Merge main into next release (#7039)

* Minor edits to Vite + React quickstart (#6926)

* Updates to Vite + React quickstart

* Update src/fragments/gen2/quickstart/build-a-backend.mdx

Co-authored-by: Kevin Old <kevold@amazon.com>

* Update build-a-backend.mdx

* Update build-a-backend.mdx

* Update build-a-backend.mdx

---------

Co-authored-by: Kevin Old <kevold@amazon.com>

* fix: Fix incorrect auth import path in migration guide. (#6934)

* fix: Update incorrect `updateMFAPreference` parameter in JS v6 migration guide. (#6935)

* Amplify Android Release 2.14.11 (#6933)

* chore: refactor .layout-header into separate component (#6826)

* platform typed as optional

* refactor init

* remove commented code

* remove angry useEffect

* fix typing

* added layoutcontext so mobile menu closes on navigation

* move import

---------

Co-authored-by: katiegoines <katiegoines@gmail.com>

* fix: Nesting of auth cli templates (#6932)

* fix: change config variable name (#6923)

* Guide to support Amplify v2 with AWS Android SDK (#6927)

* Update puppeteer (#6949)

* Update index.mdx (#6950)

* Update CODEOWNERS with correct PM alignment (#6951)

* fix(flutter, js): scope "connect existing cdk" guide to respective platform (#6947)

Co-authored-by: Tim Nguyen <54393192+timngyn@users.noreply.github.com>

* Revert "fix(flutter, js): scope "connect existing cdk" guide to respective pl…" (#6955)

This reverts commit 5998b22.

* chore: remove duplicated logic between Layout and LayoutHeader (#6954)

* chore: more layout refactoring

* remove unused prop, alphabetize props

* improve oauth docs (#6961)

* fixed gen 2 getting started guide (#6968)

* Update redirects for deleted hidden pages (#6944)

* Update manual installation to point to @beta tag (#6972)

* include usage for multi-page apps (#6964)

* include usage for multi-page apps

* improve multi-page app docs

* use Hub syntax

* update imports in examples

* chore: Clean up broken Amplify JS API reference links (#6976)

* chore: Clean up broken Amplify JS API reference links.

* Cleaned up language.

* Update build image instructions for Gen 2 (#6978)

* update build image settings for Gen 2

* remove callout and add fragment to vite guide

* chore: add unit test for YoutubeEmbed component (#6983)

* chore: add unit test for YoutubeEmbed component

* add code coverage stats

---------

Co-authored-by: katiegoines <katiegoines@gmail.com>

* chore: add unit tests for Accordion component (#6981)

* chore: add unit tests for Accordion component

* issue with window properties

* fixed tracking test

* working on animation issue

* accordion tests

* fix testing errors

* added test for closing accordion

* add code coverage stats

---------

Co-authored-by: katiegoines <katiegoines@gmail.com>

* Update index.mdx (#6986)

* Add env variables for algolia (#6957)

* Add algolia env vars to next.config

* Remove extra code string

* fix(data): update REST API docs to document correct error response type (#6989)

* fix(data): update React Native minimum iOS deployment target guidance; add build step to docs (#6970)

* fix(data): update React Native minimum iOS deployment target; add build step to docs

* address PR feedback

* remove deployment target guidance

* add React Native version deployment target callout

* fix unrecognized syntax

* replace callout with accordion

* move 'upgrading' callout

* Clarify behavior of forgetDevice() API regarding device tracking (#6985)

* Clarify behavior of forgetDevice() API regarding device tracking

This commit updates the documentation to clarify that using the forgetDevice() API results in the device being neither remembered nor tracked. Previously, the documentation suggested that forgotten devices might still be tracked, leading to confusion about the API's behavior. The revised wording aligns with the detailed description under the "Forgotten" section, ensuring consistency and eliminating ambiguity about how forgotten devices are handled.

* Clarify behavior of forgetDevice() API regarding device tracking

* Support for enum value listing (#6885)

* Support for enum value listing

* Update src/pages/gen2/build-a-backend/data/data-modeling/add-fields/index.mdx

* CDK updates v2 (#6990)

* Add padding to bottom of nav menu (#6991)

* Adding secondary index to Gen 2 (#6996)

* Adding secondary index docs

* fixed some formatting for custom query fields

* extend config to show addOuput (#6963)

* extend config

* modify wording

* modify example

* improve wording

* Update index.mdx (#6995)

* Update index.mdx

* add guest access support to docs

* chore: add unit tests for NextPrevious component (#7003)

Co-authored-by: katiegoines <katiegoines@gmail.com>

* chore: add unit tests for LinkCards and LinkCard components (#7006)

Co-authored-by: katiegoines <katiegoines@gmail.com>

* chore: add unit tests for GetStartedPopover component (#7005)

Co-authored-by: katiegoines <katiegoines@gmail.com>

* fix: [Storage] Configure Access (#6948)

Co-authored-by: Tim Nguyen <54393192+timngyn@users.noreply.github.com>

* fix(Swift): update data use policy info's tracking to false (#6938)

* fix(Swift): update data use policy info's tracking to false

* Update data-information.mdx

* chore: add callouts and troubleshooting guide for configuration (#6967)

* fix: resolve in-content broken links (#7011)

* re-platforming

* remove reference to mocking and testing for android & swift

* remove reference to mocking and testing for android & swift

* filtered out reference to optimistic ui for react native

---------

Co-authored-by: katiegoines <katiegoines@gmail.com>

* update gen2 storage and function docs (#7009)

* update gen2 storage and function docs

* add resource access links and example

* revisions, update code snippet titles

* Update CODEOWNERS (#7014)

* updated steps for extending components in code (#6827)

Co-authored-by: Aditya Shahani <theadi@amazon.com>

* Custom business logic support as of March @beta (#7019)

* Enhanced custom business logic DX

* addressed tim's comments

* Added custom subscription configuration worfklow

* removed in-development areas

* added titles

* added links for deep dive material

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: josef <josef.aidt@gmail.com>

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: josef <josef.aidt@gmail.com>

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: Kethan sai <ykethan@amazon.com>

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: Kethan sai <ykethan@amazon.com>

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: josef <josef.aidt@gmail.com>

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

* added client method for clarity.

* Update src/pages/gen2/build-a-backend/data/custom-business-logic/index.mdx

Co-authored-by: Kethan sai <ykethan@amazon.com>

* Apply suggestions from code review

Co-authored-by: josef <josef.aidt@gmail.com>

---------

Co-authored-by: josef <josef.aidt@gmail.com>
Co-authored-by: Kethan sai <ykethan@amazon.com>

* add storage trigger docs (#7020)

* storage trigger docs

* Apply suggestions from code review

Co-authored-by: josef <josef.aidt@gmail.com>

* add storage access actions

---------

Co-authored-by: josef <josef.aidt@gmail.com>

* update link checker to wait for each call to complete before making t… (#6993)

* update link checker to wait for each call to complete before making the next and remove # from urls being checked

* update logging to show how many links found on each page

* Update tasks/link-checker.js

---------

Co-authored-by: Jacob Logan <lognjc@amazon.com>
Co-authored-by: katiegoines <katiegoines@gmail.com>
Co-authored-by: Scott Rees <6165315+reesscot@users.noreply.github.com>

* custom examples (#6979)

* custom examples

* fix: broken link, missing / at start (#7026)

Co-authored-by: katiegoines <katiegoines@gmail.com>

* validate and fix code snippets in Data section (#6975)

* Update sandbox --dir-to-watch description (#7031)

* Update index.mdx (#7035)

* Fix link (#7028)

* add docs to auth resource access pattern (#7032)

---------

Co-authored-by: Jim Eagan <84857865+hibler13@users.noreply.github.com>
Co-authored-by: Kevin Old <kevold@amazon.com>
Co-authored-by: Jim Blanchard <jim.l.blanchard@gmail.com>
Co-authored-by: Ankit Shah <22114629+ankpshah@users.noreply.github.com>
Co-authored-by: Katie Goines <30757403+katiegoines@users.noreply.github.com>
Co-authored-by: katiegoines <katiegoines@gmail.com>
Co-authored-by: Dan Kiuna <dankiuna@gmail.com>
Co-authored-by: Kihara, Takuya <gray@tacck.net>
Co-authored-by: Tyler Roach <tjroach@amazon.com>
Co-authored-by: Rene Brandel <4989523+renebrandel@users.noreply.github.com>
Co-authored-by: Elijah Quartey <Equartey@users.noreply.github.com>
Co-authored-by: Heather Buchel <hbuchel@gmail.com>
Co-authored-by: John Corser <johnpc@umich.edu>
Co-authored-by: Heather Pundt <119376175+heatheramz@users.noreply.github.com>
Co-authored-by: Nikhil Swaminathan <2429410+swaminator@users.noreply.github.com>
Co-authored-by: Jay Raval <jay.ambrish.raval@gmail.com>
Co-authored-by: David McAfee <mcafd@amazon.com>
Co-authored-by: Kethan sai <ykethan@amazon.com>
Co-authored-by: Michael Law <1365977+lawmicha@users.noreply.github.com>
Co-authored-by: erinleigh90 <106691284+erinleigh90@users.noreply.github.com>
Co-authored-by: Edward Foyle <foyleef@amazon.com>
Co-authored-by: Adi <34354177+the1adi@users.noreply.github.com>
Co-authored-by: Aditya Shahani <theadi@amazon.com>
Co-authored-by: josef <josef.aidt@gmail.com>
Co-authored-by: jacoblogan <jacob.maiola.logan@gmail.com>
Co-authored-by: Jacob Logan <lognjc@amazon.com>
Co-authored-by: Scott Rees <6165315+reesscot@users.noreply.github.com>
Co-authored-by: Chris Bonifacio <christopher.bonifacio@gmail.com>
Co-authored-by: Roshane Pascual <rtpascual@users.noreply.github.com>
Co-authored-by: Charles Shin <shin.charles11@gmail.com>

src/directory/directory.mjs

@@ -85,6 +85,9 @@ export const directory = {
                 {
                   path: 'src/pages/[platform]/build-a-backend/auth/admin-actions/index.mdx'
                 },
+                {
+                  path: 'src/pages/[platform]/build-a-backend/auth/grant-access-to-auth-resources/index.mdx'
+                },
                 {
                   path: 'src/pages/[platform]/build-a-backend/auth/override-cognito/index.mdx'
                 }

src/fragments/lib/troubleshooting/common/upgrading.mdx

@@ -1,4 +1,4 @@
-This migration guide will help you upgrade your Amplify JavaScript project from v5 to v6. In order to provide you with a cleaner experience, better typings, improved support for NextJS, and improved [tree-shaking](https://developer.mozilla.org/en-US/docs/Glossary/Tree_shaking) leading to [a much smaller bundle-size](https://aws.amazon.com/blogs/mobile/building-fast-next-js-apps-using-typescript-and-aws-amplify-javascript-v6), we made the following changes for v6:
+This migration guide will help you upgrade your Amplify JavaScript project from v5 to v6. In order to provide you with a cleaner experience, better typings, improved support for NextJS, and improved [tree-shaking](https://developer.mozilla.org/en-US/docs/Glossary/Tree_shaking) leading to [a much smaller bundle-size](https://aws.amazon.com/blogs/mobile/amplify-javascript-v6/), we made the following changes for v6:
 
 1. We have transitioned to an approach where you only import the features you need from each of our categories.
 2. Most API’s now use named params instead of positional params, allowing for cleaner and more consistent typing.

src/pages/[platform]/build-a-backend/auth/admin-actions/index.mdx

@@ -26,7 +26,6 @@ export function getStaticProps(context) {
       meta
     }
   };
-
 }
 
 We do not yet have out-of-the-box support for Admin queries in Amplify (Gen 2). You will have to a create a new [AWS Lambda](https://aws.amazon.com/lambda/) resource, and provide it with the necessary permissions to access the [Amazon Cognito Admin Actions](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_Operations.html) behind the scenes.

src/pages/[platform]/build-a-backend/auth/grant-access-to-auth-resources/index.mdx

@@ -0,0 +1,106 @@
+import { getCustomStaticPath } from '@/utils/getCustomStaticPath';
+
+export const meta = {
+  title: 'Grant access to auth resources',
+  description: 'Learn how to grant a resource access to auth resources',
+  platforms: [
+    'android',
+    'angular',
+    'flutter',
+    'javascript',
+    'nextjs',
+    'react',
+    'react-native',
+    'swift',
+    'vue'
+  ]
+};
+
+export const getStaticPaths = async () => {
+  return getCustomStaticPath(meta.platforms);
+};
+
+export function getStaticProps(context) {
+  return {
+    props: {
+      meta
+    }
+  };
+}
+
+<Callout warning>
+
+**Under active development:** The Authentication experience for Amplify (Gen 2) is under active development. The experience may change between versions of `@aws-amplify/backend`. Try it out and provide feedback at https://github.com/aws-amplify/amplify-backend/issues/new/choose
+
+</Callout>
+
+### Grant function access
+
+You can grant your backend function access to authentication resources, which will enable the function to perform administrative operations such as creating users, handling user password recovery, or adding users to groups.
+
+```ts title="amplify/function/my-demo-function/resource.ts"
+import { defineFunction } from '@aws-amplify/backend';
+
+export const demoFunction = defineFunction({});
+```
+
+```ts title="amplify/auth/resource.ts"
+import { defineAuth, defineFunction } from '@aws-amplify/backend';
+import { demoFunction } from '../function/my-demo-function/resource';
+
+export const auth = defineAuth({
+  name: 'myProjectFiles',
+  loginWith: { email: true },
+  access: (allow) => ([
+    allow.resource(demoFunction).to(['manageUsers']),
+  ])
+});
+```
+
+This will grant `demoFunction` the ability to perform CRUD operations on users in the Cognito UserPool created as part of `defineAuth`. See below for the detailed list of permissions.
+
+When a backend function is granted access to authentication resources, it also receives an environment variable that contains the UserPool ID. This environment variable can be used in the function to make SDK calls to the UserPool. The environment variable is named `amplifyAuth_USERPOOL_ID`
+
+```ts title="amplify/functions/my-demo-function/handler.ts"
+import { CognitoIdentityProviderClient, ListUsersCommand } from '@aws-sdk/client-cognito-identity-provider';
+import { env } from '@env/my-demo-function';
+
+const cognitoIdentityProviderClient = new CognitoIdentityProviderClient();
+
+export const handler = async(event) => {
+  await cognitoIdentityProviderClient.send(
+    new ListUsersCommand({
+      UserPoolId: env.amplifyAuth_USERPOOL_ID,
+      Limit: 100
+    })
+  )
+}
+```
+[Learn more about function resource access environment variables](../../functions/#resource-access)
+
+### List of actions
+
+|Action Name|Description|Cognito IAM Actions|
+|-|-|-|
+|manageUsers | Grants CRUD access to users in the UserPool | <ul><li>cognito-idp:AdminConfirmSignUp</li><li>cognito-idp:AdminCreateUser</li><li>cognito-idp:AdminDeleteUser</li><li>cognito-idp:AdminDeleteUserAttributes</li><li>cognito-idp:AdminDisableUser</li><li>cognito-idp:AdminEnableUser</li><li>cognito-idp:AdminGetUser</li><li>cognito-idp:AdminListGroupsForUser</li><li>cognito-idp:AdminRespondToAuthChallenge</li><li>cognito-idp:AdminSetUserMFAPreference</li><li>cognito-idp:AdminSetUserSettings</li><li>cognito-idp:AdminUpdateUserAttributes</li><li>cognito-idp:AdminUserGlobalSignOut</li></ul>|
+|manageGroupMembership | Grants permission to add and remove users from groups | <ul><li>cognito-idp:AdminAddUserToGroup</li><li>cognito-idp:AdminRemoveUserFromGroup</li></ul>|
+|manageUserDevices | Manages devices registered to users| <ul><li>cognito-idp:AdminForgetDevice</li><li>cognito-idp:AdminGetDevice</li><li>cognito-idp:AdminListDevices</li><li>cognito-idp:AdminUpdateDeviceStatus</li></ul>|
+|managePasswordRecovery | Grants permission to reset user passwords | <ul><li>cognito-idp:AdminResetUserPassword</li><li>cognito-idp:AdminSetUserPassword</li></ul>| 
+|addUserToGroup | Grants permission to add any user to any group. | <ul><li>cognito-idp:AdminAddUserToGroup</li></ul>
+|createUser | Grants permission to create new users and send welcome messages via email or SMS. | <ul><li>cognito-idp:AdminCreateUser</li></ul>
+|deleteUser | Grants permission to delete any user | <ul><li>cognito-idp:AdminDeleteUser</li></ul>
+|deleteUserAttributes | Grants permission to delete attributes from any user | <ul><li>cognito-idp:AdminDeleteUserAttributes</li></ul>
+|disableUser | Grants permission to deactivate any user | <ul><li>cognito-idp:AdminDisableUser</li></ul>
+|enableUser | Grants permission to activate any user | <ul><li>cognito-idp:AdminEnableUser</li></ul>
+|forgetDevice | Grants permission to deregister any user's devices | <ul><li>cognito-idp:AdminForgetDevice</li></ul>
+|getDevice | Grants permission to get information about any user's devices | <ul><li>cognito-idp:AdminGetDevice</li></ul>
+|getUser | Grants permission to look up any user by user name | <ul><li>cognito-idp:AdminGetUser</li></ul>
+|listDevices | Grants permission to list any user's remembered devices | <ul><li>cognito-idp:AdminListDevices</li></ul>
+|listGroupsForUser | Grants permission to list the groups that any user belongs to | <ul><li>cognito-idp:AdminListGroupsForUser</li></ul>
+|removeUserFromGroup | Grants permission to remove any user from any group | <ul><li>cognito-idp:AdminRemoveUserFromGroup</li></ul>
+|resetUserPassword | Grants permission to reset any user's password | <ul><li>cognito-idp:AdminResetUserPassword</li></ul>
+|setUserMfaPreference | Grants permission to set any user's preferred MFA method | <ul><li>cognito-idp:AdminSetUserMFAPreference</li></ul>
+|setUserPassword | Grants permission to set any user's password | <ul><li>cognito-idp:AdminSetUserPassword</li></ul>
+|setUserSettings | Grants permission to set user settings for any user | <ul><li>cognito-idp:AdminSetUserSettings</li></ul>
+|updateDeviceStatus | Grants permission to update the status of any user's remembered devices | <ul><li>cognito-idp:AdminUpdateDeviceStatus</li></ul>
+|updateUserAttributes | Grants permission to updates any user's standard or custom attributes | <ul><li>cognito-idp:AdminUpdateUserAttributes</li></ul>

src/pages/[platform]/reference/cli-commands/index.mdx

@@ -49,7 +49,7 @@ Sandbox enables you to develop your backend alongside your frontend's developmen
 
 <SubCommandHeading parentCommand="amplify-sandbox">Options</SubCommandHeading>
 
-- `--dir-to-watch` (_string_) - Directory to watch for file changes. All subdirectories and files will be included.
+- `--dir-to-watch` (_string_) - Directory to watch for file changes. All subdirectories and files will be included. Defaults to the amplify directory.
 - `--exclude` (_string[]_) - An array of paths or glob patterns to ignore. Paths can be relative or absolute and can either be files or directories.
 - `--name` (_string_) - An optional name to distinguish between different sandbox environments. Default is the name in your package.json.
 - `--config-out-dir` (_string_) - A path to a directory where the client config file is written. If not provided, defaults to the working directory of the current process.

src/pages/gen1/[platform]/start/getting-started/auth/index.mdx

@@ -668,8 +668,8 @@ import {
 } from '@aws-amplify/ui-react-native';
 
 import { Amplify } from 'aws-amplify';
-import amplifyconfig from './src/amplifyconfiguration.json';
-Amplify.configure(awsExports);
+import config from './src/amplifyconfiguration.json';
+Amplify.configure(config);
 
 // retrieves only the current value of 'user' from 'useAuthenticator'
 const userSelector = (context) => [context.user];