boto
diff --git a/‎.changes/next-release/api-change-cloudhsmv2-90981.json
+5 b/‎.changes/next-release/api-change-cloudhsmv2-90981.json
+5
diff --git a/‎.changes/next-release/api-change-ec2-66466.json
+5 b/‎.changes/next-release/api-change-ec2-66466.json
+5
diff --git a/‎.changes/next-release/api-change-eks-42910.json
+5 b/‎.changes/next-release/api-change-eks-42910.json
+5
diff --git a/‎.changes/next-release/api-change-logs-91140.json
+5 b/‎.changes/next-release/api-change-logs-91140.json
+5
diff --git a/‎.changes/next-release/api-change-mediaconnect-92309.json
+5 b/‎.changes/next-release/api-change-mediaconnect-92309.json
+5
diff --git a/‎.changes/next-release/api-change-networkmanager-71337.json
+5 b/‎.changes/next-release/api-change-networkmanager-71337.json
+5
diff --git a/‎.changes/next-release/api-change-servicediscovery-99181.json
+5 b/‎.changes/next-release/api-change-servicediscovery-99181.json
+5
diff --git a/‎botocore/data/cloudhsmv2/2017-04-28/service-2.json
+34 b/‎botocore/data/cloudhsmv2/2017-04-28/service-2.json
+34
diff --git a/‎botocore/data/ec2/2016-11-15/service-2.json
+19-3 b/‎botocore/data/ec2/2016-11-15/service-2.json
+19-3
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``cloudhsmv2``",
+  "description": "Add support for Dual-Stack hsm2m.medium clusters. The customers will now be able to create hsm2m.medium clusters having both IPv4 and IPv6 connection capabilities by specifying a new param called NetworkType=DUALSTACK during cluster creation."
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``ec2``",
+  "description": "This release adds GroupId to the response for DeleteSecurityGroup."
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``eks``",
+  "description": "Add NodeRepairConfig in CreateNodegroupRequest and UpdateNodegroupConfigRequest"
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``logs``",
+  "description": "Limit PutIntegration IntegrationName and ListIntegrations IntegrationNamePrefix parameters to 50 characters"
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``mediaconnect``",
+  "description": "AWS Elemental MediaConnect Gateway now supports Source Specific Multicast (SSM) for ingress bridges. This enables you to specify a source IP address in addition to a multicast IP when creating or updating an ingress bridge source."
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``networkmanager``",
+  "description": "There was a sentence fragment in UpdateDirectConnectGatewayAttachment that was causing customer confusion as to whether it's an incomplete sentence or if it was a typo. Removed the fragment."
+}
@@ -0,0 +1,5 @@
+{
+  "type": "api-change",
+  "category": "``servicediscovery``",
+  "description": "AWS Cloud Map now supports service-level attributes, allowing you to associate custom metadata directly with services. These attributes can be retrieved, updated, and deleted using the new GetServiceAttributes, UpdateServiceAttributes, and DeleteServiceAttributes API calls."
+}
@@ -305,6 +305,7 @@
         {"shape":"CloudHsmAccessDeniedException"},
         {"shape":"CloudHsmInternalFailureException"},
         {"shape":"CloudHsmInvalidRequestException"},
+        {"shape":"CloudHsmResourceLimitExceededException"},
         {"shape":"CloudHsmResourceNotFoundException"},
         {"shape":"CloudHsmServiceException"},
         {"shape":"CloudHsmTagException"}
@@ -509,6 +510,14 @@
       "documentation":"<p>The request was rejected because it is not a valid request.</p>",
       "exception":true
     },
+    "CloudHsmResourceLimitExceededException":{
+      "type":"structure",
+      "members":{
+        "Message":{"shape":"errorMessage"}
+      },
+      "documentation":"<p>The request was rejected because it exceeds an CloudHSM limit.</p>",
+      "exception":true
+    },
     "CloudHsmResourceNotFoundException":{
       "type":"structure",
       "members":{
@@ -588,6 +597,10 @@
           "shape":"VpcId",
           "documentation":"<p>The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.</p>"
         },
+        "NetworkType":{
+          "shape":"NetworkType",
+          "documentation":"<p>The cluster's NetworkType can be set to either IPV4 (which is the default) or DUALSTACK. When set to IPV4, communication between your application and the Hardware Security Modules (HSMs) is restricted to the IPv4 protocol only. In contrast, the DUALSTACK network type enables communication over both the IPv4 and IPv6 protocols. To use the DUALSTACK option, you'll need to configure your Virtual Private Cloud (VPC) and subnets to support both IPv4 and IPv6. This involves adding IPv6 Classless Inter-Domain Routing (CIDR) blocks to the existing IPv4 CIDR blocks in your subnets. The choice between IPV4 and DUALSTACK network types determines the flexibility of the network addressing setup for your cluster. The DUALSTACK option provides more flexibility by allowing both IPv4 and IPv6 communication.</p>"
+        },
         "Certificates":{
           "shape":"Certificates",
           "documentation":"<p>Contains one or more certificates or a certificate signing request (CSR).</p>"
@@ -623,6 +636,8 @@
         "INITIALIZED",
         "ACTIVE",
         "UPDATE_IN_PROGRESS",
+        "MODIFY_IN_PROGRESS",
+        "ROLLBACK_IN_PROGRESS",
         "DELETE_IN_PROGRESS",
         "DELETED",
         "DEGRADED"
@@ -690,6 +705,10 @@
           "shape":"SubnetIds",
           "documentation":"<p>The identifiers (IDs) of the subnets where you are creating the cluster. You must specify at least one subnet. If you specify multiple subnets, they must meet the following criteria:</p> <ul> <li> <p>All subnets must be in the same virtual private cloud (VPC).</p> </li> <li> <p>You can specify only one subnet per Availability Zone.</p> </li> </ul>"
         },
+        "NetworkType":{
+          "shape":"NetworkType",
+          "documentation":"<p>The NetworkType to create a cluster with. The allowed values are <code>IPV4</code> and <code>DUALSTACK</code>. </p>"
+        },
         "TagList":{
           "shape":"TagList",
           "documentation":"<p>Tags to apply to the CloudHSM cluster during creation.</p>"
@@ -985,6 +1004,10 @@
           "shape":"IpAddress",
           "documentation":"<p>The IP address of the HSM's elastic network interface (ENI).</p>"
         },
+        "EniIpV6":{
+          "shape":"IpV6Address",
+          "documentation":"<p>The IPv6 address (if any) of the HSM's elastic network interface (ENI).</p>"
+        },
         "HsmId":{
           "shape":"HsmId",
           "documentation":"<p>The HSM's identifier (ID).</p>"
@@ -1062,6 +1085,10 @@
       "type":"string",
       "pattern":"\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}"
     },
+    "IpV6Address":{
+      "type":"string",
+      "max":100
+    },
     "ListTagsRequest":{
       "type":"structure",
       "required":["ResourceId"],
@@ -1145,6 +1172,13 @@
         "Cluster":{"shape":"Cluster"}
       }
     },
+    "NetworkType":{
+      "type":"string",
+      "enum":[
+        "IPV4",
+        "DUALSTACK"
+      ]
+    },
     "NextToken":{
       "type":"string",
       "max":256,
 
@@ -1855,6 +1855,7 @@
         "requestUri":"/"
       },
       "input":{"shape":"DeleteSecurityGroupRequest"},
+      "output":{"shape":"DeleteSecurityGroupResult"},
       "documentation":"<p>Deletes a security group.</p> <p>If you attempt to delete a security group that is associated with an instance or network interface, is referenced by another security group in the same VPC, or has a VPC association, the operation fails with <code>DependencyViolation</code>.</p>"
     },
     "DeleteSnapshot":{
@@ -6388,7 +6389,7 @@
       },
       "input":{"shape":"StartDeclarativePoliciesReportRequest"},
       "output":{"shape":"StartDeclarativePoliciesReportResult"},
-      "documentation":"<p>Generates an account status report. The report is generated asynchronously, and can take several hours to complete.</p> <p>The report provides the current status of all attributes supported by declarative policies for the accounts within the specified scope. The scope is determined by the specified <code>TargetId</code>, which can represent an individual account, or all the accounts that fall under the specified organizational unit (OU) or root (the entire Amazon Web Services Organization).</p> <p>The report is saved to your specified S3 bucket, using the following path structure (with the <i>italicized placeholders</i> representing your specific values):</p> <p> <code>s3://<i>amzn-s3-demo-bucket</i>/<i>your-optional-s3-prefix</i>/ec2_<i>targetId</i>_<i>reportId</i>_<i>yyyyMMdd</i>T<i>hhmm</i>Z.csv</code> </p> <p class=\"title\"> <b>Prerequisites for generating a report</b> </p> <ul> <li> <p>The <code>StartDeclarativePoliciesReport</code> API can only be called by the management account or delegated administrators for the organization.</p> </li> <li> <p>An S3 bucket must be available before generating the report (you can create a new one or use an existing one), and it must have an appropriate bucket policy. For a sample S3 policy, see <i>Sample Amazon S3 policy</i> under .</p> </li> <li> <p>Trusted access must be enabled for the service for which the declarative policy will enforce a baseline configuration. If you use the Amazon Web Services Organizations console, this is done automatically when you enable declarative policies. The API uses the following service principal to identify the EC2 service: <code>ec2.amazonaws.com</code>. For more information on how to enable trusted access with the Amazon Web Services CLI and Amazon Web Services SDKs, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html\">Using Organizations with other Amazon Web Services services</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p> </li> <li> <p>Only one report per organization can be generated at a time. Attempting to generate a report while another is in progress will result in an error.</p> </li> </ul> <p>For more information, including the required IAM permissions to run this API, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative_status-report.html\">Generating the account status report for declarative policies</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p>"
+      "documentation":"<p>Generates an account status report. The report is generated asynchronously, and can take several hours to complete.</p> <p>The report provides the current status of all attributes supported by declarative policies for the accounts within the specified scope. The scope is determined by the specified <code>TargetId</code>, which can represent an individual account, or all the accounts that fall under the specified organizational unit (OU) or root (the entire Amazon Web Services Organization).</p> <p>The report is saved to your specified S3 bucket, using the following path structure (with the <i>italicized placeholders</i> representing your specific values):</p> <p> <code>s3://<i>amzn-s3-demo-bucket</i>/<i>your-optional-s3-prefix</i>/ec2_<i>targetId</i>_<i>reportId</i>_<i>yyyyMMdd</i>T<i>hhmm</i>Z.csv</code> </p> <p class=\"title\"> <b>Prerequisites for generating a report</b> </p> <ul> <li> <p>The <code>StartDeclarativePoliciesReport</code> API can only be called by the management account or delegated administrators for the organization.</p> </li> <li> <p>An S3 bucket must be available before generating the report (you can create a new one or use an existing one), it must be in the same Region where the report generation request is made, and it must have an appropriate bucket policy. For a sample S3 policy, see <i>Sample Amazon S3 policy</i> under .</p> </li> <li> <p>Trusted access must be enabled for the service for which the declarative policy will enforce a baseline configuration. If you use the Amazon Web Services Organizations console, this is done automatically when you enable declarative policies. The API uses the following service principal to identify the EC2 service: <code>ec2.amazonaws.com</code>. For more information on how to enable trusted access with the Amazon Web Services CLI and Amazon Web Services SDKs, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html\">Using Organizations with other Amazon Web Services services</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p> </li> <li> <p>Only one report per organization can be generated at a time. Attempting to generate a report while another is in progress will result in an error.</p> </li> </ul> <p>For more information, including the required IAM permissions to run this API, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative_status-report.html\">Generating the account status report for declarative policies</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p>"
     },
     "StartInstances":{
       "name":"StartInstances",
@@ -19144,6 +19145,21 @@
         }
       }
     },
+    "DeleteSecurityGroupResult":{
+      "type":"structure",
+      "members":{
+        "Return":{
+          "shape":"Boolean",
+          "documentation":"<p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>",
+          "locationName":"return"
+        },
+        "GroupId":{
+          "shape":"SecurityGroupId",
+          "documentation":"<p>The ID of the deleted security group.</p>",
+          "locationName":"groupId"
+        }
+      }
+    },
     "DeleteSnapshotRequest":{
       "type":"structure",
       "required":["SnapshotId"],
@@ -31409,7 +31425,7 @@
           "locationName":"Value"
         }
       },
-      "documentation":"<p>A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.</p> <p>If you specify multiple filters, the filters are joined with an <code>AND</code>, and the request returns only results that match all of the specified filters.</p>"
+      "documentation":"<p>A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.</p> <p>If you specify multiple filters, the filters are joined with an <code>AND</code>, and the request returns only results that match all of the specified filters.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI\">List and filter using the CLI and API</a> in the <i>Amazon EC2 User Guide</i>.</p>"
     },
     "FilterList":{
       "type":"list",
@@ -58278,7 +58294,7 @@
         },
         "S3Bucket":{
           "shape":"String",
-          "documentation":"<p>The name of the S3 bucket where the report will be saved.</p>"
+          "documentation":"<p>The name of the S3 bucket where the report will be saved. The bucket must be in the same Region where the report generation request is made.</p>"
         },
         "S3Prefix":{
           "shape":"String",