Update to latest models

.changes/next-release/api-change-codebuild-47759.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``codebuild``",
+  "description": "GitLab Enhancements - Add support for Self-Hosted GitLab runners in CodeBuild. Add group webhooks"
+}

.changes/next-release/api-change-ecr-17459.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``ecr``",
+  "description": "The `DescribeImageScanning` API now includes `fixAvailable`, `exploitAvailable`, and `fixedInVersion` fields to provide more detailed information about the availability of fixes, exploits, and fixed versions for identified image vulnerabilities."
+}

.changes/next-release/api-change-ecs-75522.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``ecs``",
+  "description": "This is a documentation only release to address various tickets."
+}

.changes/next-release/api-change-lambda-85096.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``lambda``",
+  "description": "Support for JSON resource-based policies and block public access"
+}

.changes/next-release/api-change-rds-24795.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``rds``",
+  "description": "Updates Amazon RDS documentation with configuration information about the BYOL model for RDS for Db2."
+}

.changes/next-release/api-change-ssm-12300.json

@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``ssm``",
+  "description": "Support for additional levels of cross-account, cross-Region organizational units in Automation. Various documentation updates."
+}

botocore/data/codebuild/2016-10-06/service-2.json

@@ -3941,15 +3941,15 @@
       "members":{
         "name":{
           "shape":"String",
-          "documentation":"<p>The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.</p>"
+          "documentation":"<p>The name of either the group, enterprise, or organization that will send webhook events to CodeBuild, depending on the type of webhook.</p>"
         },
         "domain":{
           "shape":"String",
-          "documentation":"<p>The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE</p>"
+          "documentation":"<p>The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.</p>"
         },
         "scope":{
           "shape":"WebhookScopeType",
-          "documentation":"<p>The type of scope for a GitHub webhook.</p>"
+          "documentation":"<p>The type of scope for a GitHub or GitLab webhook.</p>"
         }
       },
       "documentation":"<p>Contains configuration information about the scope for a webhook. </p>"
@@ -4867,7 +4867,8 @@
       "type":"string",
       "enum":[
         "GITHUB_ORGANIZATION",
-        "GITHUB_GLOBAL"
+        "GITHUB_GLOBAL",
+        "GITLAB_GROUP"
       ]
     },
     "WrapperBoolean":{"type":"boolean"},

botocore/data/ecr/2015-09-21/service-2.json

@@ -1806,7 +1806,7 @@
       "members":{
         "encryptionType":{
           "shape":"EncryptionType",
-          "documentation":"<p>The encryption type to use.</p> <p>If you use the <code>KMS</code> encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.</p> <p>If you use the <code>KMS_DSSE</code> encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the KMS encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created. </p> <p>If you use the <code>AES256</code> encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html\">Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)</a> in the <i>Amazon Simple Storage Service Console Developer Guide</i>.</p>"
+          "documentation":"<p>The encryption type to use.</p> <p>If you use the <code>KMS</code> encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.</p> <p>If you use the <code>KMS_DSSE</code> encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the <code>KMS</code> encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created. </p> <p>If you use the <code>AES256</code> encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html\">Amazon ECR encryption at rest</a> in the <i>Amazon Elastic Container Registry User Guide</i>.</p>"
         },
         "kmsKey":{
           "shape":"KmsKey",
@@ -1900,6 +1900,14 @@
         "updatedAt":{
           "shape":"Date",
           "documentation":"<p>The date and time the finding was last updated at.</p>"
+        },
+        "fixAvailable":{
+          "shape":"FixAvailable",
+          "documentation":"<p>Details on whether a fix is available through a version update. This value can be <code>YES</code>, <code>NO</code>, or <code>PARTIAL</code>. A <code>PARTIAL</code> fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.</p>"
+        },
+        "exploitAvailable":{
+          "shape":"ExploitAvailable",
+          "documentation":"<p>If a finding discovered in your environment has an exploit available.</p>"
         }
       },
       "documentation":"<p>The details of an enhanced image scan. This is returned when enhanced scanning is enabled for your private registry.</p>"
@@ -1912,6 +1920,7 @@
     "EvaluationTimestamp":{"type":"timestamp"},
     "ExceptionMessage":{"type":"string"},
     "ExpirationTimestamp":{"type":"timestamp"},
+    "ExploitAvailable":{"type":"string"},
     "FilePath":{"type":"string"},
     "FindingArn":{"type":"string"},
     "FindingDescription":{"type":"string"},
@@ -1932,6 +1941,8 @@
       "key":{"shape":"FindingSeverity"},
       "value":{"shape":"SeverityCount"}
     },
+    "FixAvailable":{"type":"string"},
+    "FixedInVersion":{"type":"string"},
     "ForceFlag":{"type":"boolean"},
     "GetAccountSettingRequest":{
       "type":"structure",
@@ -4466,6 +4477,10 @@
         "version":{
           "shape":"Version",
           "documentation":"<p>The version of the vulnerable package.</p>"
+        },
+        "fixedInVersion":{
+          "shape":"FixedInVersion",
+          "documentation":"<p>The version of the package that contains the vulnerability fix.</p>"
         }
       },
       "documentation":"<p>Information on the vulnerable package identified by a finding.</p>"