diff --git a/CHANGELOG.md b/CHANGELOG.md index b5888ccd05..5182638224 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +Release v1.44.170 (2022-12-29) +=== + +### Service Client Updates +* `service/apigateway`: Updates service documentation + * Documentation updates for Amazon API Gateway +* `service/elasticmapreduce`: Updates service API and documentation + * Added GetClusterSessionCredentials API to allow Amazon SageMaker Studio to connect to EMR on EC2 clusters with runtime roles and AWS Lake Formation-based access control for Apache Spark, Apache Hive, and Presto queries. +* `service/secretsmanager`: Updates service API and documentation + * Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets. +* `service/wisdom`: Updates service API and documentation + Release v1.44.169 (2022-12-28) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 09f3d168c6..3b23804219 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -33211,6 +33211,13 @@ var awsusgovPartition = partition{ }, }, }, + "pi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + }, + }, "pinpoint": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ diff --git a/aws/version.go b/aws/version.go index 1873cec220..b083f1b91d 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.169" +const SDKVersion = "1.44.170" diff --git a/models/apis/apigateway/2015-07-09/docs-2.json b/models/apis/apigateway/2015-07-09/docs-2.json index af652c04bb..d39c67a29c 100644 --- a/models/apis/apigateway/2015-07-09/docs-2.json +++ b/models/apis/apigateway/2015-07-09/docs-2.json @@ -253,9 +253,9 @@ "CacheClusterSize": { "base": "

Returns the size of the CacheCluster.

", "refs": { - "CreateDeploymentRequest$cacheClusterSize": "

Specifies the cache cluster size for the Stage resource specified in the input, if a cache cluster is enabled.

", - "CreateStageRequest$cacheClusterSize": "

The stage's cache cluster size.

", - "Stage$cacheClusterSize": "

The size of the cache cluster for the stage, if enabled.

" + "CreateDeploymentRequest$cacheClusterSize": "

The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.

", + "CreateStageRequest$cacheClusterSize": "

The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.

", + "Stage$cacheClusterSize": "

The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.

" } }, "CacheClusterStatus": { diff --git a/models/apis/apigateway/2015-07-09/endpoint-rule-set-1.json b/models/apis/apigateway/2015-07-09/endpoint-rule-set-1.json new file mode 100644 index 0000000000..825415021b --- /dev/null +++ b/models/apis/apigateway/2015-07-09/endpoint-rule-set-1.json @@ -0,0 +1,306 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": true, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://apigateway-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://apigateway-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://apigateway.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://apigateway.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/apigateway/2015-07-09/endpoint-tests-1.json b/models/apis/apigateway/2015-07-09/endpoint-tests-1.json new file mode 100644 index 0000000000..0256617c6b --- /dev/null +++ b/models/apis/apigateway/2015-07-09/endpoint-tests-1.json @@ -0,0 +1,1751 @@ +{ + "testCases": [ + { + "documentation": "For region ap-south-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-south-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-south-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-south-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-south-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-gov-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.me-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.me-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.me-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.me-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-central-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-central-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-central-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-central-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.af-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "af-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.af-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "af-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.af-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "af-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.af-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "af-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-4.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-4", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-4", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-4.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-4", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-4", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.cn-northwest-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-northwest-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.cn-northwest-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-northwest-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://apigateway.cn-northwest-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-northwest-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.cn-northwest-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-northwest-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseFIPS": true, + "Region": "us-isob-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-isob-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseFIPS": false, + "Region": "us-isob-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://apigateway.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-isob-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true, + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/elasticmapreduce/2009-03-31/api-2.json b/models/apis/elasticmapreduce/2009-03-31/api-2.json index 130f3aa27a..691daec92a 100644 --- a/models/apis/elasticmapreduce/2009-03-31/api-2.json +++ b/models/apis/elasticmapreduce/2009-03-31/api-2.json @@ -264,6 +264,19 @@ {"shape":"InvalidRequestException"} ] }, + "GetClusterSessionCredentials":{ + "name":"GetClusterSessionCredentials", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetClusterSessionCredentialsInput"}, + "output":{"shape":"GetClusterSessionCredentialsOutput"}, + "errors":[ + {"shape":"InternalServerError"}, + {"shape":"InvalidRequestException"} + ] + }, "GetManagedScalingPolicy":{ "name":"GetManagedScalingPolicy", "http":{ @@ -1148,6 +1161,13 @@ "SessionPolicyArn":{"shape":"XmlStringMaxLen256"} } }, + "Credentials":{ + "type":"structure", + "members":{ + "UsernamePassword":{"shape":"UsernamePassword"} + }, + "union":true + }, "Date":{"type":"timestamp"}, "DeleteSecurityConfigurationInput":{ "type":"structure", @@ -1405,6 +1425,24 @@ "BlockPublicAccessConfigurationMetadata":{"shape":"BlockPublicAccessConfigurationMetadata"} } }, + "GetClusterSessionCredentialsInput":{ + "type":"structure", + "required":[ + "ClusterId", + "ExecutionRoleArn" + ], + "members":{ + "ClusterId":{"shape":"XmlStringMaxLen256"}, + "ExecutionRoleArn":{"shape":"ArnType"} + } + }, + "GetClusterSessionCredentialsOutput":{ + "type":"structure", + "members":{ + "Credentials":{"shape":"Credentials"}, + "ExpiresAt":{"shape":"Date"} + } + }, "GetManagedScalingPolicyInput":{ "type":"structure", "required":["ClusterId"], @@ -3083,6 +3121,14 @@ "SessionPolicyArn":{"shape":"XmlStringMaxLen256"} } }, + "UsernamePassword":{ + "type":"structure", + "members":{ + "Username":{"shape":"XmlStringMaxLen256"}, + "Password":{"shape":"XmlStringMaxLen256"} + }, + "sensitive":true + }, "VolumeSpecification":{ "type":"structure", "required":[ diff --git a/models/apis/elasticmapreduce/2009-03-31/docs-2.json b/models/apis/elasticmapreduce/2009-03-31/docs-2.json index d78e48fc8d..35387a04c5 100644 --- a/models/apis/elasticmapreduce/2009-03-31/docs-2.json +++ b/models/apis/elasticmapreduce/2009-03-31/docs-2.json @@ -4,12 +4,12 @@ "operations": { "AddInstanceFleet": "

Adds an instance fleet to a running cluster.

The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x.

", "AddInstanceGroups": "

Adds one or more instance groups to a running cluster.

", - "AddJobFlowSteps": "

AddJobFlowSteps adds new steps to a running cluster. A maximum of 256 steps are allowed in each job flow.

If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using SSH to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop. For more information on how to do this, see Add More than 256 Steps to a Cluster in the Amazon EMR Management Guide.

A step specifies the location of a JAR file stored either on the master node of the cluster or in Amazon S3. Each step is performed by the main function of the main class of the JAR file. The main class can be specified either in the manifest of the JAR or by using the MainFunction parameter of the step.

Amazon EMR executes each step in the order listed. For a step to be considered complete, the main function must exit with a zero exit code and all Hadoop jobs started while the step was running must have completed and run successfully.

You can only add steps to a cluster that is in one of the following states: STARTING, BOOTSTRAPPING, RUNNING, or WAITING.

The string values passed into HadoopJarStep object cannot exceed a total of 10240 characters.

", + "AddJobFlowSteps": "

AddJobFlowSteps adds new steps to a running cluster. A maximum of 256 steps are allowed in each job flow.

If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using SSH to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.

A step specifies the location of a JAR file stored either on the master node of the cluster or in Amazon S3. Each step is performed by the main function of the main class of the JAR file. The main class can be specified either in the manifest of the JAR or by using the MainFunction parameter of the step.

Amazon EMR executes each step in the order listed. For a step to be considered complete, the main function must exit with a zero exit code and all Hadoop jobs started while the step was running must have completed and run successfully.

You can only add steps to a cluster that is in one of the following states: STARTING, BOOTSTRAPPING, RUNNING, or WAITING.

The string values passed into HadoopJarStep object cannot exceed a total of 10240 characters.

", "AddTags": "

Adds tags to an Amazon EMR resource, such as a cluster or an Amazon EMR Studio. Tags make it easier to associate resources in various ways, such as grouping clusters to track your Amazon EMR resource allocation costs. For more information, see Tag Clusters.

", "CancelSteps": "

Cancels a pending step or steps in a running cluster. Available only in Amazon EMR versions 4.8.0 and later, excluding version 5.0.0. A maximum of 256 steps are allowed in each CancelSteps request. CancelSteps is idempotent but asynchronous; it does not guarantee that a step will be canceled, even if the request is successfully submitted. When you use Amazon EMR versions 5.28.0 and later, you can cancel steps that are in a PENDING or RUNNING state. In earlier versions of Amazon EMR, you can only cancel steps that are in a PENDING state.

", "CreateSecurityConfiguration": "

Creates a security configuration, which is stored in the service and can be specified when a cluster is created.

", "CreateStudio": "

Creates a new Amazon EMR Studio.

", - "CreateStudioSessionMapping": "

Maps a user or group to the Amazon EMR Studio specified by StudioId, and applies a session policy to refine Studio permissions for that user or group. Use CreateStudioSessionMapping to assign users to a Studio when you use Amazon Web Services SSO authentication. For instructions on how to assign users to a Studio when you use IAM authentication, see Assign a user or group to your EMR Studio.

", + "CreateStudioSessionMapping": "

Maps a user or group to the Amazon EMR Studio specified by StudioId, and applies a session policy to refine Studio permissions for that user or group. Use CreateStudioSessionMapping to assign users to a Studio when you use IAM Identity Center authentication. For instructions on how to assign users to a Studio when you use IAM authentication, see Assign a user or group to your EMR Studio.

", "DeleteSecurityConfiguration": "

Deletes a security configuration.

", "DeleteStudio": "

Removes an Amazon EMR Studio from the Studio metadata store.

", "DeleteStudioSessionMapping": "

Removes a user or group from an Amazon EMR Studio.

", @@ -22,6 +22,7 @@ "DescribeStudio": "

Returns details for the specified Amazon EMR Studio including ID, Name, VPC, Studio access URL, and so on.

", "GetAutoTerminationPolicy": "

Returns the auto-termination policy for an Amazon EMR cluster.

", "GetBlockPublicAccessConfiguration": "

Returns the Amazon EMR block public access configuration for your Amazon Web Services account in the current Region. For more information see Configure Block Public Access for Amazon EMR in the Amazon EMR Management Guide.

", + "GetClusterSessionCredentials": "

Provides Temporary, basic HTTP credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username-based and password-based authentication.

", "GetManagedScalingPolicy": "

Fetches the attached managed scaling policy for an Amazon EMR cluster.

", "GetStudioSessionMapping": "

Fetches mapping details for the specified Amazon EMR Studio and identity (user or group).

", "ListBootstrapActions": "

Provides information about the bootstrap actions associated with a cluster.

", @@ -46,7 +47,7 @@ "RemoveAutoTerminationPolicy": "

Removes an auto-termination policy from an Amazon EMR cluster.

", "RemoveManagedScalingPolicy": "

Removes a managed scaling policy from a specified EMR cluster.

", "RemoveTags": "

Removes tags from an Amazon EMR resource, such as a cluster or Amazon EMR Studio. Tags make it easier to associate resources in various ways, such as grouping clusters to track your Amazon EMR resource allocation costs. For more information, see Tag Clusters.

The following example removes the stack tag with value Prod from a cluster:

", - "RunJobFlow": "

RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps parameter is set to TRUE, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.

For additional protection, you can set the JobFlowInstancesConfig TerminationProtected parameter to TRUE to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.

A maximum of 256 steps are allowed in each job flow.

If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop. For more information on how to do this, see Add More than 256 Steps to a Cluster in the Amazon EMR Management Guide.

For long running clusters, we recommend that you periodically store your results.

The instance fleets configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.

", + "RunJobFlow": "

RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps parameter is set to TRUE, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.

For additional protection, you can set the JobFlowInstancesConfig TerminationProtected parameter to TRUE to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.

A maximum of 256 steps are allowed in each job flow.

If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.

For long-running clusters, we recommend that you periodically store your results.

The instance fleets configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.

", "SetTerminationProtection": "

SetTerminationProtection locks a cluster (job flow) so the EC2 instances in the cluster cannot be terminated by user intervention, an API call, or in the event of a job-flow error. The cluster still terminates upon successful completion of the job flow. Calling SetTerminationProtection on a cluster is similar to calling the Amazon EC2 DisableAPITermination API on all EC2 instances in a cluster.

SetTerminationProtection is used to prevent accidental termination of a cluster and to ensure that in the event of an error, the instances persist so that you can recover any data stored in their ephemeral instance storage.

To terminate a cluster that has been locked by setting SetTerminationProtection to true, you must first unlock the job flow by a subsequent call to SetTerminationProtection in which you set the value to false.

For more information, seeManaging Cluster Termination in the Amazon EMR Management Guide.

", "SetVisibleToAllUsers": "

The SetVisibleToAllUsers parameter is no longer supported. Your cluster may be visible to all users in your account. To restrict cluster access using an IAM policy, see Identity and Access Management for EMR.

Sets the Cluster$VisibleToAllUsers value for an EMR cluster. When true, IAM principals in the Amazon Web Services account can perform EMR cluster actions that their IAM policies allow. When false, only the IAM principal that created the cluster and the Amazon Web Services account root user can perform EMR actions on the cluster, regardless of IAM permissions policies attached to other IAM principals.

This action works on running clusters. When you create a cluster, use the RunJobFlowInput$VisibleToAllUsers parameter.

For more information, see Understanding the EMR Cluster VisibleToAllUsers Setting in the Amazon EMRManagement Guide.

", "StartNotebookExecution": "

Starts a notebook execution.

", @@ -132,6 +133,7 @@ "BlockPublicAccessConfigurationMetadata$CreatedByArn": "

The Amazon Resource Name that created or last modified the configuration.

", "Cluster$ClusterArn": "

The Amazon Resource Name of the cluster.

", "ClusterSummary$ClusterArn": "

The Amazon Resource Name of the cluster.

", + "GetClusterSessionCredentialsInput$ExecutionRoleArn": "

The Amazon Resource Name (ARN) of the runtime role for interactive workload submission on the cluster. The runtime role can be a cross-account IAM role. The runtime role ARN is a combination of account ID, role name, and role type using the following format: arn:partition:service:region:account:resource.

", "PutAutoScalingPolicyOutput$ClusterArn": "

The Amazon Resource Name (ARN) of the cluster.

", "RunJobFlowOutput$ClusterArn": "

The Amazon Resource Name (ARN) of the cluster.

" } @@ -139,9 +141,9 @@ "AuthMode": { "base": null, "refs": { - "CreateStudioInput$AuthMode": "

Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO.

", - "Studio$AuthMode": "

Specifies whether the Amazon EMR Studio authenticates users using IAM or Amazon Web Services SSO.

", - "StudioSummary$AuthMode": "

Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO.

" + "CreateStudioInput$AuthMode": "

Specifies whether the Studio authenticates users using IAM or IAM Identity Center.

", + "Studio$AuthMode": "

Specifies whether the Amazon EMR Studio authenticates users using IAM or IAM Identity Center.

", + "StudioSummary$AuthMode": "

Specifies whether the Studio authenticates users using IAM or IAM Identity Center.

" } }, "AutoScalingPolicy": { @@ -443,6 +445,12 @@ "refs": { } }, + "Credentials": { + "base": "

The credentials that you can use to connect to cluster endpoints. Credentials consist of a username and a password.

", + "refs": { + "GetClusterSessionCredentialsOutput$Credentials": "

The credentials that you can use to connect to cluster endpoints that support username-based and password-based authentication.

" + } + }, "Date": { "base": null, "refs": { @@ -454,6 +462,7 @@ "DescribeJobFlowsInput$CreatedAfter": "

Return only job flows created after this date and time.

", "DescribeJobFlowsInput$CreatedBefore": "

Return only job flows created before this date and time.

", "DescribeSecurityConfigurationOutput$CreationDateTime": "

The date and time the security configuration was created

", + "GetClusterSessionCredentialsOutput$ExpiresAt": "

The time when the credentials that are returned by the GetClusterSessionCredentials API expire.

", "InstanceFleetTimeline$CreationDateTime": "

The time and date the instance fleet was created.

", "InstanceFleetTimeline$ReadyDateTime": "

The time and date the instance fleet was ready to run jobs.

", "InstanceFleetTimeline$EndDateTime": "

The time and date the instance fleet terminated.

", @@ -698,6 +707,16 @@ "refs": { } }, + "GetClusterSessionCredentialsInput": { + "base": null, + "refs": { + } + }, + "GetClusterSessionCredentialsOutput": { + "base": null, + "refs": { + } + }, "GetManagedScalingPolicyInput": { "base": null, "refs": { @@ -1968,7 +1987,7 @@ "SubnetIdList$member": null, "Tag$Key": "

A user-defined key, which is the minimum required information for a valid tag. For more information, see Tag.

", "Tag$Value": "

A user-defined value, which is optional in a tag. For more information, see Tag Clusters.

", - "VolumeSpecification$VolumeType": "

The volume type. Volume types supported are gp2, io1, and standard.

" + "VolumeSpecification$VolumeType": "

The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.

" } }, "StringList": { @@ -2075,6 +2094,12 @@ "refs": { } }, + "UsernamePassword": { + "base": "

The username and password that you use to connect to cluster endpoints.

", + "refs": { + "Credentials$UsernamePassword": "

The username and password that you use to connect to cluster endpoints.

" + } + }, "VolumeSpecification": { "base": "

EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an EC2 instance in the cluster.

", "refs": { @@ -2107,7 +2132,7 @@ "CreateSecurityConfigurationInput$Name": "

The name of the security configuration.

", "CreateSecurityConfigurationOutput$Name": "

The name of the security configuration.

", "CreateStudioInput$ServiceRole": "

The IAM role that the Amazon EMR Studio assumes. The service role provides a way for Amazon EMR Studio to interoperate with other Amazon Web Services services.

", - "CreateStudioInput$UserRole": "

The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a UserRole when you use Amazon Web Services SSO authentication. The permissions attached to the UserRole can be scoped down for each user or group using session policies.

", + "CreateStudioInput$UserRole": "

The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a UserRole when you use IAM Identity Center authentication. The permissions attached to the UserRole can be scoped down for each user or group using session policies.

", "CreateStudioInput$DefaultS3Location": "

The Amazon S3 location to back up Amazon EMR Studio Workspaces and notebook files.

", "CreateStudioInput$IdpAuthUrl": "

The authentication endpoint of your identity provider (IdP). Specify this value when you use IAM authentication and want to let federated users log in to a Studio with the Studio URL and credentials from your IdP. Amazon EMR Studio redirects users to this endpoint to enter credentials.

", "CreateStudioOutput$Url": "

The unique Studio access URL.

", @@ -2135,7 +2160,7 @@ "RunJobFlowInput$LogEncryptionKmsKeyId": "

The KMS key used for encrypting log files. If a value is not provided, the logs remain encrypted by AES-256. This attribute is only available with Amazon EMR version 5.30.0 and later, excluding Amazon EMR 6.0.0.

", "RunJobFlowInput$AdditionalInfo": "

A JSON string for selecting additional features.

", "RunJobFlowInput$JobFlowRole": "

Also called instance profile and EC2 role. An IAM role for an EMR cluster. The EC2 instances of the cluster assume this role. The default role is EMR_EC2_DefaultRole. In order to use the default role, you must have already created it using the CLI or console.

", - "RunJobFlowInput$ServiceRole": "

The IAM role that Amazon EMR assumes in order to access Amazon Web Services resources on your behalf.

", + "RunJobFlowInput$ServiceRole": "

The IAM role that Amazon EMR assumes in order to access Amazon Web Services resources on your behalf. If you've created a custom service role path, you must specify it for the service role when you launch your cluster.

", "RunJobFlowInput$SecurityConfiguration": "

The name of a security configuration to apply to the cluster.

", "RunJobFlowInput$AutoScalingRole": "

An IAM role for automatic scaling policies. The default role is EMR_AutoScaling_DefaultRole. The IAM role provides permissions that the automatic scaling feature requires to launch and terminate EC2 instances in an instance group.

", "ScriptBootstrapActionConfig$Path": "

Location in Amazon S3 of the script to run during a bootstrap action.

", @@ -2185,20 +2210,21 @@ "CreateStudioInput$IdpRelayStateParameterName": "

The name that your identity provider (IdP) uses for its RelayState parameter. For example, RelayState or TargetSource. Specify this value when you use IAM authentication and want to let federated users log in to a Studio using the Studio URL. The RelayState parameter differs by IdP.

", "CreateStudioOutput$StudioId": "

The ID of the Amazon EMR Studio.

", "CreateStudioSessionMappingInput$StudioId": "

The ID of the Amazon EMR Studio to which the user or group will be mapped.

", - "CreateStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified, but not both.

", - "CreateStudioSessionMappingInput$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified, but not both.

", + "CreateStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group from the IAM Identity Center Identity Store. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified, but not both.

", + "CreateStudioSessionMappingInput$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified, but not both.

", "CreateStudioSessionMappingInput$SessionPolicyArn": "

The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. You should specify the ARN for the session policy that you want to apply, not the ARN of your user role. For more information, see Create an EMR Studio User Role with Session Policies.

", "DeleteStudioInput$StudioId": "

The ID of the Amazon EMR Studio.

", "DeleteStudioSessionMappingInput$StudioId": "

The ID of the Amazon EMR Studio.

", - "DeleteStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group to remove from the Amazon EMR Studio. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", - "DeleteStudioSessionMappingInput$IdentityName": "

The name of the user name or group to remove from the Amazon EMR Studio. For more information, see UserName and DisplayName in the Amazon Web Services SSO Store API Reference. Either IdentityName or IdentityId must be specified.

", + "DeleteStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group to remove from the Amazon EMR Studio. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", + "DeleteStudioSessionMappingInput$IdentityName": "

The name of the user name or group to remove from the Amazon EMR Studio. For more information, see UserName and DisplayName in the IAM Identity Center Store API Reference. Either IdentityName or IdentityId must be specified.

", "DescribeNotebookExecutionInput$NotebookExecutionId": "

The unique identifier of the notebook execution.

", "DescribeStudioInput$StudioId": "

The Amazon EMR Studio ID.

", "ExecutionEngineConfig$Id": "

The unique identifier of the execution engine. For an EMR cluster, this is the cluster ID.

", "ExecutionEngineConfig$MasterInstanceSecurityGroupId": "

An optional unique ID of an EC2 security group to associate with the master instance of the EMR cluster for this notebook execution. For more information see Specifying EC2 Security Groups for EMR Notebooks in the EMR Management Guide.

", + "GetClusterSessionCredentialsInput$ClusterId": "

The unique identifier of the cluster.

", "GetStudioSessionMappingInput$StudioId": "

The ID of the Amazon EMR Studio.

", - "GetStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", - "GetStudioSessionMappingInput$IdentityName": "

The name of the user or group to fetch. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", + "GetStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", + "GetStudioSessionMappingInput$IdentityName": "

The name of the user or group to fetch. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", "InstanceFleet$Name": "

A friendly name for the instance fleet.

", "InstanceFleetConfig$Name": "

The friendly name of the instance fleet.

", "InstanceGroup$CustomAmiId": "

The custom AMI ID to use for the provisioned instance group.

", @@ -2252,11 +2278,11 @@ "SecurityGroupsList$member": null, "SessionMappingDetail$StudioId": "

The ID of the Amazon EMR Studio.

", "SessionMappingDetail$IdentityId": "

The globally unique identifier (GUID) of the user or group.

", - "SessionMappingDetail$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference.

", + "SessionMappingDetail$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference.

", "SessionMappingDetail$SessionPolicyArn": "

The Amazon Resource Name (ARN) of the session policy associated with the user or group.

", "SessionMappingSummary$StudioId": "

The ID of the Amazon EMR Studio.

", - "SessionMappingSummary$IdentityId": "

The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store.

", - "SessionMappingSummary$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference.

", + "SessionMappingSummary$IdentityId": "

The globally unique identifier (GUID) of the user or group from the IAM Identity Center Identity Store.

", + "SessionMappingSummary$IdentityName": "

The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference.

", "SessionMappingSummary$SessionPolicyArn": "

The Amazon Resource Name (ARN) of the session policy associated with the user or group.

", "StartNotebookExecutionInput$EditorId": "

The unique identifier of the EMR Notebook to use for notebook execution.

", "StartNotebookExecutionInput$NotebookExecutionName": "

An optional name for the notebook execution.

", @@ -2284,9 +2310,11 @@ "UpdateStudioInput$Name": "

A descriptive name for the Amazon EMR Studio.

", "UpdateStudioInput$Description": "

A detailed description to assign to the Amazon EMR Studio.

", "UpdateStudioSessionMappingInput$StudioId": "

The ID of the Amazon EMR Studio.

", - "UpdateStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", - "UpdateStudioSessionMappingInput$IdentityName": "

The name of the user or group to update. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", + "UpdateStudioSessionMappingInput$IdentityId": "

The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", + "UpdateStudioSessionMappingInput$IdentityName": "

The name of the user or group to update. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName or IdentityId must be specified.

", "UpdateStudioSessionMappingInput$SessionPolicyArn": "

The Amazon Resource Name (ARN) of the session policy to associate with the specified user or group.

", + "UsernamePassword$Username": "

The username associated with the temporary credentials that you use to connect to cluster endpoints.

", + "UsernamePassword$Password": "

The password associated with the temporary credentials that you use to connect to cluster endpoints.

", "XmlStringMaxLen256List$member": null } }, diff --git a/models/apis/elasticmapreduce/2009-03-31/endpoint-rule-set-1.json b/models/apis/elasticmapreduce/2009-03-31/endpoint-rule-set-1.json new file mode 100644 index 0000000000..b9d28b6560 --- /dev/null +++ b/models/apis/elasticmapreduce/2009-03-31/endpoint-rule-set-1.json @@ -0,0 +1,331 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": true, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://elasticmapreduce-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + "aws-us-gov", + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "name" + ] + } + ] + } + ], + "endpoint": { + "url": "https://elasticmapreduce.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [], + "endpoint": { + "url": "https://elasticmapreduce-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://elasticmapreduce.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://elasticmapreduce.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/elasticmapreduce/2009-03-31/endpoint-tests-1.json b/models/apis/elasticmapreduce/2009-03-31/endpoint-tests-1.json new file mode 100644 index 0000000000..347b72a2ff --- /dev/null +++ b/models/apis/elasticmapreduce/2009-03-31/endpoint-tests-1.json @@ -0,0 +1,1799 @@ +{ + "testCases": [ + { + "documentation": "For region ap-south-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-south-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-south-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-south-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-south-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-south-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.me-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.me-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.me-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.me-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-iso-west-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-iso-west-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-central-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-central-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-central-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-central-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.af-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "af-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.af-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "af-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.af-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "af-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.af-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "af-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-iso-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-iso-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-3", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-3", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-4.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-4", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-4", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-4.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-4", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-4", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.cn-northwest-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-northwest-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.cn-northwest-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": true, + "Region": "cn-northwest-1", + "UseDualStack": false + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.cn-northwest-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-northwest-1", + "UseDualStack": true + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.cn-northwest-1.amazonaws.com.cn" + } + }, + "params": { + "UseFIPS": false, + "Region": "cn-northwest-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseFIPS": true, + "Region": "us-isob-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-isob-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseFIPS": false, + "Region": "us-isob-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://elasticmapreduce.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-isob-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true, + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/secretsmanager/2017-10-17/api-2.json b/models/apis/secretsmanager/2017-10-17/api-2.json index 8be57d4099..28deaa9ebc 100644 --- a/models/apis/secretsmanager/2017-10-17/api-2.json +++ b/models/apis/secretsmanager/2017-10-17/api-2.json @@ -505,6 +505,7 @@ "shape":"DeletedDateType", "box":true }, + "NextRotationDate":{"shape":"NextRotationDateType"}, "Tags":{"shape":"TagListType"}, "VersionIdsToStages":{"shape":"SecretVersionsToStagesMapType"}, "OwningService":{"shape":"OwningServiceType"}, @@ -558,13 +559,14 @@ "tag-key", "tag-value", "primary-region", + "owning-service", "all" ] }, "FilterValueStringType":{ "type":"string", "max":512, - "pattern":"^\\!?[a-zA-Z0-9 :_@\\/\\+\\=\\.\\-]*$" + "pattern":"^\\!?[a-zA-Z0-9 :_@\\/\\+\\=\\.\\-\\!]*$" }, "FilterValuesStringList":{ "type":"list", @@ -733,6 +735,10 @@ "ListSecretsRequest":{ "type":"structure", "members":{ + "IncludePlannedDeletion":{ + "shape":"BooleanType", + "box":true + }, "MaxResults":{ "shape":"MaxResultsType", "box":true @@ -766,6 +772,7 @@ "max":512, "min":1 }, + "NextRotationDateType":{"type":"timestamp"}, "NextTokenType":{ "type":"string", "max":4096, @@ -1043,6 +1050,7 @@ "box":true }, "DeletedDate":{"shape":"DeletedDateType"}, + "NextRotationDate":{"shape":"NextRotationDateType"}, "Tags":{"shape":"TagListType"}, "SecretVersionsToStages":{"shape":"SecretVersionsToStagesMapType"}, "OwningService":{"shape":"OwningServiceType"}, diff --git a/models/apis/secretsmanager/2017-10-17/docs-2.json b/models/apis/secretsmanager/2017-10-17/docs-2.json index 0920b69e37..f41ccaaf7a 100644 --- a/models/apis/secretsmanager/2017-10-17/docs-2.json +++ b/models/apis/secretsmanager/2017-10-17/docs-2.json @@ -1,9 +1,9 @@ { "version": "2.0", - "service": "Amazon Web Services Secrets Manager

Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.

This guide provides descriptions of the Secrets Manager API. For more information about using this service, see the Amazon Web Services Secrets Manager User Guide.

API Version

This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.

For a list of endpoints, see Amazon Web Services Secrets Manager endpoints.

Support and Feedback for Amazon Web Services Secrets Manager

We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more information about the Amazon Web Services Discussion Forums, see Forums Help.

Logging API Requests

Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information that's collected by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services CloudTrail, see Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide. To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.

", + "service": "Amazon Web Services Secrets Manager

Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.

This guide provides descriptions of the Secrets Manager API. For more information about using this service, see the Amazon Web Services Secrets Manager User Guide.

API Version

This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.

Support and Feedback for Amazon Web Services Secrets Manager

We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more information about the Amazon Web Services Discussion Forums, see Forums Help.

Logging API Requests

Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information that's collected by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services CloudTrail, see Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide. To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.

", "operations": { "CancelRotateSecret": "

Turns off automatic rotation, and if a rotation is currently in progress, cancels the rotation.

If you cancel a rotation in progress, it can leave the VersionStage labels in an unexpected state. You might need to remove the staging label AWSPENDING from the partially created version. You also need to determine whether to roll back to the previous version of the secret by moving the staging label AWSCURRENT to the version that has AWSPENDING. To determine which version has a specific staging label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to change staging labels. For more information, see How rotation works.

To turn on automatic rotation again, call RotateSecret.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:CancelRotateSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", - "CreateSecret": "

Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret.

For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.

For information about creating a secret in the console, see Create a secret.

To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it.

For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret.

If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result.

If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key.

", + "CreateSecret": "

Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret.

For information about creating a secret in the console, see Create a secret.

To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it.

For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret.

If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result.

If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key.

", "DeleteResourcePolicy": "

Deletes the resource-based permission policy attached to the secret. To attach a policy to a secret, use PutResourcePolicy.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:DeleteResourcePolicy. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "DeleteSecret": "

Deletes a secret and all of its versions. You can specify a recovery window during which you can restore the secret. The minimum recovery window is 7 days. The default recovery window is 30 days. Secrets Manager attaches a DeletionDate stamp to the secret that specifies the end of the recovery window. At the end of the recovery window, Secrets Manager deletes the secret permanently.

You can't delete a primary secret that is replicated to other Regions. You must first delete the replicas using RemoveRegionsFromReplication, and then delete the primary secret. When you delete a replica, it is deleted immediately.

You can't directly delete a version of a secret. Instead, you remove all staging labels from the version using UpdateSecretVersionStage. This marks the version as deprecated, and then Secrets Manager can automatically delete the version in the background.

To determine whether an application still uses a secret, you can create an Amazon CloudWatch alarm to alert you to any attempts to access a secret during the recovery window. For more information, see Monitor secrets scheduled for deletion.

Secrets Manager performs the permanent secret deletion at the end of the waiting period as a background task with low priority. There is no guarantee of a specific time after the recovery window for the permanent delete to occur.

At any time before recovery window ends, you can use RestoreSecret to remove the DeletionDate and cancel the deletion of the secret.

When a secret is scheduled for deletion, you cannot retrieve the secret value. You must first cancel the deletion with RestoreSecret and then you can retrieve the secret.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:DeleteSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "DescribeSecret": "

Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager only returns fields that have a value in the response.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:DescribeSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", @@ -17,11 +17,11 @@ "RemoveRegionsFromReplication": "

For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:RemoveRegionsFromReplication. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "ReplicateSecretToRegions": "

Replicates the secret to a new Regions. See Multi-Region secrets.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:ReplicateSecretToRegions. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "RestoreSecret": "

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp. You can access a secret again after it has been restored.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:RestoreSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", - "RotateSecret": "

Configures and starts the asynchronous process of rotating the secret. For information about rotation, see Rotate secrets in the Secrets Manager User Guide. If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret.

When rotation is successful, the AWSPENDING staging label might be attached to the same version as the AWSCURRENT version, or it might not be attached to any version. If the AWSPENDING staging label is present but not attached to the same version as AWSCURRENT, then any later invocation of RotateSecret assumes that a previous rotation request is still in progress and returns an error. When rotation is unsuccessful, the AWSPENDING staging label might be attached to an empty secret version. For more information, see Troubleshoot rotation in the Secrets Manager User Guide.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:RotateSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. You also need lambda:InvokeFunction permissions on the rotation function. For more information, see Permissions for rotation.

", + "RotateSecret": "

Configures and starts the asynchronous process of rotating the secret. For more information about rotation, see Rotate secrets.

If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret.

For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the secret value is in the JSON structure of a database secret. In particular, if you want to use the alternating users strategy, your secret must contain the ARN of a superuser secret.

To configure rotation, you also need the ARN of an Amazon Web Services Lambda function and the schedule for the rotation. The Lambda rotation function creates a new version of the secret and creates or updates the credentials on the database or service to match. After testing the new credentials, the function marks the new secret version with the staging label AWSCURRENT. Then anyone who retrieves the secret gets the new version. For more information, see How rotation works.

You can create the Lambda rotation function based on the rotation function templates that Secrets Manager provides. Choose a template that matches your Rotation strategy.

When rotation is successful, the AWSPENDING staging label might be attached to the same version as the AWSCURRENT version, or it might not be attached to any version. If the AWSPENDING staging label is present but not attached to the same version as AWSCURRENT, then any later invocation of RotateSecret assumes that a previous rotation request is still in progress and returns an error.

When rotation is unsuccessful, the AWSPENDING staging label might be attached to an empty secret version. For more information, see Troubleshoot rotation in the Secrets Manager User Guide.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:RotateSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. You also need lambda:InvokeFunction permissions on the rotation function. For more information, see Permissions for rotation.

", "StopReplicationToReplica": "

Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.

You must call this operation from the Region in which you want to promote the replica to a primary secret.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:StopReplicationToReplica. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "TagResource": "

Attaches tags to a secret. Tags consist of a key name and a value. Tags are part of the secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.

The following restrictions apply to tags:

If you use tags as part of your security strategy, then adding or removing a tag can change permissions. If successfully completing this operation would result in you losing your permissions for this secret, then the operation is blocked and returns an Access Denied error.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:TagResource. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "UntagResource": "

Removes specific tags from a secret.

This operation is idempotent. If a requested tag is not attached to the secret, no error is returned and the secret metadata is unchanged.

If you use tags as part of your security strategy, then removing a tag can change permissions. If successfully completing this operation would result in you losing your permissions for this secret, then the operation is blocked and returns an Access Denied error.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:UntagResource. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", - "UpdateSecret": "

Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.

To change the rotation configuration of a secret, use RotateSecret instead.

To change a secret so that it is managed by another service, you need to recreate the secret in that service. See Secrets Manager secrets managed by other Amazon Web Services services.

We recommend you avoid calling UpdateSecret at a sustained rate of more than once every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you update the secret value more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.

If you include SecretString or SecretBinary to create a new secret version, Secrets Manager automatically moves the staging label AWSCURRENT to the new version. Then it attaches the label AWSPREVIOUS to the version that AWSCURRENT was removed from.

If you call this operation with a ClientRequestToken that matches an existing version's VersionId, the operation results in an error. You can't modify an existing version, you can only create a new version. To remove a version, remove all staging labels from it. See UpdateSecretVersionStage.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:UpdateSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. If you use a customer managed key, you must also have kms:GenerateDataKey and kms:Decrypt permissions on the key. For more information, see Secret encryption and decryption.

", + "UpdateSecret": "

Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.

To change the rotation configuration of a secret, use RotateSecret instead.

We recommend you avoid calling UpdateSecret at a sustained rate of more than once every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you update the secret value more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.

If you include SecretString or SecretBinary to create a new secret version, Secrets Manager automatically moves the staging label AWSCURRENT to the new version. Then it attaches the label AWSPREVIOUS to the version that AWSCURRENT was removed from.

If you call this operation with a ClientRequestToken that matches an existing version's VersionId, the operation results in an error. You can't modify an existing version, you can only create a new version. To remove a version, remove all staging labels from it. See UpdateSecretVersionStage.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:UpdateSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. If you use a customer managed key, you must also have kms:GenerateDataKey and kms:Decrypt permissions on the key. For more information, see Secret encryption and decryption.

", "UpdateSecretVersionStage": "

Modifies the staging labels attached to a version of a secret. Secrets Manager uses staging labels to track a version as it progresses through the secret rotation process. Each staging label can be attached to only one version at a time. To add a staging label to a version when it is already attached to another version, Secrets Manager first removes it from the other version first and then attaches it to this one. For more information about versions and staging labels, see Concepts: Version.

The staging labels that you specify in the VersionStage parameter are added to the existing list of staging labels for the version.

You can move the AWSCURRENT staging label to this version by including it in this call.

Whenever you move AWSCURRENT, Secrets Manager automatically moves the label AWSPREVIOUS to the version that AWSCURRENT was removed from.

If this action results in the last label being removed from a version, then the version is considered to be 'deprecated' and can be deleted by Secrets Manager.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:UpdateSecretVersionStage. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

", "ValidateResourcePolicy": "

Validates that a resource policy does not grant a wide range of principals access to your secret. A resource-based policy is optional for secrets.

The API performs three checks when validating the policy:

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:ValidateResourcePolicy. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

" }, @@ -45,9 +45,10 @@ "CreateSecretRequest$ForceOverwriteReplicaSecret": "

Specifies whether to overwrite a secret with the same name in the destination Region.

", "DeleteSecretRequest$ForceDeleteWithoutRecovery": "

Specifies whether to delete the secret without any recovery window. You can't use both this parameter and RecoveryWindowInDays in the same call. If you don't use either, then Secrets Manager defaults to a 30 day recovery window.

Secrets Manager performs the actual deletion with an asynchronous background process, so there might be a short delay before the secret is permanently deleted. If you delete a secret and then immediately create a secret with the same name, use appropriate back off and retry logic.

Use this parameter with caution. This parameter causes the operation to skip the normal recovery window before the permanent deletion that Secrets Manager would normally impose with the RecoveryWindowInDays parameter. If you delete a secret with the ForceDeleteWithoutRecovery parameter, then you have no opportunity to recover the secret. You lose the secret permanently.

", "ListSecretVersionIdsRequest$IncludeDeprecated": "

Specifies whether to include versions of secrets that don't have any staging labels attached to them. Versions without staging labels are considered deprecated and are subject to deletion by Secrets Manager.

", + "ListSecretsRequest$IncludePlannedDeletion": null, "PutResourcePolicyRequest$BlockPublicPolicy": "

Specifies whether to block resource-based policies that allow broad access to the secret, for example those that use a wildcard for the principal.

", "ReplicateSecretToRegionsRequest$ForceOverwriteReplicaSecret": "

Specifies whether to overwrite a secret with the same name in the destination Region.

", - "RotateSecretRequest$RotateImmediately": "

Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules.

For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.

If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.

", + "RotateSecretRequest$RotateImmediately": "

Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules.

If you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.

If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.

", "ValidateResourcePolicyResponse$PolicyValidationPassed": "

True if your policy passes validation, otherwise false.

" } }, @@ -377,6 +378,13 @@ "ValidationErrorsEntry$CheckName": "

Checks the name of the policy.

" } }, + "NextRotationDateType": { + "base": null, + "refs": { + "DescribeSecretResponse$NextRotationDate": null, + "SecretListEntry$NextRotationDate": null + } + }, "NextTokenType": { "base": null, "refs": { @@ -553,7 +561,7 @@ "base": null, "refs": { "DescribeSecretResponse$RotationLambdaARN": "

The ARN of the Lambda function that Secrets Manager invokes to rotate the secret.

", - "RotateSecretRequest$RotationLambdaARN": "

For secrets that use a Lambda rotation function to rotate, the ARN of the Lambda rotation function.

For secrets that use managed rotation, omit this field. For more information, see Managed rotation in the Secrets Manager User Guide.

", + "RotateSecretRequest$RotationLambdaARN": "

The ARN of the Lambda rotation function that can rotate the secret.

", "SecretListEntry$RotationLambdaARN": "

The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the secret either automatically per the schedule or manually by a call to RotateSecret .

" } }, diff --git a/models/apis/wisdom/2020-10-19/api-2.json b/models/apis/wisdom/2020-10-19/api-2.json index 7630d34f4d..ed6c5d5a70 100644 --- a/models/apis/wisdom/2020-10-19/api-2.json +++ b/models/apis/wisdom/2020-10-19/api-2.json @@ -759,7 +759,7 @@ }, "ContentType":{ "type":"string", - "pattern":"^(text/(plain|html))|(application/x\\.wisdom-json;source=(salesforce|servicenow|zendesk))$" + "pattern":"^(text/(plain|html))|(application/(pdf|vnd\\.openxmlformats-officedocument\\.wordprocessingml\\.document))|(application/x\\.wisdom-json;source=(salesforce|servicenow|zendesk))$" }, "CreateAssistantAssociationRequest":{ "type":"structure", @@ -835,7 +835,7 @@ "overrideLinkOutUri":{"shape":"Uri"}, "tags":{"shape":"Tags"}, "title":{"shape":"ContentTitle"}, - "uploadId":{"shape":"NonEmptyString"} + "uploadId":{"shape":"UploadId"} } }, "CreateContentResponse":{ @@ -1815,7 +1815,7 @@ ], "members":{ "headersToInclude":{"shape":"Headers"}, - "uploadId":{"shape":"NonEmptyString"}, + "uploadId":{"shape":"UploadId"}, "url":{"shape":"Url"}, "urlExpiry":{"shape":"SyntheticTimestamp_epoch_seconds"} } @@ -1925,7 +1925,7 @@ "removeOverrideLinkOutUri":{"shape":"Boolean"}, "revisionId":{"shape":"NonEmptyString"}, "title":{"shape":"ContentTitle"}, - "uploadId":{"shape":"NonEmptyString"} + "uploadId":{"shape":"UploadId"} } }, "UpdateContentResponse":{ @@ -1955,6 +1955,11 @@ "knowledgeBase":{"shape":"KnowledgeBaseData"} } }, + "UploadId":{ + "type":"string", + "max":1200, + "min":1 + }, "Uri":{ "type":"string", "max":4096, diff --git a/models/apis/wisdom/2020-10-19/docs-2.json b/models/apis/wisdom/2020-10-19/docs-2.json index a9ee1df192..5b4c4b6eab 100644 --- a/models/apis/wisdom/2020-10-19/docs-2.json +++ b/models/apis/wisdom/2020-10-19/docs-2.json @@ -613,7 +613,6 @@ "ContentMetadata$value": null, "ContentSummary$revisionId": "

The identifier of the revision of the content.

", "CreateContentRequest$clientToken": "

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", - "CreateContentRequest$uploadId": "

A pointer to the uploaded asset. This value is returned by StartContentUpload.

", "CreateKnowledgeBaseRequest$clientToken": "

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "Filter$value": "

The desired field value on which to filter.

", "Headers$key": null, @@ -622,9 +621,7 @@ "ListKnowledgeBasesResponse$nextToken": "

If there are additional results, this is the token for the next set of results.

", "ObjectFieldsList$member": null, "ServerSideEncryptionConfiguration$kmsKeyId": "

The KMS key. For information about valid ID values, see Key identifiers (KeyId).

", - "StartContentUploadResponse$uploadId": "

The identifier of the upload.

", - "UpdateContentRequest$revisionId": "

The revisionId of the content resource to update, taken from an earlier call to GetContent, GetContentSummary, SearchContent, or ListContents. If included, this argument acts as an optimistic lock to ensure content was not modified since it was last read. If it has been modified, this API throws a PreconditionFailedException.

", - "UpdateContentRequest$uploadId": "

A pointer to the uploaded asset. This value is returned by StartContentUpload.

" + "UpdateContentRequest$revisionId": "

The revisionId of the content resource to update, taken from an earlier call to GetContent, GetContentSummary, SearchContent, or ListContents. If included, this argument acts as an optimistic lock to ensure content was not modified since it was last read. If it has been modified, this API throws a PreconditionFailedException.

" } }, "NotifyRecommendationsReceivedError": { @@ -989,6 +986,14 @@ "refs": { } }, + "UploadId": { + "base": null, + "refs": { + "CreateContentRequest$uploadId": "

A pointer to the uploaded asset. This value is returned by StartContentUpload.

", + "StartContentUploadResponse$uploadId": "

The identifier of the upload.

", + "UpdateContentRequest$uploadId": "

A pointer to the uploaded asset. This value is returned by StartContentUpload.

" + } + }, "Uri": { "base": null, "refs": { diff --git a/models/apis/wisdom/2020-10-19/endpoint-rule-set-1.json b/models/apis/wisdom/2020-10-19/endpoint-rule-set-1.json new file mode 100644 index 0000000000..84ca7760ce --- /dev/null +++ b/models/apis/wisdom/2020-10-19/endpoint-rule-set-1.json @@ -0,0 +1,306 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": true, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://wisdom-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://wisdom-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://wisdom.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://wisdom.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/wisdom/2020-10-19/endpoint-tests-1.json b/models/apis/wisdom/2020-10-19/endpoint-tests-1.json new file mode 100644 index 0000000000..2da46a4bac --- /dev/null +++ b/models/apis/wisdom/2020-10-19/endpoint-tests-1.json @@ -0,0 +1,355 @@ +{ + "testCases": [ + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "eu-central-1" + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "eu-central-1" + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "eu-central-1" + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "eu-central-1" + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "us-west-2" + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "us-west-2" + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "us-west-2" + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "us-west-2" + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "eu-west-2" + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "eu-west-2" + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "eu-west-2" + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "eu-west-2" + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "ap-northeast-1" + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "ap-northeast-1" + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "ap-northeast-1" + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "ap-northeast-1" + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "ap-southeast-2" + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "ap-southeast-2" + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "ap-southeast-2" + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "ap-southeast-2" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://wisdom.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://wisdom.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseFIPS": true, + "UseDualStack": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseFIPS": false, + "UseDualStack": true, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 1d76e0d4af..987f9000fc 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -19998,6 +19998,11 @@ } } }, + "pi" : { + "endpoints" : { + "us-gov-east-1" : { } + } + }, "pinpoint" : { "defaults" : { "credentialScope" : { diff --git a/service/apigateway/api.go b/service/apigateway/api.go index cb7fa8adf8..790c959d22 100644 --- a/service/apigateway/api.go +++ b/service/apigateway/api.go @@ -12645,8 +12645,8 @@ type CreateDeploymentInput struct { // Enables a cache cluster for the Stage resource specified in the input. CacheClusterEnabled *bool `locationName:"cacheClusterEnabled" type:"boolean"` - // Specifies the cache cluster size for the Stage resource specified in the - // input, if a cache cluster is enabled. + // The stage's cache capacity in GB. For more information about choosing a cache + // size, see Enabling API caching to enhance responsiveness (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html). CacheClusterSize *string `locationName:"cacheClusterSize" type:"string" enum:"CacheClusterSize"` // The input configuration for the canary deployment when the deployment is @@ -13526,7 +13526,8 @@ type CreateStageInput struct { // Whether cache clustering is enabled for the stage. CacheClusterEnabled *bool `locationName:"cacheClusterEnabled" type:"boolean"` - // The stage's cache cluster size. + // The stage's cache capacity in GB. For more information about choosing a cache + // size, see Enabling API caching to enhance responsiveness (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html). CacheClusterSize *string `locationName:"cacheClusterSize" type:"string" enum:"CacheClusterSize"` // The canary deployment settings of this stage. @@ -23491,7 +23492,8 @@ type Stage struct { // Specifies whether a cache cluster is enabled for the stage. CacheClusterEnabled *bool `locationName:"cacheClusterEnabled" type:"boolean"` - // The size of the cache cluster for the stage, if enabled. + // The stage's cache capacity in GB. For more information about choosing a cache + // size, see Enabling API caching to enhance responsiveness (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html). CacheClusterSize *string `locationName:"cacheClusterSize" type:"string" enum:"CacheClusterSize"` // The status of the cache cluster for the stage, if enabled. diff --git a/service/emr/api.go b/service/emr/api.go index 880582010c..87a5a0890c 100644 --- a/service/emr/api.go +++ b/service/emr/api.go @@ -228,9 +228,7 @@ func (c *EMR) AddJobFlowStepsRequest(input *AddJobFlowStepsInput) (req *request. // you may require more than 256 steps to process your data. You can bypass // the 256-step limitation in various ways, including using SSH to connect to // the master node and submitting queries directly to the software running on -// the master node, such as Hive and Hadoop. For more information on how to -// do this, see Add More than 256 Steps to a Cluster (https://docs.aws.amazon.com/emr/latest/ManagementGuide/AddMoreThan256Steps.html) -// in the Amazon EMR Management Guide. +// the master node, such as Hive and Hadoop. // // A step specifies the location of a JAR file stored either on the master node // of the cluster or in Amazon S3. Each step is performed by the main function @@ -671,10 +669,10 @@ func (c *EMR) CreateStudioSessionMappingRequest(input *CreateStudioSessionMappin // // Maps a user or group to the Amazon EMR Studio specified by StudioId, and // applies a session policy to refine Studio permissions for that user or group. -// Use CreateStudioSessionMapping to assign users to a Studio when you use Amazon -// Web Services SSO authentication. For instructions on how to assign users -// to a Studio when you use IAM authentication, see Assign a user or group to -// your EMR Studio (https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-manage-users.html#emr-studio-assign-users-groups). +// Use CreateStudioSessionMapping to assign users to a Studio when you use IAM +// Identity Center authentication. For instructions on how to assign users to +// a Studio when you use IAM authentication, see Assign a user or group to your +// EMR Studio (https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-manage-users.html#emr-studio-assign-users-groups). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1736,6 +1734,92 @@ func (c *EMR) GetBlockPublicAccessConfigurationWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetClusterSessionCredentials = "GetClusterSessionCredentials" + +// GetClusterSessionCredentialsRequest generates a "aws/request.Request" representing the +// client's request for the GetClusterSessionCredentials operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetClusterSessionCredentials for more information on using the GetClusterSessionCredentials +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetClusterSessionCredentialsRequest method. +// req, resp := client.GetClusterSessionCredentialsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/elasticmapreduce-2009-03-31/GetClusterSessionCredentials +func (c *EMR) GetClusterSessionCredentialsRequest(input *GetClusterSessionCredentialsInput) (req *request.Request, output *GetClusterSessionCredentialsOutput) { + op := &request.Operation{ + Name: opGetClusterSessionCredentials, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetClusterSessionCredentialsInput{} + } + + output = &GetClusterSessionCredentialsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetClusterSessionCredentials API operation for Amazon EMR. +// +// Provides Temporary, basic HTTP credentials that are associated with a given +// runtime IAM role and used by a cluster with fine-grained access control activated. +// You can use these credentials to connect to cluster endpoints that support +// username-based and password-based authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EMR's +// API operation GetClusterSessionCredentials for usage and error information. +// +// Returned Error Types: +// +// - InternalServerError +// Indicates that an error occurred while processing the request and that the +// request was not completed. +// +// - InvalidRequestException +// This exception occurs when there is something wrong with user input. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/elasticmapreduce-2009-03-31/GetClusterSessionCredentials +func (c *EMR) GetClusterSessionCredentials(input *GetClusterSessionCredentialsInput) (*GetClusterSessionCredentialsOutput, error) { + req, out := c.GetClusterSessionCredentialsRequest(input) + return out, req.Send() +} + +// GetClusterSessionCredentialsWithContext is the same as GetClusterSessionCredentials with the addition of +// the ability to pass a context and additional request options. +// +// See GetClusterSessionCredentials for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EMR) GetClusterSessionCredentialsWithContext(ctx aws.Context, input *GetClusterSessionCredentialsInput, opts ...request.Option) (*GetClusterSessionCredentialsOutput, error) { + req, out := c.GetClusterSessionCredentialsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetManagedScalingPolicy = "GetManagedScalingPolicy" // GetManagedScalingPolicyRequest generates a "aws/request.Request" representing the @@ -4405,11 +4489,9 @@ func (c *EMR) RunJobFlowRequest(input *RunJobFlowInput) (req *request.Request, o // you may require more than 256 steps to process your data. You can bypass // the 256-step limitation in various ways, including using the SSH shell to // connect to the master node and submitting queries directly to the software -// running on the master node, such as Hive and Hadoop. For more information -// on how to do this, see Add More than 256 Steps to a Cluster (https://docs.aws.amazon.com/emr/latest/ManagementGuide/AddMoreThan256Steps.html) -// in the Amazon EMR Management Guide. +// running on the master node, such as Hive and Hadoop. // -// For long running clusters, we recommend that you periodically store your +// For long-running clusters, we recommend that you periodically store your // results. // // The instance fleets configuration is available only in Amazon EMR versions @@ -7278,8 +7360,8 @@ func (s *CreateSecurityConfigurationOutput) SetName(v string) *CreateSecurityCon type CreateStudioInput struct { _ struct{} `type:"structure"` - // Specifies whether the Studio authenticates users using IAM or Amazon Web - // Services SSO. + // Specifies whether the Studio authenticates users using IAM or IAM Identity + // Center. // // AuthMode is a required field AuthMode *string `type:"string" required:"true" enum:"AuthMode"` @@ -7337,9 +7419,9 @@ type CreateStudioInput struct { Tags []*Tag `type:"list"` // The IAM user role that users and groups assume when logged in to an Amazon - // EMR Studio. Only specify a UserRole when you use Amazon Web Services SSO - // authentication. The permissions attached to the UserRole can be scoped down - // for each user or group using session policies. + // EMR Studio. Only specify a UserRole when you use IAM Identity Center authentication. + // The permissions attached to the UserRole can be scoped down for each user + // or group using session policies. UserRole *string `type:"string"` // The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with @@ -7529,16 +7611,16 @@ func (s *CreateStudioOutput) SetUrl(v string) *CreateStudioOutput { type CreateStudioSessionMappingInput struct { _ struct{} `type:"structure"` - // The globally unique identifier (GUID) of the user or group from the Amazon - // Web Services SSO Identity Store. For more information, see UserId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserId) + // The globally unique identifier (GUID) of the user or group from the IAM Identity + // Center Identity Store. For more information, see UserId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserId) // and GroupId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-GroupId) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified, but not both. IdentityId *string `type:"string"` // The name of the user or group. For more information, see UserName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified, but not both. IdentityName *string `type:"string"` @@ -7651,6 +7733,43 @@ func (s CreateStudioSessionMappingOutput) GoString() string { return s.String() } +// The credentials that you can use to connect to cluster endpoints. Credentials +// consist of a username and a password. +type Credentials struct { + _ struct{} `type:"structure"` + + // The username and password that you use to connect to cluster endpoints. + // + // UsernamePassword is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Credentials's + // String and GoString methods. + UsernamePassword *UsernamePassword `type:"structure" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Credentials) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Credentials) GoString() string { + return s.String() +} + +// SetUsernamePassword sets the UsernamePassword field's value. +func (s *Credentials) SetUsernamePassword(v *UsernamePassword) *Credentials { + s.UsernamePassword = v + return s +} + type DeleteSecurityConfigurationInput struct { _ struct{} `type:"structure"` @@ -7793,15 +7912,15 @@ type DeleteStudioSessionMappingInput struct { // The globally unique identifier (GUID) of the user or group to remove from // the Amazon EMR Studio. For more information, see UserId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserId) // and GroupId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-GroupId) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified. IdentityId *string `type:"string"` // The name of the user name or group to remove from the Amazon EMR Studio. // For more information, see UserName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Store API Reference. Either IdentityName or - // IdentityId must be specified. + // in the IAM Identity Center Store API Reference. Either IdentityName or IdentityId + // must be specified. IdentityName *string `type:"string"` // Specifies whether the identity to delete from the Amazon EMR Studio is a @@ -9176,6 +9295,114 @@ func (s *GetBlockPublicAccessConfigurationOutput) SetBlockPublicAccessConfigurat return s } +type GetClusterSessionCredentialsInput struct { + _ struct{} `type:"structure"` + + // The unique identifier of the cluster. + // + // ClusterId is a required field + ClusterId *string `type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of the runtime role for interactive workload + // submission on the cluster. The runtime role can be a cross-account IAM role. + // The runtime role ARN is a combination of account ID, role name, and role + // type using the following format: arn:partition:service:region:account:resource. + // + // ExecutionRoleArn is a required field + ExecutionRoleArn *string `min:"20" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetClusterSessionCredentialsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetClusterSessionCredentialsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetClusterSessionCredentialsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetClusterSessionCredentialsInput"} + if s.ClusterId == nil { + invalidParams.Add(request.NewErrParamRequired("ClusterId")) + } + if s.ExecutionRoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("ExecutionRoleArn")) + } + if s.ExecutionRoleArn != nil && len(*s.ExecutionRoleArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ExecutionRoleArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClusterId sets the ClusterId field's value. +func (s *GetClusterSessionCredentialsInput) SetClusterId(v string) *GetClusterSessionCredentialsInput { + s.ClusterId = &v + return s +} + +// SetExecutionRoleArn sets the ExecutionRoleArn field's value. +func (s *GetClusterSessionCredentialsInput) SetExecutionRoleArn(v string) *GetClusterSessionCredentialsInput { + s.ExecutionRoleArn = &v + return s +} + +type GetClusterSessionCredentialsOutput struct { + _ struct{} `type:"structure"` + + // The credentials that you can use to connect to cluster endpoints that support + // username-based and password-based authentication. + Credentials *Credentials `type:"structure"` + + // The time when the credentials that are returned by the GetClusterSessionCredentials + // API expire. + ExpiresAt *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetClusterSessionCredentialsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetClusterSessionCredentialsOutput) GoString() string { + return s.String() +} + +// SetCredentials sets the Credentials field's value. +func (s *GetClusterSessionCredentialsOutput) SetCredentials(v *Credentials) *GetClusterSessionCredentialsOutput { + s.Credentials = v + return s +} + +// SetExpiresAt sets the ExpiresAt field's value. +func (s *GetClusterSessionCredentialsOutput) SetExpiresAt(v time.Time) *GetClusterSessionCredentialsOutput { + s.ExpiresAt = &v + return s +} + type GetManagedScalingPolicyInput struct { _ struct{} `type:"structure"` @@ -9260,14 +9487,14 @@ type GetStudioSessionMappingInput struct { // The globally unique identifier (GUID) of the user or group. For more information, // see UserId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserId) // and GroupId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-GroupId) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified. IdentityId *string `type:"string"` // The name of the user or group to fetch. For more information, see UserName // (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified. IdentityName *string `type:"string"` @@ -15505,7 +15732,8 @@ type RunJobFlowInput struct { SecurityConfiguration *string `type:"string"` // The IAM role that Amazon EMR assumes in order to access Amazon Web Services - // resources on your behalf. + // resources on your behalf. If you've created a custom service role path, you + // must specify it for the service role when you launch your cluster. ServiceRole *string `type:"string"` // Specifies the number of steps that can be executed concurrently. The default @@ -16237,7 +16465,7 @@ type SessionMappingDetail struct { // The name of the user or group. For more information, see UserName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Identity Store API Reference. + // in the IAM Identity Center Identity Store API Reference. IdentityName *string `type:"string"` // Specifies whether the identity mapped to the Amazon EMR Studio is a user @@ -16323,13 +16551,13 @@ type SessionMappingSummary struct { // The time the session mapping was created. CreationTime *time.Time `type:"timestamp"` - // The globally unique identifier (GUID) of the user or group from the Amazon - // Web Services SSO Identity Store. + // The globally unique identifier (GUID) of the user or group from the IAM Identity + // Center Identity Store. IdentityId *string `type:"string"` // The name of the user or group. For more information, see UserName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Identity Store API Reference. + // in the IAM Identity Center Identity Store API Reference. IdentityName *string `type:"string"` // Specifies whether the identity mapped to the Amazon EMR Studio is a user @@ -17629,7 +17857,7 @@ type Studio struct { _ struct{} `type:"structure"` // Specifies whether the Amazon EMR Studio authenticates users using IAM or - // Amazon Web Services SSO. + // IAM Identity Center. AuthMode *string `type:"string" enum:"AuthMode"` // The time the Amazon EMR Studio was created. @@ -17815,8 +18043,8 @@ func (s *Studio) SetWorkspaceSecurityGroupId(v string) *Studio { type StudioSummary struct { _ struct{} `type:"structure"` - // Specifies whether the Studio authenticates users using IAM or Amazon Web - // Services SSO. + // Specifies whether the Studio authenticates users using IAM or IAM Identity + // Center. AuthMode *string `type:"string" enum:"AuthMode"` // The time when the Amazon EMR Studio was created. @@ -18172,14 +18400,14 @@ type UpdateStudioSessionMappingInput struct { // The globally unique identifier (GUID) of the user or group. For more information, // see UserId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserId) // and GroupId (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-GroupId) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified. IdentityId *string `type:"string"` // The name of the user or group to update. For more information, see UserName // (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) // and DisplayName (https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) - // in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName + // in the IAM Identity Center Identity Store API Reference. Either IdentityName // or IdentityId must be specified. IdentityName *string `type:"string"` @@ -18289,6 +18517,49 @@ func (s UpdateStudioSessionMappingOutput) GoString() string { return s.String() } +// The username and password that you use to connect to cluster endpoints. +type UsernamePassword struct { + _ struct{} `type:"structure" sensitive:"true"` + + // The password associated with the temporary credentials that you use to connect + // to cluster endpoints. + Password *string `type:"string"` + + // The username associated with the temporary credentials that you use to connect + // to cluster endpoints. + Username *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UsernamePassword) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UsernamePassword) GoString() string { + return s.String() +} + +// SetPassword sets the Password field's value. +func (s *UsernamePassword) SetPassword(v string) *UsernamePassword { + s.Password = &v + return s +} + +// SetUsername sets the Username field's value. +func (s *UsernamePassword) SetUsername(v string) *UsernamePassword { + s.Username = &v + return s +} + // EBS volume specifications such as volume type, IOPS, size (GiB) and throughput // (MiB/s) that are requested for the EBS volume attached to an EC2 instance // in the cluster. @@ -18308,7 +18579,8 @@ type VolumeSpecification struct { // be a number from 125 - 1000 and is valid only for gp3 volumes. Throughput *int64 `type:"integer"` - // The volume type. Volume types supported are gp2, io1, and standard. + // The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and + // standard. // // VolumeType is a required field VolumeType *string `type:"string" required:"true"` diff --git a/service/emr/emriface/interface.go b/service/emr/emriface/interface.go index cd7cb66439..8862f5299b 100644 --- a/service/emr/emriface/interface.go +++ b/service/emr/emriface/interface.go @@ -140,6 +140,10 @@ type EMRAPI interface { GetBlockPublicAccessConfigurationWithContext(aws.Context, *emr.GetBlockPublicAccessConfigurationInput, ...request.Option) (*emr.GetBlockPublicAccessConfigurationOutput, error) GetBlockPublicAccessConfigurationRequest(*emr.GetBlockPublicAccessConfigurationInput) (*request.Request, *emr.GetBlockPublicAccessConfigurationOutput) + GetClusterSessionCredentials(*emr.GetClusterSessionCredentialsInput) (*emr.GetClusterSessionCredentialsOutput, error) + GetClusterSessionCredentialsWithContext(aws.Context, *emr.GetClusterSessionCredentialsInput, ...request.Option) (*emr.GetClusterSessionCredentialsOutput, error) + GetClusterSessionCredentialsRequest(*emr.GetClusterSessionCredentialsInput) (*request.Request, *emr.GetClusterSessionCredentialsOutput) + GetManagedScalingPolicy(*emr.GetManagedScalingPolicyInput) (*emr.GetManagedScalingPolicyOutput, error) GetManagedScalingPolicyWithContext(aws.Context, *emr.GetManagedScalingPolicyInput, ...request.Option) (*emr.GetManagedScalingPolicyOutput, error) GetManagedScalingPolicyRequest(*emr.GetManagedScalingPolicyInput) (*request.Request, *emr.GetManagedScalingPolicyOutput) diff --git a/service/secretsmanager/api.go b/service/secretsmanager/api.go index 3d8bc739c9..4e2ffdcc69 100644 --- a/service/secretsmanager/api.go +++ b/service/secretsmanager/api.go @@ -184,10 +184,6 @@ func (c *SecretsManager) CreateSecretRequest(input *CreateSecretInput) (req *req // protected secret data and the important information needed to manage the // secret. // -// For secrets that use managed rotation, you need to create the secret through -// the managing service. For more information, see Secrets Manager secrets managed -// by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). -// // For information about creating a secret in the console, see Create a secret // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). // @@ -1953,20 +1949,42 @@ func (c *SecretsManager) RotateSecretRequest(input *RotateSecretInput) (req *req // RotateSecret API operation for AWS Secrets Manager. // // Configures and starts the asynchronous process of rotating the secret. For -// information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) -// in the Secrets Manager User Guide. If you include the configuration parameters, -// the operation sets the values for the secret and then immediately starts -// a rotation. If you don't include the configuration parameters, the operation -// starts a rotation with the values already stored in the secret. +// more information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html). +// +// If you include the configuration parameters, the operation sets the values +// for the secret and then immediately starts a rotation. If you don't include +// the configuration parameters, the operation starts a rotation with the values +// already stored in the secret. +// +// For database credentials you want to rotate, for Secrets Manager to be able +// to rotate the secret, you must make sure the secret value is in the JSON +// structure of a database secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html). +// In particular, if you want to use the alternating users strategy (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users), +// your secret must contain the ARN of a superuser secret. +// +// To configure rotation, you also need the ARN of an Amazon Web Services Lambda +// function and the schedule for the rotation. The Lambda rotation function +// creates a new version of the secret and creates or updates the credentials +// on the database or service to match. After testing the new credentials, the +// function marks the new secret version with the staging label AWSCURRENT. +// Then anyone who retrieves the secret gets the new version. For more information, +// see How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html). +// +// You can create the Lambda rotation function based on the rotation function +// templates (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) +// that Secrets Manager provides. Choose a template that matches your Rotation +// strategy (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html). // // When rotation is successful, the AWSPENDING staging label might be attached // to the same version as the AWSCURRENT version, or it might not be attached // to any version. If the AWSPENDING staging label is present but not attached // to the same version as AWSCURRENT, then any later invocation of RotateSecret // assumes that a previous rotation request is still in progress and returns -// an error. When rotation is unsuccessful, the AWSPENDING staging label might -// be attached to an empty secret version. For more information, see Troubleshoot -// rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) +// an error. +// +// When rotation is unsuccessful, the AWSPENDING staging label might be attached +// to an empty secret version. For more information, see Troubleshoot rotation +// (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) // in the Secrets Manager User Guide. // // Secrets Manager generates a CloudTrail log entry when you call this action. @@ -2451,10 +2469,6 @@ func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *req // // To change the rotation configuration of a secret, use RotateSecret instead. // -// To change a secret so that it is managed by another service, you need to -// recreate the secret in that service. See Secrets Manager secrets managed -// by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). -// // We recommend you avoid calling UpdateSecret at a sustained rate of more than // once every 10 minutes. When you call UpdateSecret to update the secret value, // Secrets Manager creates a new version of the secret. Secrets Manager removes @@ -3640,6 +3654,8 @@ type DescribeSecretOutput struct { // The name of the secret. Name *string `min:"1" type:"string"` + NextRotationDate *time.Time `type:"timestamp"` + // The ID of the service that created this secret. For more information, see // Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). OwningService *string `min:"1" type:"string"` @@ -3772,6 +3788,12 @@ func (s *DescribeSecretOutput) SetName(v string) *DescribeSecretOutput { return s } +// SetNextRotationDate sets the NextRotationDate field's value. +func (s *DescribeSecretOutput) SetNextRotationDate(v time.Time) *DescribeSecretOutput { + s.NextRotationDate = &v + return s +} + // SetOwningService sets the OwningService field's value. func (s *DescribeSecretOutput) SetOwningService(v string) *DescribeSecretOutput { s.OwningService = &v @@ -4902,6 +4924,8 @@ type ListSecretsInput struct { // The filters to apply to the list of secrets. Filters []*Filter `type:"list"` + IncludePlannedDeletion *bool `type:"boolean"` + // The number of results to include in the response. // // If there are more results available, in the response, Secrets Manager includes @@ -4968,6 +4992,12 @@ func (s *ListSecretsInput) SetFilters(v []*Filter) *ListSecretsInput { return s } +// SetIncludePlannedDeletion sets the IncludePlannedDeletion field's value. +func (s *ListSecretsInput) SetIncludePlannedDeletion(v bool) *ListSecretsInput { + s.IncludePlannedDeletion = &v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *ListSecretsInput) SetMaxResults(v int64) *ListSecretsInput { s.MaxResults = &v @@ -6160,9 +6190,8 @@ type RotateSecretInput struct { // Specifies whether to rotate the secret immediately or wait until the next // scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules. // - // For secrets that use a Lambda rotation function to rotate, if you don't immediately - // rotate the secret, Secrets Manager tests the rotation configuration by running - // the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) + // If you don't immediately rotate the secret, Secrets Manager tests the rotation + // configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) // of the Lambda rotation function. The test creates an AWSPENDING version of // the secret and then removes it. // @@ -6170,12 +6199,7 @@ type RotateSecretInput struct { // the secret immediately. RotateImmediately *bool `type:"boolean"` - // For secrets that use a Lambda rotation function to rotate, the ARN of the - // Lambda rotation function. - // - // For secrets that use managed rotation, omit this field. For more information, - // see Managed rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html) - // in the Secrets Manager User Guide. + // The ARN of the Lambda rotation function that can rotate the secret. RotationLambdaARN *string `type:"string"` // A structure that defines the rotation configuration for this secret. @@ -6460,6 +6484,8 @@ type SecretListEntry struct { // in the folder prod. Name *string `min:"1" type:"string"` + NextRotationDate *time.Time `type:"timestamp"` + // Returns the name of the service that created the secret. OwningService *string `min:"1" type:"string"` @@ -6563,6 +6589,12 @@ func (s *SecretListEntry) SetName(v string) *SecretListEntry { return s } +// SetNextRotationDate sets the NextRotationDate field's value. +func (s *SecretListEntry) SetNextRotationDate(v time.Time) *SecretListEntry { + s.NextRotationDate = &v + return s +} + // SetOwningService sets the OwningService field's value. func (s *SecretListEntry) SetOwningService(v string) *SecretListEntry { s.OwningService = &v @@ -7516,6 +7548,9 @@ const ( // FilterNameStringTypePrimaryRegion is a FilterNameStringType enum value FilterNameStringTypePrimaryRegion = "primary-region" + // FilterNameStringTypeOwningService is a FilterNameStringType enum value + FilterNameStringTypeOwningService = "owning-service" + // FilterNameStringTypeAll is a FilterNameStringType enum value FilterNameStringTypeAll = "all" ) @@ -7528,6 +7563,7 @@ func FilterNameStringType_Values() []string { FilterNameStringTypeTagKey, FilterNameStringTypeTagValue, FilterNameStringTypePrimaryRegion, + FilterNameStringTypeOwningService, FilterNameStringTypeAll, } } diff --git a/service/secretsmanager/doc.go b/service/secretsmanager/doc.go index 402a2dd6e5..e4a983867e 100644 --- a/service/secretsmanager/doc.go +++ b/service/secretsmanager/doc.go @@ -15,9 +15,6 @@ // This version of the Secrets Manager API Reference documents the Secrets Manager // API version 2017-10-17. // -// For a list of endpoints, see Amazon Web Services Secrets Manager endpoints -// (https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints). -// // # Support and Feedback for Amazon Web Services Secrets Manager // // We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com