+        "failed"
+      ]
+    },
     "DnsServersOptionsModifyStructure": {
       "type": "structure",
       "members": {
@@ -16273,7 +19035,7 @@
       "members": {
         "DeleteOnTermination": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination.</p>",
+          "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination\">Preserving Amazon EBS Volumes on Instance Termination</a> in the Amazon Elastic Compute Cloud User Guide.</p>",
           "locationName": "deleteOnTermination"
         },
         "Iops": {
@@ -16293,21 +19055,44 @@
         },
         "VolumeType": {
           "shape": "VolumeType",
-          "documentation": "<p>The volume type. If you set the type to <code>io1</code>, you must also set the <b>Iops</b> property.</p> <p>Default: <code>standard</code> </p>",
+          "documentation": "<p>The volume type. If you set the type to <code>io1</code>, you must also specify the <b>Iops</b> parameter. If you set the type to <code>gp2</code>, <code>st1</code>, <code>sc1</code>, or <code>standard</code>, you must omit the <b>Iops</b> parameter.</p> <p>Default: <code>gp2</code> </p>",
           "locationName": "volumeType"
         },
-        "Encrypted": {
-          "shape": "Boolean",
-          "documentation": "<p>Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to <code>true</code> depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>In no case can you remove encryption from an encrypted volume.</p> <p>Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p>",
-          "locationName": "encrypted"
-        },
         "KmsKeyId": {
           "shape": "String",
           "documentation": "<p>Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted.</p> <p>This parameter is only supported on <code>BlockDeviceMapping</code> objects called by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html\">RunInstances</a>, <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html\">RequestSpotFleet</a>, and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html\">RequestSpotInstances</a>.</p>"
+        },
+        "Encrypted": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to <code>true</code> depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>In no case can you remove encryption from an encrypted volume.</p> <p>Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p> <p>This parameter is not returned by .</p>",
+          "locationName": "encrypted"
         }
       },
       "documentation": "<p>Describes a block device for an EBS volume.</p>"
     },
+    "EbsEncryptionSupport": {
+      "type": "string",
+      "enum": [
+        "unsupported",
+        "supported"
+      ]
+    },
+    "EbsInfo": {
+      "type": "structure",
+      "members": {
+        "EbsOptimizedSupport": {
+          "shape": "EbsOptimizedSupport",
+          "documentation": "<p>Indicates that the instance type is Amazon EBS-optimized. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html\">Amazon EBS-Optimized Instances</a> in <i>Amazon EC2 User Guide for Linux Instances</i>.</p>",
+          "locationName": "ebsOptimizedSupport"
+        },
+        "EncryptionSupport": {
+          "shape": "EbsEncryptionSupport",
+          "documentation": "<p>Indicates whether Amazon EBS encryption is supported.</p>",
+          "locationName": "encryptionSupport"
+        }
+      },
+      "documentation": "<p>Describes the Amazon EBS features supported by the instance type.</p>"
+    },
     "EbsInstanceBlockDevice": {
       "type": "structure",
       "members": {
@@ -16343,13 +19128,21 @@
           "locationName": "deleteOnTermination"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the EBS volume.</p>",
           "locationName": "volumeId"
         }
       },
       "documentation": "<p>Describes information used to set up an EBS volume specified in a block device mapping.</p>"
     },
+    "EbsOptimizedSupport": {
+      "type": "string",
+      "enum": [
+        "unsupported",
+        "supported",
+        "default"
+      ]
+    },
     "EgressOnlyInternetGateway": {
       "type": "structure",
       "members": {
@@ -16362,6 +19155,11 @@
           "shape": "EgressOnlyInternetGatewayId",
           "documentation": "<p>The ID of the egress-only internet gateway.</p>",
           "locationName": "egressOnlyInternetGatewayId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the egress-only internet gateway.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes an egress-only internet gateway.</p>"
@@ -16427,10 +19225,13 @@
       },
       "documentation": "<p>Describes the status of an Elastic Graphics accelerator.</p>"
     },
+    "ElasticGpuId": {
+      "type": "string"
+    },
     "ElasticGpuIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ElasticGpuId",
         "locationName": "item"
       }
     },
@@ -16449,7 +19250,7 @@
       "members": {
         "Type": {
           "shape": "String",
-          "documentation": "<p>The type of Elastic Graphics accelerator.</p>"
+          "documentation": "<p>The type of Elastic Graphics accelerator. For more information about the values to specify for <code>Type</code>, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html#elastic-graphics-basics\">Elastic Graphics Basics</a>, specifically the Elastic Graphics accelerator column, in the <i>Amazon Elastic Compute Cloud User Guide for Windows Instances</i>.</p>"
         }
       },
       "documentation": "<p>A specification for an Elastic Graphics accelerator.</p>"
@@ -16531,6 +19332,11 @@
           "shape": "String",
           "documentation": "<p>The ID of the instance to which the Elastic Graphics accelerator is attached.</p>",
           "locationName": "instanceId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the Elastic Graphics accelerator.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes an Elastic Graphics accelerator.</p>"
@@ -16543,7 +19349,11 @@
       "members": {
         "Type": {
           "shape": "String",
-          "documentation": "<p> The type of elastic inference accelerator. The possible values are <code>eia1.small</code>, <code>eia1.medium</code>, and <code>eia1.large</code>. </p>"
+          "documentation": "<p> The type of elastic inference accelerator. The possible values are <code>eia1.medium</code>, <code>eia1.large</code>, and <code>eia1.xlarge</code>. </p>"
+        },
+        "Count": {
+          "shape": "ElasticInferenceAcceleratorCount",
+          "documentation": "<p> The number of elastic inference accelerators to attach to the instance. </p> <p>Default: 1</p>"
         }
       },
       "documentation": "<p> Describes an elastic inference accelerator. </p>"
@@ -16581,6 +19391,10 @@
         "locationName": "item"
       }
     },
+    "ElasticInferenceAcceleratorCount": {
+      "type": "integer",
+      "min": 1
+    },
     "ElasticInferenceAccelerators": {
       "type": "list",
       "member": {
@@ -16588,12 +19402,23 @@
         "locationName": "item"
       }
     },
+    "ElasticIpAssociationId": {
+      "type": "string"
+    },
+    "EnaSupport": {
+      "type": "string",
+      "enum": [
+        "unsupported",
+        "supported",
+        "required"
+      ]
+    },
     "EnableEbsEncryptionByDefaultRequest": {
       "type": "structure",
       "members": {
         "DryRun": {
           "shape": "Boolean",
-          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>. </p>"
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         }
       }
     },
@@ -16607,6 +19432,174 @@
         }
       }
     },
+    "EnableFastSnapshotRestoreErrorItem": {
+      "type": "structure",
+      "members": {
+        "SnapshotId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the snapshot.</p>",
+          "locationName": "snapshotId"
+        },
+        "FastSnapshotRestoreStateErrors": {
+          "shape": "EnableFastSnapshotRestoreStateErrorSet",
+          "documentation": "<p>The errors.</p>",
+          "locationName": "fastSnapshotRestoreStateErrorSet"
+        }
+      },
+      "documentation": "<p>Contains information about the errors that occurred when enabling fast snapshot restores.</p>"
+    },
+    "EnableFastSnapshotRestoreErrorSet": {
+      "type": "list",
+      "member": {
+        "shape": "EnableFastSnapshotRestoreErrorItem",
+        "locationName": "item"
+      }
+    },
+    "EnableFastSnapshotRestoreStateError": {
+      "type": "structure",
+      "members": {
+        "Code": {
+          "shape": "String",
+          "documentation": "<p>The error code.</p>",
+          "locationName": "code"
+        },
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The error message.</p>",
+          "locationName": "message"
+        }
+      },
+      "documentation": "<p>Describes an error that occurred when enabling fast snapshot restores.</p>"
+    },
+    "EnableFastSnapshotRestoreStateErrorItem": {
+      "type": "structure",
+      "members": {
+        "AvailabilityZone": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone.</p>",
+          "locationName": "availabilityZone"
+        },
+        "Error": {
+          "shape": "EnableFastSnapshotRestoreStateError",
+          "documentation": "<p>The error.</p>",
+          "locationName": "error"
+        }
+      },
+      "documentation": "<p>Contains information about an error that occurred when enabling fast snapshot restores.</p>"
+    },
+    "EnableFastSnapshotRestoreStateErrorSet": {
+      "type": "list",
+      "member": {
+        "shape": "EnableFastSnapshotRestoreStateErrorItem",
+        "locationName": "item"
+      }
+    },
+    "EnableFastSnapshotRestoreSuccessItem": {
+      "type": "structure",
+      "members": {
+        "SnapshotId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the snapshot.</p>",
+          "locationName": "snapshotId"
+        },
+        "AvailabilityZone": {
+          "shape": "String",
+          "documentation": "<p>The Availability Zone.</p>",
+          "locationName": "availabilityZone"
+        },
+        "State": {
+          "shape": "FastSnapshotRestoreStateCode",
+          "documentation": "<p>The state of fast snapshot restores.</p>",
+          "locationName": "state"
+        },
+        "StateTransitionReason": {
+          "shape": "String",
+          "documentation": "<p>The reason for the state transition. The possible values are as follows:</p> <ul> <li> <p> <code>Client.UserInitiated</code> - The state successfully transitioned to <code>enabling</code> or <code>disabling</code>.</p> </li> <li> <p> <code>Client.UserInitiated - Lifecycle state transition</code> - The state successfully transitioned to <code>optimizing</code>, <code>enabled</code>, or <code>disabled</code>.</p> </li> </ul>",
+          "locationName": "stateTransitionReason"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the snapshot.</p>",
+          "locationName": "ownerId"
+        },
+        "OwnerAlias": {
+          "shape": "String",
+          "documentation": "<p>The alias of the snapshot owner.</p>",
+          "locationName": "ownerAlias"
+        },
+        "EnablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabling</code> state.</p>",
+          "locationName": "enablingTime"
+        },
+        "OptimizingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>optimizing</code> state.</p>",
+          "locationName": "optimizingTime"
+        },
+        "EnabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>enabled</code> state.</p>",
+          "locationName": "enabledTime"
+        },
+        "DisablingTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabling</code> state.</p>",
+          "locationName": "disablingTime"
+        },
+        "DisabledTime": {
+          "shape": "MillisecondDateTime",
+          "documentation": "<p>The time at which fast snapshot restores entered the <code>disabled</code> state.</p>",
+          "locationName": "disabledTime"
+        }
+      },
+      "documentation": "<p>Describes fast snapshot restores that were successfully enabled.</p>"
+    },
+    "EnableFastSnapshotRestoreSuccessSet": {
+      "type": "list",
+      "member": {
+        "shape": "EnableFastSnapshotRestoreSuccessItem",
+        "locationName": "item"
+      }
+    },
+    "EnableFastSnapshotRestoresRequest": {
+      "type": "structure",
+      "required": [
+        "AvailabilityZones",
+        "SourceSnapshotIds"
+      ],
+      "members": {
+        "AvailabilityZones": {
+          "shape": "AvailabilityZoneStringList",
+          "documentation": "<p>One or more Availability Zones. For example, <code>us-east-2a</code>.</p>",
+          "locationName": "AvailabilityZone"
+        },
+        "SourceSnapshotIds": {
+          "shape": "SnapshotIdStringList",
+          "documentation": "<p>The IDs of one or more snapshots. For example, <code>snap-1234567890abcdef0</code>. You can specify a snapshot that was shared with you from another AWS account.</p>",
+          "locationName": "SourceSnapshotId"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "EnableFastSnapshotRestoresResult": {
+      "type": "structure",
+      "members": {
+        "Successful": {
+          "shape": "EnableFastSnapshotRestoreSuccessSet",
+          "documentation": "<p>Information about the snapshots for which fast snapshot restores were successfully enabled.</p>",
+          "locationName": "successful"
+        },
+        "Unsuccessful": {
+          "shape": "EnableFastSnapshotRestoreErrorSet",
+          "documentation": "<p>Information about the snapshots for which fast snapshot restores could not be enabled.</p>",
+          "locationName": "unsuccessful"
+        }
+      }
+    },
     "EnableTransitGatewayRouteTablePropagationRequest": {
       "type": "structure",
       "required": [
@@ -16615,11 +19608,11 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the propagation route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -16646,12 +19639,16 @@
       ],
       "members": {
         "GatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with. </p>"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to. </p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         }
       },
       "documentation": "<p>Contains the parameters for EnableVgwRoutePropagation.</p>"
@@ -16668,18 +19665,17 @@
           "locationName": "dryRun"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>",
           "locationName": "volumeId"
         }
-      },
-      "documentation": "<p>Contains the parameters for EnableVolumeIO.</p>"
+      }
     },
     "EnableVpcClassicLinkDnsSupportRequest": {
       "type": "structure",
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         }
       }
@@ -16706,7 +19702,7 @@
           "locationName": "dryRun"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -16736,6 +19732,13 @@
         "locationName": "item"
       }
     },
+    "ErrorSet": {
+      "type": "list",
+      "member": {
+        "shape": "ValidationError",
+        "locationName": "item"
+      }
+    },
     "EventCode": {
       "type": "string",
       "enum": [
@@ -16772,7 +19775,8 @@
       "enum": [
         "instanceChange",
         "fleetRequestChange",
-        "error"
+        "error",
+        "information"
       ]
     },
     "ExcessCapacityTerminationPolicy": {
@@ -16796,7 +19800,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "DryRun": {
@@ -16827,7 +19831,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint.</p>"
         },
         "DryRun": {
@@ -16854,6 +19858,153 @@
         "microsoft"
       ]
     },
+    "ExportImageRequest": {
+      "type": "structure",
+      "required": [
+        "DiskImageFormat",
+        "ImageId",
+        "S3ExportLocation"
+      ],
+      "members": {
+        "ClientToken": {
+          "shape": "String",
+          "documentation": "<p>Token to enable idempotency for export image requests.</p>",
+          "idempotencyToken": true
+        },
+        "Description": {
+          "shape": "String",
+          "documentation": "<p>A description of the image being exported. The maximum length is 255 bytes.</p>"
+        },
+        "DiskImageFormat": {
+          "shape": "DiskImageFormat",
+          "documentation": "<p>The disk image format.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "ImageId": {
+          "shape": "ImageId",
+          "documentation": "<p>The ID of the image.</p>"
+        },
+        "S3ExportLocation": {
+          "shape": "ExportTaskS3LocationRequest",
+          "documentation": "<p>Information about the destination S3 bucket. The bucket must exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com.</p>"
+        },
+        "RoleName": {
+          "shape": "String",
+          "documentation": "<p>The name of the role that grants VM Import/Export permission to export images to your S3 bucket. If this parameter is not specified, the default role is named 'vmimport'.</p>"
+        }
+      }
+    },
+    "ExportImageResult": {
+      "type": "structure",
+      "members": {
+        "Description": {
+          "shape": "String",
+          "documentation": "<p>A description of the image being exported.</p>",
+          "locationName": "description"
+        },
+        "DiskImageFormat": {
+          "shape": "DiskImageFormat",
+          "documentation": "<p>The disk image format for the exported image.</p>",
+          "locationName": "diskImageFormat"
+        },
+        "ExportImageTaskId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the export image task.</p>",
+          "locationName": "exportImageTaskId"
+        },
+        "ImageId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the image.</p>",
+          "locationName": "imageId"
+        },
+        "RoleName": {
+          "shape": "String",
+          "documentation": "<p>The name of the role that grants VM Import/Export permission to export images to your S3 bucket.</p>",
+          "locationName": "roleName"
+        },
+        "Progress": {
+          "shape": "String",
+          "documentation": "<p>The percent complete of the export image task.</p>",
+          "locationName": "progress"
+        },
+        "S3ExportLocation": {
+          "shape": "ExportTaskS3Location",
+          "documentation": "<p>Information about the destination S3 bucket.</p>",
+          "locationName": "s3ExportLocation"
+        },
+        "Status": {
+          "shape": "String",
+          "documentation": "<p>The status of the export image task. The possible values are <code>active</code>, <code>completed</code>, <code>deleting</code>, and <code>deleted</code>.</p>",
+          "locationName": "status"
+        },
+        "StatusMessage": {
+          "shape": "String",
+          "documentation": "<p>The status message for the export image task.</p>",
+          "locationName": "statusMessage"
+        }
+      }
+    },
+    "ExportImageTask": {
+      "type": "structure",
+      "members": {
+        "Description": {
+          "shape": "String",
+          "documentation": "<p>A description of the image being exported.</p>",
+          "locationName": "description"
+        },
+        "ExportImageTaskId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the export image task.</p>",
+          "locationName": "exportImageTaskId"
+        },
+        "ImageId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the image.</p>",
+          "locationName": "imageId"
+        },
+        "Progress": {
+          "shape": "String",
+          "documentation": "<p>The percent complete of the export image task.</p>",
+          "locationName": "progress"
+        },
+        "S3ExportLocation": {
+          "shape": "ExportTaskS3Location",
+          "documentation": "<p>Information about the destination S3 bucket.</p>",
+          "locationName": "s3ExportLocation"
+        },
+        "Status": {
+          "shape": "String",
+          "documentation": "<p>The status of the export image task. The possible values are <code>active</code>, <code>completed</code>, <code>deleting</code>, and <code>deleted</code>.</p>",
+          "locationName": "status"
+        },
+        "StatusMessage": {
+          "shape": "String",
+          "documentation": "<p>The status message for the export image task.</p>",
+          "locationName": "statusMessage"
+        }
+      },
+      "documentation": "<p>Describes an export image task.</p>"
+    },
+    "ExportImageTaskId": {
+      "type": "string"
+    },
+    "ExportImageTaskIdList": {
+      "type": "list",
+      "member": {
+        "shape": "ExportImageTaskId",
+        "locationName": "ExportImageTaskId"
+      }
+    },
+    "ExportImageTaskList": {
+      "type": "list",
+      "member": {
+        "shape": "ExportImageTask",
+        "locationName": "item"
+      }
+    },
     "ExportTask": {
       "type": "structure",
       "members": {
@@ -16886,14 +20037,22 @@
           "shape": "String",
           "documentation": "<p>The status message related to the export task.</p>",
           "locationName": "statusMessage"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the export task.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes an instance export task.</p>"
     },
+    "ExportTaskId": {
+      "type": "string"
+    },
     "ExportTaskIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ExportTaskId",
         "locationName": "ExportTaskId"
       }
     },
@@ -16904,6 +20063,39 @@
         "locationName": "item"
       }
     },
+    "ExportTaskS3Location": {
+      "type": "structure",
+      "members": {
+        "S3Bucket": {
+          "shape": "String",
+          "documentation": "<p>The destination S3 bucket.</p>",
+          "locationName": "s3Bucket"
+        },
+        "S3Prefix": {
+          "shape": "String",
+          "documentation": "<p>The prefix (logical hierarchy) in the bucket.</p>",
+          "locationName": "s3Prefix"
+        }
+      },
+      "documentation": "<p>Describes the destination for an export image task.</p>"
+    },
+    "ExportTaskS3LocationRequest": {
+      "type": "structure",
+      "required": [
+        "S3Bucket"
+      ],
+      "members": {
+        "S3Bucket": {
+          "shape": "String",
+          "documentation": "<p>The destination S3 bucket.</p>"
+        },
+        "S3Prefix": {
+          "shape": "String",
+          "documentation": "<p>The prefix (logical hierarchy) in the bucket.</p>"
+        }
+      },
+      "documentation": "<p>Describes the destination for an export image task.</p>"
+    },
     "ExportTaskState": {
       "type": "string",
       "enum": [
@@ -16973,7 +20165,7 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the route table.</p>"
         },
         "Filters": {
@@ -17001,6 +20193,63 @@
         }
       }
     },
+    "ExportVmTaskId": {
+      "type": "string"
+    },
+    "FailedQueuedPurchaseDeletion": {
+      "type": "structure",
+      "members": {
+        "Error": {
+          "shape": "DeleteQueuedReservedInstancesError",
+          "documentation": "<p>The error.</p>",
+          "locationName": "error"
+        },
+        "ReservedInstancesId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the Reserved Instance.</p>",
+          "locationName": "reservedInstancesId"
+        }
+      },
+      "documentation": "<p>Describes a Reserved Instance whose queued purchase was not deleted.</p>"
+    },
+    "FailedQueuedPurchaseDeletionSet": {
+      "type": "list",
+      "member": {
+        "shape": "FailedQueuedPurchaseDeletion",
+        "locationName": "item"
+      }
+    },
+    "FastSnapshotRestoreStateCode": {
+      "type": "string",
+      "enum": [
+        "enabling",
+        "optimizing",
+        "enabled",
+        "disabling",
+        "disabled"
+      ]
+    },
+    "FederatedAuthentication": {
+      "type": "structure",
+      "members": {
+        "SamlProviderArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the IAM SAML identity provider.</p>",
+          "locationName": "samlProviderArn"
+        }
+      },
+      "documentation": "<p>Describes the IAM SAML identity provider used for federated authentication.</p>"
+    },
+    "FederatedAuthenticationRequest": {
+      "type": "structure",
+      "members": {
+        "SAMLProviderArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the IAM SAML identity provider.</p>"
+        }
+      },
+      "documentation": "<p>The IAM SAML identity provider used for federated authentication.</p>"
+    },
     "Filter": {
       "type": "structure",
       "members": {
@@ -17027,11 +20276,17 @@
       "type": "string",
       "enum": [
         "error",
-        "pending-fulfillment",
-        "pending-termination",
+        "pending_fulfillment",
+        "pending_termination",
         "fulfilled"
       ]
     },
+    "FleetCapacityReservationUsageStrategy": {
+      "type": "string",
+      "enum": [
+        "use-capacity-reservations-first"
+      ]
+    },
     "FleetData": {
       "type": "structure",
       "members": {
@@ -17046,7 +20301,7 @@
           "locationName": "createTime"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>",
           "locationName": "fleetId"
         },
@@ -17057,7 +20312,7 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>",
+          "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>",
           "locationName": "clientToken"
         },
         "ExcessCapacityTerminationPolicy": {
@@ -17092,7 +20347,7 @@
         },
         "Type": {
           "shape": "FleetType",
-          "documentation": "<p>The type of request. Indicates whether the EC2 Fleet only <code>requests</code> the target capacity, or also attempts to <code>maintain</code> it. If you request a certain target capacity, EC2 Fleet only places the required requests; it does not attempt to replenish instances if capacity is diminished, and does not submit requests in alternative capacity pools if capacity is unavailable. To maintain a certain target capacity, EC2 Fleet places the required requests to meet this target capacity. It also automatically replenishes any interrupted Spot Instances. Default: <code>maintain</code>.</p>",
+          "documentation": "<p>The type of request. Indicates whether the EC2 Fleet only <code>requests</code> the target capacity, or also attempts to <code>maintain</code> it. If you request a certain target capacity, EC2 Fleet only places the required requests; it does not attempt to replenish instances if capacity is diminished, and it does not submit requests in alternative capacity pools if capacity is unavailable. To maintain a certain target capacity, EC2 Fleet places the required requests to meet this target capacity. It also automatically replenishes any interrupted Spot Instances. Default: <code>maintain</code>.</p>",
           "locationName": "type"
         },
         "ValidFrom": {
@@ -17153,15 +20408,15 @@
         "termination"
       ]
     },
+    "FleetId": {
+      "type": "string"
+    },
     "FleetIdSet": {
       "type": "list",
       "member": {
-        "shape": "FleetIdentifier"
+        "shape": "FleetId"
       }
     },
-    "FleetIdentifier": {
-      "type": "string"
-    },
     "FleetLaunchTemplateConfig": {
       "type": "structure",
       "members": {
@@ -17275,8 +20530,8 @@
           "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance.</p>"
         },
         "SubnetId": {
-          "shape": "String",
-          "documentation": "<p>The ID of the subnet in which to launch the instances.</p>"
+          "shape": "SubnetId",
+          "documentation": "<p>The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, <code>subnet-1234abcdeexample1, subnet-0987cdef6example2</code>). A request of type <code>instant</code> can have only one subnet ID.</p>"
         },
         "AvailabilityZone": {
           "shape": "String",
@@ -17322,7 +20577,7 @@
       "type": "structure",
       "members": {
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template.</p>"
         },
         "LaunchTemplateName": {
@@ -17357,8 +20612,8 @@
         "active",
         "deleted",
         "failed",
-        "deleted-running",
-        "deleted-terminating",
+        "deleted_running",
+        "deleted_terminating",
         "modifying"
       ]
     },
@@ -17377,7 +20632,7 @@
       "type": "structure",
       "members": {
         "CreationTime": {
-          "shape": "DateTime",
+          "shape": "MillisecondDateTime",
           "documentation": "<p>The date and time the flow log was created.</p>",
           "locationName": "creationTime"
         },
@@ -17430,10 +20685,42 @@
           "shape": "String",
           "documentation": "<p>Specifies the destination to which the flow log data is published. Flow log data can be published to an CloudWatch Logs log group or an Amazon S3 bucket. If the flow log publishes to CloudWatch Logs, this element indicates the Amazon Resource Name (ARN) of the CloudWatch Logs log group to which the data is published. If the flow log publishes to Amazon S3, this element indicates the ARN of the Amazon S3 bucket to which the data is published.</p>",
           "locationName": "logDestination"
+        },
+        "LogFormat": {
+          "shape": "String",
+          "documentation": "<p>The format of the flow log record.</p>",
+          "locationName": "logFormat"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the flow log.</p>",
+          "locationName": "tagSet"
+        },
+        "MaxAggregationInterval": {
+          "shape": "Integer",
+          "documentation": "<p>The maximum interval of time, in seconds, during which a flow of packets is captured and aggregated into a flow log record.</p> <p>When a network interface is attached to a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instance</a>, the aggregation interval is always 60 seconds (1 minute) or less, regardless of the specified value.</p> <p>Valid Values: <code>60</code> | <code>600</code> </p>",
+          "locationName": "maxAggregationInterval"
         }
       },
       "documentation": "<p>Describes a flow log.</p>"
     },
+    "FlowLogIdList": {
+      "type": "list",
+      "member": {
+        "shape": "VpcFlowLogId",
+        "locationName": "item"
+      }
+    },
+    "FlowLogResourceId": {
+      "type": "string"
+    },
+    "FlowLogResourceIds": {
+      "type": "list",
+      "member": {
+        "shape": "FlowLogResourceId",
+        "locationName": "item"
+      }
+    },
     "FlowLogSet": {
       "type": "list",
       "member": {
@@ -17449,6 +20736,62 @@
         "NetworkInterface"
       ]
     },
+    "FpgaDeviceCount": {
+      "type": "integer"
+    },
+    "FpgaDeviceInfo": {
+      "type": "structure",
+      "members": {
+        "Name": {
+          "shape": "FpgaDeviceName",
+          "documentation": "<p>The name of the FPGA accelerator.</p>",
+          "locationName": "name"
+        },
+        "Manufacturer": {
+          "shape": "FpgaDeviceManufacturerName",
+          "documentation": "<p>The manufacturer of the FPGA accelerator.</p>",
+          "locationName": "manufacturer"
+        },
+        "Count": {
+          "shape": "FpgaDeviceCount",
+          "documentation": "<p>The count of FPGA accelerators for the instance type.</p>",
+          "locationName": "count"
+        },
+        "MemoryInfo": {
+          "shape": "FpgaDeviceMemoryInfo",
+          "documentation": "<p>Describes the memory for the FPGA accelerator for the instance type.</p>",
+          "locationName": "memoryInfo"
+        }
+      },
+      "documentation": "<p>Describes the FPGA accelerator for the instance type.</p>"
+    },
+    "FpgaDeviceInfoList": {
+      "type": "list",
+      "member": {
+        "shape": "FpgaDeviceInfo",
+        "locationName": "item"
+      }
+    },
+    "FpgaDeviceManufacturerName": {
+      "type": "string"
+    },
+    "FpgaDeviceMemoryInfo": {
+      "type": "structure",
+      "members": {
+        "SizeInMiB": {
+          "shape": "FpgaDeviceMemorySize",
+          "documentation": "<p>The size (in MiB) for the memory available to the FPGA accelerator.</p>",
+          "locationName": "sizeInMiB"
+        }
+      },
+      "documentation": "<p>Describes the memory for the FPGA accelerator for the instance type.</p>"
+    },
+    "FpgaDeviceMemorySize": {
+      "type": "integer"
+    },
+    "FpgaDeviceName": {
+      "type": "string"
+    },
     "FpgaImage": {
       "type": "structure",
       "members": {
@@ -17570,10 +20913,13 @@
         "productCodes"
       ]
     },
+    "FpgaImageId": {
+      "type": "string"
+    },
     "FpgaImageIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "FpgaImageId",
         "locationName": "item"
       }
     },
@@ -17609,12 +20955,188 @@
         "unavailable"
       ]
     },
+    "FpgaInfo": {
+      "type": "structure",
+      "members": {
+        "Fpgas": {
+          "shape": "FpgaDeviceInfoList",
+          "documentation": "<p>Describes the FPGAs for the instance type.</p>",
+          "locationName": "fpgas"
+        },
+        "TotalFpgaMemoryInMiB": {
+          "shape": "totalFpgaMemory",
+          "documentation": "<p>The total memory of all FPGA accelerators for the instance type.</p>",
+          "locationName": "totalFpgaMemoryInMiB"
+        }
+      },
+      "documentation": "<p>Describes the FPGAs for the instance type.</p>"
+    },
+    "FreeTierEligibleFlag": {
+      "type": "boolean"
+    },
     "GatewayType": {
       "type": "string",
       "enum": [
         "ipsec.1"
       ]
     },
+    "GetAssociatedIpv6PoolCidrsRequest": {
+      "type": "structure",
+      "required": [
+        "PoolId"
+      ],
+      "members": {
+        "PoolId": {
+          "shape": "Ipv6PoolEc2Id",
+          "documentation": "<p>The ID of the IPv6 address pool.</p>"
+        },
+        "NextToken": {
+          "shape": "NextToken",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "MaxResults": {
+          "shape": "Ipv6PoolMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "GetAssociatedIpv6PoolCidrsResult": {
+      "type": "structure",
+      "members": {
+        "Ipv6CidrAssociations": {
+          "shape": "Ipv6CidrAssociationSet",
+          "documentation": "<p>Information about the IPv6 CIDR block associations.</p>",
+          "locationName": "ipv6CidrAssociationSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "GetCapacityReservationUsageRequest": {
+      "type": "structure",
+      "required": [
+        "CapacityReservationId"
+      ],
+      "members": {
+        "CapacityReservationId": {
+          "shape": "CapacityReservationId",
+          "documentation": "<p>The ID of the Capacity Reservation.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to retrieve the next page of results.</p>"
+        },
+        "MaxResults": {
+          "shape": "GetCapacityReservationUsageRequestMaxResults",
+          "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value.</p> <p>Valid range: Minimum value of 1. Maximum value of 1000.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "GetCapacityReservationUsageRequestMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 1
+    },
+    "GetCapacityReservationUsageResult": {
+      "type": "structure",
+      "members": {
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        },
+        "CapacityReservationId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the Capacity Reservation.</p>",
+          "locationName": "capacityReservationId"
+        },
+        "InstanceType": {
+          "shape": "String",
+          "documentation": "<p>The type of instance for which the Capacity Reservation reserves capacity.</p>",
+          "locationName": "instanceType"
+        },
+        "TotalInstanceCount": {
+          "shape": "Integer",
+          "documentation": "<p>The number of instances for which the Capacity Reservation reserves capacity.</p>",
+          "locationName": "totalInstanceCount"
+        },
+        "AvailableInstanceCount": {
+          "shape": "Integer",
+          "documentation": "<p>The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.</p>",
+          "locationName": "availableInstanceCount"
+        },
+        "State": {
+          "shape": "CapacityReservationState",
+          "documentation": "<p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p> <ul> <li> <p> <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p> </li> <li> <p> <code>expired</code> - The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>cancelled</code> - The Capacity Reservation was manually cancelled. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>pending</code> - The Capacity Reservation request was successful but the capacity provisioning is still pending.</p> </li> <li> <p> <code>failed</code> - The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.</p> </li> </ul>",
+          "locationName": "state"
+        },
+        "InstanceUsages": {
+          "shape": "InstanceUsageSet",
+          "documentation": "<p>Information about the Capacity Reservation usage.</p>",
+          "locationName": "instanceUsageSet"
+        }
+      }
+    },
+    "GetCoipPoolUsageRequest": {
+      "type": "structure",
+      "required": [
+        "PoolId"
+      ],
+      "members": {
+        "PoolId": {
+          "shape": "CoipPoolId",
+          "documentation": "<p>The ID of the address pool.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>The filters. The following are the possible values:</p> <ul> <li> <p> <code>coip-address-usage.allocation-id</code> </p> </li> </ul> <ul> <li> <p> <code>coip-address-usage.aws-account-id</code> </p> </li> </ul> <ul> <li> <p> <code>coip-address-usage.aws-service</code> </p> </li> </ul> <ul> <li> <p> <code>coip-address-usage.co-ip</code> </p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "CoipPoolMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "GetCoipPoolUsageResult": {
+      "type": "structure",
+      "members": {
+        "CoipPoolId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the customer-owned address pool.</p>",
+          "locationName": "coipPoolId"
+        },
+        "CoipAddressUsages": {
+          "shape": "CoipAddressUsageSet",
+          "documentation": "<p>Information about the address usage.</p>",
+          "locationName": "coipAddressUsageSet"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        }
+      }
+    },
     "GetConsoleOutputRequest": {
       "type": "structure",
       "required": [
@@ -17622,7 +21144,7 @@
       ],
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         },
         "DryRun": {
@@ -17667,7 +21189,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         },
         "WakeUp": {
@@ -17691,6 +21213,32 @@
         }
       }
     },
+    "GetDefaultCreditSpecificationRequest": {
+      "type": "structure",
+      "required": [
+        "InstanceFamily"
+      ],
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "InstanceFamily": {
+          "shape": "UnlimitedSupportedInstanceFamily",
+          "documentation": "<p>The instance family.</p>"
+        }
+      }
+    },
+    "GetDefaultCreditSpecificationResult": {
+      "type": "structure",
+      "members": {
+        "InstanceFamilyCreditSpecification": {
+          "shape": "InstanceFamilyCreditSpecification",
+          "documentation": "<p>The default credit option for CPU usage of the instance family.</p>",
+          "locationName": "instanceFamilyCreditSpecification"
+        }
+      }
+    },
     "GetEbsDefaultKmsKeyIdRequest": {
       "type": "structure",
       "members": {
@@ -17741,7 +21289,7 @@
           "documentation": "<p>The IDs of the Dedicated Hosts with which the reservation is associated.</p>"
         },
         "OfferingId": {
-          "shape": "String",
+          "shape": "OfferingId",
           "documentation": "<p>The offering ID of the reservation.</p>"
         }
       }
@@ -17782,7 +21330,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         }
       }
@@ -17804,7 +21352,7 @@
       ],
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the Windows instance.</p>"
         },
         "DryRun": {
@@ -17915,7 +21463,7 @@
       ],
       "members": {
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "Filters": {
@@ -17952,6 +21500,47 @@
         }
       }
     },
+    "GetTransitGatewayMulticastDomainAssociationsRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The type of resource. The valid value is: <code>vpc</code>.</p> </li> <li> <p> <code>state</code> - The state of the subnet association. Valid values are <code>associated</code> | <code>associating</code> | <code>disassociated</code> | <code>disassociating</code>.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet.</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The id of the transit gateway attachment.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "TransitGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "GetTransitGatewayMulticastDomainAssociationsResult": {
+      "type": "structure",
+      "members": {
+        "MulticastDomainAssociations": {
+          "shape": "TransitGatewayMulticastDomainAssociationList",
+          "documentation": "<p>Information about the multicast domain associations.</p>",
+          "locationName": "multicastDomainAssociations"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "GetTransitGatewayRouteTableAssociationsRequest": {
       "type": "structure",
       "required": [
@@ -17959,7 +21548,7 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "Filters": {
@@ -18003,7 +21592,7 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "Filters": {
@@ -18040,6 +21629,78 @@
         }
       }
     },
+    "GpuDeviceCount": {
+      "type": "integer"
+    },
+    "GpuDeviceInfo": {
+      "type": "structure",
+      "members": {
+        "Name": {
+          "shape": "GpuDeviceName",
+          "documentation": "<p>The name of the GPU accelerator.</p>",
+          "locationName": "name"
+        },
+        "Manufacturer": {
+          "shape": "GpuDeviceManufacturerName",
+          "documentation": "<p>The manufacturer of the GPU accelerator.</p>",
+          "locationName": "manufacturer"
+        },
+        "Count": {
+          "shape": "GpuDeviceCount",
+          "documentation": "<p>The number of GPUs for the instance type.</p>",
+          "locationName": "count"
+        },
+        "MemoryInfo": {
+          "shape": "GpuDeviceMemoryInfo",
+          "documentation": "<p>Describes the memory available to the GPU accelerator.</p>",
+          "locationName": "memoryInfo"
+        }
+      },
+      "documentation": "<p>Describes the GPU accelerators for the instance type.</p>"
+    },
+    "GpuDeviceInfoList": {
+      "type": "list",
+      "member": {
+        "shape": "GpuDeviceInfo",
+        "locationName": "item"
+      }
+    },
+    "GpuDeviceManufacturerName": {
+      "type": "string"
+    },
+    "GpuDeviceMemoryInfo": {
+      "type": "structure",
+      "members": {
+        "SizeInMiB": {
+          "shape": "GpuDeviceMemorySize",
+          "documentation": "<p>The size (in MiB) for the memory available to the GPU accelerator.</p>",
+          "locationName": "sizeInMiB"
+        }
+      },
+      "documentation": "<p>Describes the memory available to the GPU accelerator.</p>"
+    },
+    "GpuDeviceMemorySize": {
+      "type": "integer"
+    },
+    "GpuDeviceName": {
+      "type": "string"
+    },
+    "GpuInfo": {
+      "type": "structure",
+      "members": {
+        "Gpus": {
+          "shape": "GpuDeviceInfoList",
+          "documentation": "<p>Describes the GPU accelerators for the instance type.</p>",
+          "locationName": "gpus"
+        },
+        "TotalGpuMemoryInMiB": {
+          "shape": "totalGpuMemory",
+          "documentation": "<p>The total size of the memory for the GPU accelerators for the instance type.</p>",
+          "locationName": "totalGpuMemoryInMiB"
+        }
+      },
+      "documentation": "<p>Describes the GPU accelerators for the instance type.</p>"
+    },
     "GroupIdStringList": {
       "type": "list",
       "member": {
@@ -18080,17 +21741,20 @@
     "GroupIds": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupId",
         "locationName": "item"
       }
     },
     "GroupNameStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupName",
         "locationName": "GroupName"
       }
     },
+    "HibernationFlag": {
+      "type": "boolean"
+    },
     "HibernationOptions": {
       "type": "structure",
       "members": {
@@ -18100,7 +21764,7 @@
           "locationName": "configured"
         }
       },
-      "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "HibernationOptionsRequest": {
       "type": "structure",
@@ -18110,7 +21774,7 @@
           "documentation": "<p>If you set this parameter to <code>true</code>, your instance is enabled for hibernation.</p> <p>Default: <code>false</code> </p>"
         }
       },
-      "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+      "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
     },
     "HistoryRecord": {
       "type": "structure",
@@ -18183,7 +21847,7 @@
         },
         "AvailableCapacity": {
           "shape": "AvailableCapacity",
-          "documentation": "<p>The number of new instances that can be launched onto the Dedicated Host.</p>",
+          "documentation": "<p>Information about the instances running on the Dedicated Host.</p>",
           "locationName": "availableCapacity"
         },
         "ClientToken": {
@@ -18235,6 +21899,26 @@
           "shape": "HostRecovery",
           "documentation": "<p>Indicates whether host recovery is enabled or disabled for the Dedicated Host.</p>",
           "locationName": "hostRecovery"
+        },
+        "AllowsMultipleInstanceTypes": {
+          "shape": "AllowsMultipleInstanceTypes",
+          "documentation": "<p>Indicates whether the Dedicated Host supports multiple instance types of the same instance family, or a specific instance type only. <code>one</code> indicates that the Dedicated Host supports multiple instance types in the instance family. <code>off</code> indicates that the Dedicated Host supports a single instance type only.</p>",
+          "locationName": "allowsMultipleInstanceTypes"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the Dedicated Host.</p>",
+          "locationName": "ownerId"
+        },
+        "AvailabilityZoneId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the Availability Zone in which the Dedicated Host is allocated.</p>",
+          "locationName": "availabilityZoneId"
+        },
+        "MemberOfServiceLinkedResourceGroup": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether the Dedicated Host is in a host resource group. If <b>memberOfServiceLinkedResourceGroup</b> is <code>true</code>, the host is in a host resource group; otherwise, it is not.</p>",
+          "locationName": "memberOfServiceLinkedResourceGroup"
         }
       },
       "documentation": "<p>Describes the properties of the Dedicated Host.</p>"
@@ -18244,13 +21928,18 @@
       "members": {
         "InstanceId": {
           "shape": "String",
-          "documentation": "<p>the IDs of instances that are running on the Dedicated Host.</p>",
+          "documentation": "<p>The ID of instance that is running on the Dedicated Host.</p>",
           "locationName": "instanceId"
         },
         "InstanceType": {
           "shape": "String",
-          "documentation": "<p>The instance type size (for example, <code>m3.medium</code>) of the running instance.</p>",
+          "documentation": "<p>The instance type (for example, <code>m3.medium</code>) of the running instance.</p>",
           "locationName": "instanceType"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that owns the instance.</p>",
+          "locationName": "ownerId"
         }
       },
       "documentation": "<p>Describes an instance running on a Dedicated Host.</p>"
@@ -18327,9 +22016,14 @@
         },
         "InstanceType": {
           "shape": "String",
-          "documentation": "<p>The instance type size that the Dedicated Host supports (for example, <code>m3.medium</code>).</p>",
+          "documentation": "<p>The instance type supported by the Dedicated Host. For example, <code>m5.large</code>. If the host supports multiple instance types, no <b>instanceType</b> is returned.</p>",
           "locationName": "instanceType"
         },
+        "InstanceFamily": {
+          "shape": "String",
+          "documentation": "<p>The instance family supported by the Dedicated Host. For example, <code>m5</code>.</p>",
+          "locationName": "instanceFamily"
+        },
         "Sockets": {
           "shape": "Integer",
           "documentation": "<p>The number of sockets on the Dedicated Host.</p>",
@@ -18337,11 +22031,11 @@
         },
         "TotalVCpus": {
           "shape": "Integer",
-          "documentation": "<p>The number of vCPUs on the Dedicated Host.</p>",
+          "documentation": "<p>The total number of vCPUs on the Dedicated Host.</p>",
           "locationName": "totalVCpus"
         }
       },
-      "documentation": "<p>Describes properties of a Dedicated Host.</p>"
+      "documentation": "<p>Describes the properties of a Dedicated Host.</p>"
     },
     "HostRecovery": {
       "type": "string",
@@ -18426,10 +22120,13 @@
       },
       "documentation": "<p>Details about the Dedicated Host Reservation and associated Dedicated Hosts.</p>"
     },
+    "HostReservationId": {
+      "type": "string"
+    },
     "HostReservationIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "HostReservationId",
         "locationName": "item"
       }
     },
@@ -18447,6 +22144,13 @@
         "host"
       ]
     },
+    "HttpTokensState": {
+      "type": "string",
+      "enum": [
+        "optional",
+        "required"
+      ]
+    },
     "HypervisorType": {
       "type": "string",
       "enum": [
@@ -18454,6 +22158,41 @@
         "xen"
       ]
     },
+    "IKEVersionsList": {
+      "type": "list",
+      "member": {
+        "shape": "IKEVersionsListValue",
+        "locationName": "item"
+      }
+    },
+    "IKEVersionsListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The IKE version.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The internet key exchange (IKE) version permitted for the VPN tunnel.</p>"
+    },
+    "IKEVersionsRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "IKEVersionsRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "IKEVersionsRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The IKE version.</p>"
+        }
+      },
+      "documentation": "<p>The IKE version that is permitted for the VPN tunnel.</p>"
+    },
     "IamInstanceProfile": {
       "type": "structure",
       "members": {
@@ -18501,6 +22240,9 @@
       },
       "documentation": "<p>Describes an association between an IAM instance profile and an instance.</p>"
     },
+    "IamInstanceProfileAssociationId": {
+      "type": "string"
+    },
     "IamInstanceProfileAssociationSet": {
       "type": "list",
       "member": {
@@ -18622,9 +22364,19 @@
         },
         "Platform": {
           "shape": "PlatformValues",
-          "documentation": "<p>This value is set for Windows AMIs; otherwise, it is blank.</p>",
+          "documentation": "<p>This value is set to <code>windows</code> for Windows AMIs; otherwise, it is blank.</p>",
           "locationName": "platform"
         },
+        "PlatformDetails": {
+          "shape": "String",
+          "documentation": "<p>The platform details associated with the billing code of the AMI. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html\">Obtaining Billing Information</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "platformDetails"
+        },
+        "UsageOperation": {
+          "shape": "String",
+          "documentation": "<p>The operation of the Amazon EC2 instance and the billing code that is associated with the AMI. <code>usageOperation</code> corresponds to the <a href=\"https://docs.aws.amazon.com/cur/latest/userguide/Lineitem-columns.html#Lineitem-details-O-Operation\">lineitem/Operation</a> column on your AWS Cost and Usage Report and in the <a href=\"https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/price-changes.html\">AWS Price List API</a>. For the list of <code>UsageOperation</code> codes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html#billing-info\">Platform Details and Usage Operation Billing Codes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "usageOperation"
+        },
         "ProductCodes": {
           "shape": "ProductCodeList",
           "documentation": "<p>Any product codes associated with the AMI.</p>",
@@ -18777,7 +22529,7 @@
           "documentation": "<p>The format of the disk image being imported.</p> <p>Valid values: <code>VHD</code> | <code>VMDK</code> | <code>OVA</code> </p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the EBS snapshot to be used for importing the snapshot.</p>"
         },
         "Url": {
@@ -18798,10 +22550,13 @@
         "locationName": "item"
       }
     },
+    "ImageId": {
+      "type": "string"
+    },
     "ImageIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ImageId",
         "locationName": "ImageId"
       }
     },
@@ -18840,7 +22595,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint to which the client certificate revocation list applies.</p>"
         },
         "CertificateRevocationList": {
@@ -18863,6 +22618,41 @@
         }
       }
     },
+    "ImportImageLicenseConfigurationRequest": {
+      "type": "structure",
+      "members": {
+        "LicenseConfigurationArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of a license configuration.</p>"
+        }
+      },
+      "documentation": "<p>The request information of license configurations.</p>"
+    },
+    "ImportImageLicenseConfigurationResponse": {
+      "type": "structure",
+      "members": {
+        "LicenseConfigurationArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of a license configuration.</p>",
+          "locationName": "licenseConfigurationArn"
+        }
+      },
+      "documentation": "<p> The response information for license configurations.</p>"
+    },
+    "ImportImageLicenseSpecificationListRequest": {
+      "type": "list",
+      "member": {
+        "shape": "ImportImageLicenseConfigurationRequest",
+        "locationName": "item"
+      }
+    },
+    "ImportImageLicenseSpecificationListResponse": {
+      "type": "list",
+      "member": {
+        "shape": "ImportImageLicenseConfigurationResponse",
+        "locationName": "item"
+      }
+    },
     "ImportImageRequest": {
       "type": "structure",
       "members": {
@@ -18900,8 +22690,8 @@
           "documentation": "<p>The target hypervisor platform.</p> <p>Valid values: <code>xen</code> </p>"
         },
         "KmsKeyId": {
-          "shape": "String",
-          "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted AMI. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the AMI is being copied to.</p>"
+          "shape": "KmsKeyId",
+          "documentation": "<p>An identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted AMI. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the AMI is being copied to.</p> <p>Amazon EBS does not support asymmetric CMKs.</p>"
         },
         "LicenseType": {
           "shape": "String",
@@ -18914,6 +22704,10 @@
         "RoleName": {
           "shape": "String",
           "documentation": "<p>The name of the role to use when not using the default role, 'vmimport'.</p>"
+        },
+        "LicenseSpecifications": {
+          "shape": "ImportImageLicenseSpecificationListRequest",
+          "documentation": "<p>The ARNs of the license configurations.</p>"
         }
       }
     },
@@ -18952,7 +22746,7 @@
         },
         "KmsKeyId": {
           "shape": "String",
-          "documentation": "<p>The identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted AMI.</p>",
+          "documentation": "<p>The identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted AMI.</p>",
           "locationName": "kmsKeyId"
         },
         "LicenseType": {
@@ -18984,6 +22778,11 @@
           "shape": "String",
           "documentation": "<p>A detailed status message of the import task.</p>",
           "locationName": "statusMessage"
+        },
+        "LicenseSpecifications": {
+          "shape": "ImportImageLicenseSpecificationListResponse",
+          "documentation": "<p>The ARNs of the license configurations.</p>",
+          "locationName": "licenseSpecifications"
         }
       }
     },
@@ -19054,10 +22853,23 @@
           "shape": "String",
           "documentation": "<p>A descriptive status message for the import image task.</p>",
           "locationName": "statusMessage"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the import image task.</p>",
+          "locationName": "tagSet"
+        },
+        "LicenseSpecifications": {
+          "shape": "ImportImageLicenseSpecificationListResponse",
+          "documentation": "<p>The ARNs of the license configurations that are associated with the import image task.</p>",
+          "locationName": "licenseSpecifications"
         }
       },
       "documentation": "<p>Describes an import image task.</p>"
     },
+    "ImportImageTaskId": {
+      "type": "string"
+    },
     "ImportImageTaskList": {
       "type": "list",
       "member": {
@@ -19114,7 +22926,7 @@
           "locationName": "privateIpAddress"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>[EC2-VPC] The ID of the subnet in which to launch the instance.</p>",
           "locationName": "subnetId"
         },
@@ -19264,6 +23076,11 @@
           "shape": "Blob",
           "documentation": "<p>The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.</p>",
           "locationName": "publicKeyMaterial"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The tags to apply to the imported key pair.</p>",
+          "locationName": "TagSpecification"
         }
       }
     },
@@ -19279,6 +23096,16 @@
           "shape": "String",
           "documentation": "<p>The key pair name you provided.</p>",
           "locationName": "keyName"
+        },
+        "KeyPairId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the resulting key pair.</p>",
+          "locationName": "keyPairId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags applied to the imported key pair.</p>",
+          "locationName": "tagSet"
         }
       }
     },
@@ -19310,8 +23137,8 @@
           "documentation": "<p>Specifies whether the destination snapshot of the imported image should be encrypted. The default CMK for EBS is used unless you specify a non-default AWS Key Management Service (AWS KMS) CMK using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
         },
         "KmsKeyId": {
-          "shape": "String",
-          "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to.</p>"
+          "shape": "KmsKeyId",
+          "documentation": "<p>An identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to.</p> <p>Amazon EBS does not support asymmetric CMKs.</p>"
         },
         "RoleName": {
           "shape": "String",
@@ -19356,10 +23183,25 @@
           "shape": "SnapshotTaskDetail",
           "documentation": "<p>Describes an import snapshot task.</p>",
           "locationName": "snapshotTaskDetail"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the import snapshot task.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes an import snapshot task.</p>"
     },
+    "ImportSnapshotTaskId": {
+      "type": "string"
+    },
+    "ImportSnapshotTaskIdList": {
+      "type": "list",
+      "member": {
+        "shape": "ImportSnapshotTaskId",
+        "locationName": "ImportTaskId"
+      }
+    },
     "ImportSnapshotTaskList": {
       "type": "list",
       "member": {
@@ -19367,10 +23209,13 @@
         "locationName": "item"
       }
     },
+    "ImportTaskId": {
+      "type": "string"
+    },
     "ImportTaskIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ImportImageTaskId",
         "locationName": "ImportTaskId"
       }
     },
@@ -19450,6 +23295,54 @@
       },
       "documentation": "<p>Describes an import volume task.</p>"
     },
+    "InferenceAcceleratorInfo": {
+      "type": "structure",
+      "members": {
+        "Accelerators": {
+          "shape": "InferenceDeviceInfoList",
+          "documentation": "<p>Describes the Inference accelerators for the instance type.</p>",
+          "locationName": "accelerators"
+        }
+      },
+      "documentation": "<p>Describes the Inference accelerators for the instance type.</p>"
+    },
+    "InferenceDeviceCount": {
+      "type": "integer"
+    },
+    "InferenceDeviceInfo": {
+      "type": "structure",
+      "members": {
+        "Count": {
+          "shape": "InferenceDeviceCount",
+          "documentation": "<p>The number of Inference accelerators for the instance type.</p>",
+          "locationName": "count"
+        },
+        "Name": {
+          "shape": "InferenceDeviceName",
+          "documentation": "<p>The name of the Inference accelerator.</p>",
+          "locationName": "name"
+        },
+        "Manufacturer": {
+          "shape": "InferenceDeviceManufacturerName",
+          "documentation": "<p>The manufacturer of the Inference accelerator.</p>",
+          "locationName": "manufacturer"
+        }
+      },
+      "documentation": "<p>Describes the Inference accelerators for the instance type.</p>"
+    },
+    "InferenceDeviceInfoList": {
+      "type": "list",
+      "member": {
+        "shape": "InferenceDeviceInfo"
+      },
+      "locationName": "item"
+    },
+    "InferenceDeviceManufacturerName": {
+      "type": "string"
+    },
+    "InferenceDeviceName": {
+      "type": "string"
+    },
     "Instance": {
       "type": "structure",
       "members": {
@@ -19580,7 +23473,7 @@
         },
         "Hypervisor": {
           "shape": "HypervisorType",
-          "documentation": "<p>The hypervisor type of the instance.</p>",
+          "documentation": "<p>The hypervisor type of the instance. The value <code>xen</code> is used for both Xen and Nitro hypervisors.</p>",
           "locationName": "hypervisor"
         },
         "IamInstanceProfile": {
@@ -19600,7 +23493,7 @@
         },
         "ElasticInferenceAcceleratorAssociations": {
           "shape": "ElasticInferenceAcceleratorAssociationList",
-          "documentation": "<p> The elastic inference accelerator associated with the instance. </p>",
+          "documentation": "<p> The elastic inference accelerator associated with the instance.</p>",
           "locationName": "elasticInferenceAcceleratorAssociationSet"
         },
         "NetworkInterfaces": {
@@ -19608,6 +23501,11 @@
           "documentation": "<p>[EC2-VPC] The network interfaces for the instance.</p>",
           "locationName": "networkInterfaceSet"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
         "RootDeviceName": {
           "shape": "String",
           "documentation": "<p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>",
@@ -19677,6 +23575,11 @@
           "shape": "LicenseList",
           "documentation": "<p>The license configurations.</p>",
           "locationName": "licenseSet"
+        },
+        "MetadataOptions": {
+          "shape": "InstanceMetadataOptionsResponse",
+          "documentation": "<p>The metadata options for the instance.</p>",
+          "locationName": "metadataOptions"
         }
       },
       "documentation": "<p>Describes an instance.</p>"
@@ -19842,21 +23745,21 @@
       "members": {
         "AvailableCapacity": {
           "shape": "Integer",
-          "documentation": "<p>The number of instances that can still be launched onto the Dedicated Host.</p>",
+          "documentation": "<p>The number of instances that can be launched onto the Dedicated Host based on the host's available capacity.</p>",
           "locationName": "availableCapacity"
         },
         "InstanceType": {
           "shape": "String",
-          "documentation": "<p>The instance type size supported by the Dedicated Host.</p>",
+          "documentation": "<p>The instance type supported by the Dedicated Host.</p>",
           "locationName": "instanceType"
         },
         "TotalCapacity": {
           "shape": "Integer",
-          "documentation": "<p>The total number of instances that can be launched onto the Dedicated Host.</p>",
+          "documentation": "<p>The total number of instances that can be launched onto the Dedicated Host if there are no instances running on it.</p>",
           "locationName": "totalCapacity"
         }
       },
-      "documentation": "<p>Information about the instance type that the Dedicated Host supports.</p>"
+      "documentation": "<p>Information about the number of instances that can be launched onto the Dedicated Host.</p>"
     },
     "InstanceCount": {
       "type": "structure",
@@ -19895,7 +23798,7 @@
           "locationName": "cpuCredits"
         }
       },
-      "documentation": "<p>Describes the credit option for CPU usage of a T2 or T3 instance. </p>"
+      "documentation": "<p>Describes the credit option for CPU usage of a burstable performance instance. </p>"
     },
     "InstanceCreditSpecificationList": {
       "type": "list",
@@ -19915,7 +23818,7 @@
       "type": "structure",
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>"
         },
         "CpuCredits": {
@@ -19923,7 +23826,7 @@
           "documentation": "<p>The credit option for CPU usage of the instance. Valid values are <code>standard</code> and <code>unlimited</code>.</p>"
         }
       },
-      "documentation": "<p>Describes the credit option for CPU usage of a T2 or T3 instance.</p>"
+      "documentation": "<p>Describes the credit option for CPU usage of a burstable performance instance.</p>"
     },
     "InstanceEventId": {
       "type": "string"
@@ -19944,6 +23847,22 @@
       },
       "documentation": "<p>Describes an instance to export.</p>"
     },
+    "InstanceFamilyCreditSpecification": {
+      "type": "structure",
+      "members": {
+        "InstanceFamily": {
+          "shape": "UnlimitedSupportedInstanceFamily",
+          "documentation": "<p>The instance family.</p>",
+          "locationName": "instanceFamily"
+        },
+        "CpuCredits": {
+          "shape": "String",
+          "documentation": "<p>The default credit option for CPU usage of the instance family. Valid values are <code>standard</code> and <code>unlimited</code>.</p>",
+          "locationName": "cpuCredits"
+        }
+      },
+      "documentation": "<p>Describes the default credit option for CPU usage of a burstable performance instance family.</p>"
+    },
     "InstanceHealthStatus": {
       "type": "string",
       "enum": [
@@ -19964,7 +23883,7 @@
     "InstanceIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "InstanceId",
         "locationName": "InstanceId"
       }
     },
@@ -20060,6 +23979,64 @@
         "targeted"
       ]
     },
+    "InstanceMetadataEndpointState": {
+      "type": "string",
+      "enum": [
+        "disabled",
+        "enabled"
+      ]
+    },
+    "InstanceMetadataOptionsRequest": {
+      "type": "structure",
+      "members": {
+        "HttpTokens": {
+          "shape": "HttpTokensState",
+          "documentation": "<p>The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is <code>optional</code>.</p> <p>If the state is <code>optional</code>, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.</p> <p>If the state is <code>required</code>, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.</p>"
+        },
+        "HttpPutResponseHopLimit": {
+          "shape": "Integer",
+          "documentation": "<p>The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.</p> <p>Default: 1</p> <p>Possible values: Integers from 1 to 64</p>"
+        },
+        "HttpEndpoint": {
+          "shape": "InstanceMetadataEndpointState",
+          "documentation": "<p>This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is <code>enabled</code>.</p> <note> <p>If you specify a value of <code>disabled</code>, you will not be able to access your instance metadata.</p> </note>"
+        }
+      },
+      "documentation": "<p>The metadata options for the instance.</p>"
+    },
+    "InstanceMetadataOptionsResponse": {
+      "type": "structure",
+      "members": {
+        "State": {
+          "shape": "InstanceMetadataOptionsState",
+          "documentation": "<p>The state of the metadata option changes.</p> <p> <code>pending</code> - The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.</p> <p> <code>applied</code> - The metadata options have been successfully applied on the instance.</p>",
+          "locationName": "state"
+        },
+        "HttpTokens": {
+          "shape": "HttpTokensState",
+          "documentation": "<p>The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is <code>optional</code>.</p> <p>If the state is <code>optional</code>, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.</p> <p>If the state is <code>required</code>, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credential always returns the version 2.0 credentials; the version 1.0 credentials are not available.</p>",
+          "locationName": "httpTokens"
+        },
+        "HttpPutResponseHopLimit": {
+          "shape": "Integer",
+          "documentation": "<p>The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.</p> <p>Default: 1</p> <p>Possible values: Integers from 1 to 64</p>",
+          "locationName": "httpPutResponseHopLimit"
+        },
+        "HttpEndpoint": {
+          "shape": "InstanceMetadataEndpointState",
+          "documentation": "<p>This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is <code>enabled</code>.</p> <note> <p>If you specify a value of <code>disabled</code>, you will not be able to access your instance metadata.</p> </note>",
+          "locationName": "httpEndpoint"
+        }
+      },
+      "documentation": "<p>The metadata options for the instance.</p>"
+    },
+    "InstanceMetadataOptionsState": {
+      "type": "string",
+      "enum": [
+        "pending",
+        "applied"
+      ]
+    },
     "InstanceMonitoring": {
       "type": "structure",
       "members": {
@@ -20269,7 +24246,7 @@
         },
         "NetworkInterfaceId": {
           "shape": "String",
-          "documentation": "<p>The ID of the network interface.</p>",
+          "documentation": "<p>The ID of the network interface.</p> <p>If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.</p>",
           "locationName": "networkInterfaceId"
         },
         "PrivateIpAddress": {
@@ -20290,7 +24267,7 @@
         },
         "SubnetId": {
           "shape": "String",
-          "documentation": "<p>The ID of the subnet associated with the network string. Applies only if creating a network interface when launching an instance.</p>",
+          "documentation": "<p>The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.</p>",
           "locationName": "subnetId"
         },
         "InterfaceType": {
@@ -20344,7 +24321,7 @@
       "type": "structure",
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The instance to specify which volumes should be snapshotted.</p>"
         },
         "ExcludeBootVolume": {
@@ -20417,6 +24394,11 @@
           "documentation": "<p>The Availability Zone of the instance.</p>",
           "locationName": "availabilityZone"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
         "Events": {
           "shape": "InstanceStatusEventList",
           "documentation": "<p>Any scheduled events associated with the instance.</p>",
@@ -20539,6 +24521,48 @@
       },
       "documentation": "<p>Describes the status of an instance.</p>"
     },
+    "InstanceStorageFlag": {
+      "type": "boolean"
+    },
+    "InstanceStorageInfo": {
+      "type": "structure",
+      "members": {
+        "TotalSizeInGB": {
+          "shape": "DiskSize",
+          "documentation": "<p>The total size of the disks, in GB.</p>",
+          "locationName": "totalSizeInGB"
+        },
+        "Disks": {
+          "shape": "DiskInfoList",
+          "documentation": "<p>Array describing the disks that are available for the instance type.</p>",
+          "locationName": "disks"
+        }
+      },
+      "documentation": "<p>Describes the disks that are available for the instance type.</p>"
+    },
+    "InstanceTagKeySet": {
+      "type": "list",
+      "member": {
+        "shape": "String",
+        "locationName": "item"
+      }
+    },
+    "InstanceTagNotificationAttribute": {
+      "type": "structure",
+      "members": {
+        "InstanceTagKeys": {
+          "shape": "InstanceTagKeySet",
+          "documentation": "<p>The registered tag keys.</p>",
+          "locationName": "instanceTagKeySet"
+        },
+        "IncludeAllTagsOfInstance": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates wheter all tag keys in the current Region are registered to appear in scheduled event notifications. <code>true</code> indicates that all tag keys in the current Region are registered.</p>",
+          "locationName": "includeAllTagsOfInstance"
+        }
+      },
+      "documentation": "<p>Describes the registered tag keys for the current Region.</p>"
+    },
     "InstanceType": {
       "type": "string",
       "enum": [
@@ -20597,20 +24621,26 @@
         "r5.xlarge",
         "r5.2xlarge",
         "r5.4xlarge",
+        "r5.8xlarge",
         "r5.12xlarge",
+        "r5.16xlarge",
         "r5.24xlarge",
         "r5.metal",
         "r5a.large",
         "r5a.xlarge",
         "r5a.2xlarge",
         "r5a.4xlarge",
+        "r5a.8xlarge",
         "r5a.12xlarge",
+        "r5a.16xlarge",
         "r5a.24xlarge",
         "r5d.large",
         "r5d.xlarge",
         "r5d.2xlarge",
         "r5d.4xlarge",
+        "r5d.8xlarge",
         "r5d.12xlarge",
+        "r5d.16xlarge",
         "r5d.24xlarge",
         "r5d.metal",
         "r5ad.large",
@@ -20647,6 +24677,7 @@
         "i3en.6xlarge",
         "i3en.12xlarge",
         "i3en.24xlarge",
+        "i3en.metal",
         "hi1.4xlarge",
         "hs1.8xlarge",
         "c1.medium",
@@ -20669,12 +24700,16 @@
         "c5.12xlarge",
         "c5.18xlarge",
         "c5.24xlarge",
+        "c5.metal",
         "c5d.large",
         "c5d.xlarge",
         "c5d.2xlarge",
         "c5d.4xlarge",
         "c5d.9xlarge",
+        "c5d.12xlarge",
         "c5d.18xlarge",
+        "c5d.24xlarge",
+        "c5d.metal",
         "c5n.large",
         "c5n.xlarge",
         "c5n.2xlarge",
@@ -20689,6 +24724,12 @@
         "g3.8xlarge",
         "g3.16xlarge",
         "g3s.xlarge",
+        "g4dn.xlarge",
+        "g4dn.2xlarge",
+        "g4dn.4xlarge",
+        "g4dn.8xlarge",
+        "g4dn.12xlarge",
+        "g4dn.16xlarge",
         "cg1.4xlarge",
         "p2.xlarge",
         "p2.8xlarge",
@@ -20708,20 +24749,26 @@
         "m5.xlarge",
         "m5.2xlarge",
         "m5.4xlarge",
+        "m5.8xlarge",
         "m5.12xlarge",
+        "m5.16xlarge",
         "m5.24xlarge",
         "m5.metal",
         "m5a.large",
         "m5a.xlarge",
         "m5a.2xlarge",
         "m5a.4xlarge",
+        "m5a.8xlarge",
         "m5a.12xlarge",
+        "m5a.16xlarge",
         "m5a.24xlarge",
         "m5d.large",
         "m5d.xlarge",
         "m5d.2xlarge",
         "m5d.4xlarge",
+        "m5d.8xlarge",
         "m5d.12xlarge",
+        "m5d.16xlarge",
         "m5d.24xlarge",
         "m5d.metal",
         "m5ad.large",
@@ -20746,19 +24793,248 @@
         "u-6tb1.metal",
         "u-9tb1.metal",
         "u-12tb1.metal",
+        "u-18tb1.metal",
+        "u-24tb1.metal",
         "a1.medium",
         "a1.large",
         "a1.xlarge",
         "a1.2xlarge",
-        "a1.4xlarge"
+        "a1.4xlarge",
+        "a1.metal",
+        "m5dn.large",
+        "m5dn.xlarge",
+        "m5dn.2xlarge",
+        "m5dn.4xlarge",
+        "m5dn.8xlarge",
+        "m5dn.12xlarge",
+        "m5dn.16xlarge",
+        "m5dn.24xlarge",
+        "m5n.large",
+        "m5n.xlarge",
+        "m5n.2xlarge",
+        "m5n.4xlarge",
+        "m5n.8xlarge",
+        "m5n.12xlarge",
+        "m5n.16xlarge",
+        "m5n.24xlarge",
+        "r5dn.large",
+        "r5dn.xlarge",
+        "r5dn.2xlarge",
+        "r5dn.4xlarge",
+        "r5dn.8xlarge",
+        "r5dn.12xlarge",
+        "r5dn.16xlarge",
+        "r5dn.24xlarge",
+        "r5n.large",
+        "r5n.xlarge",
+        "r5n.2xlarge",
+        "r5n.4xlarge",
+        "r5n.8xlarge",
+        "r5n.12xlarge",
+        "r5n.16xlarge",
+        "r5n.24xlarge",
+        "inf1.xlarge",
+        "inf1.2xlarge",
+        "inf1.6xlarge",
+        "inf1.24xlarge",
+        "m6g.metal",
+        "m6g.medium",
+        "m6g.large",
+        "m6g.xlarge",
+        "m6g.2xlarge",
+        "m6g.4xlarge",
+        "m6g.8xlarge",
+        "m6g.12xlarge",
+        "m6g.16xlarge"
       ]
     },
+    "InstanceTypeHypervisor": {
+      "type": "string",
+      "enum": [
+        "nitro",
+        "xen"
+      ]
+    },
+    "InstanceTypeInfo": {
+      "type": "structure",
+      "members": {
+        "InstanceType": {
+          "shape": "InstanceType",
+          "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "instanceType"
+        },
+        "CurrentGeneration": {
+          "shape": "CurrentGenerationFlag",
+          "documentation": "<p>Indicates whether the instance type is a current generation.</p>",
+          "locationName": "currentGeneration"
+        },
+        "FreeTierEligible": {
+          "shape": "FreeTierEligibleFlag",
+          "documentation": "<p>Indicates whether the instance type is eligible for the free tier.</p>",
+          "locationName": "freeTierEligible"
+        },
+        "SupportedUsageClasses": {
+          "shape": "UsageClassTypeList",
+          "documentation": "<p>Indicates whether the instance type is offered for spot or On-Demand.</p>",
+          "locationName": "supportedUsageClasses"
+        },
+        "SupportedRootDeviceTypes": {
+          "shape": "RootDeviceTypeList",
+          "documentation": "<p>Indicates the supported root device types.</p>",
+          "locationName": "supportedRootDeviceTypes"
+        },
+        "BareMetal": {
+          "shape": "BareMetalFlag",
+          "documentation": "<p>Indicates whether the instance is bare metal.</p>",
+          "locationName": "bareMetal"
+        },
+        "Hypervisor": {
+          "shape": "InstanceTypeHypervisor",
+          "documentation": "<p>Indicates the hypervisor used for the instance type.</p>",
+          "locationName": "hypervisor"
+        },
+        "ProcessorInfo": {
+          "shape": "ProcessorInfo",
+          "documentation": "<p>Describes the processor.</p>",
+          "locationName": "processorInfo"
+        },
+        "VCpuInfo": {
+          "shape": "VCpuInfo",
+          "documentation": "<p>Describes the vCPU configurations for the instance type.</p>",
+          "locationName": "vCpuInfo"
+        },
+        "MemoryInfo": {
+          "shape": "MemoryInfo",
+          "documentation": "<p>Describes the memory for the instance type.</p>",
+          "locationName": "memoryInfo"
+        },
+        "InstanceStorageSupported": {
+          "shape": "InstanceStorageFlag",
+          "documentation": "<p>Indicates whether instance storage is supported.</p>",
+          "locationName": "instanceStorageSupported"
+        },
+        "InstanceStorageInfo": {
+          "shape": "InstanceStorageInfo",
+          "documentation": "<p>Describes the disks for the instance type.</p>",
+          "locationName": "instanceStorageInfo"
+        },
+        "EbsInfo": {
+          "shape": "EbsInfo",
+          "documentation": "<p>Describes the Amazon EBS settings for the instance type.</p>",
+          "locationName": "ebsInfo"
+        },
+        "NetworkInfo": {
+          "shape": "NetworkInfo",
+          "documentation": "<p>Describes the network settings for the instance type.</p>",
+          "locationName": "networkInfo"
+        },
+        "GpuInfo": {
+          "shape": "GpuInfo",
+          "documentation": "<p>Describes the GPU accelerator settings for the instance type.</p>",
+          "locationName": "gpuInfo"
+        },
+        "FpgaInfo": {
+          "shape": "FpgaInfo",
+          "documentation": "<p>Describes the FPGA accelerator settings for the instance type.</p>",
+          "locationName": "fpgaInfo"
+        },
+        "PlacementGroupInfo": {
+          "shape": "PlacementGroupInfo",
+          "documentation": "<p>Describes the placement group settings for the instance type.</p>",
+          "locationName": "placementGroupInfo"
+        },
+        "InferenceAcceleratorInfo": {
+          "shape": "InferenceAcceleratorInfo",
+          "documentation": "<p>Describes the Inference accelerator settings for the instance type.</p>",
+          "locationName": "inferenceAcceleratorInfo"
+        },
+        "HibernationSupported": {
+          "shape": "HibernationFlag",
+          "documentation": "<p>Indicates whether On-Demand hibernation is supported.</p>",
+          "locationName": "hibernationSupported"
+        },
+        "BurstablePerformanceSupported": {
+          "shape": "BurstablePerformanceFlag",
+          "documentation": "<p>Indicates whether the instance type is a burstable performance instance type.</p>",
+          "locationName": "burstablePerformanceSupported"
+        },
+        "DedicatedHostsSupported": {
+          "shape": "DedicatedHostFlag",
+          "documentation": "<p>Indicates whether Dedicated Hosts are supported on the instance type.</p>",
+          "locationName": "dedicatedHostsSupported"
+        },
+        "AutoRecoverySupported": {
+          "shape": "AutoRecoveryFlag",
+          "documentation": "<p>Indicates whether auto recovery is supported.</p>",
+          "locationName": "autoRecoverySupported"
+        }
+      },
+      "documentation": "<p>Describes the instance type.</p>"
+    },
+    "InstanceTypeInfoList": {
+      "type": "list",
+      "member": {
+        "shape": "InstanceTypeInfo",
+        "locationName": "item"
+      }
+    },
     "InstanceTypeList": {
       "type": "list",
       "member": {
         "shape": "InstanceType"
       }
     },
+    "InstanceTypeOffering": {
+      "type": "structure",
+      "members": {
+        "InstanceType": {
+          "shape": "InstanceType",
+          "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "instanceType"
+        },
+        "LocationType": {
+          "shape": "LocationType",
+          "documentation": "<p>The location type.</p>",
+          "locationName": "locationType"
+        },
+        "Location": {
+          "shape": "Location",
+          "documentation": "<p>The identifier for the location. This depends on the location type. For example, if the location type is <code>region</code>, the location is the Region code (for example, <code>us-east-2</code>.)</p>",
+          "locationName": "location"
+        }
+      },
+      "documentation": "<p>The instance types offered.</p>"
+    },
+    "InstanceTypeOfferingsList": {
+      "type": "list",
+      "member": {
+        "shape": "InstanceTypeOffering",
+        "locationName": "item"
+      }
+    },
+    "InstanceUsage": {
+      "type": "structure",
+      "members": {
+        "AccountId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account that is making use of the Capacity Reservation.</p>",
+          "locationName": "accountId"
+        },
+        "UsedInstanceCount": {
+          "shape": "Integer",
+          "documentation": "<p>The number of instances the AWS account currently has in the Capacity Reservation.</p>",
+          "locationName": "usedInstanceCount"
+        }
+      },
+      "documentation": "<p>Information about the Capacity Reservation usage.</p>"
+    },
+    "InstanceUsageSet": {
+      "type": "list",
+      "member": {
+        "shape": "InstanceUsage",
+        "locationName": "item"
+      }
+    },
     "Integer": {
       "type": "integer"
     },
@@ -20818,6 +25094,16 @@
         "locationName": "item"
       }
     },
+    "InternetGatewayId": {
+      "type": "string"
+    },
+    "InternetGatewayIdList": {
+      "type": "list",
+      "member": {
+        "shape": "InternetGatewayId",
+        "locationName": "item"
+      }
+    },
     "InternetGatewayList": {
       "type": "list",
       "member": {
@@ -20883,7 +25169,7 @@
         },
         "Description": {
           "shape": "String",
-          "documentation": "<p>A description for the security group rule that references this IPv4 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>",
+          "documentation": "<p>A description for the security group rule that references this IPv4 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&amp;;{}!$*</p>",
           "locationName": "description"
         }
       },
@@ -20903,6 +25189,9 @@
         "locationName": "item"
       }
     },
+    "Ipv4PoolEc2Id": {
+      "type": "string"
+    },
     "Ipv6Address": {
       "type": "string"
     },
@@ -20913,6 +25202,29 @@
         "locationName": "item"
       }
     },
+    "Ipv6CidrAssociation": {
+      "type": "structure",
+      "members": {
+        "Ipv6Cidr": {
+          "shape": "String",
+          "documentation": "<p>The IPv6 CIDR block.</p>",
+          "locationName": "ipv6Cidr"
+        },
+        "AssociatedResource": {
+          "shape": "String",
+          "documentation": "<p>The resource that's associated with the IPv6 CIDR block.</p>",
+          "locationName": "associatedResource"
+        }
+      },
+      "documentation": "<p>Describes an IPv6 CIDR block association.</p>"
+    },
+    "Ipv6CidrAssociationSet": {
+      "type": "list",
+      "member": {
+        "shape": "Ipv6CidrAssociation",
+        "locationName": "item"
+      }
+    },
     "Ipv6CidrBlock": {
       "type": "structure",
       "members": {
@@ -20931,6 +25243,57 @@
         "locationName": "item"
       }
     },
+    "Ipv6Flag": {
+      "type": "boolean"
+    },
+    "Ipv6Pool": {
+      "type": "structure",
+      "members": {
+        "PoolId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the address pool.</p>",
+          "locationName": "poolId"
+        },
+        "Description": {
+          "shape": "String",
+          "documentation": "<p>The description for the address pool.</p>",
+          "locationName": "description"
+        },
+        "PoolCidrBlocks": {
+          "shape": "PoolCidrBlocksSet",
+          "documentation": "<p>The CIDR blocks for the address pool.</p>",
+          "locationName": "poolCidrBlockSet"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags for the address pool.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes an IPv6 address pool.</p>"
+    },
+    "Ipv6PoolEc2Id": {
+      "type": "string"
+    },
+    "Ipv6PoolIdList": {
+      "type": "list",
+      "member": {
+        "shape": "Ipv6PoolEc2Id",
+        "locationName": "item"
+      }
+    },
+    "Ipv6PoolMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 1
+    },
+    "Ipv6PoolSet": {
+      "type": "list",
+      "member": {
+        "shape": "Ipv6Pool",
+        "locationName": "item"
+      }
+    },
     "Ipv6Range": {
       "type": "structure",
       "members": {
@@ -20941,7 +25304,7 @@
         },
         "Description": {
           "shape": "String",
-          "documentation": "<p>A description for the security group rule that references this IPv6 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>",
+          "documentation": "<p>A description for the security group rule that references this IPv6 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&amp;;{}!$*</p>",
           "locationName": "description"
         }
       },
@@ -20961,10 +25324,13 @@
         "disable"
       ]
     },
+    "KernelId": {
+      "type": "string"
+    },
     "KeyNameStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "KeyPairName",
         "locationName": "KeyName"
       }
     },
@@ -20977,7 +25343,7 @@
           "locationName": "keyFingerprint"
         },
         "KeyMaterial": {
-          "shape": "String",
+          "shape": "SensitiveUserData",
           "documentation": "<p>An unencrypted PEM encoded RSA private key.</p>",
           "locationName": "keyMaterial"
         },
@@ -20985,13 +25351,38 @@
           "shape": "String",
           "documentation": "<p>The name of the key pair.</p>",
           "locationName": "keyName"
+        },
+        "KeyPairId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the key pair.</p>",
+          "locationName": "keyPairId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags applied to the key pair.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes a key pair.</p>"
     },
+    "KeyPairId": {
+      "type": "string"
+    },
+    "KeyPairIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "KeyPairId",
+        "locationName": "KeyPairId"
+      }
+    },
     "KeyPairInfo": {
       "type": "structure",
       "members": {
+        "KeyPairId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the key pair.</p>",
+          "locationName": "keyPairId"
+        },
         "KeyFingerprint": {
           "shape": "String",
           "documentation": "<p>If you used <a>CreateKeyPair</a> to create the key pair, this is the SHA-1 digest of the DER encoded private key. If you used <a>ImportKeyPair</a> to provide AWS the public key, this is the MD5 public key fingerprint as specified in section 4 of RFC4716.</p>",
@@ -21001,6 +25392,11 @@
           "shape": "String",
           "documentation": "<p>The name of the key pair.</p>",
           "locationName": "keyName"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags applied to the key pair.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes a key pair.</p>"
@@ -21012,6 +25408,28 @@
         "locationName": "item"
       }
     },
+    "KeyPairName": {
+      "type": "string"
+    },
+    "KmsKeyId": {
+      "type": "string"
+    },
+    "LastError": {
+      "type": "structure",
+      "members": {
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The error message for the VPC endpoint error.</p>",
+          "locationName": "message"
+        },
+        "Code": {
+          "shape": "String",
+          "documentation": "<p>The error code for the VPC endpoint error.</p>",
+          "locationName": "code"
+        }
+      },
+      "documentation": "<p>The last error that occurred for a VPC endpoint.</p>"
+    },
     "LaunchPermission": {
       "type": "structure",
       "members": {
@@ -21333,7 +25751,7 @@
         },
         "ThreadsPerCore": {
           "shape": "Integer",
-          "documentation": "<p>The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.</p>"
+          "documentation": "<p>The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.</p>"
         }
       },
       "documentation": "<p>The CPU options for the instance. Both the core count and threads per core must be specified in the request.</p>"
@@ -21357,12 +25775,12 @@
           "locationName": "iops"
         },
         "KmsKeyId": {
-          "shape": "String",
+          "shape": "KmsKeyId",
           "documentation": "<p>The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.</p>",
           "locationName": "kmsKeyId"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the snapshot.</p>",
           "locationName": "snapshotId"
         },
@@ -21395,11 +25813,11 @@
           "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.</p>"
         },
         "KmsKeyId": {
-          "shape": "String",
-          "documentation": "<p>The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.</p>"
+          "shape": "KmsKeyId",
+          "documentation": "<p>The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the snapshot.</p>"
         },
         "VolumeSize": {
@@ -21422,10 +25840,18 @@
         "Type": {
           "shape": "String",
           "documentation": "<p> The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge. </p>"
+        },
+        "Count": {
+          "shape": "LaunchTemplateElasticInferenceAcceleratorCount",
+          "documentation": "<p> The number of elastic inference accelerators to attach to the instance. </p> <p>Default: 1</p>"
         }
       },
       "documentation": "<p> Describes an elastic inference accelerator. </p>"
     },
+    "LaunchTemplateElasticInferenceAcceleratorCount": {
+      "type": "integer",
+      "min": 1
+    },
     "LaunchTemplateElasticInferenceAcceleratorList": {
       "type": "list",
       "member": {
@@ -21440,6 +25866,11 @@
           "shape": "String",
           "documentation": "<p> The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge. </p>",
           "locationName": "type"
+        },
+        "Count": {
+          "shape": "Integer",
+          "documentation": "<p> The number of elastic inference accelerators to attach to the instance. </p> <p>Default: 1</p>",
+          "locationName": "count"
         }
       },
       "documentation": "<p> Describes an elastic inference accelerator. </p>"
@@ -21481,7 +25912,14 @@
           "documentation": "<p>If you set this parameter to <code>true</code>, the instance is enabled for hibernation.</p> <p>Default: <code>false</code> </p>"
         }
       },
-      "documentation": "<p>Indicates whether the instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux.</p>"
+      "documentation": "<p>Indicates whether the instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>.</p>"
+    },
+    "LaunchTemplateHttpTokensState": {
+      "type": "string",
+      "enum": [
+        "optional",
+        "required"
+      ]
     },
     "LaunchTemplateIamInstanceProfileSpecification": {
       "type": "structure",
@@ -21513,6 +25951,16 @@
       },
       "documentation": "<p>An IAM instance profile.</p>"
     },
+    "LaunchTemplateId": {
+      "type": "string"
+    },
+    "LaunchTemplateIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "LaunchTemplateId",
+        "locationName": "item"
+      }
+    },
     "LaunchTemplateInstanceMarketOptions": {
       "type": "structure",
       "members": {
@@ -21543,6 +25991,64 @@
       },
       "documentation": "<p>The market (purchasing) option for the instances.</p>"
     },
+    "LaunchTemplateInstanceMetadataEndpointState": {
+      "type": "string",
+      "enum": [
+        "disabled",
+        "enabled"
+      ]
+    },
+    "LaunchTemplateInstanceMetadataOptions": {
+      "type": "structure",
+      "members": {
+        "State": {
+          "shape": "LaunchTemplateInstanceMetadataOptionsState",
+          "documentation": "<p>The state of the metadata option changes.</p> <p> <code>pending</code> - The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.</p> <p> <code>applied</code> - The metadata options have been successfully applied on the instance.</p>",
+          "locationName": "state"
+        },
+        "HttpTokens": {
+          "shape": "LaunchTemplateHttpTokensState",
+          "documentation": "<p>The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is <code>optional</code>.</p> <p>If the state is <code>optional</code>, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.</p> <p>If the state is <code>required</code>, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.</p>",
+          "locationName": "httpTokens"
+        },
+        "HttpPutResponseHopLimit": {
+          "shape": "Integer",
+          "documentation": "<p>The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.</p> <p>Default: 1</p> <p>Possible values: Integers from 1 to 64</p>",
+          "locationName": "httpPutResponseHopLimit"
+        },
+        "HttpEndpoint": {
+          "shape": "LaunchTemplateInstanceMetadataEndpointState",
+          "documentation": "<p>This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is <code>enabled</code>.</p> <note> <p>If you specify a value of <code>disabled</code>, you will not be able to access your instance metadata. </p> </note>",
+          "locationName": "httpEndpoint"
+        }
+      },
+      "documentation": "<p>The metadata options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
+    "LaunchTemplateInstanceMetadataOptionsRequest": {
+      "type": "structure",
+      "members": {
+        "HttpTokens": {
+          "shape": "LaunchTemplateHttpTokensState",
+          "documentation": "<p>The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is <code>optional</code>.</p> <p>If the state is <code>optional</code>, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.</p> <p>If the state is <code>required</code>, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.</p>"
+        },
+        "HttpPutResponseHopLimit": {
+          "shape": "Integer",
+          "documentation": "<p>The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.</p> <p>Default: 1</p> <p>Possible values: Integers from 1 to 64</p>"
+        },
+        "HttpEndpoint": {
+          "shape": "LaunchTemplateInstanceMetadataEndpointState",
+          "documentation": "<p>This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is <code>enabled</code>.</p> <note> <p>If you specify a value of <code>disabled</code>, you will not be able to access your instance metadata. </p> </note>"
+        }
+      },
+      "documentation": "<p>The metadata options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+    },
+    "LaunchTemplateInstanceMetadataOptionsState": {
+      "type": "string",
+      "enum": [
+        "pending",
+        "applied"
+      ]
+    },
     "LaunchTemplateInstanceNetworkInterfaceSpecification": {
       "type": "structure",
       "members": {
@@ -21587,7 +26093,7 @@
           "locationName": "ipv6AddressesSet"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
@@ -21607,7 +26113,7 @@
           "locationName": "secondaryPrivateIpAddressCount"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet for the network interface.</p>",
           "locationName": "subnetId"
         }
@@ -21658,7 +26164,7 @@
           "documentation": "<p>One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.</p>"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>"
         },
         "PrivateIpAddress": {
@@ -21674,7 +26180,7 @@
           "documentation": "<p>The number of secondary private IPv4 addresses to assign to a network interface.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet for the network interface.</p>"
         }
       },
@@ -21810,6 +26316,16 @@
           "shape": "String",
           "documentation": "<p>Reserved for future use.</p>",
           "locationName": "spreadDomain"
+        },
+        "HostResourceGroupArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of the host resource group in which to launch the instances. </p>",
+          "locationName": "hostResourceGroupArn"
+        },
+        "PartitionNumber": {
+          "shape": "Integer",
+          "documentation": "<p>The number of the partition the instance should launch in. Valid only if the placement group strategy is set to <code>partition</code>.</p>",
+          "locationName": "partitionNumber"
         }
       },
       "documentation": "<p>Describes the placement of an instance.</p>"
@@ -21826,11 +26342,11 @@
           "documentation": "<p>The affinity setting for an instance on a Dedicated Host.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "PlacementGroupName",
           "documentation": "<p>The name of the placement group for the instance.</p>"
         },
         "HostId": {
-          "shape": "String",
+          "shape": "DedicatedHostId",
           "documentation": "<p>The ID of the Dedicated Host for the instance.</p>"
         },
         "Tenancy": {
@@ -21840,6 +26356,14 @@
         "SpreadDomain": {
           "shape": "String",
           "documentation": "<p>Reserved for future use.</p>"
+        },
+        "HostResourceGroupArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the <b>Tenancy</b> parameter or set it to <code>host</code>.</p>"
+        },
+        "PartitionNumber": {
+          "shape": "Integer",
+          "documentation": "<p>The number of the partition the instance should launch in. Valid only if the placement group strategy is set to <code>partition</code>.</p>"
         }
       },
       "documentation": "<p>Describes the placement of an instance.</p>"
@@ -21855,7 +26379,7 @@
       "type": "structure",
       "members": {
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template.</p>"
         },
         "LaunchTemplateName": {
@@ -22172,6 +26696,385 @@
       },
       "documentation": "<p>Describes a load permission.</p>"
     },
+    "LocalGateway": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayId": {
+          "shape": "LocalGatewayId",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the AWS account ID that owns the local gateway.</p>",
+          "locationName": "ownerId"
+        },
+        "State": {
+          "shape": "String",
+          "documentation": "<p>The state of the local gateway.</p>",
+          "locationName": "state"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the local gateway.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes a local gateway.</p>"
+    },
+    "LocalGatewayId": {
+      "type": "string"
+    },
+    "LocalGatewayIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayMaxResults": {
+      "type": "integer",
+      "max": 1000,
+      "min": 5
+    },
+    "LocalGatewayRoute": {
+      "type": "structure",
+      "members": {
+        "DestinationCidrBlock": {
+          "shape": "String",
+          "documentation": "<p>The CIDR block used for destination matches.</p>",
+          "locationName": "destinationCidrBlock"
+        },
+        "LocalGatewayVirtualInterfaceGroupId": {
+          "shape": "LocalGatewayVirtualInterfaceGroupId",
+          "documentation": "<p>The ID of the virtual interface group.</p>",
+          "locationName": "localGatewayVirtualInterfaceGroupId"
+        },
+        "Type": {
+          "shape": "LocalGatewayRouteType",
+          "documentation": "<p>The route type.</p>",
+          "locationName": "type"
+        },
+        "State": {
+          "shape": "LocalGatewayRouteState",
+          "documentation": "<p>The state of the route.</p>",
+          "locationName": "state"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        }
+      },
+      "documentation": "<p>Describes a route for a local gateway route table.</p>"
+    },
+    "LocalGatewayRouteList": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRoute",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteState": {
+      "type": "string",
+      "enum": [
+        "pending",
+        "active",
+        "blackhole",
+        "deleting",
+        "deleted"
+      ]
+    },
+    "LocalGatewayRouteTable": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        },
+        "LocalGatewayId": {
+          "shape": "LocalGatewayId",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
+        "State": {
+          "shape": "String",
+          "documentation": "<p>The state of the local gateway route table.</p>",
+          "locationName": "state"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the local gateway route table.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes a local gateway route table.</p>"
+    },
+    "LocalGatewayRouteTableIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRoutetableId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteTableSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRouteTable",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": {
+          "shape": "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId",
+          "documentation": "<p>The ID of the association.</p>",
+          "locationName": "localGatewayRouteTableVirtualInterfaceGroupAssociationId"
+        },
+        "LocalGatewayVirtualInterfaceGroupId": {
+          "shape": "LocalGatewayVirtualInterfaceGroupId",
+          "documentation": "<p>The ID of the virtual interface group.</p>",
+          "locationName": "localGatewayVirtualInterfaceGroupId"
+        },
+        "LocalGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayId",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        },
+        "State": {
+          "shape": "String",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "state"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the association.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes an association between a local gateway route table and a virtual interface group.</p>"
+    },
+    "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": {
+      "type": "string"
+    },
+    "LocalGatewayRouteTableVirtualInterfaceGroupAssociationIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteTableVirtualInterfaceGroupAssociationSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRouteTableVirtualInterfaceGroupAssociation",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteTableVpcAssociation": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayRouteTableVpcAssociationId": {
+          "shape": "LocalGatewayRouteTableVpcAssociationId",
+          "documentation": "<p>The ID of the association.</p>",
+          "locationName": "localGatewayRouteTableVpcAssociationId"
+        },
+        "LocalGatewayRouteTableId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway route table.</p>",
+          "locationName": "localGatewayRouteTableId"
+        },
+        "LocalGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "VpcId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the VPC.</p>",
+          "locationName": "vpcId"
+        },
+        "State": {
+          "shape": "String",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "state"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the association.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes an association between a local gateway route table and a VPC.</p>"
+    },
+    "LocalGatewayRouteTableVpcAssociationId": {
+      "type": "string"
+    },
+    "LocalGatewayRouteTableVpcAssociationIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRouteTableVpcAssociationId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteTableVpcAssociationSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayRouteTableVpcAssociation",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayRouteType": {
+      "type": "string",
+      "enum": [
+        "static",
+        "propagated"
+      ]
+    },
+    "LocalGatewayRoutetableId": {
+      "type": "string"
+    },
+    "LocalGatewaySet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGateway",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayVirtualInterface": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaceId": {
+          "shape": "LocalGatewayVirtualInterfaceId",
+          "documentation": "<p>The ID of the virtual interface.</p>",
+          "locationName": "localGatewayVirtualInterfaceId"
+        },
+        "LocalGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "Vlan": {
+          "shape": "Integer",
+          "documentation": "<p>The ID of the VLAN.</p>",
+          "locationName": "vlan"
+        },
+        "LocalAddress": {
+          "shape": "String",
+          "documentation": "<p>The local address.</p>",
+          "locationName": "localAddress"
+        },
+        "PeerAddress": {
+          "shape": "String",
+          "documentation": "<p>The peer address.</p>",
+          "locationName": "peerAddress"
+        },
+        "LocalBgpAsn": {
+          "shape": "Integer",
+          "documentation": "<p>The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local gateway.</p>",
+          "locationName": "localBgpAsn"
+        },
+        "PeerBgpAsn": {
+          "shape": "Integer",
+          "documentation": "<p>The peer BGP ASN.</p>",
+          "locationName": "peerBgpAsn"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the virtual interface.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes a local gateway virtual interface.</p>"
+    },
+    "LocalGatewayVirtualInterfaceGroup": {
+      "type": "structure",
+      "members": {
+        "LocalGatewayVirtualInterfaceGroupId": {
+          "shape": "LocalGatewayVirtualInterfaceGroupId",
+          "documentation": "<p>The ID of the virtual interface group.</p>",
+          "locationName": "localGatewayVirtualInterfaceGroupId"
+        },
+        "LocalGatewayVirtualInterfaceIds": {
+          "shape": "LocalGatewayVirtualInterfaceIdSet",
+          "documentation": "<p>The IDs of the virtual interfaces.</p>",
+          "locationName": "localGatewayVirtualInterfaceIdSet"
+        },
+        "LocalGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags assigned to the virtual interface group.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes a local gateway virtual interface group.</p>"
+    },
+    "LocalGatewayVirtualInterfaceGroupId": {
+      "type": "string"
+    },
+    "LocalGatewayVirtualInterfaceGroupIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayVirtualInterfaceGroupId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayVirtualInterfaceGroupSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayVirtualInterfaceGroup",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayVirtualInterfaceId": {
+      "type": "string"
+    },
+    "LocalGatewayVirtualInterfaceIdSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayVirtualInterfaceId",
+        "locationName": "item"
+      }
+    },
+    "LocalGatewayVirtualInterfaceSet": {
+      "type": "list",
+      "member": {
+        "shape": "LocalGatewayVirtualInterface",
+        "locationName": "item"
+      }
+    },
+    "Location": {
+      "type": "string"
+    },
+    "LocationType": {
+      "type": "string",
+      "enum": [
+        "region",
+        "availability-zone",
+        "availability-zone-id"
+      ]
+    },
     "LogDestinationType": {
       "type": "string",
       "enum": [
@@ -22188,14 +27091,80 @@
         "spot"
       ]
     },
+    "MaxIpv4AddrPerInterface": {
+      "type": "integer"
+    },
+    "MaxIpv6AddrPerInterface": {
+      "type": "integer"
+    },
+    "MaxNetworkInterfaces": {
+      "type": "integer"
+    },
     "MaxResults": {
-      "type": "integer",
-      "max": 255,
-      "min": 5
+      "type": "integer"
+    },
+    "MembershipType": {
+      "type": "string",
+      "enum": [
+        "static",
+        "igmp"
+      ]
+    },
+    "MemoryInfo": {
+      "type": "structure",
+      "members": {
+        "SizeInMiB": {
+          "shape": "MemorySize",
+          "documentation": "<p>Size of the memory, in MiB.</p>",
+          "locationName": "sizeInMiB"
+        }
+      },
+      "documentation": "<p>Describes the memory for the instance type.</p>"
+    },
+    "MemorySize": {
+      "type": "long"
     },
     "MillisecondDateTime": {
       "type": "timestamp"
     },
+    "ModifyAvailabilityZoneGroupRequest": {
+      "type": "structure",
+      "required": [
+        "GroupName",
+        "OptInStatus"
+      ],
+      "members": {
+        "GroupName": {
+          "shape": "String",
+          "documentation": "<p>The name of the Availability Zone Group.</p>"
+        },
+        "OptInStatus": {
+          "shape": "ModifyAvailabilityZoneOptInStatus",
+          "documentation": "<p>Indicates whether to enable or disable membership. The valid values are <code>opted-in</code>. You must contact <a href=\"https://console.aws.amazon.com/support/home#/case/create%3FissueType=customer-service%26serviceCode=general-info%26getting-started%26categoryCode=using-aws%26services\">AWS Support</a> to disable an Availability Zone group.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "ModifyAvailabilityZoneGroupResult": {
+      "type": "structure",
+      "members": {
+        "Return": {
+          "shape": "Boolean",
+          "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>",
+          "locationName": "return"
+        }
+      }
+    },
+    "ModifyAvailabilityZoneOptInStatus": {
+      "type": "string",
+      "enum": [
+        "opted-in",
+        "not-opted-in"
+      ]
+    },
     "ModifyCapacityReservationRequest": {
       "type": "structure",
       "required": [
@@ -22203,7 +27172,7 @@
       ],
       "members": {
         "CapacityReservationId": {
-          "shape": "String",
+          "shape": "CapacityReservationId",
           "documentation": "<p>The ID of the Capacity Reservation.</p>"
         },
         "InstanceCount": {
@@ -22229,7 +27198,7 @@
       "members": {
         "Return": {
           "shape": "Boolean",
-          "documentation": "<p>Information about the Capacity Reservation.</p>",
+          "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>",
           "locationName": "return"
         }
       }
@@ -22241,7 +27210,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint to modify.</p>"
         },
         "ServerCertificateArn": {
@@ -22256,13 +27225,30 @@
           "shape": "DnsServersOptionsModifyStructure",
           "documentation": "<p>Information about the DNS servers to be used by Client VPN connections. A Client VPN endpoint can have up to two DNS servers.</p>"
         },
+        "VpnPort": {
+          "shape": "Integer",
+          "documentation": "<p>The port number to assign to the Client VPN endpoint for TCP and UDP traffic.</p> <p>Valid Values: <code>443</code> | <code>1194</code> </p> <p>Default Value: <code>443</code> </p>"
+        },
         "Description": {
           "shape": "String",
           "documentation": "<p>A brief description of the Client VPN endpoint.</p>"
         },
+        "SplitTunnel": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether the VPN is split-tunnel.</p> <p>For information about split-tunnel VPN endpoints, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html\">Split-Tunnel AWS Client VPN Endpoint</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "SecurityGroupIds": {
+          "shape": "ClientVpnSecurityGroupIdSet",
+          "documentation": "<p>The IDs of one or more security groups to apply to the target network.</p>",
+          "locationName": "SecurityGroupId"
+        },
+        "VpcId": {
+          "shape": "VpcId",
+          "documentation": "<p>The ID of the VPC to associate with the Client VPN endpoint.</p>"
         }
       }
     },
@@ -22276,6 +27262,37 @@
         }
       }
     },
+    "ModifyDefaultCreditSpecificationRequest": {
+      "type": "structure",
+      "required": [
+        "InstanceFamily",
+        "CpuCredits"
+      ],
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "InstanceFamily": {
+          "shape": "UnlimitedSupportedInstanceFamily",
+          "documentation": "<p>The instance family.</p>"
+        },
+        "CpuCredits": {
+          "shape": "String",
+          "documentation": "<p>The credit option for CPU usage of the instance family.</p> <p>Valid Values: <code>standard</code> | <code>unlimited</code> </p>"
+        }
+      }
+    },
+    "ModifyDefaultCreditSpecificationResult": {
+      "type": "structure",
+      "members": {
+        "InstanceFamilyCreditSpecification": {
+          "shape": "InstanceFamilyCreditSpecification",
+          "documentation": "<p>The default credit option for CPU usage of the instance family.</p>",
+          "locationName": "instanceFamilyCreditSpecification"
+        }
+      }
+    },
     "ModifyEbsDefaultKmsKeyIdRequest": {
       "type": "structure",
       "required": [
@@ -22283,8 +27300,8 @@
       ],
       "members": {
         "KmsKeyId": {
-          "shape": "String",
-          "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>"
+          "shape": "KmsKeyId",
+          "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p> <p>Amazon EBS does not support asymmetric CMKs.</p>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -22318,7 +27335,7 @@
           "documentation": "<p>Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.</p>"
         },
         "FleetId": {
-          "shape": "FleetIdentifier",
+          "shape": "FleetId",
           "documentation": "<p>The ID of the EC2 Fleet.</p>"
         },
         "TargetCapacitySpecification": {
@@ -22348,7 +27365,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "FpgaImageId": {
-          "shape": "String",
+          "shape": "FpgaImageId",
           "documentation": "<p>The ID of the AFI.</p>"
         },
         "Attribute": {
@@ -22417,6 +27434,14 @@
         "HostRecovery": {
           "shape": "HostRecovery",
           "documentation": "<p>Indicates whether to enable or disable host recovery for the Dedicated Host. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html\"> Host Recovery</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+        },
+        "InstanceType": {
+          "shape": "String",
+          "documentation": "<p>Specifies the instance type to be supported by the Dedicated Host. Specify this parameter to modify a Dedicated Host to support only a specific instance type.</p> <p>If you want to modify a Dedicated Host to support multiple instance types in its current instance family, omit this parameter and specify <b>InstanceFamily</b> instead. You cannot specify <b>InstanceType</b> and <b>InstanceFamily</b> in the same request.</p>"
+        },
+        "InstanceFamily": {
+          "shape": "String",
+          "documentation": "<p>Specifies the instance family to be supported by the Dedicated Host. Specify this parameter to modify a Dedicated Host to support multiple instance types within its current instance family.</p> <p>If you want to modify a Dedicated Host to support a specific instance type only, omit this parameter and specify <b>InstanceType</b> instead. You cannot specify <b>InstanceFamily</b> and <b>InstanceType</b> in the same request.</p>"
         }
       }
     },
@@ -22492,7 +27517,7 @@
           "documentation": "<p>A new description for the AMI.</p>"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>"
         },
         "LaunchPermission": {
@@ -22576,7 +27601,7 @@
           "locationName": "GroupId"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         },
@@ -22625,7 +27650,7 @@
       ],
       "members": {
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance to be modified.</p>"
         },
         "CapacityReservationSpecification": {
@@ -22697,7 +27722,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance with the scheduled event.</p>"
         },
         "InstanceEventId": {
@@ -22719,6 +27744,49 @@
         }
       }
     },
+    "ModifyInstanceMetadataOptionsRequest": {
+      "type": "structure",
+      "required": [
+        "InstanceId"
+      ],
+      "members": {
+        "InstanceId": {
+          "shape": "InstanceId",
+          "documentation": "<p>The ID of the instance.</p>"
+        },
+        "HttpTokens": {
+          "shape": "HttpTokensState",
+          "documentation": "<p>The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is <code>optional</code>.</p> <p>If the state is <code>optional</code>, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.</p> <p>If the state is <code>required</code>, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credential always returns the version 2.0 credentials; the version 1.0 credentials are not available.</p>"
+        },
+        "HttpPutResponseHopLimit": {
+          "shape": "Integer",
+          "documentation": "<p>The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. If no parameter is specified, the existing state is maintained.</p> <p>Possible values: Integers from 1 to 64</p>"
+        },
+        "HttpEndpoint": {
+          "shape": "InstanceMetadataEndpointState",
+          "documentation": "<p>This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the existing state is maintained.</p> <note> <p>If you specify a value of <code>disabled</code>, you will not be able to access your instance metadata.</p> </note>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "ModifyInstanceMetadataOptionsResult": {
+      "type": "structure",
+      "members": {
+        "InstanceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the instance.</p>",
+          "locationName": "instanceId"
+        },
+        "InstanceMetadataOptions": {
+          "shape": "InstanceMetadataOptionsResponse",
+          "documentation": "<p>The metadata options for the instance.</p>",
+          "locationName": "instanceMetadataOptions"
+        }
+      }
+    },
     "ModifyInstancePlacementRequest": {
       "type": "structure",
       "required": [
@@ -22731,16 +27799,16 @@
           "locationName": "affinity"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "PlacementGroupName",
           "documentation": "<p>The name of the placement group in which to place the instance. For spread placement groups, the instance must have a tenancy of <code>default</code>. For cluster and partition placement groups, the instance must have a tenancy of <code>default</code> or <code>dedicated</code>.</p> <p>To remove an instance from a placement group, specify an empty string (\"\").</p>"
         },
         "HostId": {
-          "shape": "String",
+          "shape": "DedicatedHostId",
           "documentation": "<p>The ID of the Dedicated Host with which to associate the instance.</p>",
           "locationName": "hostId"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance that you are modifying.</p>",
           "locationName": "instanceId"
         },
@@ -22752,6 +27820,10 @@
         "PartitionNumber": {
           "shape": "Integer",
           "documentation": "<p>Reserved for future use.</p>"
+        },
+        "HostResourceGroupArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of the host resource group in which to place the instance.</p>"
         }
       }
     },
@@ -22777,7 +27849,7 @@
           "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraint: Maximum 128 ASCII characters.</p>"
         },
         "LaunchTemplateId": {
-          "shape": "String",
+          "shape": "LaunchTemplateId",
           "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>"
         },
         "LaunchTemplateName": {
@@ -22828,7 +27900,7 @@
           "locationName": "SecurityGroupId"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
@@ -22900,7 +27972,7 @@
           "documentation": "<p>The type of operation to perform to the attribute.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the snapshot.</p>"
         },
         "UserIds": {
@@ -22913,8 +27985,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for ModifySnapshotAttribute.</p>"
+      }
     },
     "ModifySpotFleetRequestRequest": {
       "type": "structure",
@@ -22928,7 +27999,7 @@
           "locationName": "excessCapacityTerminationPolicy"
         },
         "SpotFleetRequestId": {
-          "shape": "String",
+          "shape": "SpotFleetRequestId",
           "documentation": "<p>The ID of the Spot Fleet request.</p>",
           "locationName": "spotFleetRequestId"
         },
@@ -22936,6 +28007,10 @@
           "shape": "Integer",
           "documentation": "<p>The size of the fleet.</p>",
           "locationName": "targetCapacity"
+        },
+        "OnDemandTargetCapacity": {
+          "shape": "Integer",
+          "documentation": "<p>The number of On-Demand Instances in the fleet.</p>"
         }
       },
       "documentation": "<p>Contains the parameters for ModifySpotFleetRequest.</p>"
@@ -22963,12 +28038,20 @@
         },
         "MapPublicIpOnLaunch": {
           "shape": "AttributeBooleanValue",
-          "documentation": "<p>Specify <code>true</code> to indicate that ENIs attached to instances created in the specified subnet should be assigned a public IPv4 address.</p>"
+          "documentation": "<p>Specify <code>true</code> to indicate that network interfaces attached to instances created in the specified subnet should be assigned a public IPv4 address.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet.</p>",
           "locationName": "subnetId"
+        },
+        "MapCustomerOwnedIpOnLaunch": {
+          "shape": "AttributeBooleanValue",
+          "documentation": "<p>Specify <code>true</code> to indicate that network interfaces attached to instances created in the specified subnet should be assigned a customer-owned IPv4 address.</p> <p>When this value is <code>true</code>, you must specify the customer-owned IP pool using <code>CustomerOwnedIpv4Pool</code>.</p>"
+        },
+        "CustomerOwnedIpv4Pool": {
+          "shape": "CoipPoolId",
+          "documentation": "<p>The customer-owned IPv4 address pool associated with the subnet.</p> <p>You must set this value when you specify <code>true</code> for <code>MapCustomerOwnedIpOnLaunch</code>.</p>"
         }
       }
     },
@@ -22979,7 +28062,7 @@
       ],
       "members": {
         "TrafficMirrorFilterId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterId",
           "documentation": "<p>The ID of the Traffic Mirror filter.</p>"
         },
         "AddNetworkServices": {
@@ -23015,7 +28098,7 @@
       ],
       "members": {
         "TrafficMirrorFilterRuleId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterRuleId",
           "documentation": "<p>The ID of the Traffic Mirror rule.</p>"
         },
         "TrafficDirection": {
@@ -23082,15 +28165,15 @@
       ],
       "members": {
         "TrafficMirrorSessionId": {
-          "shape": "String",
+          "shape": "TrafficMirrorSessionId",
           "documentation": "<p>The ID of the Traffic Mirror session.</p>"
         },
         "TrafficMirrorTargetId": {
-          "shape": "String",
+          "shape": "TrafficMirrorTargetId",
           "documentation": "<p>The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.</p>"
         },
         "TrafficMirrorFilterId": {
-          "shape": "String",
+          "shape": "TrafficMirrorFilterId",
           "documentation": "<p>The ID of the Traffic Mirror filter.</p>"
         },
         "PacketLength": {
@@ -23137,20 +28220,20 @@
       ],
       "members": {
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "AddSubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "TransitGatewaySubnetIdList",
           "documentation": "<p>The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.</p>"
         },
         "RemoveSubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "TransitGatewaySubnetIdList",
           "documentation": "<p>The IDs of one or more subnets to remove.</p>"
         },
         "Options": {
           "shape": "ModifyTransitGatewayVpcAttachmentRequestOptions",
-          "documentation": "<p>The new VPC attachment options.</p>"
+          "documentation": "<p>The new VPC attachment options.</p> <note> <p>You cannot modify the IPv6 options.</p> </note>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -23193,7 +28276,7 @@
           "documentation": "<p>Indicates whether the volume should be auto-enabled for I/O operations.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>"
         },
         "DryRun": {
@@ -23201,8 +28284,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for ModifyVolumeAttribute.</p>"
+      }
     },
     "ModifyVolumeRequest": {
       "type": "structure",
@@ -23215,7 +28297,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "VolumeId": {
-          "shape": "String",
+          "shape": "VolumeId",
           "documentation": "<p>The ID of the volume.</p>"
         },
         "Size": {
@@ -23257,7 +28339,7 @@
           "documentation": "<p>Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled.</p> <p>You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.</p>"
         },
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>",
           "locationName": "vpcId"
         }
@@ -23274,7 +28356,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ConnectionNotificationId": {
-          "shape": "String",
+          "shape": "ConnectionNotificationId",
           "documentation": "<p>The ID of the notification.</p>"
         },
         "ConnectionNotificationArn": {
@@ -23308,7 +28390,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "VpcEndpointId": {
-          "shape": "String",
+          "shape": "VpcEndpointId",
           "documentation": "<p>The ID of the endpoint.</p>"
         },
         "ResetPolicy": {
@@ -23317,41 +28399,41 @@
         },
         "PolicyDocument": {
           "shape": "String",
-          "documentation": "<p>A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.</p>"
+          "documentation": "<p>A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format.</p>"
         },
         "AddRouteTableIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointRouteTableIdList",
           "documentation": "<p>(Gateway endpoint) One or more route tables IDs to associate with the endpoint.</p>",
           "locationName": "AddRouteTableId"
         },
         "RemoveRouteTableIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointRouteTableIdList",
           "documentation": "<p>(Gateway endpoint) One or more route table IDs to disassociate from the endpoint.</p>",
           "locationName": "RemoveRouteTableId"
         },
         "AddSubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSubnetIdList",
           "documentation": "<p>(Interface endpoint) One or more subnet IDs in which to serve the endpoint.</p>",
           "locationName": "AddSubnetId"
         },
         "RemoveSubnetIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSubnetIdList",
           "documentation": "<p>(Interface endpoint) One or more subnets IDs in which to remove the endpoint.</p>",
           "locationName": "RemoveSubnetId"
         },
         "AddSecurityGroupIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSecurityGroupIdList",
           "documentation": "<p>(Interface endpoint) One or more security group IDs to associate with the network interface.</p>",
           "locationName": "AddSecurityGroupId"
         },
         "RemoveSecurityGroupIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointSecurityGroupIdList",
           "documentation": "<p>(Interface endpoint) One or more security group IDs to disassociate from the network interface.</p>",
           "locationName": "RemoveSecurityGroupId"
         },
         "PrivateDnsEnabled": {
           "shape": "Boolean",
-          "documentation": "<p>(Interface endpoint) Indicate whether a private hosted zone is associated with the VPC.</p>"
+          "documentation": "<p>(Interface endpoint) Indicates whether a private hosted zone is associated with the VPC.</p>"
         }
       },
       "documentation": "<p>Contains the parameters for ModifyVpcEndpoint.</p>"
@@ -23377,12 +28459,20 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
+          "shape": "VpcEndpointServiceId",
           "documentation": "<p>The ID of the service.</p>"
         },
+        "PrivateDnsName": {
+          "shape": "String",
+          "documentation": "<p>The private DNS name to assign to the endpoint service.</p>"
+        },
+        "RemovePrivateDnsName": {
+          "shape": "Boolean",
+          "documentation": "<p>Removes the private DNS name of the endpoint service.</p>"
+        },
         "AcceptanceRequired": {
           "shape": "Boolean",
-          "documentation": "<p>Indicate whether requests to create an endpoint to your service must be accepted.</p>"
+          "documentation": "<p>Indicates whether requests to create an endpoint to your service must be accepted.</p>"
         },
         "AddNetworkLoadBalancerArns": {
           "shape": "ValueStringList",
@@ -23417,7 +28507,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
+          "shape": "VpcEndpointServiceId",
           "documentation": "<p>The ID of the service.</p>"
         },
         "AddAllowedPrincipals": {
@@ -23459,7 +28549,7 @@
           "documentation": "<p>The VPC peering connection options for the requester VPC.</p>"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of the VPC peering connection.</p>"
         }
       }
@@ -23487,7 +28577,7 @@
       ],
       "members": {
         "VpcId": {
-          "shape": "String",
+          "shape": "VpcId",
           "documentation": "<p>The ID of the VPC.</p>"
         },
         "InstanceTenancy": {
@@ -23517,15 +28607,19 @@
       ],
       "members": {
         "VpnConnectionId": {
-          "shape": "String",
+          "shape": "VpnConnectionId",
           "documentation": "<p>The ID of the VPN connection.</p>"
         },
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of the transit gateway.</p>"
         },
+        "CustomerGatewayId": {
+          "shape": "CustomerGatewayId",
+          "documentation": "<p>The ID of the customer gateway at your end of the VPN connection.</p>"
+        },
         "VpnGatewayId": {
-          "shape": "String",
+          "shape": "VpnGatewayId",
           "documentation": "<p>The ID of the virtual private gateway at the AWS side of the VPN connection.</p>"
         },
         "DryRun": {
@@ -23543,6 +28637,144 @@
         }
       }
     },
+    "ModifyVpnTunnelCertificateRequest": {
+      "type": "structure",
+      "required": [
+        "VpnConnectionId",
+        "VpnTunnelOutsideIpAddress"
+      ],
+      "members": {
+        "VpnConnectionId": {
+          "shape": "VpnConnectionId",
+          "documentation": "<p>The ID of the AWS Site-to-Site VPN connection.</p>"
+        },
+        "VpnTunnelOutsideIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The external IP address of the VPN tunnel.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "ModifyVpnTunnelCertificateResult": {
+      "type": "structure",
+      "members": {
+        "VpnConnection": {
+          "shape": "VpnConnection",
+          "locationName": "vpnConnection"
+        }
+      }
+    },
+    "ModifyVpnTunnelOptionsRequest": {
+      "type": "structure",
+      "required": [
+        "VpnConnectionId",
+        "VpnTunnelOutsideIpAddress",
+        "TunnelOptions"
+      ],
+      "members": {
+        "VpnConnectionId": {
+          "shape": "VpnConnectionId",
+          "documentation": "<p>The ID of the AWS Site-to-Site VPN connection.</p>"
+        },
+        "VpnTunnelOutsideIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The external IP address of the VPN tunnel.</p>"
+        },
+        "TunnelOptions": {
+          "shape": "ModifyVpnTunnelOptionsSpecification",
+          "documentation": "<p>The tunnel options to modify.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "ModifyVpnTunnelOptionsResult": {
+      "type": "structure",
+      "members": {
+        "VpnConnection": {
+          "shape": "VpnConnection",
+          "locationName": "vpnConnection"
+        }
+      }
+    },
+    "ModifyVpnTunnelOptionsSpecification": {
+      "type": "structure",
+      "members": {
+        "TunnelInsideCidr": {
+          "shape": "String",
+          "documentation": "<p>The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. </p> <p>Constraints: A size /30 CIDR block from the <code>169.254.0.0/16</code> range. The following CIDR blocks are reserved and cannot be used:</p> <ul> <li> <p> <code>169.254.0.0/30</code> </p> </li> <li> <p> <code>169.254.1.0/30</code> </p> </li> <li> <p> <code>169.254.2.0/30</code> </p> </li> <li> <p> <code>169.254.3.0/30</code> </p> </li> <li> <p> <code>169.254.4.0/30</code> </p> </li> <li> <p> <code>169.254.5.0/30</code> </p> </li> <li> <p> <code>169.254.169.252/30</code> </p> </li> </ul>"
+        },
+        "PreSharedKey": {
+          "shape": "String",
+          "documentation": "<p>The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.</p> <p>Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).</p>"
+        },
+        "Phase1LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 1 of the IKE negotiation, in seconds.</p> <p>Constraints: A value between 900 and 28,800.</p> <p>Default: <code>28800</code> </p>"
+        },
+        "Phase2LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 2 of the IKE negotiation, in seconds.</p> <p>Constraints: A value between 900 and 3,600. The value must be less than the value for <code>Phase1LifetimeSeconds</code>.</p> <p>Default: <code>3600</code> </p>"
+        },
+        "RekeyMarginTimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for <code>RekeyFuzzPercentage</code>.</p> <p>Constraints: A value between 60 and half of <code>Phase2LifetimeSeconds</code>.</p> <p>Default: <code>540</code> </p>"
+        },
+        "RekeyFuzzPercentage": {
+          "shape": "Integer",
+          "documentation": "<p>The percentage of the rekey window (determined by <code>RekeyMarginTimeSeconds</code>) during which the rekey time is randomly selected.</p> <p>Constraints: A value between 0 and 100.</p> <p>Default: <code>100</code> </p>"
+        },
+        "ReplayWindowSize": {
+          "shape": "Integer",
+          "documentation": "<p>The number of packets in an IKE replay window.</p> <p>Constraints: A value between 64 and 2048.</p> <p>Default: <code>1024</code> </p>"
+        },
+        "DPDTimeoutSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The number of seconds after which a DPD timeout occurs.</p> <p>Constraints: A value between 0 and 30.</p> <p>Default: <code>30</code> </p>"
+        },
+        "Phase1EncryptionAlgorithms": {
+          "shape": "Phase1EncryptionAlgorithmsRequestList",
+          "documentation": "<p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>AES128</code> | <code>AES256</code> </p>",
+          "locationName": "Phase1EncryptionAlgorithm"
+        },
+        "Phase2EncryptionAlgorithms": {
+          "shape": "Phase2EncryptionAlgorithmsRequestList",
+          "documentation": "<p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>AES128</code> | <code>AES256</code> </p>",
+          "locationName": "Phase2EncryptionAlgorithm"
+        },
+        "Phase1IntegrityAlgorithms": {
+          "shape": "Phase1IntegrityAlgorithmsRequestList",
+          "documentation": "<p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> </p>",
+          "locationName": "Phase1IntegrityAlgorithm"
+        },
+        "Phase2IntegrityAlgorithms": {
+          "shape": "Phase2IntegrityAlgorithmsRequestList",
+          "documentation": "<p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> </p>",
+          "locationName": "Phase2IntegrityAlgorithm"
+        },
+        "Phase1DHGroupNumbers": {
+          "shape": "Phase1DHGroupNumbersRequestList",
+          "documentation": "<p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>2</code> | <code>14</code> | <code>15</code> | <code>16</code> | <code>17</code> | <code>18</code> | <code>22</code> | <code>23</code> | <code>24</code> </p>",
+          "locationName": "Phase1DHGroupNumber"
+        },
+        "Phase2DHGroupNumbers": {
+          "shape": "Phase2DHGroupNumbersRequestList",
+          "documentation": "<p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>2</code> | <code>5</code> | <code>14</code> | <code>15</code> | <code>16</code> | <code>17</code> | <code>18</code> | <code>22</code> | <code>23</code> | <code>24</code> </p>",
+          "locationName": "Phase2DHGroupNumber"
+        },
+        "IKEVersions": {
+          "shape": "IKEVersionsRequestList",
+          "documentation": "<p>The IKE versions that are permitted for the VPN tunnel.</p> <p>Valid values: <code>ikev1</code> | <code>ikev2</code> </p>",
+          "locationName": "IKEVersion"
+        }
+      },
+      "documentation": "<p>The AWS Site-to-Site VPN tunnel options to modify.</p>"
+    },
     "MonitorInstancesRequest": {
       "type": "structure",
       "required": [
@@ -23654,6 +28886,13 @@
         "locationName": "item"
       }
     },
+    "MulticastSupportValue": {
+      "type": "string",
+      "enum": [
+        "enable",
+        "disable"
+      ]
+    },
     "NatGateway": {
       "type": "structure",
       "members": {
@@ -23748,6 +28987,16 @@
         "locationName": "item"
       }
     },
+    "NatGatewayId": {
+      "type": "string"
+    },
+    "NatGatewayIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "NatGatewayId",
+        "locationName": "item"
+      }
+    },
     "NatGatewayList": {
       "type": "list",
       "member": {
@@ -23827,6 +29076,9 @@
       },
       "documentation": "<p>Describes an association between a network ACL and a subnet.</p>"
     },
+    "NetworkAclAssociationId": {
+      "type": "string"
+    },
     "NetworkAclAssociationList": {
       "type": "list",
       "member": {
@@ -23887,6 +29139,16 @@
         "locationName": "item"
       }
     },
+    "NetworkAclId": {
+      "type": "string"
+    },
+    "NetworkAclIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "NetworkAclId",
+        "locationName": "item"
+      }
+    },
     "NetworkAclList": {
       "type": "list",
       "member": {
@@ -23894,6 +29156,42 @@
         "locationName": "item"
       }
     },
+    "NetworkInfo": {
+      "type": "structure",
+      "members": {
+        "NetworkPerformance": {
+          "shape": "NetworkPerformance",
+          "documentation": "<p>Describes the network performance.</p>",
+          "locationName": "networkPerformance"
+        },
+        "MaximumNetworkInterfaces": {
+          "shape": "MaxNetworkInterfaces",
+          "documentation": "<p>The maximum number of network interfaces for the instance type.</p>",
+          "locationName": "maximumNetworkInterfaces"
+        },
+        "Ipv4AddressesPerInterface": {
+          "shape": "MaxIpv4AddrPerInterface",
+          "documentation": "<p>The maximum number of IPv4 addresses per network interface.</p>",
+          "locationName": "ipv4AddressesPerInterface"
+        },
+        "Ipv6AddressesPerInterface": {
+          "shape": "MaxIpv6AddrPerInterface",
+          "documentation": "<p>The maximum number of IPv6 addresses per network interface.</p>",
+          "locationName": "ipv6AddressesPerInterface"
+        },
+        "Ipv6Supported": {
+          "shape": "Ipv6Flag",
+          "documentation": "<p>Indicates whether IPv6 is supported.</p>",
+          "locationName": "ipv6Supported"
+        },
+        "EnaSupport": {
+          "shape": "EnaSupport",
+          "documentation": "<p>Indicates whether Elastic Network Adapter (ENA) is supported.</p>",
+          "locationName": "enaSupport"
+        }
+      },
+      "documentation": "<p>Describes the networking features of the instance type.</p>"
+    },
     "NetworkInterface": {
       "type": "structure",
       "members": {
@@ -23942,6 +29240,11 @@
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
         "OwnerId": {
           "shape": "String",
           "documentation": "<p>The AWS account ID of the owner of the network interface.</p>",
@@ -24076,7 +29379,7 @@
       "type": "structure",
       "members": {
         "AttachmentId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceAttachmentId",
           "documentation": "<p>The ID of the network interface attachment.</p>",
           "locationName": "attachmentId"
         },
@@ -24088,6 +29391,9 @@
       },
       "documentation": "<p>Describes an attachment change.</p>"
     },
+    "NetworkInterfaceAttachmentId": {
+      "type": "string"
+    },
     "NetworkInterfaceAttribute": {
       "type": "string",
       "enum": [
@@ -24103,10 +29409,13 @@
         "efa"
       ]
     },
+    "NetworkInterfaceId": {
+      "type": "string"
+    },
     "NetworkInterfaceIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "NetworkInterfaceId",
         "locationName": "item"
       }
     },
@@ -24171,10 +29480,13 @@
       },
       "documentation": "<p>Describes a permission for a network interface.</p>"
     },
+    "NetworkInterfacePermissionId": {
+      "type": "string"
+    },
     "NetworkInterfacePermissionIdList": {
       "type": "list",
       "member": {
-        "shape": "String"
+        "shape": "NetworkInterfacePermissionId"
       }
     },
     "NetworkInterfacePermissionList": {
@@ -24260,6 +29572,9 @@
         "efa"
       ]
     },
+    "NetworkPerformance": {
+      "type": "string"
+    },
     "NewDhcpConfiguration": {
       "type": "structure",
       "members": {
@@ -24281,9 +29596,7 @@
       }
     },
     "NextToken": {
-      "type": "string",
-      "max": 1024,
-      "min": 1
+      "type": "string"
     },
     "OccurrenceDayRequestSet": {
       "type": "list",
@@ -24306,6 +29619,9 @@
         "convertible"
       ]
     },
+    "OfferingId": {
+      "type": "string"
+    },
     "OfferingTypeValues": {
       "type": "string",
       "enum": [
@@ -24332,23 +29648,33 @@
           "documentation": "<p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify <code>lowest-price</code>, EC2 Fleet uses price to determine the order, launching the lowest price first. If you specify <code>prioritized</code>, EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first. If you do not specify a value, EC2 Fleet defaults to <code>lowest-price</code>.</p>",
           "locationName": "allocationStrategy"
         },
+        "CapacityReservationOptions": {
+          "shape": "CapacityReservationOptions",
+          "documentation": "<p>The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity. Supported only for fleets of type <code>instant</code>.</p>",
+          "locationName": "capacityReservationOptions"
+        },
         "SingleInstanceType": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.</p>",
+          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. Supported only for fleets of type <code>instant</code>.</p>",
           "locationName": "singleInstanceType"
         },
         "SingleAvailabilityZone": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.</p>",
+          "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. Supported only for fleets of type <code>instant</code>.</p>",
           "locationName": "singleAvailabilityZone"
         },
         "MinTargetCapacity": {
           "shape": "Integer",
           "documentation": "<p>The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>",
           "locationName": "minTargetCapacity"
+        },
+        "MaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for On-Demand Instances that you're willing to pay.</p>",
+          "locationName": "maxTotalPrice"
         }
       },
-      "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>"
+      "documentation": "<p>Describes the configuration of On-Demand Instances in an EC2 Fleet.</p>"
     },
     "OnDemandOptionsRequest": {
       "type": "structure",
@@ -24357,20 +29683,28 @@
           "shape": "FleetOnDemandAllocationStrategy",
           "documentation": "<p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify <code>lowest-price</code>, EC2 Fleet uses price to determine the order, launching the lowest price first. If you specify <code>prioritized</code>, EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first. If you do not specify a value, EC2 Fleet defaults to <code>lowest-price</code>.</p>"
         },
+        "CapacityReservationOptions": {
+          "shape": "CapacityReservationOptionsRequest",
+          "documentation": "<p>The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity. Supported only for fleets of type <code>instant</code>.</p>"
+        },
         "SingleInstanceType": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.</p>"
+          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. Supported only for fleets of type <code>instant</code>.</p>"
         },
         "SingleAvailabilityZone": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.</p>"
+          "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. Supported only for fleets of type <code>instant</code>.</p>"
         },
         "MinTargetCapacity": {
           "shape": "Integer",
           "documentation": "<p>The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>"
+        },
+        "MaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for On-Demand Instances that you're willing to pay.</p>"
         }
       },
-      "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>"
+      "documentation": "<p>Describes the configuration of On-Demand Instances in an EC2 Fleet.</p>"
     },
     "OperationType": {
       "type": "string",
@@ -24416,6 +29750,22 @@
       },
       "documentation": "<p>Describes the data that identifies an Amazon FPGA image (AFI) on the PCI bus.</p>"
     },
+    "PeeringAttachmentStatus": {
+      "type": "structure",
+      "members": {
+        "Code": {
+          "shape": "String",
+          "documentation": "<p>The status code.</p>",
+          "locationName": "code"
+        },
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The status message, if applicable.</p>",
+          "locationName": "message"
+        }
+      },
+      "documentation": "<p>The status of the transit gateway peering attachment.</p>"
+    },
     "PeeringConnectionOptions": {
       "type": "structure",
       "members": {
@@ -24455,23 +29805,254 @@
       },
       "documentation": "<p>The VPC peering connection options.</p>"
     },
+    "PeeringTgwInfo": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway.</p>",
+          "locationName": "transitGatewayId"
+        },
+        "OwnerId": {
+          "shape": "String",
+          "documentation": "<p>The AWS account ID of the owner of the transit gateway.</p>",
+          "locationName": "ownerId"
+        },
+        "Region": {
+          "shape": "String",
+          "documentation": "<p>The Region of the transit gateway.</p>",
+          "locationName": "region"
+        }
+      },
+      "documentation": "<p>Information about the transit gateway in the peering attachment.</p>"
+    },
     "PermissionGroup": {
       "type": "string",
       "enum": [
         "all"
       ]
     },
+    "Phase1DHGroupNumbersList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1DHGroupNumbersListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1DHGroupNumbersListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "Integer",
+          "documentation": "<p>The Diffie-Hellmann group number.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The Diffie-Hellmann group number for phase 1 IKE negotiations.</p>"
+    },
+    "Phase1DHGroupNumbersRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1DHGroupNumbersRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1DHGroupNumbersRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "Integer",
+          "documentation": "<p>The Diffie-Hellmann group number.</p>"
+        }
+      },
+      "documentation": "<p>Specifies a Diffie-Hellman group number for the VPN tunnel for phase 1 IKE negotiations.</p>"
+    },
+    "Phase1EncryptionAlgorithmsList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1EncryptionAlgorithmsListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1EncryptionAlgorithmsListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The value for the encryption algorithm.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The encryption algorithm for phase 1 IKE negotiations.</p>"
+    },
+    "Phase1EncryptionAlgorithmsRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1EncryptionAlgorithmsRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1EncryptionAlgorithmsRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The value for the encryption algorithm.</p>"
+        }
+      },
+      "documentation": "<p>Specifies the encryption algorithm for the VPN tunnel for phase 1 IKE negotiations.</p>"
+    },
+    "Phase1IntegrityAlgorithmsList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1IntegrityAlgorithmsListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1IntegrityAlgorithmsListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The value for the integrity algorithm.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The integrity algorithm for phase 1 IKE negotiations.</p>"
+    },
+    "Phase1IntegrityAlgorithmsRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase1IntegrityAlgorithmsRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase1IntegrityAlgorithmsRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The value for the integrity algorithm.</p>"
+        }
+      },
+      "documentation": "<p>Specifies the integrity algorithm for the VPN tunnel for phase 1 IKE negotiations.</p>"
+    },
+    "Phase2DHGroupNumbersList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2DHGroupNumbersListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2DHGroupNumbersListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "Integer",
+          "documentation": "<p>The Diffie-Hellmann group number.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The Diffie-Hellmann group number for phase 2 IKE negotiations.</p>"
+    },
+    "Phase2DHGroupNumbersRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2DHGroupNumbersRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2DHGroupNumbersRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "Integer",
+          "documentation": "<p>The Diffie-Hellmann group number.</p>"
+        }
+      },
+      "documentation": "<p>Specifies a Diffie-Hellman group number for the VPN tunnel for phase 2 IKE negotiations.</p>"
+    },
+    "Phase2EncryptionAlgorithmsList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2EncryptionAlgorithmsListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2EncryptionAlgorithmsListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The encryption algorithm.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The encryption algorithm for phase 2 IKE negotiations.</p>"
+    },
+    "Phase2EncryptionAlgorithmsRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2EncryptionAlgorithmsRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2EncryptionAlgorithmsRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The encryption algorithm.</p>"
+        }
+      },
+      "documentation": "<p>Specifies the encryption algorithm for the VPN tunnel for phase 2 IKE negotiations.</p>"
+    },
+    "Phase2IntegrityAlgorithmsList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2IntegrityAlgorithmsListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2IntegrityAlgorithmsListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The integrity algorithm.</p>",
+          "locationName": "value"
+        }
+      },
+      "documentation": "<p>The integrity algorithm for phase 2 IKE negotiations.</p>"
+    },
+    "Phase2IntegrityAlgorithmsRequestList": {
+      "type": "list",
+      "member": {
+        "shape": "Phase2IntegrityAlgorithmsRequestListValue",
+        "locationName": "item"
+      }
+    },
+    "Phase2IntegrityAlgorithmsRequestListValue": {
+      "type": "structure",
+      "members": {
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The integrity algorithm.</p>"
+        }
+      },
+      "documentation": "<p>Specifies the integrity algorithm for the VPN tunnel for phase 2 IKE negotiations.</p>"
+    },
     "Placement": {
       "type": "structure",
       "members": {
         "AvailabilityZone": {
           "shape": "String",
-          "documentation": "<p>The Availability Zone of the instance.</p> <p>If not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.</p>",
+          "documentation": "<p>The Availability Zone of the instance.</p> <p>If not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "availabilityZone"
         },
         "Affinity": {
           "shape": "String",
-          "documentation": "<p>The affinity setting for the instance on the Dedicated Host. This parameter is not supported for the <a>ImportInstance</a> command.</p>",
+          "documentation": "<p>The affinity setting for the instance on the Dedicated Host. This parameter is not supported for the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html\">ImportInstance</a> command.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "affinity"
         },
         "GroupName": {
@@ -24481,23 +30062,28 @@
         },
         "PartitionNumber": {
           "shape": "Integer",
-          "documentation": "<p>The number of the partition the instance is in. Valid only if the placement group strategy is set to <code>partition</code>.</p>",
+          "documentation": "<p>The number of the partition the instance is in. Valid only if the placement group strategy is set to <code>partition</code>.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "partitionNumber"
         },
         "HostId": {
           "shape": "String",
-          "documentation": "<p>The ID of the Dedicated Host on which the instance resides. This parameter is not supported for the <a>ImportInstance</a> command.</p>",
+          "documentation": "<p>The ID of the Dedicated Host on which the instance resides. This parameter is not supported for the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html\">ImportInstance</a> command.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "hostId"
         },
         "Tenancy": {
           "shape": "Tenancy",
-          "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code> tenancy is not supported for the <a>ImportInstance</a> command.</p>",
+          "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code> tenancy is not supported for the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html\">ImportInstance</a> command.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "tenancy"
         },
         "SpreadDomain": {
           "shape": "String",
-          "documentation": "<p>Reserved for future use.</p>",
+          "documentation": "<p>Reserved for future use.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
           "locationName": "spreadDomain"
+        },
+        "HostResourceGroupArn": {
+          "shape": "String",
+          "documentation": "<p>The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the <b>Tenancy</b> parameter or set it to <code>host</code>.</p> <p>This parameter is not supported by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet\">CreateFleet</a>.</p>",
+          "locationName": "hostResourceGroupArn"
         }
       },
       "documentation": "<p>Describes the placement of an instance.</p>"
@@ -24524,10 +30110,41 @@
           "shape": "Integer",
           "documentation": "<p>The number of partitions. Valid only if <b>strategy</b> is set to <code>partition</code>.</p>",
           "locationName": "partitionCount"
+        },
+        "GroupId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the placement group.</p>",
+          "locationName": "groupId"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags applied to the placement group.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes a placement group.</p>"
     },
+    "PlacementGroupId": {
+      "type": "string"
+    },
+    "PlacementGroupIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "PlacementGroupId",
+        "locationName": "GroupId"
+      }
+    },
+    "PlacementGroupInfo": {
+      "type": "structure",
+      "members": {
+        "SupportedStrategies": {
+          "shape": "PlacementGroupStrategyList",
+          "documentation": "<p>A list of supported placement groups types.</p>",
+          "locationName": "supportedStrategies"
+        }
+      },
+      "documentation": "<p>Describes the placement group support of the instance type.</p>"
+    },
     "PlacementGroupList": {
       "type": "list",
       "member": {
@@ -24535,6 +30152,9 @@
         "locationName": "item"
       }
     },
+    "PlacementGroupName": {
+      "type": "string"
+    },
     "PlacementGroupState": {
       "type": "string",
       "enum": [
@@ -24544,10 +30164,25 @@
         "deleted"
       ]
     },
+    "PlacementGroupStrategy": {
+      "type": "string",
+      "enum": [
+        "cluster",
+        "partition",
+        "spread"
+      ]
+    },
+    "PlacementGroupStrategyList": {
+      "type": "list",
+      "member": {
+        "shape": "PlacementGroupStrategy",
+        "locationName": "item"
+      }
+    },
     "PlacementGroupStringList": {
       "type": "list",
       "member": {
-        "shape": "String"
+        "shape": "PlacementGroupName"
       }
     },
     "PlacementResponse": {
@@ -24555,7 +30190,7 @@
       "members": {
         "GroupName": {
           "shape": "String",
-          "documentation": "<p>The name of the placement group the instance is in.</p>",
+          "documentation": "<p>The name of the placement group that the instance is in.</p>",
           "locationName": "groupName"
         }
       },
@@ -24575,6 +30210,24 @@
         "Windows"
       ]
     },
+    "PoolCidrBlock": {
+      "type": "structure",
+      "members": {
+        "Cidr": {
+          "shape": "String",
+          "documentation": "<p>The CIDR block.</p>",
+          "locationName": "poolCidrBlock"
+        }
+      },
+      "documentation": "<p>Describes a CIDR block for an address pool.</p>"
+    },
+    "PoolCidrBlocksSet": {
+      "type": "list",
+      "member": {
+        "shape": "PoolCidrBlock",
+        "locationName": "item"
+      }
+    },
     "PoolMaxResults": {
       "type": "integer",
       "max": 10,
@@ -24647,6 +30300,16 @@
         "locationName": "item"
       }
     },
+    "PrefixListResourceId": {
+      "type": "string"
+    },
+    "PrefixListResourceIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "PrefixListResourceId",
+        "locationName": "item"
+      }
+    },
     "PrefixListSet": {
       "type": "list",
       "member": {
@@ -24772,6 +30435,32 @@
         "Role"
       ]
     },
+    "PrivateDnsNameConfiguration": {
+      "type": "structure",
+      "members": {
+        "State": {
+          "shape": "DnsNameState",
+          "documentation": "<p>The verification state of the VPC endpoint service.</p> <p>&gt;Consumers of the endpoint service can use the private name only when the state is <code>verified</code>.</p>",
+          "locationName": "state"
+        },
+        "Type": {
+          "shape": "String",
+          "documentation": "<p>The endpoint service verification type, for example TXT.</p>",
+          "locationName": "type"
+        },
+        "Value": {
+          "shape": "String",
+          "documentation": "<p>The value the service provider adds to the private DNS name domain record before verification.</p>",
+          "locationName": "value"
+        },
+        "Name": {
+          "shape": "String",
+          "documentation": "<p>The name of the record subdomain the service provider needs to create. The service provider adds the <code>value</code> text to the <code>name</code>.</p>",
+          "locationName": "name"
+        }
+      },
+      "documentation": "<p>Information about the private DNS name for the service endpoint. For more information about these parameters, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html\">VPC Endpoint Service Private DNS Name Verification</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>"
+    },
     "PrivateIpAddressConfigSet": {
       "type": "list",
       "member": {
@@ -24809,6 +30498,25 @@
         "locationName": "PrivateIpAddress"
       }
     },
+    "ProcessorInfo": {
+      "type": "structure",
+      "members": {
+        "SupportedArchitectures": {
+          "shape": "ArchitectureTypeList",
+          "documentation": "<p>A list of architectures supported by the instance type.</p>",
+          "locationName": "supportedArchitectures"
+        },
+        "SustainedClockSpeedInGhz": {
+          "shape": "ProcessorSustainedClockSpeed",
+          "documentation": "<p>The speed of the processor, in GHz.</p>",
+          "locationName": "sustainedClockSpeedInGhz"
+        }
+      },
+      "documentation": "<p>Describes the processor used by the instance type.</p>"
+    },
+    "ProcessorSustainedClockSpeed": {
+      "type": "double"
+    },
     "ProductCode": {
       "type": "structure",
       "members": {
@@ -24878,12 +30586,16 @@
       "members": {
         "Cidr": {
           "shape": "String",
-          "documentation": "<p>The public IPv4 address range, in CIDR notation. The most specific prefix that you can specify is /24. The address range cannot overlap with another address range that you've brought to this or another Region.</p>"
+          "documentation": "<p>The public IPv4 or IPv6 address range, in CIDR notation. The most specific IPv4 prefix that you can specify is /24. The most specific IPv6 prefix you can specify is /56. The address range cannot overlap with another address range that you've brought to this or another Region.</p>"
         },
         "CidrAuthorizationContext": {
           "shape": "CidrAuthorizationContext",
           "documentation": "<p>A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP.</p>"
         },
+        "PubliclyAdvertisable": {
+          "shape": "Boolean",
+          "documentation": "<p>(IPv6 only) Indicate whether the address range will be publicly advertised to the internet.</p> <p>Default: true</p>"
+        },
         "Description": {
           "shape": "String",
           "documentation": "<p>A description for the address range and the address pool.</p>"
@@ -24899,7 +30611,7 @@
       "members": {
         "ByoipCidr": {
           "shape": "ByoipCidr",
-          "documentation": "<p>Information about the address pool.</p>",
+          "documentation": "<p>Information about the address range.</p>",
           "locationName": "byoipCidr"
         }
       }
@@ -24947,7 +30659,7 @@
       "members": {
         "PoolId": {
           "shape": "String",
-          "documentation": "<p>The ID of the IPv4 address pool.</p>",
+          "documentation": "<p>The ID of the address pool.</p>",
           "locationName": "poolId"
         },
         "Description": {
@@ -24969,9 +30681,21 @@
           "shape": "Integer",
           "documentation": "<p>The total number of available addresses.</p>",
           "locationName": "totalAvailableAddressCount"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>Any tags for the address pool.</p>",
+          "locationName": "tagSet"
         }
       },
-      "documentation": "<p>Describes an address pool.</p>"
+      "documentation": "<p>Describes an IPv4 address pool.</p>"
+    },
+    "PublicIpv4PoolIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "Ipv4PoolEc2Id",
+        "locationName": "item"
+      }
     },
     "PublicIpv4PoolRange": {
       "type": "structure",
@@ -25083,7 +30807,7 @@
           "documentation": "<p>The specified limit is checked against the total upfront cost of the reservation (calculated as the offering's upfront cost multiplied by the host count). If the total upfront cost is greater than the specified price limit, the request fails. This is used to ensure that the purchase does not exceed the expected upfront cost of the purchase. At this time, the only supported currency is <code>USD</code>. For example, to indicate a limit price of USD 100, specify 100.00.</p>"
         },
         "OfferingId": {
-          "shape": "String",
+          "shape": "OfferingId",
           "documentation": "<p>The ID of the offering.</p>"
         }
       }
@@ -25156,7 +30880,7 @@
           "documentation": "<p>The number of Reserved Instances to purchase.</p>"
         },
         "ReservedInstancesOfferingId": {
-          "shape": "String",
+          "shape": "ReservedInstancesOfferingId",
           "documentation": "<p>The ID of the Reserved Instance offering to purchase.</p>"
         },
         "DryRun": {
@@ -25168,6 +30892,10 @@
           "shape": "ReservedInstanceLimitPrice",
           "documentation": "<p>Specified for Reserved Instance Marketplace offerings to limit the total order and ensure that the Reserved Instances are not purchased at unexpected prices.</p>",
           "locationName": "limitPrice"
+        },
+        "PurchaseTime": {
+          "shape": "DateTime",
+          "documentation": "<p>The time at which to purchase the Reserved Instance, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>"
         }
       },
       "documentation": "<p>Contains the parameters for PurchaseReservedInstancesOffering.</p>"
@@ -25240,6 +30968,9 @@
         "Windows (Amazon VPC)"
       ]
     },
+    "RamdiskId": {
+      "type": "string"
+    },
     "ReasonCodesList": {
       "type": "list",
       "member": {
@@ -25306,6 +31037,11 @@
           "shape": "String",
           "documentation": "<p>The name of the Region.</p>",
           "locationName": "regionName"
+        },
+        "OptInStatus": {
+          "shape": "String",
+          "documentation": "<p>The Region opt-in status. The possible values are <code>opt-in-not-required</code>, <code>opted-in</code>, and <code>not-opted-in</code>.</p>",
+          "locationName": "optInStatus"
         }
       },
       "documentation": "<p>Describes a Region.</p>"
@@ -25360,7 +31096,7 @@
           "locationName": "enaSupport"
         },
         "KernelId": {
-          "shape": "String",
+          "shape": "KernelId",
           "documentation": "<p>The ID of the kernel.</p>",
           "locationName": "kernelId"
         },
@@ -25375,7 +31111,7 @@
           "locationName": "BillingProduct"
         },
         "RamdiskId": {
-          "shape": "String",
+          "shape": "RamdiskId",
           "documentation": "<p>The ID of the RAM disk.</p>",
           "locationName": "ramdiskId"
         },
@@ -25408,6 +31144,132 @@
       },
       "documentation": "<p>Contains the output of RegisterImage.</p>"
     },
+    "RegisterInstanceEventNotificationAttributesRequest": {
+      "type": "structure",
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "InstanceTagAttribute": {
+          "shape": "RegisterInstanceTagAttributeRequest",
+          "documentation": "<p>Information about the tag keys to register.</p>"
+        }
+      }
+    },
+    "RegisterInstanceEventNotificationAttributesResult": {
+      "type": "structure",
+      "members": {
+        "InstanceTagAttribute": {
+          "shape": "InstanceTagNotificationAttribute",
+          "documentation": "<p>The resulting set of tag keys.</p>",
+          "locationName": "instanceTagAttribute"
+        }
+      }
+    },
+    "RegisterInstanceTagAttributeRequest": {
+      "type": "structure",
+      "members": {
+        "IncludeAllTagsOfInstance": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether to register all tag keys in the current Region. Specify <code>true</code> to register all tag keys.</p>"
+        },
+        "InstanceTagKeys": {
+          "shape": "InstanceTagKeySet",
+          "documentation": "<p>The tag keys to register.</p>",
+          "locationName": "InstanceTagKey"
+        }
+      },
+      "documentation": "<p>Information about the tag keys to register for the current Region. You can either specify individual tag keys or register all tag keys in the current Region. You must specify either <code>IncludeAllTagsOfInstance</code> or <code>InstanceTagKeys</code> in the request</p>"
+    },
+    "RegisterTransitGatewayMulticastGroupMembersRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>"
+        },
+        "NetworkInterfaceIds": {
+          "shape": "TransitGatewayNetworkInterfaceIdList",
+          "documentation": "<p>The group members' network interface IDs to register with the transit gateway multicast group.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "RegisterTransitGatewayMulticastGroupMembersResult": {
+      "type": "structure",
+      "members": {
+        "RegisteredMulticastGroupMembers": {
+          "shape": "TransitGatewayMulticastRegisteredGroupMembers",
+          "documentation": "<p>Information about the registered transit gateway multicast group members.</p>",
+          "locationName": "registeredMulticastGroupMembers"
+        }
+      }
+    },
+    "RegisterTransitGatewayMulticastGroupSourcesRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>"
+        },
+        "NetworkInterfaceIds": {
+          "shape": "TransitGatewayNetworkInterfaceIdList",
+          "documentation": "<p>The group sources' network interface IDs to register with the transit gateway multicast group.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "RegisterTransitGatewayMulticastGroupSourcesResult": {
+      "type": "structure",
+      "members": {
+        "RegisteredMulticastGroupSources": {
+          "shape": "TransitGatewayMulticastRegisteredGroupSources",
+          "documentation": "<p>Information about the transit gateway multicast group sources.</p>",
+          "locationName": "registeredMulticastGroupSources"
+        }
+      }
+    },
+    "RejectTransitGatewayPeeringAttachmentRequest": {
+      "type": "structure",
+      "required": [
+        "TransitGatewayAttachmentId"
+      ],
+      "members": {
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
+          "documentation": "<p>The ID of the transit gateway peering attachment.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "RejectTransitGatewayPeeringAttachmentResult": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayPeeringAttachment": {
+          "shape": "TransitGatewayPeeringAttachment",
+          "documentation": "<p>The transit gateway peering attachment.</p>",
+          "locationName": "transitGatewayPeeringAttachment"
+        }
+      }
+    },
     "RejectTransitGatewayVpcAttachmentRequest": {
       "type": "structure",
       "required": [
@@ -25415,7 +31277,7 @@
       ],
       "members": {
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "DryRun": {
@@ -25446,11 +31308,11 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "ServiceId": {
-          "shape": "String",
+          "shape": "VpcEndpointServiceId",
           "documentation": "<p>The ID of the service.</p>"
         },
         "VpcEndpointIds": {
-          "shape": "ValueStringList",
+          "shape": "VpcEndpointIdList",
           "documentation": "<p>The IDs of one or more VPC endpoints.</p>",
           "locationName": "VpcEndpointId"
         }
@@ -25478,7 +31340,7 @@
           "locationName": "dryRun"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of the VPC peering connection.</p>",
           "locationName": "vpcPeeringConnectionId"
         }
@@ -25498,13 +31360,17 @@
       "type": "structure",
       "members": {
         "AllocationId": {
-          "shape": "String",
+          "shape": "AllocationId",
           "documentation": "<p>[EC2-VPC] The allocation ID. Required for EC2-VPC.</p>"
         },
         "PublicIp": {
           "shape": "String",
           "documentation": "<p>[EC2-Classic] The Elastic IP address. Required for EC2-Classic.</p>"
         },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The location that the IP address is released from.</p> <p>If you provide an incorrect network border group, you will receive an <code>InvalidAddress.NotFound</code> error. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html\">Error Codes</a>.</p> <note> <p>You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 classic, you will receive an <code>InvalidParameterCombination</code> error. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html\">Error Codes</a>.</p> </note>"
+        },
         "DryRun": {
           "shape": "Boolean",
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -25552,7 +31418,7 @@
           "documentation": "<p>The IAM instance profile.</p>"
         },
         "AssociationId": {
-          "shape": "String",
+          "shape": "IamInstanceProfileAssociationId",
           "documentation": "<p>The ID of the existing IAM instance profile association.</p>"
         }
       }
@@ -25575,7 +31441,7 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "NetworkAclAssociationId",
           "documentation": "<p>The ID of the current association between the original network ACL and the subnet.</p>",
           "locationName": "associationId"
         },
@@ -25585,7 +31451,7 @@
           "locationName": "dryRun"
         },
         "NetworkAclId": {
-          "shape": "String",
+          "shape": "NetworkAclId",
           "documentation": "<p>The ID of the new network ACL to associate with the subnet.</p>",
           "locationName": "networkAclId"
         }
@@ -25637,7 +31503,7 @@
           "locationName": "ipv6CidrBlock"
         },
         "NetworkAclId": {
-          "shape": "String",
+          "shape": "NetworkAclId",
           "documentation": "<p>The ID of the ACL.</p>",
           "locationName": "networkAclId"
         },
@@ -25685,41 +31551,49 @@
           "locationName": "dryRun"
         },
         "EgressOnlyInternetGatewayId": {
-          "shape": "String",
+          "shape": "EgressOnlyInternetGatewayId",
           "documentation": "<p>[IPv6 traffic only] The ID of an egress-only internet gateway.</p>",
           "locationName": "egressOnlyInternetGatewayId"
         },
         "GatewayId": {
-          "shape": "String",
+          "shape": "RouteGatewayId",
           "documentation": "<p>The ID of an internet gateway or virtual private gateway.</p>",
           "locationName": "gatewayId"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of a NAT instance in your VPC.</p>",
           "locationName": "instanceId"
         },
+        "LocalTarget": {
+          "shape": "Boolean",
+          "documentation": "<p>Specifies whether to reset the local route to its default target (<code>local</code>).</p>"
+        },
         "NatGatewayId": {
-          "shape": "String",
+          "shape": "NatGatewayId",
           "documentation": "<p>[IPv4 traffic only] The ID of a NAT gateway.</p>",
           "locationName": "natGatewayId"
         },
         "TransitGatewayId": {
-          "shape": "String",
+          "shape": "TransitGatewayId",
           "documentation": "<p>The ID of a transit gateway.</p>"
         },
+        "LocalGatewayId": {
+          "shape": "LocalGatewayId",
+          "documentation": "<p>The ID of the local gateway.</p>"
+        },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of a network interface.</p>",
           "locationName": "networkInterfaceId"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the route table.</p>",
           "locationName": "routeTableId"
         },
         "VpcPeeringConnectionId": {
-          "shape": "String",
+          "shape": "VpcPeeringConnectionId",
           "documentation": "<p>The ID of a VPC peering connection.</p>",
           "locationName": "vpcPeeringConnectionId"
         }
@@ -25733,7 +31607,7 @@
       ],
       "members": {
         "AssociationId": {
-          "shape": "String",
+          "shape": "RouteTableAssociationId",
           "documentation": "<p>The association ID.</p>",
           "locationName": "associationId"
         },
@@ -25743,7 +31617,7 @@
           "locationName": "dryRun"
         },
         "RouteTableId": {
-          "shape": "String",
+          "shape": "RouteTableId",
           "documentation": "<p>The ID of the new route table to associate with the subnet.</p>",
           "locationName": "routeTableId"
         }
@@ -25756,6 +31630,11 @@
           "shape": "String",
           "documentation": "<p>The ID of the new association.</p>",
           "locationName": "newAssociationId"
+        },
+        "AssociationState": {
+          "shape": "RouteTableAssociationState",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "associationState"
         }
       }
     },
@@ -25771,11 +31650,11 @@
           "documentation": "<p>The CIDR range used for the destination match. Routing decisions are based on the most specific match.</p>"
         },
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the route table.</p>"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>"
         },
         "Blackhole": {
@@ -25867,22 +31746,30 @@
     "RequestHostIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "DedicatedHostId",
         "locationName": "item"
       }
     },
     "RequestHostIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "DedicatedHostId",
         "locationName": "item"
       }
     },
+    "RequestInstanceTypeList": {
+      "type": "list",
+      "member": {
+        "shape": "InstanceType"
+      },
+      "locationName": "InstanceType",
+      "max": 100
+    },
     "RequestLaunchTemplateData": {
       "type": "structure",
       "members": {
         "KernelId": {
-          "shape": "String",
+          "shape": "KernelId",
           "documentation": "<p>The ID of the kernel.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\">User Provided Kernels</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>"
         },
         "EbsOptimized": {
@@ -25895,7 +31782,7 @@
         },
         "BlockDeviceMappings": {
           "shape": "LaunchTemplateBlockDeviceMappingRequestList",
-          "documentation": "<p>The block device mapping.</p> <important> <p>Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.</p> </important>",
+          "documentation": "<p>The block device mapping.</p>",
           "locationName": "BlockDeviceMapping"
         },
         "NetworkInterfaces": {
@@ -25904,7 +31791,7 @@
           "locationName": "NetworkInterface"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>"
         },
         "InstanceType": {
@@ -25912,7 +31799,7 @@
           "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
         },
         "KeyName": {
-          "shape": "String",
+          "shape": "KeyPairName",
           "documentation": "<p>The name of the key pair. You can create a key pair using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html\">CreateKeyPair</a> or <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html\">ImportKeyPair</a>.</p> <important> <p>If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.</p> </important>"
         },
         "Monitoring": {
@@ -25924,7 +31811,7 @@
           "documentation": "<p>The placement for the instance.</p>"
         },
         "RamDiskId": {
-          "shape": "String",
+          "shape": "RamdiskId",
           "documentation": "<p>The ID of the RAM disk.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\">User Provided Kernels</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>"
         },
         "DisableApiTermination": {
@@ -25987,7 +31874,11 @@
         },
         "HibernationOptions": {
           "shape": "LaunchTemplateHibernationOptionsRequest",
-          "documentation": "<p>Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+          "documentation": "<p>Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
+        },
+        "MetadataOptions": {
+          "shape": "LaunchTemplateInstanceMetadataOptionsRequest",
+          "documentation": "<p>The metadata options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>"
         }
       },
       "documentation": "<p>The information to include in the launch template.</p>"
@@ -26071,7 +31962,7 @@
         },
         "ValidFrom": {
           "shape": "DateTime",
-          "documentation": "<p>The start date of the request. If this is a one-time request, the request becomes active at this date and time and remains active until all instances launch, the request expires, or the request is canceled. If the request is persistent, the request becomes active at this date and time and remains active until it expires or is canceled.</p>",
+          "documentation": "<p>The start date of the request. If this is a one-time request, the request becomes active at this date and time and remains active until all instances launch, the request expires, or the request is canceled. If the request is persistent, the request becomes active at this date and time and remains active until it expires or is canceled.</p> <p>The specified start date and time cannot be equal to the current date and time. You must specify a start date and time that occurs after the current date and time.</p>",
           "locationName": "validFrom"
         },
         "ValidUntil": {
@@ -26101,12 +31992,12 @@
       "type": "structure",
       "members": {
         "SecurityGroupIds": {
-          "shape": "ValueStringList",
+          "shape": "RequestSpotLaunchSpecificationSecurityGroupIdList",
           "documentation": "<p>One or more security group IDs.</p>",
           "locationName": "SecurityGroupId"
         },
         "SecurityGroups": {
-          "shape": "ValueStringList",
+          "shape": "RequestSpotLaunchSpecificationSecurityGroupList",
           "documentation": "<p>One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.</p>",
           "locationName": "SecurityGroup"
         },
@@ -26131,7 +32022,7 @@
           "locationName": "iamInstanceProfile"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>",
           "locationName": "imageId"
         },
@@ -26141,12 +32032,12 @@
           "locationName": "instanceType"
         },
         "KernelId": {
-          "shape": "String",
+          "shape": "KernelId",
           "documentation": "<p>The ID of the kernel.</p>",
           "locationName": "kernelId"
         },
         "KeyName": {
-          "shape": "String",
+          "shape": "KeyPairName",
           "documentation": "<p>The name of the key pair.</p>",
           "locationName": "keyName"
         },
@@ -26166,13 +32057,13 @@
           "locationName": "placement"
         },
         "RamdiskId": {
-          "shape": "String",
+          "shape": "RamdiskId",
           "documentation": "<p>The ID of the RAM disk.</p>",
           "locationName": "ramdiskId"
         },
         "SubnetId": {
-          "shape": "String",
-          "documentation": "<p>The ID of the subnet in which to launch the instance.</p>",
+          "shape": "SubnetId",
+          "documentation": "<p>The IDs of the subnets in which to launch the instance. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".</p>",
           "locationName": "subnetId"
         },
         "UserData": {
@@ -26183,6 +32074,20 @@
       },
       "documentation": "<p>Describes the launch specification for an instance.</p>"
     },
+    "RequestSpotLaunchSpecificationSecurityGroupIdList": {
+      "type": "list",
+      "member": {
+        "shape": "SecurityGroupId",
+        "locationName": "item"
+      }
+    },
+    "RequestSpotLaunchSpecificationSecurityGroupList": {
+      "type": "list",
+      "member": {
+        "shape": "SecurityGroupName",
+        "locationName": "item"
+      }
+    },
     "Reservation": {
       "type": "structure",
       "members": {
@@ -26214,6 +32119,9 @@
       },
       "documentation": "<p>Describes a reservation.</p>"
     },
+    "ReservationId": {
+      "type": "string"
+    },
     "ReservationList": {
       "type": "list",
       "member": {
@@ -26254,7 +32162,7 @@
     "ReservedInstanceIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ReservationId",
         "locationName": "ReservedInstanceId"
       }
     },
@@ -26303,7 +32211,9 @@
         "payment-pending",
         "active",
         "payment-failed",
-        "retired"
+        "retired",
+        "queued",
+        "queued-deleted"
       ]
     },
     "ReservedInstances": {
@@ -26454,7 +32364,7 @@
     "ReservedInstancesIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ReservationId",
         "locationName": "ReservedInstancesId"
       }
     },
@@ -26521,6 +32431,9 @@
       },
       "documentation": "<p>Describes a Reserved Instance listing.</p>"
     },
+    "ReservedInstancesListingId": {
+      "type": "string"
+    },
     "ReservedInstancesListingList": {
       "type": "list",
       "member": {
@@ -26579,10 +32492,13 @@
       },
       "documentation": "<p>Describes a Reserved Instance modification.</p>"
     },
+    "ReservedInstancesModificationId": {
+      "type": "string"
+    },
     "ReservedInstancesModificationIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ReservedInstancesModificationId",
         "locationName": "ReservedInstancesModificationId"
       }
     },
@@ -26697,10 +32613,13 @@
       },
       "documentation": "<p>Describes a Reserved Instance offering.</p>"
     },
+    "ReservedInstancesOfferingId": {
+      "type": "string"
+    },
     "ReservedInstancesOfferingIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String"
+        "shape": "ReservedInstancesOfferingId"
       }
     },
     "ReservedInstancesOfferingList": {
@@ -26753,7 +32672,7 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "FpgaImageId": {
-          "shape": "String",
+          "shape": "FpgaImageId",
           "documentation": "<p>The ID of the AFI.</p>"
         },
         "Attribute": {
@@ -26790,7 +32709,7 @@
           "documentation": "<p>The attribute to reset (currently you can only reset the launch permission attribute).</p>"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI.</p>"
         },
         "DryRun": {
@@ -26819,7 +32738,7 @@
           "locationName": "dryRun"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The ID of the instance.</p>",
           "locationName": "instanceId"
         }
@@ -26837,7 +32756,7 @@
           "locationName": "dryRun"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
@@ -26861,7 +32780,7 @@
           "documentation": "<p>The attribute to reset. Currently, only the attribute for permission to create volumes can be reset.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the snapshot.</p>"
         },
         "DryRun": {
@@ -26869,13 +32788,12 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
           "locationName": "dryRun"
         }
-      },
-      "documentation": "<p>Contains the parameters for ResetSnapshotAttribute.</p>"
+      }
     },
     "ResourceIdList": {
       "type": "list",
       "member": {
-        "shape": "String"
+        "shape": "TaggableResourceId"
       }
     },
     "ResourceList": {
@@ -26899,14 +32817,17 @@
         "image",
         "instance",
         "internet-gateway",
+        "key-pair",
         "launch-template",
         "natgateway",
         "network-acl",
         "network-interface",
+        "placement-group",
         "reserved-instances",
         "route-table",
         "security-group",
         "snapshot",
+        "spot-fleet-request",
         "spot-instances-request",
         "subnet",
         "traffic-mirror-filter",
@@ -26914,12 +32835,14 @@
         "traffic-mirror-target",
         "transit-gateway",
         "transit-gateway-attachment",
+        "transit-gateway-multicast-domain",
         "transit-gateway-route-table",
         "volume",
         "vpc",
         "vpc-peering-connection",
         "vpn-connection",
-        "vpn-gateway"
+        "vpn-gateway",
+        "vpc-flow-log"
       ]
     },
     "ResponseError": {
@@ -27079,6 +33002,11 @@
           "shape": "LaunchTemplateHibernationOptions",
           "documentation": "<p>Indicates whether an instance is configured for hibernation. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
           "locationName": "hibernationOptions"
+        },
+        "MetadataOptions": {
+          "shape": "LaunchTemplateInstanceMetadataOptions",
+          "documentation": "<p>The metadata options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+          "locationName": "metadataOptions"
         }
       },
       "documentation": "<p>The information for a launch template. </p>"
@@ -27130,7 +33058,7 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint with which the authorization rule is associated.</p>"
         },
         "TargetNetworkCidr": {
@@ -27173,7 +33101,7 @@
           "locationName": "dryRun"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group.</p>",
           "locationName": "groupId"
         },
@@ -27226,11 +33154,11 @@
           "documentation": "<p>The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use <code>-1</code> to specify all ICMP types.</p>"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "SecurityGroupName",
           "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>"
         },
         "IpPermissions": {
@@ -27260,6 +33188,20 @@
         }
       }
     },
+    "RootDeviceType": {
+      "type": "string",
+      "enum": [
+        "ebs",
+        "instance-store"
+      ]
+    },
+    "RootDeviceTypeList": {
+      "type": "list",
+      "member": {
+        "shape": "RootDeviceType",
+        "locationName": "item"
+      }
+    },
     "Route": {
       "type": "structure",
       "members": {
@@ -27308,6 +33250,11 @@
           "documentation": "<p>The ID of a transit gateway.</p>",
           "locationName": "transitGatewayId"
         },
+        "LocalGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the local gateway.</p>",
+          "locationName": "localGatewayId"
+        },
         "NetworkInterfaceId": {
           "shape": "String",
           "documentation": "<p>The ID of the network interface.</p>",
@@ -27331,6 +33278,9 @@
       },
       "documentation": "<p>Describes a route in a route table.</p>"
     },
+    "RouteGatewayId": {
+      "type": "string"
+    },
     "RouteList": {
       "type": "list",
       "member": {
@@ -27358,7 +33308,7 @@
       "members": {
         "Associations": {
           "shape": "RouteTableAssociationList",
-          "documentation": "<p>The associations between the route table and one or more subnets.</p>",
+          "documentation": "<p>The associations between the route table and one or more subnets or a gateway.</p>",
           "locationName": "associationSet"
         },
         "PropagatingVgws": {
@@ -27404,7 +33354,7 @@
         },
         "RouteTableAssociationId": {
           "shape": "String",
-          "documentation": "<p>The ID of the association between a route table and a subnet.</p>",
+          "documentation": "<p>The ID of the association.</p>",
           "locationName": "routeTableAssociationId"
         },
         "RouteTableId": {
@@ -27416,9 +33366,22 @@
           "shape": "String",
           "documentation": "<p>The ID of the subnet. A subnet ID is not returned for an implicit association.</p>",
           "locationName": "subnetId"
+        },
+        "GatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the internet gateway or virtual private gateway.</p>",
+          "locationName": "gatewayId"
+        },
+        "AssociationState": {
+          "shape": "RouteTableAssociationState",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "associationState"
         }
       },
-      "documentation": "<p>Describes an association between a route table and a subnet.</p>"
+      "documentation": "<p>Describes an association between a route table and a subnet or gateway.</p>"
+    },
+    "RouteTableAssociationId": {
+      "type": "string"
     },
     "RouteTableAssociationList": {
       "type": "list",
@@ -27427,6 +33390,42 @@
         "locationName": "item"
       }
     },
+    "RouteTableAssociationState": {
+      "type": "structure",
+      "members": {
+        "State": {
+          "shape": "RouteTableAssociationStateCode",
+          "documentation": "<p>The state of the association.</p>",
+          "locationName": "state"
+        },
+        "StatusMessage": {
+          "shape": "String",
+          "documentation": "<p>The status message, if applicable.</p>",
+          "locationName": "statusMessage"
+        }
+      },
+      "documentation": "<p>Describes the state of an association between a route table and a subnet or gateway.</p>"
+    },
+    "RouteTableAssociationStateCode": {
+      "type": "string",
+      "enum": [
+        "associating",
+        "associated",
+        "disassociating",
+        "disassociated",
+        "failed"
+      ]
+    },
+    "RouteTableId": {
+      "type": "string"
+    },
+    "RouteTableIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "RouteTableId",
+        "locationName": "item"
+      }
+    },
     "RouteTableList": {
       "type": "list",
       "member": {
@@ -27468,7 +33467,7 @@
           "locationName": "BlockDeviceMapping"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.</p>"
         },
         "InstanceType": {
@@ -27485,11 +33484,11 @@
           "locationName": "Ipv6Address"
         },
         "KernelId": {
-          "shape": "String",
+          "shape": "KernelId",
           "documentation": "<p>The ID of the kernel.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\"> PV-GRUB</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>"
         },
         "KeyName": {
-          "shape": "String",
+          "shape": "KeyPairName",
           "documentation": "<p>The name of the key pair. You can create a key pair using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html\">CreateKeyPair</a> or <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html\">ImportKeyPair</a>.</p> <important> <p>If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.</p> </important>"
         },
         "MaxCount": {
@@ -27509,7 +33508,7 @@
           "documentation": "<p>The placement for the instance.</p>"
         },
         "RamdiskId": {
-          "shape": "String",
+          "shape": "RamdiskId",
           "documentation": "<p>The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\"> PV-GRUB</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>"
         },
         "SecurityGroupIds": {
@@ -27523,7 +33522,7 @@
           "locationName": "SecurityGroup"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>[EC2-VPC] The ID of the subnet to launch the instance into.</p> <p>If you specify a network interface, you must specify any subnets as part of the network interface.</p>"
         },
         "UserData": {
@@ -27537,7 +33536,8 @@
         },
         "ClientToken": {
           "shape": "String",
-          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>",
+          "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. If you do not specify a client token, a randomly generated token is used for the request to ensure idempotency.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>",
+          "idempotencyToken": true,
           "locationName": "clientToken"
         },
         "DisableApiTermination": {
@@ -27599,7 +33599,7 @@
         },
         "CreditSpecification": {
           "shape": "CreditSpecificationRequest",
-          "documentation": "<p>The credit option for CPU usage of the T2 or T3 instance. Valid values are <code>standard</code> and <code>unlimited</code>. To change this attribute after launch, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html\"> ModifyInstanceCreditSpecification</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Default: <code>standard</code> (T2 instances) or <code>unlimited</code> (T3 instances)</p>"
+          "documentation": "<p>The credit option for CPU usage of the burstable performance instance. Valid values are <code>standard</code> and <code>unlimited</code>. To change this attribute after launch, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html\"> ModifyInstanceCreditSpecification</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Default: <code>standard</code> (T2 instances) or <code>unlimited</code> (T3/T3a instances)</p>"
         },
         "CpuOptions": {
           "shape": "CpuOptionsRequest",
@@ -27617,6 +33617,10 @@
           "shape": "LicenseSpecificationListRequest",
           "documentation": "<p>The license configurations.</p>",
           "locationName": "LicenseSpecification"
+        },
+        "MetadataOptions": {
+          "shape": "InstanceMetadataOptionsRequest",
+          "documentation": "<p>The metadata options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html\">Instance Metadata and User Data</a>.</p>"
         }
       }
     },
@@ -27645,7 +33649,7 @@
           "documentation": "<p>The launch specification. You must match the instance type, Availability Zone, network, and platform of the schedule that you purchased.</p>"
         },
         "ScheduledInstanceId": {
-          "shape": "String",
+          "shape": "ScheduledInstanceId",
           "documentation": "<p>The Scheduled Instance ID.</p>"
         }
       },
@@ -27851,10 +33855,13 @@
         "locationName": "item"
       }
     },
+    "ScheduledInstanceId": {
+      "type": "string"
+    },
     "ScheduledInstanceIdRequestSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "ScheduledInstanceId",
         "locationName": "ScheduledInstanceId"
       }
     },
@@ -27968,7 +33975,7 @@
           "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For io1 volumes, this represents the number of IOPS that are provisioned for the volume. For <code>gp2</code> volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about <code>gp2</code> baseline performance, I/O credits, and bursting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Constraint: Range is 100-20000 IOPS for <code>io1</code> volumes and 100-10000 IOPS for <code>gp2</code> volumes.</p> <p>Condition: This parameter is required for requests to create <code>io1</code>volumes; it is not used in requests to create <code>gp2</code>, <code>st1</code>, <code>sc1</code>, or <code>standard</code> volumes.</p>"
         },
         "SnapshotId": {
-          "shape": "String",
+          "shape": "SnapshotId",
           "documentation": "<p>The ID of the snapshot.</p>"
         },
         "VolumeSize": {
@@ -27977,7 +33984,7 @@
         },
         "VolumeType": {
           "shape": "String",
-          "documentation": "<p>The volume type. <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, Throughput Optimized HDD for <code>st1</code>, Cold HDD for <code>sc1</code>, or <code>standard</code> for Magnetic.</p> <p>Default: <code>standard</code> </p>"
+          "documentation": "<p>The volume type. <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, Throughput Optimized HDD for <code>st1</code>, Cold HDD for <code>sc1</code>, or <code>standard</code> for Magnetic.</p> <p>Default: <code>gp2</code> </p>"
         }
       },
       "documentation": "<p>Describes an EBS volume for a Scheduled Instance.</p>"
@@ -28033,7 +34040,7 @@
           "documentation": "<p>The IAM instance profile.</p>"
         },
         "ImageId": {
-          "shape": "String",
+          "shape": "ImageId",
           "documentation": "<p>The ID of the Amazon Machine Image (AMI).</p>"
         },
         "InstanceType": {
@@ -28041,11 +34048,11 @@
           "documentation": "<p>The instance type.</p>"
         },
         "KernelId": {
-          "shape": "String",
+          "shape": "KernelId",
           "documentation": "<p>The ID of the kernel.</p>"
         },
         "KeyName": {
-          "shape": "String",
+          "shape": "KeyPairName",
           "documentation": "<p>The name of the key pair.</p>"
         },
         "Monitoring": {
@@ -28062,7 +34069,7 @@
           "documentation": "<p>The placement information.</p>"
         },
         "RamdiskId": {
-          "shape": "String",
+          "shape": "RamdiskId",
           "documentation": "<p>The ID of the RAM disk.</p>"
         },
         "SecurityGroupIds": {
@@ -28071,7 +34078,7 @@
           "locationName": "SecurityGroupId"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet in which to launch the instances.</p>"
         },
         "UserData": {
@@ -28125,7 +34132,7 @@
           "locationName": "Ipv6Address"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>"
         },
         "PrivateIpAddress": {
@@ -28142,7 +34149,7 @@
           "documentation": "<p>The number of secondary private IPv4 addresses.</p>"
         },
         "SubnetId": {
-          "shape": "String",
+          "shape": "SubnetId",
           "documentation": "<p>The ID of the subnet.</p>"
         }
       },
@@ -28163,7 +34170,7 @@
           "documentation": "<p>The Availability Zone.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "PlacementGroupName",
           "documentation": "<p>The name of the placement group.</p>"
         }
       },
@@ -28186,10 +34193,96 @@
     "ScheduledInstancesSecurityGroupIdSet": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupId",
         "locationName": "SecurityGroupId"
       }
     },
+    "SearchLocalGatewayRoutesRequest": {
+      "type": "structure",
+      "required": [
+        "LocalGatewayRouteTableId",
+        "Filters"
+      ],
+      "members": {
+        "LocalGatewayRouteTableId": {
+          "shape": "LocalGatewayRoutetableId",
+          "documentation": "<p>The ID of the local gateway route table.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters.</p>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "MaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "SearchLocalGatewayRoutesResult": {
+      "type": "structure",
+      "members": {
+        "Routes": {
+          "shape": "LocalGatewayRouteList",
+          "documentation": "<p>Information about the routes.</p>",
+          "locationName": "routeSet"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
+    "SearchTransitGatewayMulticastGroupsRequest": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "TransitGatewayMulticastDomainId",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>"
+        },
+        "Filters": {
+          "shape": "FilterList",
+          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>group-ip-address</code> - The IP address of the transit gateway multicast group.</p> </li> <li> <p> <code>is-group-member</code> - The resource is a group member. Valid values are <code>true</code> | <code>false</code>.</p> </li> <li> <p> <code>is-group-source</code> - The resource is a group source. Valid values are <code>true</code> | <code>false</code>.</p> </li> <li> <p> <code>member-type</code> - The member type. Valid values are <code>igmp</code> | <code>static</code>.</p> </li> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The type of resource. Valid values are <code>vpc</code> | <code>vpn</code> | <code>direct-connect-gateway</code> | <code>tgw-peering</code>.</p> </li> <li> <p> <code>source-type</code> - The source type. Valid values are <code>igmp</code> | <code>static</code>.</p> </li> <li> <p> <code>state</code> - The state of the subnet association. Valid values are <code>associated</code> | <code>associated</code> | <code>disassociated</code> | <code>disassociating</code>.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet.</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The id of the transit gateway attachment.</p> </li> </ul>",
+          "locationName": "Filter"
+        },
+        "MaxResults": {
+          "shape": "TransitGatewayMaxResults",
+          "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token for the next page of results.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "SearchTransitGatewayMulticastGroupsResult": {
+      "type": "structure",
+      "members": {
+        "MulticastGroups": {
+          "shape": "TransitGatewayMulticastGroupList",
+          "documentation": "<p>Information about the transit gateway multicast group.</p>",
+          "locationName": "multicastGroups"
+        },
+        "NextToken": {
+          "shape": "String",
+          "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>",
+          "locationName": "nextToken"
+        }
+      }
+    },
     "SearchTransitGatewayRoutesRequest": {
       "type": "structure",
       "required": [
@@ -28198,12 +34291,12 @@
       ],
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>"
         },
         "Filters": {
           "shape": "FilterList",
-          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>attachment.transit-gateway-attachment-id</code>- The id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-type</code> - The attachment resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>route-search.exact-match</code> - The exact match of the specified filter.</p> </li> <li> <p> <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p> </li> <li> <p> <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p> </li> <li> <p> <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p> </li> <li> <p> <code>state</code> - The state of the route (<code>active</code> | <code>blackhole</code>).</p> </li> <li> <p> <code>type</code> - The type of roue (<code>propagated</code> | <code>static</code>).</p> </li> </ul>",
+          "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>attachment.transit-gateway-attachment-id</code>- The id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-type</code> - The attachment resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>route-search.exact-match</code> - The exact match of the specified filter.</p> </li> <li> <p> <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p> </li> <li> <p> <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p> </li> <li> <p> <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p> </li> <li> <p> <code>state</code> - The state of the route (<code>active</code> | <code>blackhole</code>).</p> </li> <li> <p> <code>type</code> - The type of route (<code>propagated</code> | <code>static</code>).</p> </li> </ul>",
           "locationName": "Filter"
         },
         "MaxResults": {
@@ -28277,10 +34370,13 @@
       },
       "documentation": "<p>Describes a security group</p>"
     },
+    "SecurityGroupId": {
+      "type": "string"
+    },
     "SecurityGroupIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupId",
         "locationName": "SecurityGroupId"
       }
     },
@@ -28307,6 +34403,9 @@
         "locationName": "item"
       }
     },
+    "SecurityGroupName": {
+      "type": "string"
+    },
     "SecurityGroupReference": {
       "type": "structure",
       "members": {
@@ -28338,10 +34437,30 @@
     "SecurityGroupStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SecurityGroupName",
         "locationName": "SecurityGroup"
       }
     },
+    "SendDiagnosticInterruptRequest": {
+      "type": "structure",
+      "required": [
+        "InstanceId"
+      ],
+      "members": {
+        "InstanceId": {
+          "shape": "InstanceId",
+          "documentation": "<p>The ID of the instance.</p>"
+        },
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        }
+      }
+    },
+    "SensitiveUserData": {
+      "type": "string",
+      "sensitive": true
+    },
     "ServiceConfiguration": {
       "type": "structure",
       "members": {
@@ -28367,7 +34486,7 @@
         },
         "AvailabilityZones": {
           "shape": "ValueStringList",
-          "documentation": "<p>In the Availability Zones in which the service is available.</p>",
+          "documentation": "<p>The Availability Zones in which the service is available.</p>",
           "locationName": "availabilityZoneSet"
         },
         "AcceptanceRequired": {
@@ -28377,7 +34496,7 @@
         },
         "ManagesVpcEndpoints": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates whether the service manages it's VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>",
+          "documentation": "<p>Indicates whether the service manages its VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>",
           "locationName": "managesVpcEndpoints"
         },
         "NetworkLoadBalancerArns": {
@@ -28395,6 +34514,11 @@
           "documentation": "<p>The private DNS name for the service.</p>",
           "locationName": "privateDnsName"
         },
+        "PrivateDnsNameConfiguration": {
+          "shape": "PrivateDnsNameConfiguration",
+          "documentation": "<p>Information about the endpoint service private DNS name configuration.</p>",
+          "locationName": "privateDnsNameConfiguration"
+        },
         "Tags": {
           "shape": "TagList",
           "documentation": "<p>Any tags assigned to the service.</p>",
@@ -28460,13 +34584,18 @@
         },
         "ManagesVpcEndpoints": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates whether the service manages it's VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>",
+          "documentation": "<p>Indicates whether the service manages its VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>",
           "locationName": "managesVpcEndpoints"
         },
         "Tags": {
           "shape": "TagList",
           "documentation": "<p>Any tags assigned to the service.</p>",
           "locationName": "tagSet"
+        },
+        "PrivateDnsNameVerificationState": {
+          "shape": "DnsNameState",
+          "documentation": "<p>The verification state of the VPC endpoint service.</p> <p>Consumers of the endpoint service cannot use the private name when the state is not <code>verified</code>.</p>",
+          "locationName": "privateDnsNameVerificationState"
         }
       },
       "documentation": "<p>Describes a VPC endpoint service.</p>"
@@ -28720,10 +34849,13 @@
       },
       "documentation": "<p>The disk container object for the import snapshot request.</p>"
     },
+    "SnapshotId": {
+      "type": "string"
+    },
     "SnapshotIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SnapshotId",
         "locationName": "SnapshotId"
       }
     },
@@ -28870,7 +35002,8 @@
       "type": "string",
       "enum": [
         "lowest-price",
-        "diversified"
+        "diversified",
+        "capacity-optimized"
       ]
     },
     "SpotDatafeedSubscription": {
@@ -28919,7 +35052,7 @@
         },
         "BlockDeviceMappings": {
           "shape": "BlockDeviceMappingList",
-          "documentation": "<p>One or more block devices that are mapped to the Spot instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.</p>",
+          "documentation": "<p>One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.</p>",
           "locationName": "blockDeviceMapping"
         },
         "EbsOptimized": {
@@ -28979,7 +35112,7 @@
         },
         "SubnetId": {
           "shape": "String",
-          "documentation": "<p>The ID of the subnet in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-a61dafcf, subnet-65ea5f08\".</p>",
+          "documentation": "<p>The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".</p>",
           "locationName": "subnetId"
         },
         "UserData": {
@@ -29020,7 +35153,7 @@
           "locationName": "activityStatus"
         },
         "CreateTime": {
-          "shape": "DateTime",
+          "shape": "MillisecondDateTime",
           "documentation": "<p>The creation date and time of the request.</p>",
           "locationName": "createTime"
         },
@@ -29038,6 +35171,11 @@
           "shape": "BatchState",
           "documentation": "<p>The state of the Spot Fleet request.</p>",
           "locationName": "spotFleetRequestState"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for a Spot Fleet resource.</p>",
+          "locationName": "tagSet"
         }
       },
       "documentation": "<p>Describes a Spot Fleet request.</p>"
@@ -29051,7 +35189,7 @@
       "members": {
         "AllocationStrategy": {
           "shape": "AllocationStrategy",
-          "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowestPrice</code>.</p>",
+          "documentation": "<p>Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet request.</p> <p>If the allocation strategy is <code>lowestPrice</code>, Spot Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.</p> <p>If the allocation strategy is <code>diversified</code>, Spot Fleet launches instances from all the Spot Instance pools that you specify.</p> <p>If the allocation strategy is <code>capacityOptimized</code>, Spot Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.</p>",
           "locationName": "allocationStrategy"
         },
         "OnDemandAllocationStrategy": {
@@ -29081,7 +35219,7 @@
         },
         "IamFleetRole": {
           "shape": "String",
-          "documentation": "<p>The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites\">Spot Fleet Prerequisites</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>. Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using <a>CancelSpotFleetRequests</a> or when the Spot Fleet request expires, if you set <code>TerminateInstancesWithExpiration</code>.</p>",
+          "documentation": "<p>The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites\">Spot Fleet Prerequisites</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>. Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CancelSpotFleetRequests\">CancelSpotFleetRequests</a> or when the Spot Fleet request expires, if you set <code>TerminateInstancesWithExpiration</code>.</p>",
           "locationName": "iamFleetRole"
         },
         "LaunchSpecifications": {
@@ -29109,6 +35247,16 @@
           "documentation": "<p>The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>",
           "locationName": "onDemandTargetCapacity"
         },
+        "OnDemandMaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the <code>onDemandMaxTotalPrice</code> parameter, the <code>spotMaxTotalPrice</code> parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.</p>",
+          "locationName": "onDemandMaxTotalPrice"
+        },
+        "SpotMaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for Spot Instances that you're willing to pay. You can use the <code>spotdMaxTotalPrice</code> parameter, the <code>onDemandMaxTotalPrice</code> parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.</p>",
+          "locationName": "spotMaxTotalPrice"
+        },
         "TerminateInstancesWithExpiration": {
           "shape": "Boolean",
           "documentation": "<p>Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.</p>",
@@ -29148,6 +35296,11 @@
           "shape": "Integer",
           "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot <b>AllocationStrategy</b> is set to <code>lowest-price</code>. Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>",
           "locationName": "instancePoolsToUseCount"
+        },
+        "TagSpecifications": {
+          "shape": "TagSpecificationList",
+          "documentation": "<p>The key-value pair for tagging the Spot Fleet request on creation. The value for <code>ResourceType</code> must be <code>spot-fleet-request</code>, otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template\">launch template</a> (valid only if you use <code>LaunchTemplateConfigs</code>) or in the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html\"> <code>SpotFleetTagSpecification</code> </a> (valid only if you use <code>LaunchSpecifications</code>). For information about tagging after launch, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources\">Tagging Your Resources</a>.</p>",
+          "locationName": "TagSpecification"
         }
       },
       "documentation": "<p>Describes the configuration of a Spot Fleet request.</p>"
@@ -29159,12 +35312,22 @@
         "locationName": "item"
       }
     },
+    "SpotFleetRequestId": {
+      "type": "string"
+    },
+    "SpotFleetRequestIdList": {
+      "type": "list",
+      "member": {
+        "shape": "SpotFleetRequestId",
+        "locationName": "item"
+      }
+    },
     "SpotFleetTagSpecification": {
       "type": "structure",
       "members": {
         "ResourceType": {
           "shape": "ResourceType",
-          "documentation": "<p>The type of resource. Currently, the only resource type that is supported is <code>instance</code>.</p>",
+          "documentation": "<p>The type of resource. Currently, the only resource type that is supported is <code>instance</code>. To tag the Spot Fleet request on creation, use the <code>TagSpecifications</code> parameter in <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html\"> <code>SpotFleetRequestConfigData</code> </a>.</p>",
           "locationName": "resourceType"
         },
         "Tags": {
@@ -29219,7 +35382,7 @@
           "locationName": "fault"
         },
         "InstanceId": {
-          "shape": "String",
+          "shape": "InstanceId",
           "documentation": "<p>The instance ID, if an instance has been launched to fulfill the Spot Instance request.</p>",
           "locationName": "instanceId"
         },
@@ -29291,10 +35454,13 @@
       },
       "documentation": "<p>Describes a Spot Instance request.</p>"
     },
+    "SpotInstanceRequestId": {
+      "type": "string"
+    },
     "SpotInstanceRequestIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SpotInstanceRequestId",
         "locationName": "SpotInstanceRequestId"
       }
     },
@@ -29368,7 +35534,7 @@
         },
         "SpotInstanceType": {
           "shape": "SpotInstanceType",
-          "documentation": "<p>The Spot Instance request type. For <a>RunInstances</a>, persistent Spot Instance requests are only supported when <b>InstanceInterruptionBehavior</b> is set to either <code>hibernate</code> or <code>stop</code>.</p>"
+          "documentation": "<p>The Spot Instance request type. For <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances\">RunInstances</a>, persistent Spot Instance requests are only supported when <b>InstanceInterruptionBehavior</b> is set to either <code>hibernate</code> or <code>stop</code>.</p>"
         },
         "BlockDurationMinutes": {
           "shape": "Integer",
@@ -29390,7 +35556,7 @@
       "members": {
         "AllocationStrategy": {
           "shape": "SpotAllocationStrategy",
-          "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowest-price</code>.</p>",
+          "documentation": "<p>Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.</p> <p>If the allocation strategy is <code>lowest-price</code>, EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.</p> <p>If the allocation strategy is <code>diversified</code>, EC2 Fleet launches instances from all of the Spot Instance pools that you specify.</p> <p>If the allocation strategy is <code>capacity-optimized</code>, EC2 Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.</p>",
           "locationName": "allocationStrategy"
         },
         "InstanceInterruptionBehavior": {
@@ -29400,23 +35566,28 @@
         },
         "InstancePoolsToUseCount": {
           "shape": "Integer",
-          "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when <b>AllocationStrategy</b> is set to <code>lowestPrice</code>. EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>",
+          "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when <b>AllocationStrategy</b> is set to <code>lowest-price</code>. EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>",
           "locationName": "instancePoolsToUseCount"
         },
         "SingleInstanceType": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.</p>",
+          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet. Supported only for fleets of type <code>instant</code>.</p>",
           "locationName": "singleInstanceType"
         },
         "SingleAvailabilityZone": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone.</p>",
+          "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone. Supported only for fleets of type <code>instant</code>.</p>",
           "locationName": "singleAvailabilityZone"
         },
         "MinTargetCapacity": {
           "shape": "Integer",
           "documentation": "<p>The minimum target capacity for Spot Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>",
           "locationName": "minTargetCapacity"
+        },
+        "MaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for Spot Instances that you're willing to pay.</p>",
+          "locationName": "maxTotalPrice"
         }
       },
       "documentation": "<p>Describes the configuration of Spot Instances in an EC2 Fleet.</p>"
@@ -29426,7 +35597,7 @@
       "members": {
         "AllocationStrategy": {
           "shape": "SpotAllocationStrategy",
-          "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowestPrice</code>.</p>"
+          "documentation": "<p>Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.</p> <p>If the allocation strategy is <code>lowest-price</code>, EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.</p> <p>If the allocation strategy is <code>diversified</code>, EC2 Fleet launches instances from all of the Spot Instance pools that you specify.</p> <p>If the allocation strategy is <code>capacity-optimized</code>, EC2 Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.</p>"
         },
         "InstanceInterruptionBehavior": {
           "shape": "SpotInstanceInterruptionBehavior",
@@ -29438,15 +35609,19 @@
         },
         "SingleInstanceType": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.</p>"
+          "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet. Supported only for fleets of type <code>instant</code>.</p>"
         },
         "SingleAvailabilityZone": {
           "shape": "Boolean",
-          "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone.</p>"
+          "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone. Supported only for fleets of type <code>instant</code>.</p>"
         },
         "MinTargetCapacity": {
           "shape": "Integer",
           "documentation": "<p>The minimum target capacity for Spot Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>"
+        },
+        "MaxTotalPrice": {
+          "shape": "String",
+          "documentation": "<p>The maximum amount per hour for Spot Instances that you're willing to pay.</p>"
         }
       },
       "documentation": "<p>Describes the configuration of Spot Instances in an EC2 Fleet request.</p>"
@@ -29629,6 +35804,32 @@
         }
       }
     },
+    "StartVpcEndpointServicePrivateDnsVerificationRequest": {
+      "type": "structure",
+      "required": [
+        "ServiceId"
+      ],
+      "members": {
+        "DryRun": {
+          "shape": "Boolean",
+          "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
+        },
+        "ServiceId": {
+          "shape": "VpcEndpointServiceId",
+          "documentation": "<p>The ID of the endpoint service.</p>"
+        }
+      }
+    },
+    "StartVpcEndpointServicePrivateDnsVerificationResult": {
+      "type": "structure",
+      "members": {
+        "ReturnValue": {
+          "shape": "Boolean",
+          "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>",
+          "locationName": "return"
+        }
+      }
+    },
     "State": {
       "type": "string",
       "enum": [
@@ -29778,6 +35979,16 @@
           "documentation": "<p>Indicates whether instances launched in this subnet receive a public IPv4 address.</p>",
           "locationName": "mapPublicIpOnLaunch"
         },
+        "MapCustomerOwnedIpOnLaunch": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether a network interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives a customer-owned IPv4 address.</p>",
+          "locationName": "mapCustomerOwnedIpOnLaunch"
+        },
+        "CustomerOwnedIpv4Pool": {
+          "shape": "CoipPoolId",
+          "documentation": "<p>The customer-owned IPv4 address pool associated with the subnet.</p>",
+          "locationName": "customerOwnedIpv4Pool"
+        },
         "State": {
           "shape": "SubnetState",
           "documentation": "<p>The current state of the subnet.</p>",
@@ -29817,10 +36028,41 @@
           "shape": "String",
           "documentation": "<p>The Amazon Resource Name (ARN) of the subnet.</p>",
           "locationName": "subnetArn"
+        },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
         }
       },
       "documentation": "<p>Describes a subnet.</p>"
     },
+    "SubnetAssociation": {
+      "type": "structure",
+      "members": {
+        "SubnetId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the subnet.</p>",
+          "locationName": "subnetId"
+        },
+        "State": {
+          "shape": "TransitGatewayMulitcastDomainAssociationState",
+          "documentation": "<p>The state of the subnet association.</p>",
+          "locationName": "state"
+        }
+      },
+      "documentation": "<p>Describes the subnet association with the transit gateway multicast domain.</p>"
+    },
+    "SubnetAssociationList": {
+      "type": "list",
+      "member": {
+        "shape": "SubnetAssociation",
+        "locationName": "item"
+      }
+    },
+    "SubnetCidrAssociationId": {
+      "type": "string"
+    },
     "SubnetCidrBlockState": {
       "type": "structure",
       "members": {
@@ -29848,10 +36090,13 @@
         "failed"
       ]
     },
+    "SubnetId": {
+      "type": "string"
+    },
     "SubnetIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "SubnetId",
         "locationName": "SubnetId"
       }
     },
@@ -29906,7 +36151,7 @@
           "locationName": "instanceId"
         }
       },
-      "documentation": "<p>Describes the T2 or T3 instance whose credit option for CPU usage was successfully modified.</p>"
+      "documentation": "<p>Describes the burstable performance instance whose credit option for CPU usage was successfully modified.</p>"
     },
     "SuccessfulInstanceCreditSpecificationSet": {
       "type": "list",
@@ -29915,6 +36160,24 @@
         "locationName": "item"
       }
     },
+    "SuccessfulQueuedPurchaseDeletion": {
+      "type": "structure",
+      "members": {
+        "ReservedInstancesId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the Reserved Instance.</p>",
+          "locationName": "reservedInstancesId"
+        }
+      },
+      "documentation": "<p>Describes a Reserved Instance whose queued purchase was successfully deleted.</p>"
+    },
+    "SuccessfulQueuedPurchaseDeletionSet": {
+      "type": "list",
+      "member": {
+        "shape": "SuccessfulQueuedPurchaseDeletion",
+        "locationName": "item"
+      }
+    },
     "SummaryStatus": {
       "type": "string",
       "enum": [
@@ -29986,7 +36249,7 @@
       "members": {
         "ResourceType": {
           "shape": "ResourceType",
-          "documentation": "<p>The type of resource to tag. Currently, the resource types that support tagging on creation are <code>fleet</code>, <code>dedicated-host</code>, <code>instance</code>, <code>snapshot</code>, and <code>volume</code>. To tag a resource after it has been created, see <a>CreateTags</a>.</p>",
+          "documentation": "<p>The type of resource to tag. Currently, the resource types that support tagging on creation are: <code>capacity-reservation</code> | <code>client-vpn-endpoint</code> | <code>dedicated-host</code> | <code>fleet</code> | <code>fpga-image</code> | <code>instance</code> | <code>key-pair</code> | <code>launch-template</code> | | <code>natgateway</code> | <code>spot-fleet-request</code> | <code>placement-group</code> | <code>snapshot</code> | <code>traffic-mirror-filter</code> | <code>traffic-mirror-session</code> | <code>traffic-mirror-target</code> | <code>transit-gateway</code> | <code>transit-gateway-attachment</code> | <code>transit-gateway-route-table</code> | <code>vpc-endpoint</code> (for interface VPC endpoints)| <code>vpc-endpoint-service</code> (for gateway VPC endpoints) | <code>volume</code> | <code>vpc-flow-log</code>.</p> <p>To tag a resource after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>",
           "locationName": "resourceType"
         },
         "Tags": {
@@ -30004,6 +36267,9 @@
         "locationName": "item"
       }
     },
+    "TaggableResourceId": {
+      "type": "string"
+    },
     "TargetCapacitySpecification": {
       "type": "structure",
       "members": {
@@ -30014,12 +36280,12 @@
         },
         "OnDemandTargetCapacity": {
           "shape": "Integer",
-          "documentation": "<p>The number of On-Demand units to request.</p>",
+          "documentation": "<p>The number of On-Demand units to request. If you specify a target capacity for Spot units, you cannot specify a target capacity for On-Demand units.</p>",
           "locationName": "onDemandTargetCapacity"
         },
         "SpotTargetCapacity": {
           "shape": "Integer",
-          "documentation": "<p>The maximum number of Spot units to launch.</p>",
+          "documentation": "<p>The maximum number of Spot units to launch. If you specify a target capacity for On-Demand units, you cannot specify a target capacity for Spot units.</p>",
           "locationName": "spotTargetCapacity"
         },
         "DefaultTargetCapacityType": {
@@ -30028,7 +36294,7 @@
           "locationName": "defaultTargetCapacityType"
         }
       },
-      "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>"
+      "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p> <p>You can use the On-Demand Instance <code>MaxTotalPrice</code> parameter, the Spot Instance <code>MaxTotalPrice</code>, or both to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch instances until it reaches the maximum amount that you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity. The <code>MaxTotalPrice</code> parameters are located in <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptions.html\">OnDemandOptions</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptions\">SpotOptions</a> </p>"
     },
     "TargetCapacitySpecificationRequest": {
       "type": "structure",
@@ -30053,7 +36319,7 @@
           "documentation": "<p>The default <code>TotalTargetCapacity</code>, which is either <code>Spot</code> or <code>On-Demand</code>.</p>"
         }
       },
-      "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>"
+      "documentation": "<p>The number of units to request. You can choose to set the target capacity as the number of instances. Or you can set the target capacity to a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p> <p>You can use the On-Demand Instance <code>MaxTotalPrice</code> parameter, the Spot Instance <code>MaxTotalPrice</code> parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch instances until it reaches the maximum amount that you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity. The <code>MaxTotalPrice</code> parameters are located in <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptionsRequest\">OnDemandOptionsRequest</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptionsRequest\">SpotOptionsRequest</a>.</p>"
     },
     "TargetConfiguration": {
       "type": "structure",
@@ -30082,7 +36348,7 @@
           "documentation": "<p>The number of instances the Covertible Reserved Instance offering can be applied to. This parameter is reserved and cannot be specified in a request</p>"
         },
         "OfferingId": {
-          "shape": "String",
+          "shape": "ReservedInstancesOfferingId",
           "documentation": "<p>The Convertible Reserved Instance offering ID.</p>"
         }
       },
@@ -30214,11 +36480,11 @@
       ],
       "members": {
         "ClientVpnEndpointId": {
-          "shape": "String",
+          "shape": "ClientVpnEndpointId",
           "documentation": "<p>The ID of the Client VPN endpoint to which the client is connected.</p>"
         },
         "ConnectionId": {
-          "shape": "String",
+          "shape": "VpnConnectionId",
           "documentation": "<p>The ID of the client connection to be terminated.</p>"
         },
         "Username": {
@@ -30307,6 +36573,16 @@
         }
       }
     },
+    "ThreadsPerCore": {
+      "type": "integer"
+    },
+    "ThreadsPerCoreList": {
+      "type": "list",
+      "member": {
+        "shape": "ThreadsPerCore",
+        "locationName": "item"
+      }
+    },
     "TrafficDirection": {
       "type": "string",
       "enum": [
@@ -30350,6 +36626,16 @@
       },
       "documentation": "<p>Describes the Traffic Mirror filter.</p>"
     },
+    "TrafficMirrorFilterId": {
+      "type": "string"
+    },
+    "TrafficMirrorFilterIdList": {
+      "type": "list",
+      "member": {
+        "shape": "TrafficMirrorFilterId",
+        "locationName": "item"
+      }
+    },
     "TrafficMirrorFilterRule": {
       "type": "structure",
       "members": {
@@ -30426,6 +36712,9 @@
         "shape": "TrafficMirrorFilterRuleField"
       }
     },
+    "TrafficMirrorFilterRuleId": {
+      "type": "string"
+    },
     "TrafficMirrorFilterRuleList": {
       "type": "list",
       "member": {
@@ -30560,6 +36849,16 @@
         "shape": "TrafficMirrorSessionField"
       }
     },
+    "TrafficMirrorSessionId": {
+      "type": "string"
+    },
+    "TrafficMirrorSessionIdList": {
+      "type": "list",
+      "member": {
+        "shape": "TrafficMirrorSessionId",
+        "locationName": "item"
+      }
+    },
     "TrafficMirrorSessionSet": {
       "type": "list",
       "member": {
@@ -30608,6 +36907,16 @@
       },
       "documentation": "<p>Describes a Traffic Mirror target.</p>"
     },
+    "TrafficMirrorTargetId": {
+      "type": "string"
+    },
+    "TrafficMirrorTargetIdList": {
+      "type": "list",
+      "member": {
+        "shape": "TrafficMirrorTargetId",
+        "locationName": "item"
+      }
+    },
     "TrafficMirrorTargetSet": {
       "type": "list",
       "member": {
@@ -30635,6 +36944,9 @@
         "ALL"
       ]
     },
+    "TransitAssociationGatewayId": {
+      "type": "string"
+    },
     "TransitGateway": {
       "type": "structure",
       "members": {
@@ -30685,12 +36997,12 @@
       "type": "structure",
       "members": {
         "TransitGatewayRouteTableId": {
-          "shape": "String",
+          "shape": "TransitGatewayRouteTableId",
           "documentation": "<p>The ID of the transit gateway route table.</p>",
           "locationName": "transitGatewayRouteTableId"
         },
         "TransitGatewayAttachmentId": {
-          "shape": "String",
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>",
           "locationName": "transitGatewayAttachmentId"
         },
@@ -30793,10 +37105,13 @@
       },
       "documentation": "<p>Describes an association.</p>"
     },
+    "TransitGatewayAttachmentId": {
+      "type": "string"
+    },
     "TransitGatewayAttachmentIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String"
+        "shape": "TransitGatewayAttachmentId"
       }
     },
     "TransitGatewayAttachmentList": {
@@ -30834,12 +37149,14 @@
       "enum": [
         "vpc",
         "vpn",
-        "direct-connect-gateway"
+        "direct-connect-gateway",
+        "tgw-peering"
       ]
     },
     "TransitGatewayAttachmentState": {
       "type": "string",
       "enum": [
+        "initiating",
         "pendingAcceptance",
         "rollingBack",
         "pending",
@@ -30853,10 +37170,13 @@
         "failing"
       ]
     },
+    "TransitGatewayId": {
+      "type": "string"
+    },
     "TransitGatewayIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "TransitGatewayId",
         "locationName": "item"
       }
     },
@@ -30872,6 +37192,290 @@
       "max": 1000,
       "min": 5
     },
+    "TransitGatewayMulitcastDomainAssociationState": {
+      "type": "string",
+      "enum": [
+        "associating",
+        "associated",
+        "disassociating",
+        "disassociated"
+      ]
+    },
+    "TransitGatewayMulticastDeregisteredGroupMembers": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "DeregisteredNetworkInterfaceIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The network interface IDs of the deregistered members.</p>",
+          "locationName": "deregisteredNetworkInterfaceIds"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>",
+          "locationName": "groupIpAddress"
+        }
+      },
+      "documentation": "<p>Describes the deregistered transit gateway multicast group members.</p>"
+    },
+    "TransitGatewayMulticastDeregisteredGroupSources": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "DeregisteredNetworkInterfaceIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The network interface IDs of the non-registered members.</p>",
+          "locationName": "deregisteredNetworkInterfaceIds"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>",
+          "locationName": "groupIpAddress"
+        }
+      },
+      "documentation": "<p>Describes the deregistered transit gateway multicast group sources.</p>"
+    },
+    "TransitGatewayMulticastDomain": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "TransitGatewayId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway.</p>",
+          "locationName": "transitGatewayId"
+        },
+        "State": {
+          "shape": "TransitGatewayMulticastDomainState",
+          "documentation": "<p>The state of the transit gateway multicast domain.</p>",
+          "locationName": "state"
+        },
+        "CreationTime": {
+          "shape": "DateTime",
+          "documentation": "<p>The time the transit gateway multicast domain was created.</p>",
+          "locationName": "creationTime"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the transit gateway multicast domain.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes the transit gateway multicast domain.</p>"
+    },
+    "TransitGatewayMulticastDomainAssociation": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayAttachmentId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway attachment.</p>",
+          "locationName": "transitGatewayAttachmentId"
+        },
+        "ResourceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the resource.</p>",
+          "locationName": "resourceId"
+        },
+        "ResourceType": {
+          "shape": "TransitGatewayAttachmentResourceType",
+          "documentation": "<p>The type of resource, for example a VPC attachment.</p>",
+          "locationName": "resourceType"
+        },
+        "Subnet": {
+          "shape": "SubnetAssociation",
+          "documentation": "<p>The subnet associated with the transit gateway multicast domain.</p>",
+          "locationName": "subnet"
+        }
+      },
+      "documentation": "<p>Describes the resources associated with the transit gateway multicast domain.</p>"
+    },
+    "TransitGatewayMulticastDomainAssociationList": {
+      "type": "list",
+      "member": {
+        "shape": "TransitGatewayMulticastDomainAssociation",
+        "locationName": "item"
+      }
+    },
+    "TransitGatewayMulticastDomainAssociations": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "TransitGatewayAttachmentId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway attachment.</p>",
+          "locationName": "transitGatewayAttachmentId"
+        },
+        "ResourceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the resource.</p>",
+          "locationName": "resourceId"
+        },
+        "ResourceType": {
+          "shape": "TransitGatewayAttachmentResourceType",
+          "documentation": "<p>The type of resource, for example a VPC attachment.</p>",
+          "locationName": "resourceType"
+        },
+        "Subnets": {
+          "shape": "SubnetAssociationList",
+          "documentation": "<p>The subnets associated with the multicast domain.</p>",
+          "locationName": "subnets"
+        }
+      },
+      "documentation": "<p>Describes the multicast domain associations.</p>"
+    },
+    "TransitGatewayMulticastDomainId": {
+      "type": "string"
+    },
+    "TransitGatewayMulticastDomainIdStringList": {
+      "type": "list",
+      "member": {
+        "shape": "TransitGatewayMulticastDomainId",
+        "locationName": "item"
+      }
+    },
+    "TransitGatewayMulticastDomainList": {
+      "type": "list",
+      "member": {
+        "shape": "TransitGatewayMulticastDomain",
+        "locationName": "item"
+      }
+    },
+    "TransitGatewayMulticastDomainState": {
+      "type": "string",
+      "enum": [
+        "pending",
+        "available",
+        "deleting",
+        "deleted"
+      ]
+    },
+    "TransitGatewayMulticastGroup": {
+      "type": "structure",
+      "members": {
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>",
+          "locationName": "groupIpAddress"
+        },
+        "TransitGatewayAttachmentId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway attachment.</p>",
+          "locationName": "transitGatewayAttachmentId"
+        },
+        "SubnetId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the subnet.</p>",
+          "locationName": "subnetId"
+        },
+        "ResourceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the resource.</p>",
+          "locationName": "resourceId"
+        },
+        "ResourceType": {
+          "shape": "TransitGatewayAttachmentResourceType",
+          "documentation": "<p>The type of resource, for example a VPC attachment.</p>",
+          "locationName": "resourceType"
+        },
+        "NetworkInterfaceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway attachment.</p>",
+          "locationName": "networkInterfaceId"
+        },
+        "GroupMember": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates that the resource is a transit gateway multicast group member.</p>",
+          "locationName": "groupMember"
+        },
+        "GroupSource": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates that the resource is a transit gateway multicast group member.</p>",
+          "locationName": "groupSource"
+        },
+        "MemberType": {
+          "shape": "MembershipType",
+          "documentation": "<p>The member type (for example, <code>static</code>).</p>",
+          "locationName": "memberType"
+        },
+        "SourceType": {
+          "shape": "MembershipType",
+          "documentation": "<p>The source type.</p>",
+          "locationName": "sourceType"
+        }
+      },
+      "documentation": "<p>Describes the transit gateway multicast group resources.</p>"
+    },
+    "TransitGatewayMulticastGroupList": {
+      "type": "list",
+      "member": {
+        "shape": "TransitGatewayMulticastGroup",
+        "locationName": "item"
+      }
+    },
+    "TransitGatewayMulticastRegisteredGroupMembers": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "RegisteredNetworkInterfaceIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The ID of the registered network interfaces.</p>",
+          "locationName": "registeredNetworkInterfaceIds"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>",
+          "locationName": "groupIpAddress"
+        }
+      },
+      "documentation": "<p>Describes the registered transit gateway multicast group members.</p>"
+    },
+    "TransitGatewayMulticastRegisteredGroupSources": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayMulticastDomainId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the transit gateway multicast domain.</p>",
+          "locationName": "transitGatewayMulticastDomainId"
+        },
+        "RegisteredNetworkInterfaceIds": {
+          "shape": "ValueStringList",
+          "documentation": "<p>The IDs of the network interfaces members registered with the transit gateway multicast group.</p>",
+          "locationName": "registeredNetworkInterfaceIds"
+        },
+        "GroupIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The IP address assigned to the transit gateway multicast group.</p>",
+          "locationName": "groupIpAddress"
+        }
+      },
+      "documentation": "<p>Describes the members registered with the transit gateway multicast group.</p>"
+    },
+    "TransitGatewayNetworkInterfaceIdList": {
+      "type": "list",
+      "member": {
+        "shape": "NetworkInterfaceId",
+        "locationName": "item"
+      }
+    },
     "TransitGatewayOptions": {
       "type": "structure",
       "members": {
@@ -30914,15 +37518,68 @@
           "shape": "DnsSupportValue",
           "documentation": "<p>Indicates whether DNS support is enabled.</p>",
           "locationName": "dnsSupport"
+        },
+        "MulticastSupport": {
+          "shape": "MulticastSupportValue",
+          "documentation": "<p>Indicates whether multicast is enabled on the transit gateway</p>",
+          "locationName": "multicastSupport"
         }
       },
       "documentation": "<p>Describes the options for a transit gateway.</p>"
     },
-    "TransitGatewayPropagation": {
+    "TransitGatewayPeeringAttachment": {
       "type": "structure",
       "members": {
         "TransitGatewayAttachmentId": {
           "shape": "String",
+          "documentation": "<p>The ID of the transit gateway peering attachment.</p>",
+          "locationName": "transitGatewayAttachmentId"
+        },
+        "RequesterTgwInfo": {
+          "shape": "PeeringTgwInfo",
+          "documentation": "<p>Information about the requester transit gateway.</p>",
+          "locationName": "requesterTgwInfo"
+        },
+        "AccepterTgwInfo": {
+          "shape": "PeeringTgwInfo",
+          "documentation": "<p>Information about the accepter transit gateway.</p>",
+          "locationName": "accepterTgwInfo"
+        },
+        "Status": {
+          "shape": "PeeringAttachmentStatus",
+          "documentation": "<p>The status of the transit gateway peering attachment.</p>",
+          "locationName": "status"
+        },
+        "State": {
+          "shape": "TransitGatewayAttachmentState",
+          "documentation": "<p>The state of the transit gateway peering attachment.</p>",
+          "locationName": "state"
+        },
+        "CreationTime": {
+          "shape": "DateTime",
+          "documentation": "<p>The time the transit gateway peering attachment was created.</p>",
+          "locationName": "creationTime"
+        },
+        "Tags": {
+          "shape": "TagList",
+          "documentation": "<p>The tags for the transit gateway peering attachment.</p>",
+          "locationName": "tagSet"
+        }
+      },
+      "documentation": "<p>Describes the transit gateway peering attachment.</p>"
+    },
+    "TransitGatewayPeeringAttachmentList": {
+      "type": "list",
+      "member": {
+        "shape": "TransitGatewayPeeringAttachment",
+        "locationName": "item"
+      }
+    },
+    "TransitGatewayPropagation": {
+      "type": "structure",
+      "members": {
+        "TransitGatewayAttachmentId": {
+          "shape": "TransitGatewayAttachmentId",
           "documentation": "<p>The ID of the attachment.</p>",
           "locationName": "transitGatewayAttachmentId"
         },
@@ -30984,6 +37641,10 @@
         "DnsSupport": {
           "shape": "DnsSupportValue",
           "documentation": "<p>Enable or disable DNS support.</p>"
+        },
+        "MulticastSupport": {
+          "shape": "MulticastSupportValue",
+          "documentation": "<p>Indicates whether multicast is enabled on the transit gateway</p>"
         }
       },
       "documentation": "<p>Describes the options for a transit gateway.</p>"
@@ -31133,10 +37794,13 @@
         "locationName": "item"
       }
     },
+    "TransitGatewayRouteTableId": {
+      "type": "string"
+    },
     "TransitGatewayRouteTableIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "TransitGatewayRouteTableId",
         "locationName": "item"
       }
     },
@@ -31206,6 +37870,13 @@
         "deleted"
       ]
     },
+    "TransitGatewaySubnetIdList": {
+      "type": "list",
+      "member": {
+        "shape": "SubnetId",
+        "locationName": "item"
+      }
+    },
     "TransitGatewayVpcAttachment": {
       "type": "structure",
       "members": {
@@ -31274,7 +37945,7 @@
         },
         "Ipv6Support": {
           "shape": "Ipv6SupportValue",
-          "documentation": "<p>Indicates whether IPv6 support is enabled.</p>",
+          "documentation": "<p>Indicates whether IPv6 support is disabled.</p>",
           "locationName": "ipv6Support"
         }
       },
@@ -31287,10 +37958,96 @@
         "udp"
       ]
     },
+    "TunnelOption": {
+      "type": "structure",
+      "members": {
+        "OutsideIpAddress": {
+          "shape": "String",
+          "documentation": "<p>The external IP address of the VPN tunnel.</p>",
+          "locationName": "outsideIpAddress"
+        },
+        "TunnelInsideCidr": {
+          "shape": "String",
+          "documentation": "<p>The range of inside IP addresses for the tunnel.</p>",
+          "locationName": "tunnelInsideCidr"
+        },
+        "PreSharedKey": {
+          "shape": "String",
+          "documentation": "<p>The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.</p>",
+          "locationName": "preSharedKey"
+        },
+        "Phase1LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 1 of the IKE negotiation, in seconds.</p>",
+          "locationName": "phase1LifetimeSeconds"
+        },
+        "Phase2LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 2 of the IKE negotiation, in seconds.</p>",
+          "locationName": "phase2LifetimeSeconds"
+        },
+        "RekeyMarginTimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey.</p>",
+          "locationName": "rekeyMarginTimeSeconds"
+        },
+        "RekeyFuzzPercentage": {
+          "shape": "Integer",
+          "documentation": "<p>The percentage of the rekey window determined by <code>RekeyMarginTimeSeconds</code> during which the rekey time is randomly selected.</p>",
+          "locationName": "rekeyFuzzPercentage"
+        },
+        "ReplayWindowSize": {
+          "shape": "Integer",
+          "documentation": "<p>The number of packets in an IKE replay window.</p>",
+          "locationName": "replayWindowSize"
+        },
+        "DpdTimeoutSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The number of seconds after which a DPD timeout occurs.</p>",
+          "locationName": "dpdTimeoutSeconds"
+        },
+        "Phase1EncryptionAlgorithms": {
+          "shape": "Phase1EncryptionAlgorithmsList",
+          "documentation": "<p>The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.</p>",
+          "locationName": "phase1EncryptionAlgorithmSet"
+        },
+        "Phase2EncryptionAlgorithms": {
+          "shape": "Phase2EncryptionAlgorithmsList",
+          "documentation": "<p>The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.</p>",
+          "locationName": "phase2EncryptionAlgorithmSet"
+        },
+        "Phase1IntegrityAlgorithms": {
+          "shape": "Phase1IntegrityAlgorithmsList",
+          "documentation": "<p>The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.</p>",
+          "locationName": "phase1IntegrityAlgorithmSet"
+        },
+        "Phase2IntegrityAlgorithms": {
+          "shape": "Phase2IntegrityAlgorithmsList",
+          "documentation": "<p>The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.</p>",
+          "locationName": "phase2IntegrityAlgorithmSet"
+        },
+        "Phase1DHGroupNumbers": {
+          "shape": "Phase1DHGroupNumbersList",
+          "documentation": "<p>The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.</p>",
+          "locationName": "phase1DHGroupNumberSet"
+        },
+        "Phase2DHGroupNumbers": {
+          "shape": "Phase2DHGroupNumbersList",
+          "documentation": "<p>The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.</p>",
+          "locationName": "phase2DHGroupNumberSet"
+        },
+        "IkeVersions": {
+          "shape": "IKEVersionsList",
+          "documentation": "<p>The IKE versions that are permitted for the VPN tunnel.</p>",
+          "locationName": "ikeVersionSet"
+        }
+      },
+      "documentation": "<p>The VPN tunnel options.</p>"
+    },
     "TunnelOptionsList": {
       "type": "list",
       "member": {
-        "shape": "VpnTunnelOptionsSpecification",
+        "shape": "TunnelOption",
         "locationName": "item"
       }
     },
@@ -31307,7 +38064,7 @@
           "locationName": "ipv6Addresses"
         },
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         }
@@ -31336,7 +38093,7 @@
       ],
       "members": {
         "NetworkInterfaceId": {
-          "shape": "String",
+          "shape": "NetworkInterfaceId",
           "documentation": "<p>The ID of the network interface.</p>",
           "locationName": "networkInterfaceId"
         },
@@ -31348,6 +38105,14 @@
       },
       "documentation": "<p>Contains the parameters for UnassignPrivateIpAddresses.</p>"
     },
+    "UnlimitedSupportedInstanceFamily": {
+      "type": "string",
+      "enum": [
+        "t2",
+        "t3",
+        "t3a"
+      ]
+    },
     "UnmonitorInstancesRequest": {
       "type": "structure",
       "required": [
@@ -31395,11 +38160,11 @@
         },
         "Error": {
           "shape": "UnsuccessfulInstanceCreditSpecificationItemError",
-          "documentation": "<p>The applicable error for the T2 or T3 instance whose credit option for CPU usage was not modified.</p>",
+          "documentation": "<p>The applicable error for the burstable performance instance whose credit option for CPU usage was not modified.</p>",
           "locationName": "error"
         }
       },
-      "documentation": "<p>Describes the T2 or T3 instance whose credit option for CPU usage was not modified.</p>"
+      "documentation": "<p>Describes the burstable performance instance whose credit option for CPU usage was not modified.</p>"
     },
     "UnsuccessfulInstanceCreditSpecificationItemError": {
       "type": "structure",
@@ -31415,7 +38180,7 @@
           "locationName": "message"
         }
       },
-      "documentation": "<p>Information about the error for the T2 or T3 instance whose credit option for CPU usage was not modified.</p>"
+      "documentation": "<p>Information about the error for the burstable performance instance whose credit option for CPU usage was not modified.</p>"
     },
     "UnsuccessfulInstanceCreditSpecificationSet": {
       "type": "list",
@@ -31481,11 +38246,11 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "SecurityGroupName",
           "documentation": "<p>[Default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>"
         },
         "IpPermissions": {
@@ -31515,11 +38280,11 @@
           "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
         },
         "GroupId": {
-          "shape": "String",
+          "shape": "SecurityGroupId",
           "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>"
         },
         "GroupName": {
-          "shape": "String",
+          "shape": "SecurityGroupName",
           "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>"
         },
         "IpPermissions": {
@@ -31538,6 +38303,20 @@
         }
       }
     },
+    "UsageClassType": {
+      "type": "string",
+      "enum": [
+        "spot",
+        "on-demand"
+      ]
+    },
+    "UsageClassTypeList": {
+      "type": "list",
+      "member": {
+        "shape": "UsageClassType",
+        "locationName": "item"
+      }
+    },
     "UserBucket": {
       "type": "structure",
       "members": {
@@ -31577,7 +38356,8 @@
           "locationName": "data"
         }
       },
-      "documentation": "<p>Describes the user data for an instance.</p>"
+      "documentation": "<p>Describes the user data for an instance.</p>",
+      "sensitive": true
     },
     "UserGroupStringList": {
       "type": "list",
@@ -31648,6 +38428,67 @@
         "locationName": "UserId"
       }
     },
+    "VCpuCount": {
+      "type": "integer"
+    },
+    "VCpuInfo": {
+      "type": "structure",
+      "members": {
+        "DefaultVCpus": {
+          "shape": "VCpuCount",
+          "documentation": "<p>The default number of vCPUs for the instance type.</p>",
+          "locationName": "defaultVCpus"
+        },
+        "DefaultCores": {
+          "shape": "CoreCount",
+          "documentation": "<p>The default number of cores for the instance type.</p>",
+          "locationName": "defaultCores"
+        },
+        "DefaultThreadsPerCore": {
+          "shape": "ThreadsPerCore",
+          "documentation": "<p>The default number of threads per core for the instance type.</p>",
+          "locationName": "defaultThreadsPerCore"
+        },
+        "ValidCores": {
+          "shape": "CoreCountList",
+          "documentation": "<p>List of the valid number of cores that can be configured for the instance type.</p>",
+          "locationName": "validCores"
+        },
+        "ValidThreadsPerCore": {
+          "shape": "ThreadsPerCoreList",
+          "documentation": "<p>List of the valid number of threads per core that can be configured for the instance type. </p>",
+          "locationName": "validThreadsPerCore"
+        }
+      },
+      "documentation": "<p>Describes the vCPU configurations for the instance type.</p>"
+    },
+    "ValidationError": {
+      "type": "structure",
+      "members": {
+        "Code": {
+          "shape": "String",
+          "documentation": "<p>The error code that indicates why the parameter or parameter combination is not valid. For more information about error codes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
+          "locationName": "code"
+        },
+        "Message": {
+          "shape": "String",
+          "documentation": "<p>The error message that describes why the parameter or parameter combination is not valid. For more information about error messages, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>",
+          "locationName": "message"
+        }
+      },
+      "documentation": "<p>The error code and error message that is returned for a parameter or parameter combination that is not valid when a new launch template or new version of a launch template is created.</p>"
+    },
+    "ValidationWarning": {
+      "type": "structure",
+      "members": {
+        "Errors": {
+          "shape": "ErrorSet",
+          "documentation": "<p>The error codes and error messages.</p>",
+          "locationName": "errorSet"
+        }
+      },
+      "documentation": "<p>The error codes and error messages that are returned for the parameters or parameter combinations that are not valid when a new launch template or new version of a launch template is created.</p>"
+    },
     "ValueStringList": {
       "type": "list",
       "member": {
@@ -31693,6 +38534,11 @@
           "shape": "String",
           "documentation": "<p>If an error occurs, a description of the error.</p>",
           "locationName": "statusMessage"
+        },
+        "CertificateArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.</p>",
+          "locationName": "certificateArn"
         }
       },
       "documentation": "<p>Describes telemetry for a VPN tunnel.</p>"
@@ -31739,6 +38585,11 @@
           "documentation": "<p>The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume.</p>",
           "locationName": "kmsKeyId"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
         "Size": {
           "shape": "Integer",
           "documentation": "<p>The size of the volume, in GiBs.</p>",
@@ -31773,6 +38624,16 @@
           "shape": "VolumeType",
           "documentation": "<p>The volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p>",
           "locationName": "volumeType"
+        },
+        "FastRestored": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether the volume was created using fast snapshot restore.</p>",
+          "locationName": "fastRestored"
+        },
+        "MultiAttachEnabled": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether Amazon EBS Multi-Attach is enabled.</p>",
+          "locationName": "multiAttachEnabled"
         }
       },
       "documentation": "<p>Describes a volume.</p>"
@@ -31851,10 +38712,13 @@
       },
       "documentation": "<p>Describes an EBS volume.</p>"
     },
+    "VolumeId": {
+      "type": "string"
+    },
     "VolumeIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "VolumeId",
         "locationName": "VolumeId"
       }
     },
@@ -31991,6 +38855,29 @@
         "locationName": "item"
       }
     },
+    "VolumeStatusAttachmentStatus": {
+      "type": "structure",
+      "members": {
+        "IoPerformance": {
+          "shape": "String",
+          "documentation": "<p>The maximum IOPS supported by the attached instance.</p>",
+          "locationName": "ioPerformance"
+        },
+        "InstanceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the attached instance.</p>",
+          "locationName": "instanceId"
+        }
+      },
+      "documentation": "<p>Information about the instances to which the volume is attached.</p>"
+    },
+    "VolumeStatusAttachmentStatusList": {
+      "type": "list",
+      "member": {
+        "shape": "VolumeStatusAttachmentStatus",
+        "locationName": "item"
+      }
+    },
     "VolumeStatusDetails": {
       "type": "structure",
       "members": {
@@ -32033,14 +38920,19 @@
           "locationName": "eventType"
         },
         "NotAfter": {
-          "shape": "DateTime",
+          "shape": "MillisecondDateTime",
           "documentation": "<p>The latest end time of the event.</p>",
           "locationName": "notAfter"
         },
         "NotBefore": {
-          "shape": "DateTime",
+          "shape": "MillisecondDateTime",
           "documentation": "<p>The earliest start time of the event.</p>",
           "locationName": "notBefore"
+        },
+        "InstanceId": {
+          "shape": "String",
+          "documentation": "<p>The ID of the instance associated with the event.</p>",
+          "locationName": "instanceId"
         }
       },
       "documentation": "<p>Describes a volume status event.</p>"
@@ -32089,6 +38981,11 @@
           "documentation": "<p>The Availability Zone of the volume.</p>",
           "locationName": "availabilityZone"
         },
+        "OutpostArn": {
+          "shape": "String",
+          "documentation": "<p>The Amazon Resource Name (ARN) of the Outpost.</p>",
+          "locationName": "outpostArn"
+        },
         "Events": {
           "shape": "VolumeStatusEventsList",
           "documentation": "<p>A list of events associated with the volume.</p>",
@@ -32103,6 +39000,11 @@
           "shape": "VolumeStatusInfo",
           "documentation": "<p>The volume status.</p>",
           "locationName": "volumeStatus"
+        },
+        "AttachmentStatuses": {
+          "shape": "VolumeStatusAttachmentStatusList",
+          "documentation": "<p>Information about the instances to which the volume is attached.</p>",
+          "locationName": "attachmentStatuses"
         }
       },
       "documentation": "<p>Describes the volume status.</p>"
@@ -32217,6 +39119,9 @@
         "enableDnsHostnames"
       ]
     },
+    "VpcCidrAssociationId": {
+      "type": "string"
+    },
     "VpcCidrBlockAssociation": {
       "type": "structure",
       "members": {
@@ -32296,7 +39201,7 @@
     "VpcClassicLinkIdList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "VpcId",
         "locationName": "VpcId"
       }
     },
@@ -32352,7 +39257,7 @@
         },
         "Groups": {
           "shape": "GroupIdentifierSet",
-          "documentation": "<p>(Interface endpoint) Information about the security groups associated with the network interface.</p>",
+          "documentation": "<p>(Interface endpoint) Information about the security groups that are associated with the network interface.</p>",
           "locationName": "groupSet"
         },
         "PrivateDnsEnabled": {
@@ -32377,7 +39282,7 @@
         },
         "CreationTimestamp": {
           "shape": "MillisecondDateTime",
-          "documentation": "<p>The date and time the VPC endpoint was created.</p>",
+          "documentation": "<p>The date and time that the VPC endpoint was created.</p>",
           "locationName": "creationTimestamp"
         },
         "Tags": {
@@ -32389,6 +39294,11 @@
           "shape": "String",
           "documentation": "<p>The ID of the AWS account that owns the VPC endpoint.</p>",
           "locationName": "ownerId"
+        },
+        "LastError": {
+          "shape": "LastError",
+          "documentation": "<p>The last error that occurred for VPC endpoint.</p>",
+          "locationName": "lastError"
         }
       },
       "documentation": "<p>Describes a VPC endpoint.</p>"
@@ -32418,7 +39328,7 @@
         },
         "CreationTimestamp": {
           "shape": "MillisecondDateTime",
-          "documentation": "<p>The date and time the VPC endpoint was created.</p>",
+          "documentation": "<p>The date and time that the VPC endpoint was created.</p>",
           "locationName": "creationTimestamp"
         },
         "DnsEntries": {
@@ -32441,6 +39351,40 @@
         "locationName": "item"
       }
     },
+    "VpcEndpointId": {
+      "type": "string"
+    },
+    "VpcEndpointIdList": {
+      "type": "list",
+      "member": {
+        "shape": "VpcEndpointId",
+        "locationName": "item"
+      }
+    },
+    "VpcEndpointRouteTableIdList": {
+      "type": "list",
+      "member": {
+        "shape": "RouteTableId",
+        "locationName": "item"
+      }
+    },
+    "VpcEndpointSecurityGroupIdList": {
+      "type": "list",
+      "member": {
+        "shape": "SecurityGroupId",
+        "locationName": "item"
+      }
+    },
+    "VpcEndpointServiceId": {
+      "type": "string"
+    },
+    "VpcEndpointServiceIdList": {
+      "type": "list",
+      "member": {
+        "shape": "VpcEndpointServiceId",
+        "locationName": "item"
+      }
+    },
     "VpcEndpointSet": {
       "type": "list",
       "member": {
@@ -32448,6 +39392,13 @@
         "locationName": "item"
       }
     },
+    "VpcEndpointSubnetIdList": {
+      "type": "list",
+      "member": {
+        "shape": "SubnetId",
+        "locationName": "item"
+      }
+    },
     "VpcEndpointType": {
       "type": "string",
       "enum": [
@@ -32455,10 +39406,16 @@
         "Gateway"
       ]
     },
+    "VpcFlowLogId": {
+      "type": "string"
+    },
+    "VpcId": {
+      "type": "string"
+    },
     "VpcIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "VpcId",
         "locationName": "VpcId"
       }
     },
@@ -32479,6 +39436,16 @@
           "shape": "VpcCidrBlockState",
           "documentation": "<p>Information about the state of the CIDR block.</p>",
           "locationName": "ipv6CidrBlockState"
+        },
+        "NetworkBorderGroup": {
+          "shape": "String",
+          "documentation": "<p>The name of the location from which we advertise the IPV6 CIDR block.</p>",
+          "locationName": "networkBorderGroup"
+        },
+        "Ipv6Pool": {
+          "shape": "String",
+          "documentation": "<p>The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.</p>",
+          "locationName": "ipv6Pool"
         }
       },
       "documentation": "<p>Describes an IPv6 CIDR block associated with a VPC.</p>"
@@ -32533,6 +39500,16 @@
       },
       "documentation": "<p>Describes a VPC peering connection.</p>"
     },
+    "VpcPeeringConnectionId": {
+      "type": "string"
+    },
+    "VpcPeeringConnectionIdList": {
+      "type": "list",
+      "member": {
+        "shape": "VpcPeeringConnectionId",
+        "locationName": "item"
+      }
+    },
     "VpcPeeringConnectionList": {
       "type": "list",
       "member": {
@@ -32711,10 +39688,13 @@
       },
       "documentation": "<p>Describes a VPN connection.</p>"
     },
+    "VpnConnectionId": {
+      "type": "string"
+    },
     "VpnConnectionIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "VpnConnectionId",
         "locationName": "VpnConnectionId"
       }
     },
@@ -32728,10 +39708,20 @@
     "VpnConnectionOptions": {
       "type": "structure",
       "members": {
+        "EnableAcceleration": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicates whether acceleration is enabled for the VPN connection.</p>",
+          "locationName": "enableAcceleration"
+        },
         "StaticRoutesOnly": {
           "shape": "Boolean",
           "documentation": "<p>Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.</p>",
           "locationName": "staticRoutesOnly"
+        },
+        "TunnelOptions": {
+          "shape": "TunnelOptionsList",
+          "documentation": "<p>Indicates the VPN tunnel options.</p>",
+          "locationName": "tunnelOptionSet"
         }
       },
       "documentation": "<p>Describes VPN connection options.</p>"
@@ -32739,13 +39729,17 @@
     "VpnConnectionOptionsSpecification": {
       "type": "structure",
       "members": {
+        "EnableAcceleration": {
+          "shape": "Boolean",
+          "documentation": "<p>Indicate whether to enable acceleration for the VPN connection.</p> <p>Default: <code>false</code> </p>"
+        },
         "StaticRoutesOnly": {
           "shape": "Boolean",
           "documentation": "<p>Indicate whether the VPN connection uses static routes only. If you are creating a VPN connection for a device that does not support BGP, you must specify <code>true</code>. Use <a>CreateVpnConnectionRoute</a> to create a static route.</p> <p>Default: <code>false</code> </p>",
           "locationName": "staticRoutesOnly"
         },
         "TunnelOptions": {
-          "shape": "TunnelOptionsList",
+          "shape": "VpnTunnelOptionsSpecificationsList",
           "documentation": "<p>The tunnel options for the VPN connection.</p>"
         }
       },
@@ -32799,10 +39793,13 @@
       },
       "documentation": "<p>Describes a virtual private gateway.</p>"
     },
+    "VpnGatewayId": {
+      "type": "string"
+    },
     "VpnGatewayIdStringList": {
       "type": "list",
       "member": {
-        "shape": "String",
+        "shape": "VpnGatewayId",
         "locationName": "VpnGatewayId"
       }
     },
@@ -32871,10 +39868,75 @@
         },
         "PreSharedKey": {
           "shape": "String",
-          "documentation": "<p>The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.</p> <p>Constraints: Allowed characters are alphanumeric characters and ._. Must be between 8 and 64 characters in length and cannot start with zero (0).</p>"
+          "documentation": "<p>The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.</p> <p>Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).</p>"
+        },
+        "Phase1LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 1 of the IKE negotiation, in seconds.</p> <p>Constraints: A value between 900 and 28,800.</p> <p>Default: <code>28800</code> </p>"
+        },
+        "Phase2LifetimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The lifetime for phase 2 of the IKE negotiation, in seconds.</p> <p>Constraints: A value between 900 and 3,600. The value must be less than the value for <code>Phase1LifetimeSeconds</code>.</p> <p>Default: <code>3600</code> </p>"
+        },
+        "RekeyMarginTimeSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for <code>RekeyFuzzPercentage</code>.</p> <p>Constraints: A value between 60 and half of <code>Phase2LifetimeSeconds</code>.</p> <p>Default: <code>540</code> </p>"
+        },
+        "RekeyFuzzPercentage": {
+          "shape": "Integer",
+          "documentation": "<p>The percentage of the rekey window (determined by <code>RekeyMarginTimeSeconds</code>) during which the rekey time is randomly selected.</p> <p>Constraints: A value between 0 and 100.</p> <p>Default: <code>100</code> </p>"
+        },
+        "ReplayWindowSize": {
+          "shape": "Integer",
+          "documentation": "<p>The number of packets in an IKE replay window.</p> <p>Constraints: A value between 64 and 2048.</p> <p>Default: <code>1024</code> </p>"
+        },
+        "DPDTimeoutSeconds": {
+          "shape": "Integer",
+          "documentation": "<p>The number of seconds after which a DPD timeout occurs.</p> <p>Constraints: A value between 0 and 30.</p> <p>Default: <code>30</code> </p>"
+        },
+        "Phase1EncryptionAlgorithms": {
+          "shape": "Phase1EncryptionAlgorithmsRequestList",
+          "documentation": "<p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>AES128</code> | <code>AES256</code> </p>",
+          "locationName": "Phase1EncryptionAlgorithm"
+        },
+        "Phase2EncryptionAlgorithms": {
+          "shape": "Phase2EncryptionAlgorithmsRequestList",
+          "documentation": "<p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>AES128</code> | <code>AES256</code> </p>",
+          "locationName": "Phase2EncryptionAlgorithm"
+        },
+        "Phase1IntegrityAlgorithms": {
+          "shape": "Phase1IntegrityAlgorithmsRequestList",
+          "documentation": "<p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> </p>",
+          "locationName": "Phase1IntegrityAlgorithm"
+        },
+        "Phase2IntegrityAlgorithms": {
+          "shape": "Phase2IntegrityAlgorithmsRequestList",
+          "documentation": "<p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> </p>",
+          "locationName": "Phase2IntegrityAlgorithm"
+        },
+        "Phase1DHGroupNumbers": {
+          "shape": "Phase1DHGroupNumbersRequestList",
+          "documentation": "<p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.</p> <p>Valid values: <code>2</code> | <code>14</code> | <code>15</code> | <code>16</code> | <code>17</code> | <code>18</code> | <code>22</code> | <code>23</code> | <code>24</code> </p>",
+          "locationName": "Phase1DHGroupNumber"
+        },
+        "Phase2DHGroupNumbers": {
+          "shape": "Phase2DHGroupNumbersRequestList",
+          "documentation": "<p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.</p> <p>Valid values: <code>2</code> | <code>5</code> | <code>14</code> | <code>15</code> | <code>16</code> | <code>17</code> | <code>18</code> | <code>22</code> | <code>23</code> | <code>24</code> </p>",
+          "locationName": "Phase2DHGroupNumber"
+        },
+        "IKEVersions": {
+          "shape": "IKEVersionsRequestList",
+          "documentation": "<p>The IKE versions that are permitted for the VPN tunnel.</p> <p>Valid values: <code>ikev1</code> | <code>ikev2</code> </p>",
+          "locationName": "IKEVersion"
         }
       },
-      "documentation": "<p>The tunnel options for a VPN connection.</p>"
+      "documentation": "<p>The tunnel options for a single VPN tunnel.</p>"
+    },
+    "VpnTunnelOptionsSpecificationsList": {
+      "type": "list",
+      "member": {
+        "shape": "VpnTunnelOptionsSpecification"
+      }
     },
     "WithdrawByoipCidrRequest": {
       "type": "structure",
@@ -32884,7 +39946,7 @@
       "members": {
         "Cidr": {
           "shape": "String",
-          "documentation": "<p>The public IPv4 address range, in CIDR notation.</p>"
+          "documentation": "<p>The address range, in CIDR notation.</p>"
         },
         "DryRun": {
           "shape": "Boolean",
@@ -32922,7 +39984,13 @@
         "Availability Zone",
         "Region"
       ]
+    },
+    "totalFpgaMemory": {
+      "type": "integer"
+    },
+    "totalGpuMemory": {
+      "type": "integer"
     }
   },
-  "documentation": "<fullname>Amazon Elastic Compute Cloud</fullname> <p>Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest in hardware up front, so you can develop and deploy applications faster.</p> <p>To learn more, see the following resources:</p> <ul> <li> <p>Amazon EC2: <a href=\"http://aws.amazon.com/ec2\">Amazon EC2 product page</a>, <a href=\"http://aws.amazon.com/documentation/ec2\">Amazon EC2 documentation</a> </p> </li> <li> <p>Amazon EBS: <a href=\"http://aws.amazon.com/ebs\">Amazon EBS product page</a>, <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html\">Amazon EBS documentation</a> </p> </li> <li> <p>Amazon VPC: <a href=\"http://aws.amazon.com/vpc\">Amazon VPC product page</a>, <a href=\"http://aws.amazon.com/documentation/vpc\">Amazon VPC documentation</a> </p> </li> <li> <p>AWS VPN: <a href=\"http://aws.amazon.com/vpn\">AWS VPN product page</a>, <a href=\"http://aws.amazon.com/documentation/vpn\">AWS VPN documentation</a> </p> </li> </ul>"
+  "documentation": "<fullname>Amazon Elastic Compute Cloud</fullname> <p>Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest in hardware up front, so you can develop and deploy applications faster.</p> <p>To learn more, see the following resources:</p> <ul> <li> <p>Amazon EC2: <a href=\"http://aws.amazon.com/ec2\">AmazonEC2 product page</a>, <a href=\"http://aws.amazon.com/documentation/ec2\">Amazon EC2 documentation</a> </p> </li> <li> <p>Amazon EBS: <a href=\"http://aws.amazon.com/ebs\">Amazon EBS product page</a>, <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html\">Amazon EBS documentation</a> </p> </li> <li> <p>Amazon VPC: <a href=\"http://aws.amazon.com/vpc\">Amazon VPC product page</a>, <a href=\"http://aws.amazon.com/documentation/vpc\">Amazon VPC documentation</a> </p> </li> <li> <p>AWS VPN: <a href=\"http://aws.amazon.com/vpn\">AWS VPN product page</a>, <a href=\"http://aws.amazon.com/documentation/vpn\">AWS VPN documentation</a> </p> </li> </ul>"
 }
\ No newline at end of file