Release v1.30.20 (2020-05-04) (#3300)

Release v1.30.20 (2020-05-04)
===

### Service Client Updates
* `service/apigateway`: Updates service documentation
  * Documentation updates for Amazon API Gateway
* `service/ec2`: Updates service documentation
  * With this release, you can include enriched metadata in Amazon Virtual Private Cloud (Amazon VPC) flow logs published to Amazon CloudWatch Logs or Amazon Simple Storage Service (S3). Prior to this, custom format VPC flow logs enriched with additional metadata could be published only to S3. With this launch, we are also adding additional metadata fields that provide insights about the location such as AWS Region, AWS Availability Zone, AWS Local Zone, AWS Wavelength Zone, or AWS Outpost where the network interface where flow logs are captured exists.
* `service/s3control`: Updates service API and documentation
  * Amazon S3 Batch Operations now supports Object Lock.

CHANGELOG.md

@@ -1,3 +1,14 @@
+Release v1.30.20 (2020-05-04)
+===
+
+### Service Client Updates
+* `service/apigateway`: Updates service documentation
+  * Documentation updates for Amazon API Gateway
+* `service/ec2`: Updates service documentation
+  * With this release, you can include enriched metadata in Amazon Virtual Private Cloud (Amazon VPC) flow logs published to Amazon CloudWatch Logs or Amazon Simple Storage Service (S3). Prior to this, custom format VPC flow logs enriched with additional metadata could be published only to S3. With this launch, we are also adding additional metadata fields that provide insights about the location such as AWS Region, AWS Availability Zone, AWS Local Zone, AWS Wavelength Zone, or AWS Outpost where the network interface where flow logs are captured exists.
+* `service/s3control`: Updates service API and documentation
+  * Amazon S3 Batch Operations now supports Object Lock.
+
 Release v1.30.19 (2020-05-01)
 ===
 

aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.30.19"
+const SDKVersion = "1.30.20"

models/apis/apigateway/2015-07-09/docs-2.json

@@ -1851,7 +1851,7 @@
         "StageKey$restApiId": "<p>The string identifier of the associated <a>RestApi</a>.</p>",
         "StageKey$stageName": "<p>The stage name associated with the stage key.</p>",
         "TagResourceRequest$resourceArn": "<p>[Required] The ARN of a resource that can be tagged.</p>",
-        "Template$value": "<p>The Apache <a href=\"https://velocity.apache.org/engine/devel/vtl-reference-guide.html\" target=\"_blank\">Velocity Template Language (VTL)</a> template content used for the template resource.</p>",
+        "Template$value": "<p>The Apache <a href=\"https://velocity.apache.org/engine/devel/vtl-reference.html\" target=\"_blank\">Velocity Template Language (VTL)</a> template content used for the template resource.</p>",
         "TestInvokeAuthorizerRequest$restApiId": "<p>[Required] The string identifier of the associated <a>RestApi</a>.</p>",
         "TestInvokeAuthorizerRequest$authorizerId": "<p>[Required] Specifies a test invoke authorizer request's <a>Authorizer</a> ID.</p>",
         "TestInvokeAuthorizerRequest$pathWithQueryString": "<p>[Optional] The URI path, including query string, of the simulated invocation request. Use this to specify path parameters and query string parameters.</p>",

models/apis/ec2/2016-11-15/docs-2.json

@@ -271,11 +271,11 @@
     "DisableTransitGatewayRouteTablePropagation": "<p>Disables the specified resource attachment from propagating routes to the specified propagation route table.</p>",
     "DisableVgwRoutePropagation": "<p>Disables a virtual private gateway (VGW) from propagating routes to a specified route table of a VPC.</p>",
     "DisableVpcClassicLink": "<p>Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC that has EC2-Classic instances linked to it.</p>",
-    "DisableVpcClassicLinkDnsSupport": "<p>Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+    "DisableVpcClassicLinkDnsSupport": "<p>Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You must specify a VPC ID in the request.</p>",
     "DisassociateAddress": "<p>Disassociates an Elastic IP address from the instance or network interface it's associated with.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.</p>",
     "DisassociateClientVpnTargetNetwork": "<p>Disassociates a target network from the specified Client VPN endpoint. When you disassociate the last target network from a Client VPN, the following happens:</p> <ul> <li> <p>The route that was automatically added for the VPC is deleted</p> </li> <li> <p>All active client connections are terminated</p> </li> <li> <p>New client connections are disallowed</p> </li> <li> <p>The Client VPN endpoint's status changes to <code>pending-associate</code> </p> </li> </ul>",
     "DisassociateIamInstanceProfile": "<p>Disassociates an IAM instance profile from a running or stopped instance.</p> <p>Use <a>DescribeIamInstanceProfileAssociations</a> to get the association ID.</p>",
-    "DisassociateRouteTable": "<p>Disassociates a subnet from a route table.</p> <p>After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>",
+    "DisassociateRouteTable": "<p>Disassociates a subnet or gateway from a route table.</p> <p>After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>",
     "DisassociateSubnetCidrBlock": "<p>Disassociates a CIDR block from a subnet. Currently, you can disassociate an IPv6 CIDR block only. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it. </p>",
     "DisassociateTransitGatewayMulticastDomain": "<p>Disassociates the specified subnets from the transit gateway multicast domain. </p>",
     "DisassociateTransitGatewayRouteTable": "<p>Disassociates a resource attachment from a transit gateway route table.</p>",
@@ -286,7 +286,7 @@
     "EnableVgwRoutePropagation": "<p>Enables a virtual private gateway (VGW) to propagate routes to the specified route table of a VPC.</p>",
     "EnableVolumeIO": "<p>Enables I/O operations for a volume that had I/O operations disabled because the data on the volume was potentially inconsistent.</p>",
     "EnableVpcClassicLink": "<p>Enables a VPC for ClassicLink. You can then link EC2-Classic instances to your ClassicLink-enabled VPC to allow communication over private IP addresses. You cannot enable your VPC for ClassicLink if any of your VPC route tables have existing routes for address ranges within the <code>10.0.0.0/8</code> IP address range, excluding local routes for VPCs in the <code>10.0.0.0/16</code> and <code>10.1.0.0/16</code> IP address ranges. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
-    "EnableVpcClassicLinkDnsSupport": "<p>Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>",
+    "EnableVpcClassicLinkDnsSupport": "<p>Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You must specify a VPC ID in the request.</p>",
     "ExportClientVpnClientCertificateRevocationList": "<p>Downloads the client certificate revocation list for the specified Client VPN endpoint.</p>",
     "ExportClientVpnClientConfiguration": "<p>Downloads the contents of the Client VPN endpoint configuration file for the specified Client VPN endpoint. The Client VPN endpoint configuration file includes the Client VPN endpoint and certificate information clients need to establish a connection with the Client VPN endpoint.</p>",
     "ExportImage": "<p>Exports an Amazon Machine Image (AMI) to a VM file. For more information, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport_image.html\">Exporting a VM Directory from an Amazon Machine Image (AMI)</a> in the <i>VM Import/Export User Guide</i>.</p>",
@@ -11108,7 +11108,7 @@
     "RouteTableAssociationId": {
       "base": null,
       "refs": {
-        "DisassociateRouteTableRequest$AssociationId": "<p>The association ID representing the current association between the route table and subnet.</p>",
+        "DisassociateRouteTableRequest$AssociationId": "<p>The association ID representing the current association between the route table and subnet or gateway.</p>",
         "ReplaceRouteTableAssociationRequest$AssociationId": "<p>The association ID.</p>"
       }
     },
@@ -12089,7 +12089,7 @@
         "CreateFlowLogsRequest$DeliverLogsPermissionArn": "<p>The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p>",
         "CreateFlowLogsRequest$LogGroupName": "<p>The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p>",
         "CreateFlowLogsRequest$LogDestination": "<p>Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for <code>LogDestinationType</code>.</p> <p>If <code>LogDestinationType</code> is not specified or <code>cloud-watch-logs</code>, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish to a log group called <code>my-logs</code>, specify <code>arn:aws:logs:us-east-1:123456789012:log-group:my-logs</code>. Alternatively, use <code>LogGroupName</code> instead.</p> <p>If LogDestinationType is <code>s3</code>, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: <code>bucket_ARN/subfolder_name/</code>. For example, to specify a subfolder named <code>my-logs</code> in a bucket named <code>my-bucket</code>, use the following ARN: <code>arn:aws:s3:::my-bucket/my-logs/</code>. You cannot use <code>AWSLogs</code> as a subfolder name. This is a reserved term.</p>",
-        "CreateFlowLogsRequest$LogFormat": "<p>The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records\">Flow Log Records</a>. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field.</p> <p>Specify the fields using the <code>${field-id}</code> format, separated by spaces. For the AWS CLI, use single quotation marks (' ') to surround the parameter value.</p> <p>Only applicable to flow logs that are published to an Amazon S3 bucket.</p>",
+        "CreateFlowLogsRequest$LogFormat": "<p>The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records\">Flow Log Records</a>. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field.</p> <p>Specify the fields using the <code>${field-id}</code> format, separated by spaces. For the AWS CLI, use single quotation marks (' ') to surround the parameter value.</p>",
         "CreateFlowLogsResult$ClientToken": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>",
         "CreateFpgaImageRequest$Description": "<p>A description for the AFI.</p>",
         "CreateFpgaImageRequest$Name": "<p>A name for the AFI.</p>",

models/apis/s3control/2018-08-20/api-2.json

@@ -271,7 +271,8 @@
     },
     "AccountId":{
       "type":"string",
-      "max":64
+      "max":64,
+      "pattern":"^\\d{12}$"
     },
     "BadRequestException":{
       "type":"structure",
@@ -457,6 +458,12 @@
       "max":1024,
       "min":1
     },
+    "FunctionArnString":{
+      "type":"string",
+      "max":1024,
+      "min":1,
+      "pattern":"(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?"
+    },
     "GetAccessPointPolicyRequest":{
       "type":"structure",
       "required":[
@@ -583,7 +590,8 @@
     "IAMRoleArn":{
       "type":"string",
       "max":2048,
-      "min":1
+      "min":1,
+      "pattern":"arn:[^:]+:iam::\\d{12}:role/.*"
     },
     "IdempotencyException":{
       "type":"structure",
@@ -618,7 +626,8 @@
     "JobArn":{
       "type":"string",
       "max":1024,
-      "min":1
+      "min":1,
+      "pattern":"arn:[^:]+:s3:[a-zA-Z0-9\\-]+:\\d{12}:job\\/.*"
     },
     "JobCreationTime":{"type":"timestamp"},
     "JobDescriptor":{
@@ -706,7 +715,8 @@
     "JobId":{
       "type":"string",
       "max":36,
-      "min":5
+      "min":5,
+      "pattern":"[a-zA-Z0-9\\-\\_]+"
     },
     "JobListDescriptor":{
       "type":"structure",
@@ -812,6 +822,14 @@
         "S3InitiateRestoreObject":{
           "shape":"S3InitiateRestoreObjectOperation",
           "box":true
+        },
+        "S3PutObjectLegalHold":{
+          "shape":"S3SetObjectLegalHoldOperation",
+          "box":true
+        },
+        "S3PutObjectRetention":{
+          "shape":"S3SetObjectRetentionOperation",
+          "box":true
         }
       }
     },
@@ -918,7 +936,7 @@
     "LambdaInvokeOperation":{
       "type":"structure",
       "members":{
-        "FunctionArn":{"shape":"NonEmptyMaxLength1024String"}
+        "FunctionArn":{"shape":"FunctionArnString"}
       }
     },
     "ListAccessPointsRequest":{
@@ -969,7 +987,7 @@
           "locationName":"jobStatuses"
         },
         "NextToken":{
-          "shape":"NonEmptyMaxLength1024String",
+          "shape":"StringForNextToken",
           "location":"querystring",
           "locationName":"nextToken"
         },
@@ -984,7 +1002,7 @@
     "ListJobsResult":{
       "type":"structure",
       "members":{
-        "NextToken":{"shape":"NonEmptyMaxLength1024String"},
+        "NextToken":{"shape":"StringForNextToken"},
         "Jobs":{"shape":"JobListDescriptorList"}
       }
     },
@@ -1047,7 +1065,9 @@
         "S3PutObjectCopy",
         "S3PutObjectAcl",
         "S3PutObjectTagging",
-        "S3InitiateRestoreObject"
+        "S3InitiateRestoreObject",
+        "S3PutObjectLegalHold",
+        "S3PutObjectRetention"
       ]
     },
     "Policy":{"type":"string"},
@@ -1184,7 +1204,8 @@
     "S3BucketArnString":{
       "type":"string",
       "max":128,
-      "min":1
+      "min":1,
+      "pattern":"arn:[^:]+:s3:.*"
     },
     "S3CannedAccessControlList":{
       "type":"string",
@@ -1280,7 +1301,8 @@
     "S3KeyArnString":{
       "type":"string",
       "max":2000,
-      "min":1
+      "min":1,
+      "pattern":"arn:[^:]+:s3:.*"
     },
     "S3MetadataDirective":{
       "type":"string",
@@ -1289,6 +1311,13 @@
         "REPLACE"
       ]
     },
+    "S3ObjectLockLegalHold":{
+      "type":"structure",
+      "required":["Status"],
+      "members":{
+        "Status":{"shape":"S3ObjectLockLegalHoldStatus"}
+      }
+    },
     "S3ObjectLockLegalHoldStatus":{
       "type":"string",
       "enum":[
@@ -1303,6 +1332,13 @@
         "GOVERNANCE"
       ]
     },
+    "S3ObjectLockRetentionMode":{
+      "type":"string",
+      "enum":[
+        "COMPLIANCE",
+        "GOVERNANCE"
+      ]
+    },
     "S3ObjectMetadata":{
       "type":"structure",
       "members":{
@@ -1344,6 +1380,13 @@
         "WRITE_ACP"
       ]
     },
+    "S3Retention":{
+      "type":"structure",
+      "members":{
+        "RetainUntilDate":{"shape":"TimeStamp"},
+        "Mode":{"shape":"S3ObjectLockRetentionMode"}
+      }
+    },
     "S3SSEAlgorithm":{
       "type":"string",
       "enum":[
@@ -1357,6 +1400,24 @@
         "AccessControlPolicy":{"shape":"S3AccessControlPolicy"}
       }
     },
+    "S3SetObjectLegalHoldOperation":{
+      "type":"structure",
+      "required":["LegalHold"],
+      "members":{
+        "LegalHold":{"shape":"S3ObjectLockLegalHold"}
+      }
+    },
+    "S3SetObjectRetentionOperation":{
+      "type":"structure",
+      "required":["Retention"],
+      "members":{
+        "BypassGovernanceRetention":{
+          "shape":"Boolean",
+          "box":true
+        },
+        "Retention":{"shape":"S3Retention"}
+      }
+    },
     "S3SetObjectTaggingOperation":{
       "type":"structure",
       "members":{
@@ -1381,8 +1442,8 @@
         "Value"
       ],
       "members":{
-        "Key":{"shape":"NonEmptyMaxLength1024String"},
-        "Value":{"shape":"MaxLength1024String"}
+        "Key":{"shape":"TagKeyString"},
+        "Value":{"shape":"TagValueString"}
       }
     },
     "S3TagSet":{
@@ -1396,12 +1457,29 @@
       "max":8192
     },
     "Setting":{"type":"boolean"},
+    "StringForNextToken":{
+      "type":"string",
+      "max":1024,
+      "min":1,
+      "pattern":"^[A-Za-z0-9\\+\\:\\/\\=\\?\\#-_]+$"
+    },
     "SuspendedCause":{
       "type":"string",
       "max":1024,
       "min":1
     },
     "SuspendedDate":{"type":"timestamp"},
+    "TagKeyString":{
+      "type":"string",
+      "max":1024,
+      "min":1,
+      "pattern":"^([\\p{L}\\p{Z}\\p{N}_.:=+\\-@%]*)$"
+    },
+    "TagValueString":{
+      "type":"string",
+      "max":1024,
+      "pattern":"^([\\p{L}\\p{Z}\\p{N}_.:=+\\-@%]*)$"
+    },
     "TimeStamp":{"type":"timestamp"},
     "TooManyRequestsException":{
       "type":"structure",