docs(client-acm-pca): Private Certificate Authority (PCA) documentati…

…on updates

clients/client-acm-pca/src/models/models_0.ts

@@ -724,26 +724,38 @@ export interface CrlConfiguration {
   CrlDistributionPointExtensionConfiguration?: CrlDistributionPointExtensionConfiguration | undefined;
 
   /**
-   * <p>Choose whether to use a partitioned or complete CRL. Your choice determines the maximum number of certificates that the certificate authority can issue and revoke, as described in the <a href="https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca-connector-ad">Amazon Web Services Private CA quotas</a>.</p>
+   * <p>Specifies whether to create a complete or partitioned CRL. This setting determines the maximum
+   * 		number of certificates that the certificate authority can issue and revoke. For more information, see
+   * 		<a href="privateca/latest/userguide/pca.html#limits_pca">Amazon Web Services Private CA quotas</a>.</p>
    *          <ul>
    *             <li>
    *                <p>
-   *                   <code>PARTITIONED</code> - The default setting. Partitioned CRLs are an especially good option for devices that have limited processing power or storage capacity, such as certain IoT devices. Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue. Each certificate that Amazon Web Services Private CA issues is bound to a specific CRL partition through the CRL distribution point (CDP) defined in <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC 5280</a>.</p>
-   *                <important>
-   *                   <p>To make sure that your client fetches the CRL from a valid endpoint, we recommend that you programmatically validate that the CRL's issuing distribution point (IDP) URI matches the certificate's CDP URI. Amazon Web Services Private CA marks the IDP extension as critical, which your client must be able to process.</p>
-   *                </important>
+   *                   <code>COMPLETE</code> - The default setting. Amazon Web Services Private CA maintains a single CRL file for all unexpired
+   * 				certificates issued by a CA that have been revoked for any reason. Each certificate that Amazon Web Services Private CA
+   * 			issues is bound to a specific CRL through its CRL distribution point (CDP) extension, defined in <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.9">
+   * 				RFC 5280</a>.</p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code>COMPLETE</code> - Amazon Web Services Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason.</p>
+   *                   <code>PARTITIONED</code> - Compared to complete CRLs, partitioned CRLs
+   * 			dramatically increase the number of certificates your private CA can issue. </p>
+   *                <important>
+   *                   <p> When using partitioned CRLs, you must validate that the CRL's associated
+   * 						issuing distribution point (IDP) URI matches the certificate's CDP URI to ensure
+   * 						the right CRL has been fetched. Amazon Web Services Private CA marks the IDP extension as critical,
+   * 						which your client must be able to process.
+   * 					</p>
+   *                </important>
    *             </li>
    *          </ul>
    * @public
    */
   CrlType?: CrlType | undefined;
 
   /**
-   * <p>Designates a custom file path in S3 for CRL(s). For example, <code>http://&lt;CustomName&gt;/&lt;CustomPath&gt;/&lt;CrlPartition_GUID&gt;.crl</code>. You can change the custom path up to five times.</p>
+   * <p>Designates a custom file path in S3 for CRL(s). For example, <code>http://&lt;CustomName&gt;/
+   * 			&lt;CustomPath&gt;/&lt;CrlPartition_GUID&gt;.crl</code>.
+   * 		</p>
    * @public
    */
   CustomPath?: string | undefined;

codegen/sdk-codegen/aws-models/acm-pca.json

@@ -2008,13 +2008,13 @@
         "CrlType": {
           "target": "com.amazonaws.acmpca#CrlType",
           "traits": {
-            "smithy.api#documentation": "<p>Choose whether to use a partitioned or complete CRL. Your choice determines the maximum number of certificates that the certificate authority can issue and revoke, as described in the <a href=\"https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca-connector-ad\">Amazon Web Services Private CA quotas</a>.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>PARTITIONED</code> - The default setting. Partitioned CRLs are an especially good option for devices that have limited processing power or storage capacity, such as certain IoT devices. Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue. Each certificate that Amazon Web Services Private CA issues is bound to a specific CRL partition through the CRL distribution point (CDP) defined in <a href=\"https://datatracker.ietf.org/doc/html/rfc5280\">RFC 5280</a>.</p>\n               <important>\n                  <p>To make sure that your client fetches the CRL from a valid endpoint, we recommend that you programmatically validate that the CRL's issuing distribution point (IDP) URI matches the certificate's CDP URI. Amazon Web Services Private CA marks the IDP extension as critical, which your client must be able to process.</p>\n               </important>\n            </li>\n            <li>\n               <p>\n                  <code>COMPLETE</code> - Amazon Web Services Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason.</p>\n            </li>\n         </ul>"
+            "smithy.api#documentation": "<p>Specifies whether to create a complete or partitioned CRL. This setting determines the maximum \n\t\tnumber of certificates that the certificate authority can issue and revoke. For more information, see\n\t\t<a href=\"privateca/latest/userguide/pca.html#limits_pca\">Amazon Web Services Private CA quotas</a>.</p>\n         <ul>\n            <li>\n               <p>\n                  <code>COMPLETE</code> - The default setting. Amazon Web Services Private CA maintains a single CRL file for all unexpired \n\t\t\t\tcertificates issued by a CA that have been revoked for any reason. Each certificate that Amazon Web Services Private CA\n\t\t\tissues is bound to a specific CRL through its CRL distribution point (CDP) extension, defined in <a href=\"https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.9\">\n\t\t\t\tRFC 5280</a>.</p>\n            </li>\n            <li>\n               <p>\n                  <code>PARTITIONED</code> - Compared to complete CRLs, partitioned CRLs\n\t\t\tdramatically increase the number of certificates your private CA can issue. </p>\n               <important>\n                  <p> When using partitioned CRLs, you must validate that the CRL's associated\n\t\t\t\t\t\tissuing distribution point (IDP) URI matches the certificate's CDP URI to ensure\n\t\t\t\t\t\tthe right CRL has been fetched. Amazon Web Services Private CA marks the IDP extension as critical, \n\t\t\t\t\t\twhich your client must be able to process.\n\t\t\t\t\t</p>\n               </important>\n            </li>\n         </ul>"
           }
         },
         "CustomPath": {
           "target": "com.amazonaws.acmpca#CrlPathString",
           "traits": {
-            "smithy.api#documentation": "<p>Designates a custom file path in S3 for CRL(s). For example, <code>http://&lt;CustomName&gt;/&lt;CustomPath&gt;/&lt;CrlPartition_GUID&gt;.crl</code>. You can change the custom path up to five times.</p>"
+            "smithy.api#documentation": "<p>Designates a custom file path in S3 for CRL(s). For example, <code>http://&lt;CustomName&gt;/\n\t\t\t&lt;CustomPath&gt;/&lt;CrlPartition_GUID&gt;.crl</code>. \n\t\t</p>"
           }
         }
       },