Merge pull request #13783 from kubernetes/dependabot/go_modules/github.com/aws/aws-sdk-go-1.44.32

Bump github.com/aws/aws-sdk-go from 1.44.6 to 1.44.32
2022-06-12 04:52:10 -07:00 · 2022-06-12 04:52:10 -07:00 · 1ed71d9b64
parent a2e88cfeda 51b1830c2c
commit 1ed71d9b64
18 changed files with 3683 additions and 247 deletions
--- a/go.mod
+++ b/go.mod
@ -46,7 +46,7 @@ require (
 	github.com/Masterminds/sprig/v3 v3.2.2
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/aws/amazon-ec2-instance-selector/v2 v2.3.0
-	github.com/aws/aws-sdk-go v1.44.6
+	github.com/aws/aws-sdk-go v1.44.32
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cert-manager/cert-manager v1.8.0
 	github.com/digitalocean/godo v1.79.0
--- a/go.sum
+++ b/go.sum
@ -175,8 +175,8 @@ github.com/aws/aws-sdk-go v1.23.20/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi
 github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.36.30/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
-github.com/aws/aws-sdk-go v1.44.6 h1:Y+uHxmZfhRTLX2X3khkdxCoTZAyGEX21aOUHe1U6geg=
-github.com/aws/aws-sdk-go v1.44.6/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
+github.com/aws/aws-sdk-go v1.44.32 h1:x5hBtpY/02sgRL158zzTclcCLwh3dx3YlSl1rAH4Op0=
+github.com/aws/aws-sdk-go v1.44.32/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
 github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
--- a/tests/e2e/go.mod
+++ b/tests/e2e/go.mod
@ -62,7 +62,7 @@ require (
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/armon/go-metrics v0.3.10 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
-	github.com/aws/aws-sdk-go v1.44.6 // indirect
+	github.com/aws/aws-sdk-go v1.44.32 // indirect
 	github.com/blang/semver v3.5.1+incompatible // indirect
 	github.com/cenkalti/backoff/v3 v3.0.0 // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.11.4 // indirect
--- a/tests/e2e/go.sum
+++ b/tests/e2e/go.sum
@ -276,8 +276,8 @@ github.com/aws/aws-sdk-go v1.31.6/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU
 github.com/aws/aws-sdk-go v1.31.12/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/aws/aws-sdk-go v1.36.30/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
-github.com/aws/aws-sdk-go v1.44.6 h1:Y+uHxmZfhRTLX2X3khkdxCoTZAyGEX21aOUHe1U6geg=
-github.com/aws/aws-sdk-go v1.44.6/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
+github.com/aws/aws-sdk-go v1.44.32 h1:x5hBtpY/02sgRL158zzTclcCLwh3dx3YlSl1rAH4Op0=
+github.com/aws/aws-sdk-go v1.44.32/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
 github.com/bazelbuild/buildtools v0.0.0-20190917191645-69366ca98f89/go.mod h1:5JP0TXzWDHXv8qvxRC4InIazwdyDseBDbzESUMKk1yU=
 github.com/bazelbuild/rules_go v0.22.1/go.mod h1:MC23Dc/wkXEyk3Wpq6lCqz0ZAYOZDw2DR5y3N1q2i7M=
 github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
--- a/vendor/github.com/aws/aws-sdk-go/aws/version.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go
@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"

 // SDKVersion is the version of this SDK
-const SDKVersion = "1.44.6"
+const SDKVersion = "1.44.32"
--- a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go
@ -452,8 +452,8 @@ func (c *CloudFormation) CreateChangeSetRequest(input *CreateChangeSetInput) (re
 //   * ErrCodeLimitExceededException "LimitExceededException"
 //   The quota for the resource has already been reached.
 //
-//   For information on resource and stack limitations, see CloudFormation quotas
-//   (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+//   For information about resource and stack limitations, see CloudFormation
+//   quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 //   in the CloudFormation User Guide.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudformation-2010-05-15/CreateChangeSet
@ -537,8 +537,8 @@ func (c *CloudFormation) CreateStackRequest(input *CreateStackInput) (req *reque
 //   * ErrCodeLimitExceededException "LimitExceededException"
 //   The quota for the resource has already been reached.
 //
-//   For information on resource and stack limitations, see CloudFormation quotas
-//   (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+//   For information about resource and stack limitations, see CloudFormation
+//   quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 //   in the CloudFormation User Guide.
 //
 //   * ErrCodeAlreadyExistsException "AlreadyExistsException"
@ -650,8 +650,8 @@ func (c *CloudFormation) CreateStackInstancesRequest(input *CreateStackInstances
 //   * ErrCodeLimitExceededException "LimitExceededException"
 //   The quota for the resource has already been reached.
 //
-//   For information on resource and stack limitations, see CloudFormation quotas
-//   (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+//   For information about resource and stack limitations, see CloudFormation
+//   quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 //   in the CloudFormation User Guide.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudformation-2010-05-15/CreateStackInstances
@ -739,8 +739,8 @@ func (c *CloudFormation) CreateStackSetRequest(input *CreateStackSetInput) (req
 //   * ErrCodeLimitExceededException "LimitExceededException"
 //   The quota for the resource has already been reached.
 //
-//   For information on resource and stack limitations, see CloudFormation quotas
-//   (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+//   For information about resource and stack limitations, see CloudFormation
+//   quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 //   in the CloudFormation User Guide.
 //
 // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudformation-2010-05-15/CreateStackSet
@ -1167,8 +1167,8 @@ func (c *CloudFormation) DeleteStackSetRequest(input *DeleteStackSetInput) (req

 // DeleteStackSet API operation for AWS CloudFormation.
 //
-// Deletes a stack set. Before you can delete a stack set, all of its member
-// stack instances must be deleted. For more information about how to do this,
+// Deletes a stack set. Before you can delete a stack set, all its member stack
+// instances must be deleted. For more information about how to complete this,
 // see DeleteStackInstances.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -1657,7 +1657,7 @@ func (c *CloudFormation) DescribePublisherRequest(input *DescribePublisherInput)
 // publisher, DescribePublisher returns information about your own publisher
 // account.
 //
-// For more information on registering as a publisher, see:
+// For more information about registering as a publisher, see:
 //
 //    * RegisterPublisher (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterPublisher.html)
 //
@ -1746,7 +1746,7 @@ func (c *CloudFormation) DescribeStackDriftDetectionStatusRequest(input *Describ
 // or has drifted, from it's expected configuration, as defined in the stack
 // template and any values specified as template parameters. A stack is considered
 // to have drifted if one or more of its resources have drifted. For more information
-// on stack and resource drift, see Detecting Unregulated Configuration Changes
+// about stack and resource drift, see Detecting Unregulated Configuration Changes
 // to Stacks and Resources (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
 //
 // Use DetectStackDrift to initiate a stack drift detection operation. DetectStackDrift
@ -3042,7 +3042,7 @@ func (c *CloudFormation) DetectStackSetDriftRequest(input *DetectStackSetDriftIn
 //    * Use DescribeStackInstance to return detailed information about a specific
 //    stack instance, including its drift status and last drift time checked.
 //
-// For more information on performing a drift detection operation on a stack
+// For more information about performing a drift detection operation on a stack
 // set, see Detecting unmanaged changes in stack sets (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html).
 //
 // You can only run a single drift detection operation on a given stack set
@ -3585,8 +3585,8 @@ func (c *CloudFormation) ImportStacksToStackSetRequest(input *ImportStacksToStac
 //   * ErrCodeLimitExceededException "LimitExceededException"
 //   The quota for the resource has already been reached.
 //
-//   For information on resource and stack limitations, see CloudFormation quotas
-//   (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+//   For information about resource and stack limitations, see CloudFormation
+//   quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 //   in the CloudFormation User Guide.
 //
 //   * ErrCodeStackSetNotFoundException "StackSetNotFoundException"
@ -5332,7 +5332,7 @@ func (c *CloudFormation) PublishTypeRequest(input *PublishTypeInput) (req *reque
 //
 // Publishes the specified extension to the CloudFormation registry as a public
 // extension in this region. Public extensions are available for use by all
-// CloudFormation users. For more information on publishing extensions, see
+// CloudFormation users. For more information about publishing extensions, see
 // Publishing extensions to make them available for public use (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html)
 // in the CloudFormation CLI User Guide.
 //
@ -5511,8 +5511,9 @@ func (c *CloudFormation) RegisterPublisherRequest(input *RegisterPublisherInput)
 // registry. Public extensions are available for use by all CloudFormation users.
 // This publisher ID applies to your account in all Amazon Web Services Regions.
 //
-// For information on requirements for registering as a public extension publisher,
-// see Registering your account to publish CloudFormation extensions (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs)
+// For information about requirements for registering as a public extension
+// publisher, see Registering your account to publish CloudFormation extensions
+// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs)
 // in the CloudFormation CLI User Guide.
 //
 // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
@ -5602,7 +5603,7 @@ func (c *CloudFormation) RegisterTypeRequest(input *RegisterTypeInput) (req *req
 //
 //    * Making the extension available for use in your account.
 //
-// For more information on how to develop extensions and ready them for registration,
+// For more information about how to develop extensions and ready them for registration,
 // see Creating Resource Providers (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-types.html)
 // in the CloudFormation CLI User Guide.
 //
@ -6897,7 +6898,7 @@ type ActivateTypeInput struct {
 	// You can specify MajorVersion or VersionBump, but not both.
 	MajorVersion *int64 `min:"1" type:"long"`

-	// The Amazon Resource Number (ARN) of the public extension.
+	// The Amazon Resource Name (ARN) of the public extension.
 	//
 	// Conditional: You must specify PublicTypeArn, or TypeName, Type, and PublisherId.
 	PublicTypeArn *string `type:"string"`
@ -7050,7 +7051,7 @@ func (s *ActivateTypeInput) SetVersionBump(v string) *ActivateTypeInput {
 type ActivateTypeOutput struct {
 	_ struct{} `type:"structure"`

-	// The Amazon Resource Number (ARN) of the activated extension, in this account
+	// The Amazon Resource Name (ARN) of the activated extension, in this account
 	// and region.
 	Arn *string `type:"string"`
 }
@ -7929,7 +7930,7 @@ type CreateChangeSetInput struct {
 	//    IAM resources, you can specify either capability. If you have IAM resources
 	//    with custom names, you must specify CAPABILITY_NAMED_IAM. If you don't
 	//    specify either of these capabilities, CloudFormation returns an InsufficientCapabilities
-	//    error. If your stack template contains these resources, we recommend that
+	//    error. If your stack template contains these resources, we suggest that
 	//    you review all permissions associated with them and edit their permissions
 	//    if necessary. AWS::IAM::AccessKey (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html)
 	//    AWS::IAM::Group (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html)
@ -7956,7 +7957,7 @@ type CreateChangeSetInput struct {
 	//    sets has no effect. If you want to create a stack from a stack template
 	//    that contains macros and nested stacks, you must create or update the
 	//    stack directly from the template using the CreateStack or UpdateStack
-	//    action, and specifying this capability. For more information on macros,
+	//    action, and specifying this capability. For more information about macros,
 	//    see Using CloudFormation macros to perform custom processing on templates
 	//    (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html).
 	Capabilities []*string `type:"list" enum:"Capability"`
@ -8899,7 +8900,7 @@ func (s *CreateStackOutput) SetStackId(v string) *CreateStackOutput {
 type CreateStackSetInput struct {
 	_ struct{} `type:"structure"`

-	// The Amazon Resource Number (ARN) of the IAM role to use to create this stack
+	// The Amazon Resource Name (ARN) of the IAM role to use to create this stack
 	// set.
 	//
 	// Specify an IAM role only if you are using customized administrator roles
@ -9014,7 +9015,7 @@ type CreateStackSetInput struct {
 	PermissionModel *string `type:"string" enum:"PermissionModels"`

 	// The stack ID you are importing into a new stack set. Specify the Amazon Resource
-	// Number (ARN) of the stack.
+	// Name (ARN) of the stack.
 	StackId *string `type:"string"`

 	// The name to associate with the stack set. The name must be unique in the
@ -11173,8 +11174,8 @@ func (s *DescribeStackResourceDriftsInput) SetStackResourceDriftStatusFilters(v
 type DescribeStackResourceDriftsOutput struct {
 	_ struct{} `type:"structure"`

-	// If the request doesn't return all of the remaining results, NextToken is
-	// set to a token. To retrieve the next set of results, call DescribeStackResourceDrifts
+	// If the request doesn't return all the remaining results, NextToken is set
+	// to a token. To retrieve the next set of results, call DescribeStackResourceDrifts
 	// again and assign that token to the request object's NextToken parameter.
 	// If the request returns all results, NextToken is set to null.
 	NextToken *string `min:"1" type:"string"`
@ -11764,7 +11765,7 @@ type DescribeTypeInput struct {

 	// The publisher ID of the extension publisher.
 	//
-	// Extensions provided by Amazon are not assigned a publisher ID.
+	// Extensions provided by Amazon Web Services are not assigned a publisher ID.
 	PublisherId *string `min:"1" type:"string"`

 	// The kind of extension.
@ -11889,9 +11890,9 @@ type DescribeTypeOutput struct {
 	// when the extension version isn't specified.
 	//
 	// This applies only to private extensions you have registered in your account.
-	// For public extensions, both those provided by Amazon and published by third
-	// parties, CloudFormation returns null. For more information, see RegisterType
-	// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html).
+	// For public extensions, both those provided by Amazon Web Services and published
+	// by third parties, CloudFormation returns null. For more information, see
+	// RegisterType (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html).
 	//
 	// To set the default version of an extension, use SetTypeDefaultVersion .
 	DefaultVersionId *string `min:"1" type:"string"`
@ -11927,7 +11928,7 @@ type DescribeTypeOutput struct {
 	// credentials.
 	ExecutionRoleArn *string `min:"1" type:"string"`

-	// Whether or not the extension is activated in the account and region.
+	// Whether the extension is activated in the account and region.
 	//
 	// This only applies to public third-party extensions. For all other extensions,
 	// CloudFormation returns null.
@ -11936,8 +11937,8 @@ type DescribeTypeOutput struct {
 	// Whether the specified extension version is set as the default version.
 	//
 	// This applies only to private extensions you have registered in your account,
-	// and extensions published by Amazon. For public third-party extensions, whether
-	// or not they are activated in your account, CloudFormation returns null.
+	// and extensions published by Amazon Web Services. For public third-party extensions,
+	// whether they are activated in your account, CloudFormation returns null.
 	IsDefaultVersion *bool `type:"boolean"`

 	// When the specified extension version was registered. This applies only to:
@ -11957,8 +11958,9 @@ type DescribeTypeOutput struct {

 	// Contains logging configuration information for private extensions. This applies
 	// only to private extensions you have registered in your account. For public
-	// extensions, both those provided by Amazon and published by third parties,
-	// CloudFormation returns null. For more information, see RegisterType (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html).
+	// extensions, both those provided by Amazon Web Services and published by third
+	// parties, CloudFormation returns null. For more information, see RegisterType
+	// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterType.html).
 	LoggingConfig *LoggingConfig `type:"structure"`

 	// For public extensions that have been activated for this account and region,
@ -12012,7 +12014,8 @@ type DescribeTypeOutput struct {

 	// The schema that defines the extension.
 	//
-	// For more information on extension schemas, see Resource Provider Schema (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-schema.html)
+	// For more information about extension schemas, see Resource Provider Schema
+	// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-schema.html)
 	// in the CloudFormation CLI User Guide.
 	Schema *string `min:"1" type:"string"`

@ -12037,8 +12040,8 @@ type DescribeTypeOutput struct {
 	// extension test status of a specific extension version, you must specify VersionId.
 	//
 	// This applies only to registered private extension versions. CloudFormation
-	// doesn't return this information for public extensions, whether or not they
-	// are activated in your account.
+	// doesn't return this information for public extensions, whether they are activated
+	// in your account.
 	//
 	//    * PASSED: The extension has passed all its contract tests. An extension
 	//    must have a test status of PASSED before it can be published. For more
@ -12057,8 +12060,8 @@ type DescribeTypeOutput struct {
 	// a specific extension version, you must specify VersionId.
 	//
 	// This applies only to registered private extension versions. CloudFormation
-	// doesn't return this information for public extensions, whether or not they
-	// are activated in your account.
+	// doesn't return this information for public extensions, whether they are activated
+	// in your account.
 	TypeTestsStatusDescription *string `min:"1" type:"string"`

 	// The scope at which the extension is visible and usable in CloudFormation
@ -12071,7 +12074,7 @@ type DescribeTypeOutput struct {
 	//    as PRIVATE.
 	//
 	//    * PUBLIC: The extension is publicly visible and usable within any Amazon
-	//    account.
+	//    Web Services account.
 	Visibility *string `type:"string" enum:"Visibility"`
 }

@ -12593,7 +12596,7 @@ type DetectStackSetDriftInput struct {
 	// The user-specified preferences for how CloudFormation performs a stack set
 	// operation.
 	//
-	// For more information on maximum concurrent accounts and failure tolerance,
+	// For more information about maximum concurrent accounts and failure tolerance,
 	// see Stack set operation options (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options).
 	OperationPreferences *StackSetOperationPreferences `type:"structure"`

@ -13445,7 +13448,7 @@ type ImportStacksToStackSetInput struct {
 	// The user-specified preferences for how CloudFormation performs a stack set
 	// operation.
 	//
-	// For more information on maximum concurrent accounts and failure tolerance,
+	// For more information about maximum concurrent accounts and failure tolerance,
 	// see Stack set operation options (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options).
 	OperationPreferences *StackSetOperationPreferences `type:"structure"`

@ -13908,7 +13911,7 @@ type ListStackInstancesInput struct {
 	// set of results.
 	MaxResults *int64 `min:"1" type:"integer"`

-	// If the previous request didn't return all of the remaining results, the response's
+	// If the previous request didn't return all the remaining results, the response's
 	// NextToken parameter value is set to a token. To retrieve the next set of
 	// results, call ListStackInstances again and assign that token to the request
 	// object's NextToken parameter. If there are no remaining results, the previous
@ -14197,7 +14200,7 @@ type ListStackSetOperationResultsInput struct {
 	// set of results.
 	MaxResults *int64 `min:"1" type:"integer"`

-	// If the previous request didn't return all of the remaining results, the response
+	// If the previous request didn't return all the remaining results, the response
 	// object's NextToken parameter value is set to a token. To retrieve the next
 	// set of results, call ListStackSetOperationResults again and assign that token
 	// to the request object's NextToken parameter. If there are no remaining results,
@ -14828,10 +14831,10 @@ func (s *ListTypeRegistrationsInput) SetTypeName(v string) *ListTypeRegistration
 type ListTypeRegistrationsOutput struct {
 	_ struct{} `type:"structure"`

-	// If the request doesn't return all of the remaining results, NextToken is
-	// set to a token. To retrieve the next set of results, call this action again
-	// and assign that token to the request object's NextToken parameter. If the
-	// request returns all results, NextToken is set to null.
+	// If the request doesn't return all the remaining results, NextToken is set
+	// to a token. To retrieve the next set of results, call this action again and
+	// assign that token to the request object's NextToken parameter. If the request
+	// returns all results, NextToken is set to null.
 	NextToken *string `min:"1" type:"string"`

 	// A list of extension registration tokens.
@ -15076,7 +15079,7 @@ type ListTypesInput struct {
 	// set of results.
 	MaxResults *int64 `min:"1" type:"integer"`

-	// If the previous paginated request didn't return all of the remaining results,
+	// If the previous paginated request didn't return all the remaining results,
 	// the response object's NextToken parameter value is set to a token. To retrieve
 	// the next set of results, call this action again and assign that token to
 	// the request object's NextToken parameter. If there are no remaining results,
@ -15116,8 +15119,8 @@ type ListTypesInput struct {
 	//    account and region.
 	//
 	//    * PUBLIC: Extensions that are publicly visible and available to be activated
-	//    within any Amazon account. This includes extensions from Amazon, as well
-	//    as third-party publishers.
+	//    within any Amazon Web Services account. This includes extensions from
+	//    Amazon Web Services, in addition to third-party publishers.
 	//
 	// The default is PRIVATE.
 	Visibility *string `type:"string" enum:"Visibility"`
@ -15364,8 +15367,8 @@ func (s *ManagedExecution) SetActive(v bool) *ManagedExecution {
 // Contains information about the module from which the resource was created,
 // if the resource was created from a module included in the stack template.
 //
-// For more information on modules, see Using modules to encapsulate and reuse
-// resource configurations (AWSCloudFormation/latest/UserGuide/modules.html)
+// For more information about modules, see Using modules to encapsulate and
+// reuse resource configurations (AWSCloudFormation/latest/UserGuide/modules.html)
 // in the CloudFormation User Guide.
 type ModuleInfo struct {
 	_ struct{} `type:"structure"`
@ -15793,7 +15796,7 @@ func (s *PropertyDifference) SetPropertyPath(v string) *PropertyDifference {
 type PublishTypeInput struct {
 	_ struct{} `type:"structure"`

-	// The Amazon Resource Number (ARN) of the extension.
+	// The Amazon Resource Name (ARN) of the extension.
 	//
 	// Conditional: You must specify Arn, or TypeName and Type.
 	Arn *string `type:"string"`
@ -15886,7 +15889,7 @@ func (s *PublishTypeInput) SetTypeName(v string) *PublishTypeInput {
 type PublishTypeOutput struct {
 	_ struct{} `type:"structure"`

-	// The Amazon Resource Number (ARN) assigned to the public extension upon publication.
+	// The Amazon Resource Name (ARN) assigned to the public extension upon publication.
 	PublicTypeArn *string `type:"string"`
 }

@ -16158,7 +16161,7 @@ type RegisterTypeInput struct {
 	//
 	// For CloudFormation to assume the specified execution role, the role must
 	// contain a trust relationship with the CloudFormation service principle (resources.cloudformation.amazonaws.com).
-	// For more information on adding trust relationships, see Modifying a role
+	// For more information about adding trust relationships, see Modifying a role
 	// trust policy (IAM/latest/UserGuide/roles-managingrole-editing-console.html#roles-managingrole_edit-trust-policy)
 	// in the Identity and Access Management User Guide.
 	//
@ -16177,7 +16180,7 @@ type RegisterTypeInput struct {
 	// A URL to the S3 bucket containing the extension project package that contains
 	// the necessary files for the extension you want to register.
 	//
-	// For information on generating a schema handler package for the extension
+	// For information about generating a schema handler package for the extension
 	// you want to register, see submit (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-cli-submit.html)
 	// in the CloudFormation CLI User Guide.
 	//
@ -16195,12 +16198,14 @@ type RegisterTypeInput struct {

 	// The name of the extension being registered.
 	//
-	// We recommend that extension names adhere to the following patterns:
+	// We suggest that extension names adhere to the following patterns:
 	//
 	//    * For resource types, company_or_organization::service::type.
 	//
 	//    * For modules, company_or_organization::service::type::MODULE.
 	//
+	//    * For hooks, MyCompany::Testing::MyTestHook.
+	//
 	// The following organization namespaces are reserved and can't be used in your
 	// extension names:
 	//
@ -17621,16 +17626,16 @@ type Stack struct {
 	//    * false: enable rollback.
 	DisableRollback *bool `type:"boolean"`

-	// Information on whether a stack's actual configuration differs, or has drifted,
-	// from it's expected configuration, as defined in the stack template and any
-	// values specified as template parameters. For more information, see Detecting
-	// Unregulated Configuration Changes to Stacks and Resources (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
+	// Information about whether a stack's actual configuration differs, or has
+	// drifted, from it's expected configuration, as defined in the stack template
+	// and any values specified as template parameters. For more information, see
+	// Detecting Unregulated Configuration Changes to Stacks and Resources (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
 	DriftInformation *StackDriftInformation `type:"structure"`

 	// Whether termination protection is enabled for the stack.
 	//
 	// For nested stacks (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html),
-	// termination protection is set on the root stack and cannot be changed directly
+	// termination protection is set on the root stack and can't be changed directly
 	// on the nested stack. For more information, see Protecting a Stack From Being
 	// Deleted (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html)
 	// in the CloudFormation User Guide.
@ -19113,8 +19118,8 @@ type StackResourceDriftInformationSummary struct {
 	//    Resources that Support Drift Detection (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift-resource-list.html).
 	//    If you performed an ContinueUpdateRollback operation on a stack, any resources
 	//    included in ResourcesToSkip will also have a status of NOT_CHECKED. For
-	//    more information on skipping resources during rollback operations, see
-	//    Continue Rolling Back an Update (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html)
+	//    more information about skipping resources during rollback operations,
+	//    see Continue Rolling Back an Update (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html)
 	//    in the CloudFormation User Guide.
 	//
 	//    * IN_SYNC: The resource's actual configuration matches its expected configuration.
@ -19271,8 +19276,8 @@ func (s *StackResourceSummary) SetResourceType(v string) *StackResourceSummary {
 type StackSet struct {
 	_ struct{} `type:"structure"`

-	// The Amazon Resource Number (ARN) of the IAM role used to create or update
-	// the stack set.
+	// The Amazon Resource Name (ARN) of the IAM role used to create or update the
+	// stack set.
 	//
 	// Use customized administrator roles to control which users or groups can manage
 	// specific stack sets within the same administrator account. For more information,
@ -19324,7 +19329,7 @@ type StackSet struct {
 	//    more information, see Grant Service-Managed Stack Set Permissions (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-service-managed.html).
 	PermissionModel *string `type:"string" enum:"PermissionModels"`

-	// The Amazon Resource Number (ARN) of the stack set.
+	// The Amazon Resource Name (ARN) of the stack set.
 	StackSetARN *string `type:"string"`

 	// Detailed information about the drift status of the stack set.
@ -19623,7 +19628,7 @@ type StackSetOperation struct {
 	// itself, in addition to all associated stack set instances.
 	Action *string `type:"string" enum:"StackSetOperationAction"`

-	// The Amazon Resource Number (ARN) of the IAM role used to perform this stack
+	// The Amazon Resource Name (ARN) of the IAM role used to perform this stack
 	// set operation.
 	//
 	// Use customized administrator roles to control which users or groups can manage
@ -19704,6 +19709,9 @@ type StackSetOperation struct {
 	//    * SUCCEEDED: The operation completed creating or updating all the specified
 	//    stacks without exceeding the failure tolerance for the operation.
 	Status *string `type:"string" enum:"StackSetOperationStatus"`
+
+	// The status of the operation in details.
+	StatusReason *string `type:"string"`
 }

 // String returns the string representation.
@ -19796,10 +19804,16 @@ func (s *StackSetOperation) SetStatus(v string) *StackSetOperation {
 	return s
 }

+// SetStatusReason sets the StatusReason field's value.
+func (s *StackSetOperation) SetStatusReason(v string) *StackSetOperation {
+	s.StatusReason = &v
+	return s
+}
+
 // The user-specified preferences for how CloudFormation performs a stack set
 // operation.
 //
-// For more information on maximum concurrent accounts and failure tolerance,
+// For more information about maximum concurrent accounts and failure tolerance,
 // see Stack set operation options (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options).
 type StackSetOperationPreferences struct {
 	_ struct{} `type:"structure"`
@ -20087,6 +20101,9 @@ type StackSetOperationSummary struct {
 	//    * SUCCEEDED: The operation completed creating or updating all the specified
 	//    stacks without exceeding the failure tolerance for the operation.
 	Status *string `type:"string" enum:"StackSetOperationStatus"`
+
+	// The status of the operation in details.
+	StatusReason *string `type:"string"`
 }

 // String returns the string representation.
@ -20137,6 +20154,12 @@ func (s *StackSetOperationSummary) SetStatus(v string) *StackSetOperationSummary
 	return s
 }

+// SetStatusReason sets the StatusReason field's value.
+func (s *StackSetOperationSummary) SetStatusReason(v string) *StackSetOperationSummary {
+	s.StatusReason = &v
+	return s
+}
+
 // The structures that contain summary information about the specified stack
 // set.
 type StackSetSummary struct {
@ -20283,7 +20306,7 @@ type StackSummary struct {
 	// The time the stack was deleted.
 	DeletionTime *time.Time `type:"timestamp"`

-	// Summarizes information on whether a stack's actual configuration differs,
+	// Summarizes information about whether a stack's actual configuration differs,
 	// or has drifted, from it's expected configuration, as defined in the stack
 	// template and any values specified as template parameters. For more information,
 	// see Detecting Unregulated Configuration Changes to Stacks and Resources (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
@ -20817,8 +20840,7 @@ type TypeConfigurationDetails struct {
 	// returns {}.
 	Configuration *string `min:"1" type:"string"`

-	// Whether or not this configuration data is the default configuration for the
-	// extension.
+	// Whether this configuration data is the default configuration for the extension.
 	IsDefaultConfiguration *bool `type:"boolean"`

 	// When the configuration data was last updated for this extension.
@ -21091,7 +21113,7 @@ type TypeSummary struct {
 	// The description of the extension.
 	Description *string `min:"1" type:"string"`

-	// Whether or not the extension is activated for this account and region.
+	// Whether the extension is activated for this account and region.
 	//
 	// This applies only to third-party public extensions. Extensions published
 	// by Amazon are activated by default.
@ -21392,7 +21414,7 @@ type UpdateStackInput struct {
 	//    IAM resources, you can specify either capability. If you have IAM resources
 	//    with custom names, you must specify CAPABILITY_NAMED_IAM. If you don't
 	//    specify either of these capabilities, CloudFormation returns an InsufficientCapabilities
-	//    error. If your stack template contains these resources, we recommend that
+	//    error. If your stack template contains these resources, we suggest that
 	//    you review all permissions associated with them and edit their permissions
 	//    if necessary. AWS::IAM::AccessKey (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html)
 	//    AWS::IAM::Group (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html)
@ -21503,7 +21525,7 @@ type UpdateStackInput struct {
 	// parameter, but not both.
 	//
 	// If you want to update protected resources, specify a temporary overriding
-	// stack policy during this update. If you do not specify a stack policy, the
+	// stack policy during this update. If you don't specify a stack policy, the
 	// current policy that is associated with the stack will be used.
 	StackPolicyDuringUpdateBody *string `min:"1" type:"string"`

@ -21513,7 +21535,7 @@ type UpdateStackInput struct {
 	// or the StackPolicyDuringUpdateURL parameter, but not both.
 	//
 	// If you want to update protected resources, specify a temporary overriding
-	// stack policy during this update. If you do not specify a stack policy, the
+	// stack policy during this update. If you don't specify a stack policy, the
 	// current policy that is associated with the stack will be used.
 	StackPolicyDuringUpdateURL *string `min:"1" type:"string"`

@ -22009,7 +22031,7 @@ type UpdateStackSetInput struct {
 	// other stack instances with their existing stack instance status.
 	Accounts []*string `type:"list"`

-	// The Amazon Resource Number (ARN) of the IAM role to use to update this stack
+	// The Amazon Resource Name (ARN) of the IAM role to use to update this stack
 	// set.
 	//
 	// Specify an IAM role only if you are using customized administrator roles
--- a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/errors.go
@ -62,8 +62,8 @@ const (
 	//
 	// The quota for the resource has already been reached.
 	//
-	// For information on resource and stack limitations, see CloudFormation quotas
-	// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
+	// For information about resource and stack limitations, see CloudFormation
+	// quotas (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
 	// in the CloudFormation User Guide.
 	ErrCodeLimitExceededException = "LimitExceededException"

--- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
--- a/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go
@ -1855,6 +1855,10 @@ type EC2API interface {
 	GetInstanceTypesFromInstanceRequirementsPages(*ec2.GetInstanceTypesFromInstanceRequirementsInput, func(*ec2.GetInstanceTypesFromInstanceRequirementsOutput, bool) bool) error
 	GetInstanceTypesFromInstanceRequirementsPagesWithContext(aws.Context, *ec2.GetInstanceTypesFromInstanceRequirementsInput, func(*ec2.GetInstanceTypesFromInstanceRequirementsOutput, bool) bool, ...request.Option) error

+	GetInstanceUefiData(*ec2.GetInstanceUefiDataInput) (*ec2.GetInstanceUefiDataOutput, error)
+	GetInstanceUefiDataWithContext(aws.Context, *ec2.GetInstanceUefiDataInput, ...request.Option) (*ec2.GetInstanceUefiDataOutput, error)
+	GetInstanceUefiDataRequest(*ec2.GetInstanceUefiDataInput) (*request.Request, *ec2.GetInstanceUefiDataOutput)
+
 	GetIpamAddressHistory(*ec2.GetIpamAddressHistoryInput) (*ec2.GetIpamAddressHistoryOutput, error)
 	GetIpamAddressHistoryWithContext(aws.Context, *ec2.GetIpamAddressHistoryInput, ...request.Option) (*ec2.GetIpamAddressHistoryOutput, error)
 	GetIpamAddressHistoryRequest(*ec2.GetIpamAddressHistoryInput) (*request.Request, *ec2.GetIpamAddressHistoryOutput)
--- a/vendor/github.com/aws/aws-sdk-go/service/iam/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/iam/api.go
@ -19901,8 +19901,8 @@ type CreateRoleInput struct {
 	Description *string `type:"string"`

 	// The maximum session duration (in seconds) that you want to set for the specified
-	// role. If you do not specify a value for this setting, the default maximum
-	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
+	// role. If you do not specify a value for this setting, the default value of
+	// one hour is applied. This setting can have a value from 1 hour to 12 hours.
 	//
 	// Anyone who assumes the role from the or API can use the DurationSeconds API
 	// parameter or the duration-seconds CLI parameter to request a longer session.
@ -38846,8 +38846,8 @@ type UpdateRoleInput struct {
 	Description *string `type:"string"`

 	// The maximum session duration (in seconds) that you want to set for the specified
-	// role. If you do not specify a value for this setting, the default maximum
-	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
+	// role. If you do not specify a value for this setting, the default value of
+	// one hour is applied. This setting can have a value from 1 hour to 12 hours.
 	//
 	// Anyone who assumes the role from the CLI or API can use the DurationSeconds
 	// API parameter or the duration-seconds CLI parameter to request a longer session.
--- a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go
@ -912,12 +912,12 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out
 // and verify. You can't change these properties after the KMS key is created.
 //
 // Asymmetric KMS keys contain an RSA key pair or an Elliptic Curve (ECC) key
-// pair. The private key in an asymmetric KMS key never leaves AWS KMS unencrypted.
+// pair. The private key in an asymmetric KMS key never leaves KMS unencrypted.
 // However, you can use the GetPublicKey operation to download the public key
-// so it can be used outside of AWS KMS. KMS keys with RSA key pairs can be
-// used to encrypt or decrypt data or sign and verify messages (but not both).
-// KMS keys with ECC key pairs can be used only to sign and verify messages.
-// For information about asymmetric KMS keys, see Asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
+// so it can be used outside of KMS. KMS keys with RSA key pairs can be used
+// to encrypt or decrypt data or sign and verify messages (but not both). KMS
+// keys with ECC key pairs can be used only to sign and verify messages. For
+// information about asymmetric KMS keys, see Asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
 // in the Key Management Service Developer Guide.
 //
 // HMAC KMS key
@ -1191,8 +1191,8 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output
 //
 // The Decrypt operation also decrypts ciphertext that was encrypted outside
 // of KMS by the public key in an KMS asymmetric KMS key. However, it cannot
-// decrypt symmetric ciphertext produced by other libraries, such as the Amazon
-// Web Services Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/)
+// decrypt ciphertext produced by other libraries, such as the Amazon Web Services
+// Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/)
 // or Amazon S3 client-side encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html).
 // These libraries return a ciphertext format that is incompatible with KMS.
 //
@ -2195,16 +2195,27 @@ func (c *KMS) DisableKeyRotationRequest(input *DisableKeyRotationInput) (req *re
 // DisableKeyRotation API operation for AWS Key Management Service.
 //
 // Disables automatic rotation of the key material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
-// for the specified symmetric encryption KMS key.
+// of the specified symmetric encryption KMS key.
 //
-// You cannot enable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
+// Automatic key rotation is supported only on symmetric encryption KMS keys.
+// You cannot enable or disable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
 // HMAC KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html),
 // KMS keys with imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html),
 // or KMS keys in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).
-// To enable or disable automatic rotation of a set of related multi-Region
-// keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
+// The key rotation status of these KMS keys is always false. To enable or disable
+// automatic rotation of a set of related multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
 // set the property on the primary key.
 //
+// You can enable (EnableKeyRotation) and disable automatic rotation of the
+// key material in customer managed KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).
+// Key material rotation of Amazon Web Services managed KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)
+// is not configurable. KMS always rotates the key material for every year.
+// Rotation of Amazon Web Services owned KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk)
+// varies.
+//
+// In May 2022, KMS changed the rotation schedule for Amazon Web Services managed
+// keys from every three years to every year. For details, see EnableKeyRotation.
+//
 // The KMS key that you use for this operation must be in a compatible key state.
 // For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 // in the Key Management Service Developer Guide.
@ -2589,16 +2600,41 @@ func (c *KMS) EnableKeyRotationRequest(input *EnableKeyRotationInput) (req *requ
 // EnableKeyRotation API operation for AWS Key Management Service.
 //
 // Enables automatic rotation of the key material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
-// for the specified symmetric encryption KMS key.
+// of the specified symmetric encryption KMS key.
 //
-// You cannot enable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
+// When you enable automatic rotation of acustomer managed KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk),
+// KMS rotates the key material of the KMS key one year (approximately 365 days)
+// from the enable date and every year thereafter. You can monitor rotation
+// of the key material for your KMS keys in CloudTrail and Amazon CloudWatch.
+// To disable rotation of the key material in a customer managed KMS key, use
+// the DisableKeyRotation operation.
+//
+// Automatic key rotation is supported only on symmetric encryption KMS keys
+// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks).
+// You cannot enable or disable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
 // HMAC KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html),
 // KMS keys with imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html),
 // or KMS keys in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).
-// To enable or disable automatic rotation of a set of related multi-Region
-// keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
+// The key rotation status of these KMS keys is always false. To enable or disable
+// automatic rotation of a set of related multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
 // set the property on the primary key.
 //
+// You cannot enable or disable automatic rotation Amazon Web Services managed
+// KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).
+// KMS always rotates the key material of Amazon Web Services managed keys every
+// year. Rotation of Amazon Web Services owned KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk)
+// varies.
+//
+// In May 2022, KMS changed the rotation schedule for Amazon Web Services managed
+// keys from every three years (approximately 1,095 days) to every year (approximately
+// 365 days).
+//
+// New Amazon Web Services managed keys are automatically rotated one year after
+// they are created, and approximately every year thereafter.
+//
+// Existing Amazon Web Services managed keys are automatically rotated one year
+// after their most recent rotation, and every year thereafter.
+//
 // The KMS key that you use for this operation must be in a compatible key state.
 // For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 // in the Key Management Service Developer Guide.
@ -3490,14 +3526,16 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho
 //
 // This operation is useful for systems that need to encrypt data at some point,
 // but not immediately. When you need to encrypt the data, you call the Decrypt
-// operation on the encrypted copy of the key. It's also useful in distributed
-// systems with different levels of trust. For example, you might store encrypted
-// data in containers. One component of your system creates new containers and
-// stores an encrypted data key with each container. Then, a different component
-// puts the data into the containers. That component first decrypts the data
-// key, uses the plaintext data key to encrypt data, puts the encrypted data
-// into the container, and then destroys the plaintext data key. In this system,
-// the component that creates the containers never sees the plaintext data key.
+// operation on the encrypted copy of the key.
+//
+// It's also useful in distributed systems with different levels of trust. For
+// example, you might store encrypted data in containers. One component of your
+// system creates new containers and stores an encrypted data key with each
+// container. Then, a different component puts the data into the containers.
+// That component first decrypts the data key, uses the plaintext data key to
+// encrypt data, puts the encrypted data into the container, and then destroys
+// the plaintext data key. In this system, the component that creates the containers
+// never sees the plaintext data key.
 //
 // To request an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext
 // operations.
@ -3672,6 +3710,13 @@ func (c *KMS) GenerateMacRequest(input *GenerateMacInput) (req *request.Request,
 // KMS support for HMAC KMS keys. For details, see HMAC keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html)
 // in the Key Management Service Developer Guide .
 //
+// Best practices recommend that you limit the time during which any signing
+// mechanism, including an HMAC, is effective. This deters an attack where the
+// actor uses a signed message to establish validity repeatedly or long after
+// the message is superseded. HMAC tags do not include a timestamp, but you
+// can include a timestamp in the token or message to help you detect when its
+// time to refresh the HMAC.
+//
 // The KMS key that you use for this operation must be in a compatible key state.
 // For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
 // in the Key Management Service Developer Guide.
@ -4038,14 +4083,30 @@ func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req
 // material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html)
 // is enabled for the specified KMS key.
 //
-// You cannot enable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
+// When you enable automatic rotation for customer managed KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk),
+// KMS rotates the key material of the KMS key one year (approximately 365 days)
+// from the enable date and every year thereafter. You can monitor rotation
+// of the key material for your KMS keys in CloudTrail and Amazon CloudWatch.
+//
+// Automatic key rotation is supported only on symmetric encryption KMS keys
+// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks).
+// You cannot enable or disable automatic rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
 // HMAC KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html),
 // KMS keys with imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html),
 // or KMS keys in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).
-// To enable or disable automatic rotation of a set of related multi-Region
-// keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
-// set the property on the primary key. The key rotation status for these KMS
-// keys is always false.
+// The key rotation status of these KMS keys is always false. To enable or disable
+// automatic rotation of a set of related multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
+// set the property on the primary key..
+//
+// You can enable (EnableKeyRotation) and disable automatic rotation (DisableKeyRotation)
+// of the key material in customer managed KMS keys. Key material rotation of
+// Amazon Web Services managed KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)
+// is not configurable. KMS always rotates the key material in Amazon Web Services
+// managed KMS keys every year. The key rotation status for Amazon Web Services
+// managed KMS keys is always true.
+//
+// In May 2022, KMS changed the rotation schedule for Amazon Web Services managed
+// keys from every three years to every year. For details, see EnableKeyRotation.
 //
 // The KMS key that you use for this operation must be in a compatible key state.
 // For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
@ -4053,11 +4114,15 @@ func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req
 //
 //    * Disabled: The key rotation status does not change when you disable a
 //    KMS key. However, while the KMS key is disabled, KMS does not rotate the
-//    key material.
+//    key material. When you re-enable the KMS key, rotation resumes. If the
+//    key material in the re-enabled KMS key hasn't been rotated in one year,
+//    KMS rotates it immediately, and every year thereafter. If it's been less
+//    than a year since the key material in the re-enabled KMS key was rotated,
+//    the KMS key resumes its prior rotation schedule.
 //
 //    * Pending deletion: While a KMS key is pending deletion, its key rotation
 //    status is false and KMS does not rotate the key material. If you cancel
-//    the deletion, the original key rotation status is restored.
+//    the deletion, the original key rotation status returns to true.
 //
 // Cross-account use: Yes. To perform this operation on a KMS key in a different
 // Amazon Web Services account, specify the key ARN in the value of the KeyId
@ -6644,6 +6709,12 @@ func (c *KMS) SignRequest(input *SignInput) (req *request.Request, output *SignO
 // When signing a message, be sure to record the KMS key and the signing algorithm.
 // This information is required to verify the signature.
 //
+// Best practices recommend that you limit the time during which any signature
+// is effective. This deters an attack where the actor uses a signed message
+// to establish validity repeatedly or long after the message is superseded.
+// Signatures do not include a timestamp, but you can include a timestamp in
+// the signed message to help you detect when its time to refresh the signature.
+//
 // To verify the signature that this operation generates, use the Verify operation.
 // Or use the GetPublicKey operation to download the public key and then use
 // the public key to verify the signature outside of KMS.
@ -9242,11 +9313,11 @@ type CreateKeyInput struct {
 	// in the Key Management Service Developer Guide .
 	//
 	// The KeySpec determines whether the KMS key contains a symmetric key or an
-	// asymmetric key pair. It also determines the algorithms that the KMS key supports.
-	// You can't change the KeySpec after the KMS key is created. To further restrict
-	// the algorithms that can be used with the KMS key, use a condition key in
-	// its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm
-	// (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),
+	// asymmetric key pair. It also determines the cryptographic algorithms that
+	// the KMS key supports. You can't change the KeySpec after the KMS key is created.
+	// To further restrict the algorithms that can be used with the KMS key, use
+	// a condition key in its key policy or IAM policy. For more information, see
+	// kms:EncryptionAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),
 	// kms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm)
 	// or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)
 	// in the Key Management Service Developer Guide .
@ -9307,9 +9378,9 @@ type CreateKeyInput struct {
 	// This value creates a primary key, not a replica. To create a replica key,
 	// use the ReplicateKey operation.
 	//
-	// You can create a symmetric or asymmetric multi-Region key, and you can create
-	// a multi-Region key with imported key material. However, you cannot create
-	// a multi-Region key in a custom key store.
+	// You can create a multi-Region version of a symmetric encryption KMS key,
+	// an HMAC KMS key, an asymmetric KMS key, or a KMS key with imported key material.
+	// However, you cannot create a multi-Region key in a custom key store.
 	MultiRegion *bool `type:"boolean"`

 	// The source of the key material for the KMS key. You cannot change the origin
@ -9329,11 +9400,14 @@ type CreateKeyInput struct {
 	// KMS keys.
 	Origin *string `type:"string" enum:"OriginType"`

-	// The key policy to attach to the KMS key.
+	// The key policy to attach to the KMS key. If you do not specify a key policy,
+	// KMS attaches a default key policy to the KMS key. For more information, see
+	// Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
+	// in the Key Management Service Developer Guide.
 	//
 	// If you provide a key policy, it must meet the following criteria:
 	//
-	//    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy
+	//    * If you don't set BypassPolicyLockoutSafetyCheck to True, the key policy
 	//    must allow the principal that is making the CreateKey request to make
 	//    a subsequent PutKeyPolicy request on the KMS key. This reduces the risk
 	//    that the KMS key becomes unmanageable. For more information, refer to
@ -9349,11 +9423,18 @@ type CreateKeyInput struct {
 	//    visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 	//    in the Amazon Web Services Identity and Access Management User Guide.
 	//
-	// If you do not provide a key policy, KMS attaches a default key policy to
-	// the KMS key. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
-	// in the Key Management Service Developer Guide.
+	// A key policy document must conform to the following rules.
 	//
-	// The key policy size quota is 32 kilobytes (32768 bytes).
+	//    * Up to 32 kilobytes (32768 bytes)
+	//
+	//    * Must be UTF-8 encoded
+	//
+	//    * The only Unicode characters that are permitted in a key policy document
+	//    are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
+	//    and characters in the range U+0020 to U+00FF.
+	//
+	//    * The Sid element in a key policy statement can include spaces. (Spaces
+	//    are prohibited in the Sid element of an IAM policy document.)
 	//
 	// For help writing and formatting a JSON policy document, see the IAM JSON
 	// Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
@ -11098,13 +11179,13 @@ func (s EnableKeyOutput) GoString() string {
 type EnableKeyRotationInput struct {
 	_ struct{} `type:"structure"`

-	// Identifies a symmetric encryption KMS key. You cannot enable automatic rotation
-	// of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
+	// Identifies a symmetric encryption KMS key. You cannot enable or disable automatic
+	// rotation of asymmetric KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html),
 	// HMAC KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html),
 	// KMS keys with imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html),
 	// or KMS keys in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).
-	// To enable or disable automatic rotation of a set of related multi-Region
-	// keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
+	// The key rotation status of these KMS keys is always false. To enable or disable
+	// automatic rotation of a set of related multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate),
 	// set the property on the primary key.
 	//
 	// Specify the key ID or key ARN of the KMS key.
@ -15929,9 +16010,18 @@ type PutKeyPolicyInput struct {
 	//    visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 	//    in the Amazon Web Services Identity and Access Management User Guide.
 	//
-	// The key policy cannot exceed 32 kilobytes (32768 bytes). For more information,
-	// see Resource Quotas (https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html)
-	// in the Key Management Service Developer Guide.
+	// A key policy document must conform to the following rules.
+	//
+	//    * Up to 32 kilobytes (32768 bytes)
+	//
+	//    * Must be UTF-8 encoded
+	//
+	//    * The only Unicode characters that are permitted in a key policy document
+	//    are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
+	//    and characters in the range U+0020 to U+00FF.
+	//
+	//    * The Sid element in a key policy statement can include spaces. (Spaces
+	//    are prohibited in the Sid element of an IAM policy document.)
 	//
 	// Policy is a required field
 	Policy *string `min:"1" type:"string" required:"true"`
@ -16391,7 +16481,18 @@ type ReplicateKeyInput struct {
 	//    visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
 	//    in the Identity and Access Management User Guide .
 	//
-	//    * The key policy size quota is 32 kilobytes (32768 bytes).
+	// A key policy document must conform to the following rules.
+	//
+	//    * Up to 32 kilobytes (32768 bytes)
+	//
+	//    * Must be UTF-8 encoded
+	//
+	//    * The only Unicode characters that are permitted in a key policy document
+	//    are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D),
+	//    and characters in the range U+0020 to U+00FF.
+	//
+	//    * The Sid element in a key policy statement can include spaces. (Spaces
+	//    are prohibited in the Sid element of an IAM policy document.)
 	Policy *string `min:"1" type:"string"`

 	// The Region ID of the Amazon Web Services Region for this replica key.
@ -16818,9 +16919,9 @@ type ScheduleKeyDeletionInput struct {
 	// The waiting period, specified in number of days. After the waiting period
 	// ends, KMS deletes the KMS key.
 	//
-	// If the KMS key is a multi-Region primary key with replicas, the waiting period
-	// begins when the last of its replica keys is deleted. Otherwise, the waiting
-	// period begins immediately.
+	// If the KMS key is a multi-Region primary key with replica keys, the waiting
+	// period begins when the last of its replica keys is deleted. Otherwise, the
+	// waiting period begins immediately.
 	//
 	// This value is optional. If you include a value, it must be between 7 and
 	// 30, inclusive. If you do not include a value, it defaults to 30.
--- a/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go
@ -30,11 +30,11 @@
 // see Service endpoints (https://docs.aws.amazon.com/general/latest/gr/kms.html#kms_region)
 // in the Key Management Service topic of the Amazon Web Services General Reference.
 //
-// Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS
-// 1.2. Clients must also support cipher suites with Perfect Forward Secrecy
-// (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral
-// Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support
-// these modes.
+// All KMS API calls must be signed and be transmitted using Transport Layer
+// Security (TLS). KMS recommends you always use the latest supported TLS version.
+// Clients must also support cipher suites with Perfect Forward Secrecy (PFS)
+// such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman
+// (ECDHE). Most modern systems such as Java 7 and later support these modes.
 //
 // Signing Requests
 //
--- a/vendor/github.com/aws/aws-sdk-go/service/route53/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/route53/api.go
--- a/vendor/github.com/aws/aws-sdk-go/service/route53/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/route53/errors.go
@ -4,6 +4,32 @@ package route53

 const (

+	// ErrCodeCidrBlockInUseException for service response error code
+	// "CidrBlockInUseException".
+	//
+	// This CIDR block is already in use.
+	ErrCodeCidrBlockInUseException = "CidrBlockInUseException"
+
+	// ErrCodeCidrCollectionAlreadyExistsException for service response error code
+	// "CidrCollectionAlreadyExistsException".
+	//
+	// A CIDR collection with this name and a different caller reference already
+	// exists in this account.
+	ErrCodeCidrCollectionAlreadyExistsException = "CidrCollectionAlreadyExistsException"
+
+	// ErrCodeCidrCollectionInUseException for service response error code
+	// "CidrCollectionInUseException".
+	//
+	// This CIDR collection is in use, and isn't empty.
+	ErrCodeCidrCollectionInUseException = "CidrCollectionInUseException"
+
+	// ErrCodeCidrCollectionVersionMismatchException for service response error code
+	// "CidrCollectionVersionMismatchException".
+	//
+	// The CIDR collection version you provided, doesn't match the one in the ListCidrCollections
+	// operation.
+	ErrCodeCidrCollectionVersionMismatchException = "CidrCollectionVersionMismatchException"
+
 	// ErrCodeConcurrentModification for service response error code
 	// "ConcurrentModification".
 	//
@ -279,15 +305,10 @@ const (
 	// ErrCodeLimitsExceeded for service response error code
 	// "LimitsExceeded".
 	//
-	// This operation can't be completed either because the current account has
-	// reached the limit on reusable delegation sets that it can create or because
-	// you've reached the limit on the number of Amazon VPCs that you can associate
-	// with a private hosted zone. To get the current limit on the number of reusable
-	// delegation sets, see GetAccountLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html).
-	// To get the current limit on the number of Amazon VPCs that you can associate
-	// with a private hosted zone, see GetHostedZoneLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetHostedZoneLimit.html).
-	// To request a higher limit, create a case (http://aws.amazon.com/route53-request)
-	// with the Amazon Web Services Support Center.
+	// This operation can't be completed because the current account has reached
+	// the limit on the resource you are trying to create. To request a higher limit,
+	// create a case (http://aws.amazon.com/route53-request) with the Amazon Web
+	// Services Support Center.
 	ErrCodeLimitsExceeded = "LimitsExceeded"

 	// ErrCodeNoSuchChange for service response error code
@ -296,6 +317,18 @@ const (
 	// A change with the specified change ID does not exist.
 	ErrCodeNoSuchChange = "NoSuchChange"

+	// ErrCodeNoSuchCidrCollectionException for service response error code
+	// "NoSuchCidrCollectionException".
+	//
+	// The CIDR collection you specified, doesn't exist.
+	ErrCodeNoSuchCidrCollectionException = "NoSuchCidrCollectionException"
+
+	// ErrCodeNoSuchCidrLocationException for service response error code
+	// "NoSuchCidrLocationException".
+	//
+	// The CIDR collection location doesn't match any locations in your account.
+	ErrCodeNoSuchCidrLocationException = "NoSuchCidrLocationException"
+
 	// ErrCodeNoSuchCloudWatchLogsLogGroup for service response error code
 	// "NoSuchCloudWatchLogsLogGroup".
 	//
--- a/vendor/github.com/aws/aws-sdk-go/service/route53/route53iface/interface.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/route53/route53iface/interface.go
@ -68,6 +68,10 @@ type Route53API interface {
 	AssociateVPCWithHostedZoneWithContext(aws.Context, *route53.AssociateVPCWithHostedZoneInput, ...request.Option) (*route53.AssociateVPCWithHostedZoneOutput, error)
 	AssociateVPCWithHostedZoneRequest(*route53.AssociateVPCWithHostedZoneInput) (*request.Request, *route53.AssociateVPCWithHostedZoneOutput)

+	ChangeCidrCollection(*route53.ChangeCidrCollectionInput) (*route53.ChangeCidrCollectionOutput, error)
+	ChangeCidrCollectionWithContext(aws.Context, *route53.ChangeCidrCollectionInput, ...request.Option) (*route53.ChangeCidrCollectionOutput, error)
+	ChangeCidrCollectionRequest(*route53.ChangeCidrCollectionInput) (*request.Request, *route53.ChangeCidrCollectionOutput)
+
 	ChangeResourceRecordSets(*route53.ChangeResourceRecordSetsInput) (*route53.ChangeResourceRecordSetsOutput, error)
 	ChangeResourceRecordSetsWithContext(aws.Context, *route53.ChangeResourceRecordSetsInput, ...request.Option) (*route53.ChangeResourceRecordSetsOutput, error)
 	ChangeResourceRecordSetsRequest(*route53.ChangeResourceRecordSetsInput) (*request.Request, *route53.ChangeResourceRecordSetsOutput)
@ -76,6 +80,10 @@ type Route53API interface {
 	ChangeTagsForResourceWithContext(aws.Context, *route53.ChangeTagsForResourceInput, ...request.Option) (*route53.ChangeTagsForResourceOutput, error)
 	ChangeTagsForResourceRequest(*route53.ChangeTagsForResourceInput) (*request.Request, *route53.ChangeTagsForResourceOutput)

+	CreateCidrCollection(*route53.CreateCidrCollectionInput) (*route53.CreateCidrCollectionOutput, error)
+	CreateCidrCollectionWithContext(aws.Context, *route53.CreateCidrCollectionInput, ...request.Option) (*route53.CreateCidrCollectionOutput, error)
+	CreateCidrCollectionRequest(*route53.CreateCidrCollectionInput) (*request.Request, *route53.CreateCidrCollectionOutput)
+
 	CreateHealthCheck(*route53.CreateHealthCheckInput) (*route53.CreateHealthCheckOutput, error)
 	CreateHealthCheckWithContext(aws.Context, *route53.CreateHealthCheckInput, ...request.Option) (*route53.CreateHealthCheckOutput, error)
 	CreateHealthCheckRequest(*route53.CreateHealthCheckInput) (*request.Request, *route53.CreateHealthCheckOutput)
@ -116,6 +124,10 @@ type Route53API interface {
 	DeactivateKeySigningKeyWithContext(aws.Context, *route53.DeactivateKeySigningKeyInput, ...request.Option) (*route53.DeactivateKeySigningKeyOutput, error)
 	DeactivateKeySigningKeyRequest(*route53.DeactivateKeySigningKeyInput) (*request.Request, *route53.DeactivateKeySigningKeyOutput)

+	DeleteCidrCollection(*route53.DeleteCidrCollectionInput) (*route53.DeleteCidrCollectionOutput, error)
+	DeleteCidrCollectionWithContext(aws.Context, *route53.DeleteCidrCollectionInput, ...request.Option) (*route53.DeleteCidrCollectionOutput, error)
+	DeleteCidrCollectionRequest(*route53.DeleteCidrCollectionInput) (*request.Request, *route53.DeleteCidrCollectionOutput)
+
 	DeleteHealthCheck(*route53.DeleteHealthCheckInput) (*route53.DeleteHealthCheckOutput, error)
 	DeleteHealthCheckWithContext(aws.Context, *route53.DeleteHealthCheckInput, ...request.Option) (*route53.DeleteHealthCheckOutput, error)
 	DeleteHealthCheckRequest(*route53.DeleteHealthCheckInput) (*request.Request, *route53.DeleteHealthCheckOutput)
@ -232,6 +244,27 @@ type Route53API interface {
 	GetTrafficPolicyInstanceCountWithContext(aws.Context, *route53.GetTrafficPolicyInstanceCountInput, ...request.Option) (*route53.GetTrafficPolicyInstanceCountOutput, error)
 	GetTrafficPolicyInstanceCountRequest(*route53.GetTrafficPolicyInstanceCountInput) (*request.Request, *route53.GetTrafficPolicyInstanceCountOutput)

+	ListCidrBlocks(*route53.ListCidrBlocksInput) (*route53.ListCidrBlocksOutput, error)
+	ListCidrBlocksWithContext(aws.Context, *route53.ListCidrBlocksInput, ...request.Option) (*route53.ListCidrBlocksOutput, error)
+	ListCidrBlocksRequest(*route53.ListCidrBlocksInput) (*request.Request, *route53.ListCidrBlocksOutput)
+
+	ListCidrBlocksPages(*route53.ListCidrBlocksInput, func(*route53.ListCidrBlocksOutput, bool) bool) error
+	ListCidrBlocksPagesWithContext(aws.Context, *route53.ListCidrBlocksInput, func(*route53.ListCidrBlocksOutput, bool) bool, ...request.Option) error
+
+	ListCidrCollections(*route53.ListCidrCollectionsInput) (*route53.ListCidrCollectionsOutput, error)
+	ListCidrCollectionsWithContext(aws.Context, *route53.ListCidrCollectionsInput, ...request.Option) (*route53.ListCidrCollectionsOutput, error)
+	ListCidrCollectionsRequest(*route53.ListCidrCollectionsInput) (*request.Request, *route53.ListCidrCollectionsOutput)
+
+	ListCidrCollectionsPages(*route53.ListCidrCollectionsInput, func(*route53.ListCidrCollectionsOutput, bool) bool) error
+	ListCidrCollectionsPagesWithContext(aws.Context, *route53.ListCidrCollectionsInput, func(*route53.ListCidrCollectionsOutput, bool) bool, ...request.Option) error
+
+	ListCidrLocations(*route53.ListCidrLocationsInput) (*route53.ListCidrLocationsOutput, error)
+	ListCidrLocationsWithContext(aws.Context, *route53.ListCidrLocationsInput, ...request.Option) (*route53.ListCidrLocationsOutput, error)
+	ListCidrLocationsRequest(*route53.ListCidrLocationsInput) (*request.Request, *route53.ListCidrLocationsOutput)
+
+	ListCidrLocationsPages(*route53.ListCidrLocationsInput, func(*route53.ListCidrLocationsOutput, bool) bool) error
+	ListCidrLocationsPagesWithContext(aws.Context, *route53.ListCidrLocationsInput, func(*route53.ListCidrLocationsOutput, bool) bool, ...request.Option) error
+
 	ListGeoLocations(*route53.ListGeoLocationsInput) (*route53.ListGeoLocationsOutput, error)
 	ListGeoLocationsWithContext(aws.Context, *route53.ListGeoLocationsInput, ...request.Option) (*route53.ListGeoLocationsOutput, error)
 	ListGeoLocationsRequest(*route53.ListGeoLocationsInput) (*request.Request, *route53.ListGeoLocationsOutput)
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
@ -1279,6 +1279,12 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.
 // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
 // in the IAM User Guide.
 //
+// No permissions are required for users to perform this operation. The purpose
+// of the sts:GetSessionToken operation is to authenticate the user using MFA.
+// You cannot use policies to control authentication operations. For more information,
+// see Permissions for GetSessionToken (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html)
+// in the IAM User Guide.
+//
 // Session Duration
 //
 // The GetSessionToken operation must be called by using the long-term Amazon
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -99,7 +99,7 @@ github.com/aws/amazon-ec2-instance-selector/v2/pkg/ec2pricing
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/instancetypes
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/selector
 github.com/aws/amazon-ec2-instance-selector/v2/pkg/selector/outputs
-# github.com/aws/aws-sdk-go v1.44.6
+# github.com/aws/aws-sdk-go v1.44.32
 ## explicit; go 1.11
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/arn