* Add new Identity and Authentication modules

These modules are empty for now.

* Update Identity & Auth module dependencies

* Add temporary Placeholder class

So there is a jar created for the module.

* Temporarily not fail maven-dependency-plugin

Currently have setup dependencies in maven but there is not
actual code dependencies across these modules. Once new
code is added to the modules this will be undone.

* Removed some answered TODOs

* Add new Identity interfaces

* Move Impl classes to own files

* Add missing @immutable

* Address feedback - interface override and javadoc edits

* Mark the new interfaces @threadsafe

* Remove static create methods in AwsCredentialsIdentity and impls

* Add japicmp excludes for methods moved to parent interface

Was getting these errors otherwise:
```
[ERROR] Failed to execute goal com.github.siom79.japicmp:japicmp-maven-plugin:0.15.6:cmp (default) on project auth: There is at least one incompatibility: software.amazon.awssdk.auth.credentials.AwsCredentials.accessKeyId():METHOD_REMOVED,software.amazon.awssdk.auth.credentials.AwsCredentials.secretAccessKey():METHOD_REMOVED,software.amazon.awssdk.auth.token.credentials.SdkToken.expirationTime():METHOD_REMOVED,software.amazon.awssdk.auth.token.credentials.SdkToken.token():METHOD_REMOVED -> [Help 1]
```

* Simplify hashCode and equals for ResolveIdentityRequest

* Fix doc link about AWS access keys

To match with updates to `AwsCredentials` in PR 3773.

* Accept and use the new AWS Credentials interfaces

In AwsClientBuilder and other places where customers used to be able to provide
AwsCredentialsProvider.

* Update client codegen for endpoint discovery

* Address some of Matt's feedback

* Switch one usage of overrideConfiguration.credentialsProvider

To use the new credentialsIdentityProvider() instead.

* Update tests to mock new IdentityProvider

* Handle null for CredentialUtils conversion methods

* Add IdentityProvider overload to S3CrtAsyncClientBuilder

* Add a TODO for removing a join() later

* Add TODO for AwsCredentialsProviderChain

* Add unit tests and few other minor changes

* Remove unnecessary fallback from AuthorizationStrategyFactory

* Fix test in S3

* Address PR feedback

* Add create() for new AwsCredentials Identity types

* Add `@see AwsSessionCredentialsIdentity` to AwsCredentialsIdentity

Will make it easier to discover `AwsSessionCredentialsIdentity.create` if
looking at `AwsCredentialsIdentity` and wondering how to create a session
credentials.

* AWS Resource Explorer Update: Documentation updates for APIs.

* Amazon GuardDuty Update: Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.

* Amazon SageMaker Runtime Update: Documentation updates for SageMaker Runtime

* Updated endpoints.json and partitions.json.

* Release 2.20.26. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.27-SNAPSHOT

* AWSBillingConductor Update: This release adds a new filter to ListAccountAssociations API and a new filter to ListBillingGroups API.

* AWS Config Update: This release adds resourceType enums for types released from October 2022 through February 2023.

* AWS Database Migration Service Update: S3 setting to create AWS Glue Data Catalog. Oracle setting to control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control access of database logs.

* Updated endpoints.json and partitions.json.

* Release 2.20.27. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.28-SNAPSHOT

* Expose S3CrtHttpConfiguration (#3824)

* Expose S3CrtHttpConfiguration to allow users to configure HTTP settings such as connectionTimeout and proxy with the AWS CRT-based S3 client.

* Fix checkstyle errors and spotbug issue

* Address feedback

* close clientTlsContextOptions

* Revert "close clientTlsContextOptions"

This reverts commit e08c468.

* Fix version

* Update version

* Application Auto Scaling Update: With this release customers can now tag their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged resources centrally.

* Amazon S3 on Outposts Update: S3 On Outposts added support for endpoint status, and a failed endpoint reason, if any

* Amazon WorkDocs Update: This release adds a new API, SearchResources, which enable users to search through metadata and content of folders, documents, document versions and comments in a WorkDocs site.

* Amazon Neptune Update: This release makes following few changes. db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.

* Updated endpoints.json and partitions.json.

* Release 2.20.28. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.29-SNAPSHOT

* Skip missing region test (#3848)

This test asserts that we throw a specific error message when no region is
provided, that message won't be thrown by client since it does its own
validation.

* cleans spaces when constructing an expression name (#3844)

* Application Migration Service Update: This release introduces the Import and export feature and expansion of the post-launch actions

* Amazon Elastic Compute Cloud Update: This release adds support for AWS Network Firewall, AWS PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination optional as long as a destination address in the filter at source is provided.

* AWS Clean Rooms Service Update: GA Release of AWS Clean Rooms, Added Tagging Functionality

* AWS IoT SiteWise Update: Provide support for tagging of data streams and enabling tag based authorization for property alias

* Amazon Chime SDK Messaging Update: Amazon Chime SDK messaging customers can now manage streaming configuration for messaging data for archival and analysis.

* Updated endpoints.json and partitions.json.

* Release 2.20.29. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.30-SNAPSHOT

* Update tm builder log messages (#3822)

* Update logging and add OTHER enum type to S3ClientType

* Add tests

* Refactoring

* Remove third party plugin

* AWS IoT TwinMaker Update: This release adds support of adding metadata when creating a new scene or updating an existing scene.

* AWS Resilience Hub Update: This release provides customers with the ability to import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.

* Amazon EventBridge Pipes Update: This release improves validation on the ARNs in the API model

* AWS Network Manager Update: This release includes an update to create-transit-gateway-route-table-attachment, showing example usage for TransitGatewayRouteTableArn.

* AWS Identity and Access Management Update: Documentation updates for AWS Identity and Access Management (IAM).

* Amazon Simple Systems Manager (SSM) Update: This Patch Manager release supports creating, updating, and deleting Patch Baselines for AmazonLinux2023, AlmaLinux.

* Updated endpoints.json and partitions.json.

* Release 2.20.30. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.31-SNAPSHOT

* Document API for DynamoDB usung EnhancedDynamoDB impementation issue #36 (#3849)

* Adding new Interface EnhancedDocument (#3702)

* Adding new Interface EnhancedDocument

* Fix review comments from Anna-karin and David

* Addresed Zoe's comment

* DefaultEnhancedDocument implementation (#3718)

* DefaultEnhancedDocument implementation

* Updated Null check in the conveter itself while iterating Arrays of AttributeValue

* handled review comments

* Update test cases for JsonAttributeCOnverter

* Removed ctor and added a builder

* Removed ctor for toBuilder

* Implement Static factory methods of EnhancedDocument (#3752)

* DocumentTableSchema Implementation (#3758)

* DocumentTableSchema Implementation

* Handle review comments -1

* Handle review comments 2

* The builder for EnhancedDocument should not rely on the order in which attribute converters are added to it (#3780)

* Handled surface api comments of removing Generic access as Objects (#3811)

* TableSchema API to create table and functional tests

* Surface API Review

* Surface API Review - compilation issues

* Surface API Review - Review comments

* Surface API Review comments from Matt

* Compilation issue and toStringMethod for JsonNode

* Updated after handling Matt's comments

* Functional Test added

* Update in test cases

* Removed functional tests , will create new PR for this

* Review comments handled

* Explicutly adding the dependency in th pom.xml

* Removed @code from @snippet line in javadoc

* Remove extra spaces in Json and make it same as Items as in V1 (#3835)

* Remove extra spaces in Json and make it same as Items as in V1

* Moved Json string helper functions to seperate class

* Delete  unwanted class

* Functional Test Cases for Document DDB API and Surface API Review 2 comments (#3843)

* Functional Test Cases for Document DDB API and Surface API Review 2 comments

* Removed extra newlines from test cases

* Handled Review comments

* Removed primitive boolean getter and replaced with Boolean getter

* Spotbug issue fixed and using StringUtils

* StringUtils corrected the right package

* Sonar quebe test bug fixed

* Handled PR comments, \n 1. Moved DocumentTableSchema from mapper to document package

* Removed @inherit wherever not required

* Amazon SageMaker Service Update: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive instance type.

* AWS Batch Update: This feature allows Batch to support configuration of ephemeral storage size for jobs running on FARGATE

* Amazon Textract Update: The AnalyzeDocument - Tables feature adds support for new elements in the API: table titles, footers, section titles, summary cells/tables, and table type.

* AWS Cloud Map Update: Reverted the throttling exception RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the ErrorCode.

* Amazon Chime SDK Messaging Update: ExpirationSettings provides automatic resource deletion for Channels.

* CodeArtifact Update: Repository CreationTime is added to the CreateRepository and ListRepositories API responses.

* Amazon Interactive Video Service RealTime Update: Initial release of the Amazon Interactive Video Service RealTime API.

* Amazon Chime SDK Identity Update: AppInstanceBots can be used to add a bot powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.

* Amazon Chime SDK Voice Update: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.

* Amazon Chime SDK Media Pipelines Update: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.

* Amazon GuardDuty Update: Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.

* AWS Elemental MediaConvert Update: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.

* Updated endpoints.json and partitions.json.

* Release 2.20.31. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.32-SNAPSHOT

* Change logs for release of Document API for DDB items (#3853)

* Close and release channel upon validation failure (#3855)

When content length validation fails when PublisherAdapter#onComplete is
invoked, behave as on PublisherAdapter#onError and also close and release the
channel; otherwise the channel would be left in the leased state forever.

* Add ServiceClientConfiguration to SdkClient (#3830)

* Add ServiceClientConfiguration to SdkClient

* Remove test

* Implement method in test clients

* Add tests

* Add tests

* Refactor test clients

* Refactoring

* Add AwsServiceClientConfiguration and refactor

* Fix build issues

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Add codegen test

* Fix build failure - change return type

* Remove unused import

* Refactoring

* Fix import

* Amazon Relational Database Service Update: Added error code CreateCustomDBEngineVersionFault for when the create custom engine version for Custom engines fails.

* Amazon Comprehend Update: This release adds a new field (FlywheelArn) to the EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job is started with a FlywheelArn instead of an EntityRecognizerArn .

* Amazon CloudWatch Update: Doc-only update to correct alarm actions list

* Updated endpoints.json and partitions.json.

* Release 2.20.32. Updated CHANGELOG.md, README.md and all pom.xml.

* Do not attempt to pad time string if current length is sufficient (#3676)

* Do not attempt to pad time string if current length is sufficient

* Remove 'final' modifier from local variables

---------

Co-authored-by: Anna-Karin Salander <salande@amazon.com>

* Update to next snapshot version: 2.20.33-SNAPSHOT

* Fixing build failure of PR-3767 (#3857)

* AWS Elemental MediaLive Update: AWS Elemental MediaLive now supports ID3 tag insertion for audio only HLS output groups. AWS Elemental Link devices now support tagging.

* Amazon Chime SDK Voice Update: Documentation updates for Amazon Chime SDK Voice.

* AWS SecurityHub Update: Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.

* Amazon Connect Service Update: This release introduces support for RelatedContactId in the StartChatContact API. Interactive message and interactive message response have been added to the list of supported message content types for this API as well.

* Amazon Voice ID Update: Amazon Connect Voice ID now supports multiple fraudster watchlists. Every domain has a default watchlist where all existing fraudsters are placed by default. Custom watchlists may now be created, managed, and evaluated against for known fraudster detection.

* Amazon Connect Participant Service Update: This release provides an update to the SendMessage API to handle interactive message response content-types.

* Amazon SageMaker Service Update: Fixed some improperly rendered links in SDK documentation.

* AWS IoT Wireless Update: Introducing new APIs that enable Sidewalk devices to communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and advanced device management.

* Amazon Athena Update: Enforces a minimal level of encryption for the workgroup for query and calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption only to the minimum level set by the administrator or higher when they submit queries.

* AWS Service Catalog App Registry Update: In this release, we started supporting ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.

* Release 2.20.33. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.34-SNAPSHOT

* [Bug bash] Include sso and ssooidc dependencies in maven archetype (#3767)

Include sso and ssoidc dependencies in maven archetype

* Bytes in a toJson of EnhancedDocument should be represented in a decimal encoded format for their binary representation. (#3860)

* Bytes in a toJson of EnhancedDocument should be represented in a hexadecimal encoded format for their binary representation.

* Corrected the JsonItemAttributeConverterTest

* Fixed code smells

* Update changelog

* Fix serviceclientconfig build issues (#3864)

* Make serviceClientConfiguration()  default and throw unsupported operation exception

* Update client interface method

* Temporarily disable Poet Client tests

* remove unused imports

* Fix build issue

* Update codegen files and re-enable tests

* remove unnecessary method implementation from test client

* AWS Systems Manager Incident Manager Update: Increased maximum length of "TriggerDetails.rawData" to 10K characters and "IncidentSummary" to 8K characters.

* AWS Systems Manager Incident Manager Contacts Update: This release adds 12 new APIs as part of Oncall Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS ssm-contacts for more information

* AWS IoT Data Plane Update: Add endpoint ruleset support for cn-north-1.

* Updated endpoints.json and partitions.json.

* Release 2.20.34. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.35-SNAPSHOT

* OpenSearch Service Serverless Update: This release includes two new exception types "ServiceQuotaExceededException" and "OcuLimitExceededException".

* Amazon Relational Database Service Update: Add support for creating a read replica DB instance from a Multi-AZ DB cluster.

* Updated endpoints.json and partitions.json.

* Release 2.20.35. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.36-SNAPSHOT

* TM: downloadDirectory refactor how SDK sends concurrent download file requests (#3867)

* Refactor async buffering subscriber

* AWS Compute Optimizer Update: This release adds support for HDD EBS volume types and io2 Block Express. We are also adding support for 61 new instance types and instances that have non consecutive runtime.

* AWSKendraFrontendService Update: AWS Kendra now supports featured results for a query.

* Amazon SageMaker geospatial capabilities Update: Amazon SageMaker geospatial capabilities now supports server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.

* Amazon GuardDuty Update: Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs

* AWS Well-Architected Tool Update: AWS Well-Architected SDK now supports getting consolidated report metrics and generating a consolidated report PDF.

* Auto Scaling Update: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.

* Amazon VPC Lattice Update: General Availability (GA) release of Amazon VPC Lattice

* AWS Network Firewall Update: AWS Network Firewall added TLS inspection configurations to allow TLS traffic inspection.

* Amazon Athena Update: Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in StartSession

* Elastic Disaster Recovery Service Update: Adding a field to the replication configuration APIs to support the auto replicate new disks feature. We also deprecated RetryDataReplication.

* AWS Batch Update: This feature allows Batch on EKS to support configuration of Pod Labels through Metadata for Batch on EKS Jobs.

* AWS Glue Update: This release adds support for AWS Glue Data Quality, which helps you evaluate and monitor the quality of your data and includes the API for creating, deleting, or updating data quality rulesets, runs and evaluations.

* EC2 Image Builder Update: Adds support for new image workflow details and image vulnerability detection.

* Amazon Interactive Video Service Update: Amazon Interactive Video Service (IVS) now offers customers the ability to configure IVS channels to allow insecure RTMP ingest.

* Amazon Elastic Compute Cloud Update: This release adds support for Tunnel Endpoint Lifecycle control, a new feature that provides Site-to-Site VPN customers with better visibility and control of their VPN tunnel maintenance updates.

* Amazon EMR Update: Updated DescribeCluster and ListClusters API responses to include ErrorDetail that specifies error code, programmatically accessible error data,and an error message. ErrorDetail provides the underlying reason for cluster failure and recommends actions to simplify troubleshooting of EMR clusters.

* Updated endpoints.json and partitions.json.

* Release 2.20.36. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.37-SNAPSHOT

* Fixed the issue where AWS CRT-based S3 client was eagerly buffering data before the underlying CRT component was able to handle it. (#3800)

* fix wrong Source Control url in sonatype (#3872)

fix wrong Source Control url in sonatype

* Amazon Elastic Compute Cloud Update: Documentation updates for EC2 On Demand Capacity Reservations

* Amazon Simple Storage Service Update: Documentation updates for Amazon S3

* Amazon CloudWatch Internet Monitor Update: This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as CloudWatch Logs.

* AWS Server Migration Service Update: Deprecating AWS Server Migration Service.

* AWS Resilience Hub Update: Adding EKS related documentation for appTemplateBody

* Amazon SageMaker Feature Store Runtime Update: In this release, you can now chose between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it comes to managing online store data.

* Updated endpoints.json and partitions.json.

* Release 2.20.37. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.38-SNAPSHOT

* Added option of using an explicit `ExecutorService` in `FileAsyncResponseTransformer` (#3875)

Co-authored-by: Zoe Wang <33073555+zoewangg@users.noreply.github.com>

* AmazonMWAA Update: This Amazon MWAA release adds the ability to customize the Apache Airflow environment by launching a shell script at startup. This shell script is hosted in your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and initializing the Apache Airflow process.

* AWS License Manager Update: This release adds grant override options to the CreateGrantVersion API. These options can be used to specify grant replacement behavior during grant activation.

* AWS Glue Update: Add support for database-level federation

* AWS Service Catalog Update: This release introduces Service Catalog support for Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new TERRAFORM_OPEN_SOURCE product type in CreateProduct API.

* AWS WAFV2 Update: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.

* AWS Lake Formation Update: Add support for database-level federation

* Updated endpoints.json and partitions.json.

* Release 2.20.38. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.39-SNAPSHOT

* AWS Data Exchange Update: This release updates the value of MaxResults.

* Amazon SageMaker Runtime Update: Amazon SageMaker Asynchronous Inference now provides customers a FailureLocation as a response parameter in InvokeEndpointAsync API to capture the model failure responses.

* Amazon SageMaker Service Update: Amazon SageMaker Asynchronous Inference now allows customer's to receive failure model responses in S3 and receive success/failure model responses in SNS notifications.

* Amazon Elastic Compute Cloud Update: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.

* Auto Scaling Update: Documentation updates for Amazon EC2 Auto Scaling

* AWS WAFV2 Update: This release rolls back association config feature for webACLs that protect CloudFront protections.

* Amazon Elastic Inference Update: Updated public documentation for the Describe and Tagging APIs.

* AWS Amplify UI Builder Update: Support StorageField and custom displays for data-bound options in form builder. Support non-string operands for predicates in collections. Support choosing client to get token from.

* Updated endpoints.json and partitions.json.

* Release 2.20.39. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.40-SNAPSHOT

* Fixing the documentation for UpdateItemEnhancedResponse to correctly describe which return values the attributes have (#3881)

* Amazon Interactive Video Service RealTime Update: Fix ParticipantToken ExpirationTime format

* AWS App Runner Update: App Runner adds support for seven new vCPU and memory configurations.

* AWS Service Catalog Update: removed incorrect product type value

* Amazon VPC Lattice Update: This release removes the entities in the API doc model package for auth policies.

* Amazon EC2 Container Service Update: This is a document only updated to add information about Amazon Elastic Inference (EI).

* AWS Network Firewall Update: AWS Network Firewall now supports IPv6-only subnets.

* AWS SSO Identity Store Update: Documentation updates for Identity Store CLI command reference.

* AWS Config Update: This release adds resourceType enums for types released in March 2023.

* Updated endpoints.json and partitions.json.

* Release 2.20.40. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.41-SNAPSHOT

* S3 URI Parser (#3874)

* S3 URI Parser

* S3 URI Parser

* S3 URI Parser

* S3 URI Parser

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* Refactoring

* AWS Proton Update: This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository.

* Amazon Relational Database Service Update: Adds and updates the SDK examples

* AWS IoT Greengrass V2 Update: Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.

* AWS CloudFormation Update: Including UPDATE_COMPLETE as a failed status for DeleteStack waiter.

* Updated endpoints.json and partitions.json.

* Release 2.20.41. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.42-SNAPSHOT

* Support ClientContextParams for S3CrtAsyncClient (#3880)

Only support UseArnRegion and ForcePathStyle as they're the only ones we can
support with the CRT client.

* Include flattened mappers in converter resolution (#3877)

This ensures that flattened fields are correctly resolved for conversion.
This mostly impacts extensions such as the AutoGeneratedTimestampRecordExtension
which could not handle a flattend timestamp field.

#3150

Co-authored-by: Andy Kiesler <kiesler@amazon.com>

* Re-enable disabled S3 tests (#3876)

* docs: add akiesler as a contributor for code (#3890)

* docs: update README.md [skip ci]

* docs: update .all-contributorsrc [skip ci]

---------

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>

* Amazon DocumentDB with MongoDB compatibility Update: This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore.

* Redshift Data API Service Update: Update documentation of API descriptions as needed in support of temporary credentials with IAM identity.

* AWS Lambda Update: This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered.

* Amazon Data Lifecycle Manager Update: Updated timestamp format for GetLifecyclePolicy API

* AWS Service Catalog Update: Updates description for property

* Amazon QuickSight Update: This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.

* Amazon FSx Update: Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems.

* Release 2.20.42. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.43-SNAPSHOT

* Expose numRetries  to configure maxRetries on error in the S3CrtClient Interface (#3885)

* Expose StandardRetryOptions in the S3CrtClient Interface

* Added wrapper class for CRT retry config

* Added Null checks and test cases

* Handled PR comment on javadoc

* Handled NIT comments

* Use mock HTTP client instead of WireMock (#3893)

* Add waiter when deleting objects to fix occasional flakiness (#3891)

* Amazon Connect Service Update: This release adds the ability to configure an agent's routing profile to receive contacts from multiple channels at the same time via extending the UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.

* Amazon EC2 Container Service Update: This release adds support for enabling FIPS compliance on Amazon ECS Fargate tasks

* AWS Marketplace Catalog Service Update: Added three new APIs to support resource sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to ListEntities request to let users filter on entities that are shared with them. Increased max page size of ListEntities response from 20 to 50 results.

* Amazon Rekognition Update: This release adds support for Face Liveness APIs in Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor updates to API documentation.

* Amazon Omics Update: Remove unexpected API changes.

* AWS Elemental MediaConvert Update: AWS Elemental MediaConvert SDK now supports conversion of 608 paint-on captions to pop-on captions for SCC sources.

* Updated endpoints.json and partitions.json.

* Release 2.20.43. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.44-SNAPSHOT

* Amazon EventBridge Update: EventBridge PutTarget support for multiple SQL arguments on RedshiftDataParameters

* EMR Serverless Update: This release extends GetJobRun API to return job run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if none was specified).

* Amazon Elastic Container Registry Public Update: This release will allow using registry alias as registryId in BatchDeleteImage request.

* AWS WAFV2 Update: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.

* AWS IoT Update: This release allows AWS IoT Core users to specify a TLS security policy when creating and updating AWS IoT Domain Configurations.

* AWS IoT Data Plane Update: This release adds support for MQTT5 user properties when calling the AWS IoT GetRetainedMessage API

* Updated endpoints.json and partitions.json.

* Release 2.20.44. Updated CHANGELOG.md, README.md and all pom.xml.

* Expose endpointOverride through ServiceClientConfiguration (#3900)

* Expose endpointOverride through ServiceClientConfiguration

* Refactoring

* Add endpointOverride to equals and hashcode

* Fix build errors

* Refactoring

* AWS WAFV2 Update: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.

* AWS IoT Update: Re-release to remove unexpected API changes

* Amazon Elastic Container Registry Public Update: This release will allow using registry alias as registryId in BatchDeleteImage request.

* Amazon EventBridge Update: EventBridge PutTarget support for multiple SQL arguments on RedshiftDataParameters

* EMR Serverless Update: This release extends GetJobRun API to return job run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if none was specified).

* AWS IoT Data Plane Update: This release adds support for MQTT5 user properties when calling the AWS IoT GetRetainedMessage API

* Updated endpoints.json and partitions.json.

* Release 2.20.44. Updated CHANGELOG.md, README.md and all pom.xml.

* Revert "AWS IoT Update: This release allows AWS IoT Core users to specify a TLS security policy when creating and updating AWS IoT Domain Configurations."

This reverts commit 9e6efde.

* Fix conflicts with changelogs

* Update to next snapshot version: 2.20.45-SNAPSHOT

* AWS Ground Station Update: AWS Ground Station Wideband DigIF GA Release

* Amazon Managed Blockchain Update: Removal of the Ropsten network. The Ethereum foundation ceased support of Ropsten on December 31st, 2022..

* Updated endpoints.json and partitions.json.

* Release 2.20.45. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.46-SNAPSHOT

* AWS MediaConnect Update: Gateway is a new feature of AWS Elemental MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of transporting live video to and from the AWS Cloud.

* Amazon Chime SDK Voice Update: This release adds tagging support for Voice Connectors and SIP Media Applications

* Updated endpoints.json and partitions.json.

* Release 2.20.46. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.20.47-SNAPSHOT

* Bump crt version to 0.21.12 (#3908)

* Update new modules in branch to 2.20.47-SNAPSHOT

* Fix import ordering

---------

Co-authored-by: AWS <>
Co-authored-by: aws-sdk-java-automation <43143862+aws-sdk-java-automation@users.noreply.github.com>
Co-authored-by: Zoe Wang <33073555+zoewangg@users.noreply.github.com>
Co-authored-by: Dongie Agnir <261310+dagnir@users.noreply.github.com>
Co-authored-by: Anna-Karin Salander <salande@amazon.com>
Co-authored-by: David Ho <70000000+davidh44@users.noreply.github.com>
Co-authored-by: John Viegas <70235430+joviegas@users.noreply.github.com>
Co-authored-by: belugabehr <12578579+belugabehr@users.noreply.github.com>
Co-authored-by: Olivier L Applin <olapplin@amazon.com>
Co-authored-by: Mike Pedersen <mikepedersen@humio.com>
Co-authored-by: Andy Kiesler <4186292+akiesler@users.noreply.github.com>
Co-authored-by: Andy Kiesler <kiesler@amazon.com>
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: Dongie Agnir <dongie@amazon.com>

* Accept and use the new TokenIdentity interfaces

* Move TokenUtils to internal sub-package

This makes the build work without disabling the
maven-dependency-plugin and removes the Placeholder files.

* Made interfaces @SdkPublicApi
* Added test for equals and hashCode

* Add main auth scheme interfaces

* Change Consumer interface and address comments

* Move schemeId into Builder method instead of constructor

* refactors credential identity to create separate classes

* Minor changes to default identity classes

* Fix generics related warning in Signer interfaces

* Remove <T> for HttpAuthOption.Builder.schemeId

* Remove wildcards from sign methods

* Make Identity explicit in HttpSignRequest

* Make IdentityT type extend Identity in HttpSigner

* Add consumer builder pattern to HttpSigner methods

They have default implementation that rely on new
DefaultHttpSignRequest.BuilderImpl constructor that relies on the
generic IdentityT without knowing the Class of that type. This class
is @SdkInternalApi so this constructor is considered private.

Also, make HttpSignRequest.builder take Class<IdentityT> as parameter.

Also, make IdentityT type extends Identity in HttpSignRequest.

* Add test to show HttpSigner usage

* Note identityType parameter is ignored in HttpSignRequest.builder

* Use separate interfaces for sync and async sign requests

This fixes HttpSignerTest.signAsync_usingRequest_works test.

* Use abstract DefaultHttpSignRequest to avoid duplication

* Split sync/async interfaces for SignedHttpRequest

And removed `payloadType()` accessor.

Also, HttpSignRequest builders take Identity as parameter instead of Class<IdentityT>.

* Minor fixes

* Added missing Builder method override for identity
* Fixed javadocs
* Fixed toString

* Make protected properties Map an unmodifiableMap

* Remove overriding in HttpSignRequest.Builder sub-interfaces

* Remove overriding in SignedHttpRequest.Builder sub-interfaces

* Allow sign methods take request with subtype of the IdentityT

* Make HttpSignRequest @SdkProtectedApi

* Make HttpSignRequest @SdkPublicApi

* Add initial AuthSchemeProvider codegen

This includes:
* AuthSchemeParams interface and implementation.
* AuthSchemeProvider interface
* AuthSchemeProvider implementation is stubbed out for now.
* Plumbing to generate authscheme related code

* Refactor to remove some duplication

* Add AuthSchemeProvider marker interface

This is needed for setting authSchemeProvider client configuration option.

* Add/update generated javadoc

* Use ".auth.scheme" for java package

Also, removed/updated some TODOs.

* Fix java package in expected test output

* Generate authSchemeProvider setter in service client builder

* Configure client with default AuthSchemeProvider

* Add interface stubs for new signer implementations

* Fix HttpSign* interfaces with correct types

* Add initial default implementation of BearerHttpSigner

* Fix pom descriptions

* Update signer stubs with latest interface changes

* Fix JavaDoc styling

* Optimize performance when creating bearer authz header string

…#3910)"

This reverts commit 005b39b.

* Add AuthScheme sub-interfaces

* Add create method to AuthScheme sub-interfaces

* Add interface stubs for new signer implementations

* Update signer stubs with latest interface changes

* Implement AwsV4HttpSigner

* Update naming of auth request/response/options classes

* Change AuthOption to AuthSchemeOption, Update SyncSignedRequest

* Change *HttpAuthScheme to *AuthScheme

* Update test names, signer properties

* Add IdentityProviderConfiguration implementation

* Make IdentityProviderConfiguration a ToCopyableBuilder

IdentityProviderConfiguration would initially be setup for a client,
but we'd want to allow individual request to override its identity
provider, so we would need to be able to copy the
IdentityProviderConfiguration to mutate.

* Add interface stubs for new signer implementations

* Update signer stubs with latest interface changes

* Implement AwsV4HttpSigner

* Update test names, signer properties

* remove junit-vintage

* Update visibilities, documentation, and other comments

* Address some style comments

* Fix branching logic for when checksum properties are added on request

* Remove unused method, use IllegalArgumentException

Otherwise, even after build() is called, if more properties are added
to the same builder instance, it mutates the built DefaultSignRequest
object.

Helps resolve ambiguity with consumer builder pattern when using
IdentityProvider.resolveIdentity.

* Commit generated `acm` service code

To help see diffs that need to be code generated.

* Delete `acm` codegen-resources

To avoid regenerating during build, as generated code is committed.

* Prep bearer service codecatalyst for diff

Commit generated code and delete codegen-resources.

* Disable checkstyle temporarily for acm, codecatalyst

* Update generated acm, codecatalyst based on upstream changes

* Change map-service-to-client-prefix so it excludes acm, codecatalyst

* Commit generated `acm` service code

To help see diffs that need to be code generated.

* Delete `acm` codegen-resources

To avoid regenerating during build, as generated code is committed.

* Prep bearer service codecatalyst for diff

Commit generated code and delete codegen-resources.

* Disable checkstyle temporarily for acm, codecatalyst

* Update generated acm, codecatalyst based on upstream changes

* Change map-service-to-client-prefix so it excludes acm, codecatalyst

* Working AuthSchemeInterceptor for codecatalyst

Also untested code for acm

* Make AuthSchemeInterceptor beforeExecution

* Setup auth schemes as clientConfig

* Setup identityProviderConfiguration as clientConfig

* Add TODO for identity resolution outside of signing

* AcmAuthSchemeProvider changes to make acm work

* Fix DeclarationOrder checkstyle failure

* Removed some resolved TODOs

* Move the attributes to SdkInternalExecutionAttribute

* Change initialization / update of IdentityProviderConfiguration

* Move identityProvider null check to caller

* Add missing newlines

* Move putIdentityProvider to the call sites

* Implement default auth scheme provider

* Address PR comments

* Sort operations to produce a deterministic output

TODOs for the same are present in
AwsExecutionContextBuilder.putAuthSchemeResolutionAttributes which is
where those TODOs are applicable.

* Add interface stubs for new signer implementations

* Update signer stubs with latest interface changes

* Implement AwsV4HttpSigner

* Update naming of auth request/response/options classes

* Change AuthOption to AuthSchemeOption, Update SyncSignedRequest

* Change *HttpAuthScheme to *AuthScheme

* Update test names, signer properties

* remove junit-vintage

* Update visibilities, documentation, and other comments

* Address some style comments

* Fix branching logic for when checksum properties are added on request

* Remove unused method, use IllegalArgumentException

* Implement AwsV4QueryHttpSigner

* Fix typos

* Fix merge issue

* Fix logic issue and minor comments

* Refactor canonical request creation, simplify and deduplicate signer logic

* Nits

* nits

* improve docs, address comments

* centralize param validation, change visibilities

* Address comments

* Add more tests

* Fix spotbugs config for SDK_BAD_METHOD_CALL bug pattern

* Make optimizations according to SDK_BAD_METHOD_CALL

* Change to TickingClock

…ethod (#4143)

This was changed to SIGNING_CLOCK recently, which is optional.

* Skip signing for smithy.api#noAuth

* Remove unnecessary comment

* Add TODO for unit testing the SRA logic in SigningStage

* Auth scheme provider using endpoints

* Address PR comments

* Update after merge

* Fix bug in SigningStage.shouldSign

* Wrap with updateInterceptorContext

* Add TODO for AsyncRequestBodySigner dead code in SigningStage

* Add metric for signing duration

…4167)

* Allow all endpoint params if enabled and allow list is not defined

* Separate the logic to add params for params and provider classes

* Handle sign/signAsync in AsyncSigningStage

* Return without converting if already SdkHttpFullRequest

* Move identity resolution into own interceptor

* Move identity resolution within AuthSchemeInterceptor

Instead of separate interceptor. SelectedAuthScheme now saves the
Identity instead of another ExecutionAttribute.

* Add identity resolution to AuthSchemeInterceptor codegen

* Move identity resolution out of AsyncSigningStage

Uses a join, which I'll remove in next commit. But this commit fixes
the compile errors.

* Use thenCompose on Identity future instead of join

* Account for signAsync returning CompletableFuture

signAsync interface hasn't been updated yet, so faking it here with a temporary
private method.

Also, some refactoring of SigningStage.

* Update AsyncRequestBody in contexts

Update AsyncRequestBody in RequestExecutionContext and InterceptorContext.

* Clarify method name to update SdkHttpRequest in InterceptorContext

More verbose but helps clarify in relation to updateAsyncRequestBodyInContexts.

* Clarify method name in SigningStage too

To match AsyncSigningStage.

* Remove addressed TODO

* Wire up the auth scheme interceptor in the base client builder

* Fix test cases with  instead of

* Fix test file formatting

* Add all the model authTypes and fix tests

* Comment out the ClockSkewAdjustmentTest that do not work as of now

* Simplify test file

* Do not generate the interceptor logic for S3

* Do not generate the interceptor logic for S3Control also

* Fix sigv4a schemeId and javadocs in sigv4a AuthSchemes

* Define static constant for SCHEME_ID

* Add javadoc for SCHEME_ID constant

* Revert "Prep some services modules for easier diff of upcoming changes (#4090)"

This reverts commit b024b3f.

* Revert new src files added in PR 4111

* Add support for auth scheme interceptor with endpoint params

* Address PR comments

* Add unit tests for (Async)SigningStage

* Add more tests for pre SRA code

It's a false positive bug, since signedRequest.payload() is immutable,
but this avoids SonarCloud considering it as a bug.

* Use old SigningStage logic if Signer is overridden

* Add unit tests for signer override cases

* Update working on TODO for test to add later

* Extract Utils for sharing across (Async)SigningStage

…4251)

* Add sigv4a for services that have enabled endpoint based auth params

* Address PR comments

* Add a proper test that actually uses endpoint auth params

* Use the useEndpointBasedAuthProvider method instead to improve readability

This reverts commit 312d4c0.

* Remove Signer related codegen logic in Clients

* Remove unused methods in Metadata

* Add TODO comment about not writing IS_NONE_AUTH_TYPE_REQUEST

* Fix test in codegen-generated-classes-test

…a-identity-auth

* Add support for sigv4a for endpoint based authscheme provider

* Fix the condition, we throw on more than one region

* Fix the tests after changing the condtional

* Remove unused import from the AwsV4aAuthScheme moved class

* Set PAYLOAD_SIGNING_ENABLED for the S3 auth type

* Remove extra new lines

* Fix used and unused dependencies

* Remove http-auth-aws from the default template

* Add new exclude/include arguments to augment the created service pom file

* Add a note clarfiying when to use excludes

…erge-2.20.131-SNAPSHOT

…etermined by endpoint rules. (#4328)

* Refactor DefaultAwsV4HttpSigner and remove V4HttpSigner

* Update TODOs to follow convention

* Add CRT v4a signer

* Address comments

* Refactor, remove helper class

* Fix expiration duration case

* Promote no-auth to a proper AuthScheme

* Make NoAuthScheme a no-op auth scheme

* Address PR comments

* Remove unused import

* Cleanup TODOs in AwsExecutionContextBuilder

* Remove some TODO in codegen

* Tag TODO for sra-identity-and-auth

* Remove TODO for SelectedAuthScheme location

* Remove setting IS_NONE_AUTH_TYPE_REQUEST

Newly generated clients won't have this attribute set, but the reader
(AwsExecutionContextBuilder) will still continue reading this
attribute for old clients.

* Make presign interceptors read SelectedAuthScheme.Identity

To support the changes in AwsExecutionContextBuilder not setting
AwsSignerExecutionAttribute.AWS_CREDENTIALS with SRA flow.

* Address PR comments

* Make cast safe in resolveCredentials in presign interceptors

* Remove unused import

* Use NoAuthAuthScheme instead of supportsSigning

The supportsSigning() method was removed when merging from parent.

* Rename some methods

* Fix checkstyle length issue

* Temporarily comment out CREDENTIALS_FETCH_DURATION assertion

… client builder. (#4311)

* Remove legacy endpoint auth scheme logic and add putAuthScheme to AWS client builder.

Changes:
* Move endpoint resolution header addition from EndpointAuthSchemeInterceptor to EndpointResolverInterceptor
* Remove EndpointAuthSchemeInterceptor
* When endpoint provider returns signer parameters, override parameters from the auth scheme provider
* Add the ability to specify new or override existing auth schemes via putAuthScheme on AWS client builder.
* Speed up FlatteningSubscriberTest.stochastic_dataFlushedBeforeOnComplete
* Change endpoint-based auth scheme providers to use joinLikeSync instead of join to maintain exception backwards-compatibility.