chore(schema): update

samtranslator/schema/schema.json

@@ -18993,7 +18993,7 @@
               "type": "string"
             },
             "AtRestEncryptionEnabled": {
-              "markdownDescription": "At-rest encryption flag for cache. You cannot update this setting after creation.",
+              "markdownDescription": "*This parameter has been deprecated* .\n\nAt-rest encryption flag for cache. You cannot update this setting after creation.",
               "title": "AtRestEncryptionEnabled",
               "type": "boolean"
             },
@@ -19003,7 +19003,7 @@
               "type": "string"
             },
             "TransitEncryptionEnabled": {
-              "markdownDescription": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.",
+              "markdownDescription": "*This parameter has been deprecated* .\n\nTransit encryption flag when connecting to cache. You cannot update this setting after creation.",
               "title": "TransitEncryptionEnabled",
               "type": "boolean"
             },
@@ -85990,20 +85990,20 @@
               "type": "string"
             },
             "IpAddress": {
-              "markdownDescription": "Valid IPv4 address within the address range of the specified subnet.",
+              "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .",
               "title": "IpAddress",
               "type": "string"
             },
             "SecurityGroups": {
               "items": {
                 "type": "string"
               },
-              "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table).",
+              "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.",
               "title": "SecurityGroups",
               "type": "array"
             },
             "SubnetId": {
-              "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.",
+              "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .",
               "title": "SubnetId",
               "type": "string"
             }
@@ -87216,12 +87216,12 @@
               "type": "string"
             },
             "Namespace": {
-              "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.",
+              "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.",
               "title": "Namespace",
               "type": "string"
             },
             "RoleArn": {
-              "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.",
+              "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.",
               "title": "RoleArn",
               "type": "string"
             },
@@ -152006,7 +152006,7 @@
           "title": "ConnectivityInfo"
         },
         "InstanceType": {
-          "markdownDescription": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.",
+          "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.",
           "title": "InstanceType",
           "type": "string"
         },
@@ -225805,7 +225805,7 @@
           "type": "number"
         },
         "InitQuery": {
-          "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query",
+          "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.",
           "title": "InitQuery",
           "type": "string"
         },
@@ -270314,7 +270314,7 @@
           "items": {
             "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig"
           },
-          "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.",
+          "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.",
           "title": "ManagedRuleGroupConfigs",
           "type": "array"
         },
@@ -270327,7 +270327,7 @@
           "items": {
             "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride"
           },
-          "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.",
+          "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.",
           "title": "RuleActionOverrides",
           "type": "array"
         },
@@ -271027,7 +271027,7 @@
           "items": {
             "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride"
           },
-          "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, AWS WAF doesn't return an error and doesn't apply the override setting. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.",
+          "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.",
           "title": "RuleActionOverrides",
           "type": "array"
         }